47904 matches found
Really Simple Security 9.1.1.1 - Authentication Bypass
!/usr/bin/env python3 Exploit Title: Really Simple Security 9.1.1.1 - Authentication Bypass Date: 2024-11-19 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://really-simple-ssl.com/ Software Link: https://really-simple-ssl.com/ Version: Really Simple Security Free, Pro, and Pro...
Loaded Commerce 6.6 - Client-Side Template Injection(CSTI)
Exploit Title: Loaded Commerce 6.6 Client-Side Template InjectionCSTI Date: 03/13/2025 Exploit Author: tmrswrr Vendor Homepage: https://loadedcommerce.com/ Version: 6.6 Tested on: https://www.softaculous.com/apps/ecommerce/LoadedCommerce Injecting 77 into the search parameter...
ActFax 10.10 - Unquoted Path Services
Exploit Title: ActFax 10.10 - Unquoted Path Services Date: 22/03/2023 Exploit Author: Birkan ALHAN @taftss Vendor Homepage: https://www.actfax.com Software Link: https://www.actfax.com/en/download.html Version: Version 10.10, Build 0551 2023-02-01 Tested on: Windows 10 21H2 OS Build 19044.2728...
Froxlor 2.0.3 Stable - Remote Code Execution (RCE)
!/usr/bin/python3 Exploit Title: Froxlor 2.0.3 Stable - Remote Code Execution RCE Date: 2023-01-08 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2023-0315 Vendor Homepage: https://froxlor.org/ Version: v2.0.3 Tested on: Ubuntu 20.04 / PHP 8.2 import telnetlib import requests import socket import...
SOUND4 Server Service 4.1.102 - Local Privilege Escalation
Exploit Title: SOUND4 Server Service 4.1.102 - Local Privilege Escalation Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: 4.1.102 Summary: SOUND4 Windows Server Service. Desc: The application suffers from an unquot...
File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path
Exploit Title: File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-14 Vendor : Hewlett-PackardHP Version : File Sanitizer for HP ProtectTools 5.0.1.3 Vendor Homepage : http://www.hp.com Tested on OS: Windows 7 Pro...
Student Quarterly Grading System 1.0 - SQLi Authentication Bypass
Exploit Title: Student Quarterly Grading System 1.0 - SQLi Authentication Bypass Date: 04.10.2021 Exploit Author: Blackhan Vendor Homepage: https://www.sourcecodester.com/php/14953/student-quarterly-grading-system-using-php-and-sqlite-free-source-code.html Software Link:...
WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting XSS Date: 15/2/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woo-order-export-lite/ Version: 3.1.7 Tested on: Windows 10 CVE: CVE-2021-24169 1. Description: This plugin...
Sticky Notes Widget Version 3.0.6 - Denial of Service (PoC)
Exploit Title: Sticky Notes Widget Version 3.0.6 - Denial of Service PoC Date: 06-07-2021 Author: Geovanni Ruiz Download Link: https://apps.apple.com/us/app/sticky-notes-widget/id1499269608 Version: 3.0.6 Category: DoS iOS Vulnerability Color Notes is vulnerable to a DoS condition when a long lis...
Internship Portal Management System 1.0 - Remote Code Execution(Unauthenticated)
Exploit Title: Internship Portal Management System 1.0 - Remote Code Execution Via File Upload Unauthenticated Date: 2021-05-04 Exploit Author: argenestel Vendor Homepage: https://www.sourcecodester.com/php/11712/internship-portal-management-system.html Software Link:...
Novel Boutique House-plus 3.5.1 - Arbitrary File Download
Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Date: 27/03/2021 Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerab...
Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE
Exploit Title: Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE Date: 2020-12-24 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...
Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission
Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Date: 21.12.2020 Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...
Online Healthcare Patient Record Management System 1.0 - Authentication Bypass
Exploit Title: Online Healthcare Patient Record Management System 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-05-18 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.sourcecodester.com Software Link:...
