47884 matches found
Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking
Exploit Title: Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking Author: nu11secur1ty Date: 02.23.2023 Vendor: https://www.kimai.org/ Software: https://github.com/kimai/kimai/releases/tag/1.30.10 Reference:...
Enlightenment v0.25.3 - Privilege escalation
Exploit Title: Enlightenment v0.25.3 - Privilege escalation Author: nu11secur1ty Date: 12.26.2022 Vendor: https://www.enlightenment.org/ Software: https://www.enlightenment.org/download Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2022-37706 CVE ID: CVE-2022-37706 Descriptio...
AWebServer GhostBuilding 18 - Denial of Service (DoS)
Exploit Title: AWebServer GhostBuilding 18 - Denial of Service DoS Date: 28/12/2021 Exploit Author: Andres Ramos Invertebrado Vendor Homepage: http://sylkat-tools.rf.gd/awebserver.htm Software Link: https://play.google.com/store/apps/details?id=com.sylkat.apache&hl=en Version: AWebServer...
OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection (XXE)
Exploit Title: OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection XXE Date: 2021-09-20 Exploit Author: Jake Ruston Vendor Homepage: https://opencats.org Software Link: https://github.com/opencats/OpenCATS/releases/download/0.9.4-2/opencats-0.9.4-2-full.zip Version: w:document...
OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference (IDOR)
Exploit Title: OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference IDOR Date: 31/08/2021 Exploit Author: Allen Enosh Upputori Vendor Homepage: https://www.open-emr.org Software Link: https://www.open-emr.org/wiki/index.php/OpenEMRDownloads Version: 6.0.0 Tested on: Linux CVE : CVE-2021-4035...
Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation
Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An attacker can perform a system-level root local...
Gadget Works Online Ordering System 1.0 - 'Category' Persistent Cross-Site Scripting (XSS)
Exploit Title: Gadget Works Online Ordering System 1.0 - 'Category' Persistent Cross-Site Scripting XSS Date: 24-05-2021 Exploit Author: Vinay H C Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection
Title: BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection Author: Daniel Martinez Adan aDoN90 Date: 2020-05-01 Homepage: https://blogengine.io/ Software Link: https://blogengine.io/support/download/ Affected Versions: 3.3 Vulnerability: XML External Entity XXE OOB Injection...
TAO Open Source Assessment Platform 3.3.0 RC02 - HTML Injection
Title: TAO Open Source Assessment Platform 3.3.0 RC02 - HTML Injection Author: Vulnerability Laboratory Date: 2020-04-15 Vendor: https://www.taotesting.com Software Link: https://www.taotesting.com/product/ CVE: N/A Document Title: =============== TAO Open Source Assessment Platform v3.3.0 RC02 -...
Microsoft Windows .Group File - Code Execution
Exploit Title: Microsoft Windows .Group File - Code Execution Date: 2020-01-01 Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com Version: 1.9.6 Tested on: Windows CVE : N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
Hospital-Management 1.26 - 'fname' SQL Injection
Exploit Title: Hospital-Management 1.26 - 'fname' SQL Injection Author: Cakes Discovery Date: 2019-09-18 Vendor Homepage: https://github.com/Mugerwa-Joseph/hospital-management Software Link: https://github.com/Mugerwa-Joseph/hospital-management/archive/master.zip Tested Version: 1.26 Tested on OS...
macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles
While fuzzing JSC, I encountered the following JS program which crashes JSC from current HEAD and release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: // Run with --useConcurrentJIT=false --thresholdForJITAfterWarmUp=10 function fullGC for var i = 0; i 10; i++ new...
Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS Strings
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...
Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
BIND 9.x - Remote DNS Cache Poisoning
from scapy import import random Copyright C 2008 Julien Desfossez http://www.solisproject.net/ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, o...
Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied inp...
Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
Exploit Title: Remote Keyboard Desktop 1.0.1 - Remote Code Execution RCE Date: 05/17/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://remotecontrolio.web.app/ Software Link: https://apps.microsoft.com/detail/9n0jw8v5sc9m?hl=neutral&gl=US&ocid=pdpshare Version: 1.0.1 Tested on: Windows...
tar-fs 3.0.0 - Arbitrary File Write/Overwrite
Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE: CVE-2024-12905 Run the command: Example: python3 exploit.py authorizedkeys...
ABB Cylon FLXeon 9.3.4 - Cross-Site Request Forgery
Exploit title: ABB Cylon FLXeon 9.3.4 Limited Cross-Site Request Forgery Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...
qBittorrent 5.0.1 - MITM RCE
Exploit Title: qBittorrent 5.0.1 MITM RCE Date: 01/02/2025 Exploit Author: Jordan Sharp Vendor Homepage: https://github.com/qbittorrent/qBittorrent Software Link: https://www.qbittorrent.org/download Version: 5.0.1 Tested on: Windows 10 CVE : CVE-2024-51774 Run the PoC on a MITM machine...
Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)
Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting XSS Date: 15 May 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://qloapps.com/ Software Link: https://github.com/webkul/hotelcommerce Version: 1.5.2 Tested on: Kali Linux 2022.4 CVE : CVE-2023-30256 Description: A Cross...
EasyNas 1.1.0 - OS Command Injection
Exploit Title: EasyNas 1.1.0 - OS Command Injection Date: 2023-02-9 Exploit Author: Ivan Spiridonov [email protected] Author Blog: https://xbz0n.medium.com Version: 1.0.0 Vendor home page : https://www.easynas.org Authentication Required: Yes CVE : CVE-2023-0830 !/usr/bin/python3 import...
Magento eCommerce CE v2.3.5-p2 - Blind SQLi
Exploit Title: Magento eCommerce CE v2.3.5-p2 - Blind SQLi Date: 2021-4-21 Exploit Author: Aydin Naserifard Vendor Homepage: https://www.adobe.com/ Software Link: https://github.com/magento/magento2/releases/tag/2.3.5-p2 Version: 2.3.5-p2 Tested on: 2.3.5-p2 POC: 1PUT...
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
Exploit Title: Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow SEH Date: 2020-07-26 Author: Felipe Winsnes Software Link: https://nidesoft-dvd-ripper.softonic.com/ Version: 5.2.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will...
Bio Star 2.8.2 - Local File Inclusion
Exploit Title: Bio Star 2.8.2 - Local File Inclusion Authors: SITE Team Rian Saaty, Bashaer AlHarthy, Safeyah Alhazmi Google Dork: N/A Date of Exploit Release: 2020-07-13 Exploit Author: SITE Team Vendor Homepage: https://www.supremainc.com/en/main.asp Software Link:...
Netis WF2419 2.2.36123 - Remote Code Execution
Exploit Title: Netis WF2419 2.2.36123 - Remote Code Execution Exploit Author: Elias Issa Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/75 Date: 2020-02-11 Version: WF2419 V2.2.36123 = V2.2.36123 Tested on: NETIS WF2419...
Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation
Exploit Title: Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Date: 2019-12-18 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.bahn.de/dbvertrieb/view/leistungen/automaten-fahrkartenentwerter.shtml Tested on: Windows XP Document Title: ===============...
Chamillo LMS 1.11.8 - Arbitrary File Upload
Exploit Title: Chamillo LMS 1.11.8 - Arbitrary File Upload Google Dork: "powered by chamilo" Date: 2018-10-05 Exploit Author: Sohel Yousef jellyfish security team Software Link: https://chamilo.org/en/download/ Version: Chamilo 1.11.8 or lower to 1.8 Category: webapps 1. Description Any registere...
GetGo Download Manager 6.2.2.3300 - Denial of Service
Exploit Title : GetGo Download Manager 6.2.2.3300 - Denial of Service Date: 2019-08-15 Author - Malav Vyas Vulnerable Software: GetGo Download Manager 6.2.2.3300 Vendor Home Page: www.getgosoft.com Software Link: http://www.getgosoft.com/getgodm/ Tested On: Windows 7 64Bit, Windows 10 64Bit Attac...
Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
source: https://www.securityfocus.com/bid/18231/info SquirrelMail is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit may allow unauthorized users to view files and to execute local scripts; other attacks are also possible...
LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function
Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via the Chat Transfer Function Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software...
ProSSHD 1.2 - Denial of Service (DOS)
Exploit Title: ProSSHD 1.2 20090726 - Denial of Service DoS Google Dork: N/A Date: 13 january 2024 Exploit Author: Fernando Mengali Vendor Homepage: https://prosshd.com/ Software Link: N/A Version: 1.2 20090726 Tested on: Windows XP CVE: CVE-2024-0725 $sis="$^O"; if $sis eq "windows" $cmd="cls";...
Jasmin Ransomware - SQL Injection Login Bypass
Exploit Title: Jasmin Ransomware SQL Injection Login Bypass Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez Vendor Homepage: https://github.com/codesiddhant/Jasmin-Ransomware Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: N/A Tested on: Windows How t...
Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
Exploit Title: Bonjour Service - 'mDNSResponder.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2024-15-07 Vendor Homepage: https://developer.apple.com/bonjour/ Tested Version: 3,0,0,10 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Home Step to discove...
Sitefinity 15.0 - Cross-Site Scripting (XSS)
Exploit Title: Sitefinity 15.0 - Cross-Site Scripting XSS Date: 2023-12-05 Exploit Author: Aldi Saputra Wahyudi Vendor Homepage: https://www.progress.com/sitefinity-cms Version:...
Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path
Exploit Title: Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path Date: 2024-04-2 Exploit Author: Saud Alenazi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/ Version: 6.6.240 Tested: Windows 10 x64 Step to discover Unquoted Service Path:...
Optoma 1080PSTX Firmware C02 - Authentication Bypass
Exploit Title: Optoma 1080PSTX Firmware C02 - Authentication Bypass Date: 2023/05/09 Exploit Author: Anthony Cole Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Vendor Homepage: http://optoma.com Version: Optoma 1080PSTX Firmware C02 Tested on: N/A CVE : CVE-2023-27823...
ENTAB ERP 1.0 - Username PII leak
Exploit Title: ENTAB ERP 1.0 - Username PII leak Date: 17.05.2022 Exploit Author: Deb Prasad Banerjee Vendor Homepage: https://www.entab.in Version: Entab ERP 1.0 Tested on: Windows IIS CVE: CVE-2022-30076 Vulnerability Name: Broken Access control via Rate Limits Description: In the entab softwar...
NotrinosERP 0.7 - Authenticated Blind SQL Injection
Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...
Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
Mobile Mouse 3.6.0.4 - Remote Code Execution (RCE)
Exploit Title: Mobile Mouse 3.6.0.4 - Remote Code Execution RCE Date: Aug 09, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://mobilemouse.com/ Software Link: https://www.mobilemouse.com/downloads/setup.exe Version: 3.6.0.4 Tested on: Windows 10 Enterprise LTSC Build 17763 !/usr/bin/e...
DLINK DIR850 - Open Redirect
Exploit Title: DLINK DIR850 - Open Redirect Product: Dlink Model: DIR850 Date: 14/1/2022 CVE: CVE-2021-46379 Exploit Author: AhmedAlroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit...
Connectify Hotspot 2018 'ConnectifyService' - Unquoted Service Path
Exploit Title: Connectify Hotspot 2018 'ConnectifyService' - Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : Connectify Inc Version : Connectify Hotspot 2018 Vendor Homepage : https://www.connectify.me/ Tested on OS: Windows 7 Pro Analyze PoC : ==============...
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
Exploit Title: Customer Relationship Management System CRM 1.0 - Sql Injection Authentication Bypass Date: 27/07/2021 Exploit Author: ShafiqueWasta Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
n+otes 1.6.2 - Denial of Service (PoC)
Exploit Title: n+otes 1.6.2 - Denial of Service PoC Date: 06-09-2021 Author: Geovanni Ruiz Download Link: https://apps.apple.com/us/app/n-otes/id596895960 Version: 1.6.2 Category: DoS iOS Vulnerability Color Notes is vulnerable to a DoS condition when a long list of characters is being used when...
Boonex Dolphin 7.4.2 - 'width' Stored XSS
Exploit Title: Boonex Dolphin 7.4.2 - 'width' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.boonex.com/ Software Link: https://www.boonex.com/downloads Version: 7.4.2 Tested on: Windows 10 Reference -...
OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2)
Title: OpenEMR 5.0.1 - Remote Code Execution Authenticated 2 Exploit Author: Alexandre ZANNI Date: 2020-07-16 Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile:...
Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
Exploit Title: Ruijie Networks Switch eWeb S29RGOS 11.4 - Directory Traversal Exploit Author: Tuygun Date: 2020-08-19 Vendor Homepage: https://www.ruijienetworks.com/ Version: eWeb S29RGOS 11.41B12P11 Source : https://faruktuygun.com/directorytraversal.html Proof of Concept Request: GET...
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBAZ@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/...