LeptonCMS 4.5.0 - Persistent Cross-Site Scripting
Exploit Title: LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2019-03-24 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://lepton-cms.org/english/home.php Software Link: https://lepton-cms.org/posts/new-release-lepton-4.5.0-139.php...
HomeAutomation 3.3.2 - Authentication Bypass
Exploit: HomeAutomation 3.3.2 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5557 Advisory URL:...
Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
Exploit Title: Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal Google Dork: N/A Date: 2019-11-15 Exploit Author: Kevin Randall Vendor Homepage: https://www.lexmark.com/enus.html Software Link: https://www.lexmark.com/enus.html Version: 2.27.4.0.39 Latest Version Tested on: Window...
Atlassian Confluence 6.15.1 - Directory Traversal (Metasploit)
Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on: Microsoft...
NUUO NVRMini 2 3.9.1 - 'sscanf' Stack Overflow
!/usr/bin/python Exploit Title: NUUO NVRMini2 3.9.1 'sscanf' stack overflow Google Dork: n/a Date: Advisory Published: Nov 18 Exploit Author: @0x00string Vendor Homepage: nuuo.com Software Link: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 and prior Tested on: 3.9.1 CVE :...
Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU
Windows: CiSetFileCache TOCTOU CVE-2017-11830 Variant WDAC Security Feature Bypass Platform: Windows 10 1803, 1709 should include S-Mode but not tested Class: Security Feature Bypass Summary: While the TOCTOU attack against cache signing has been mitigated through NtSetCachedSigningLevel it’s...
Primefaces 5.x - Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2017-1000486 Primefaces Remote Code Execution Exploit', 'Description' = %q This module exploits an expression language remote code execution...
Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Local Privilege Escalation (MS16-135) (1)
Complete Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40823.zip Presentation: https://www.exploit-db.com/docs/english/40822-i-know-where-your-page-lives---de-randomizing-the-latest-windows-10-kernel.pdf I Know Where Your Page Lives:...
Oracle HTTP Server - Cross-Site Scripting Header Injection
--------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack Pattern ID : CAPEC-86 CWE ID : CI-79...
ProFTPd-1.3.3c - Backdoor Command Execution (Metasploit)
$Id: proftpd133cbackdoor.rb 11214 2010-12-03 12:34:38Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Lingdang CRM 8.6.4.7 - SQL Injection
Exploit Title: Lingdang CRM 8.6.4.7 - SQL Injection Google Dork: N/A Date: 2025-08-19 Exploit Author: Beatriz Fresno Naumova Vendor: Shanghai Lingdang Information Technology Software Link: N/A – commercial product Version: = 8.6.4.7 fixed in 8.6.5.x per vendor advisory Tested on: Generic LAMP...
CyberPanel 2.3.6 - Remote Code Execution (RCE)
Exploit Title: CyberPanel 2.3.6 - Remote Code Execution RCE Date: 10/29/2024 Exploit Author: Luka Petrovic refr4g Vendor Homepage: https://cyberpanel.net/ Software Link: https://github.com/usmannasir/cyberpanel Version: 2.3.5, 2.3.6, 2.3.7 before patch Tested on: Ubuntu 20.04, CyberPanel v2.3.5,...
Customer Support System 1.0 - Stored XSS
Exploit Title: Customer Support System 1.0 - XSS Cross-Site Scripting Vulnerability in the "subject" at "ticketlist" Date: 28/11/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
IBM Aspera Faspex 4.4.1 - YAML deserialization (RCE)
Exploit Title: IBM Aspera Faspex 4.4.1 - YAML deserialization RCE Date: 02/02/2023 Exploit Author: Maurice Lambert Vendor Homepage: https://www.ibm.com/ Software Link: https://www.ibm.com/docs/en/aspera-faspex/5.0?topic=welcome-faspex Version: 4.4.1 Tested on: Linux CVE : CVE-2022-47986 """ This...
Schneider Electric v1.0 - Directory traversal & Broken Authentication
Exploit Title: Schneider Electric v1.0 - Directory traversal & Broken Authentication Google Dork: inurl:/scada-vis Date: 3/11/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: https://www.se.com/ Version: all-versions Tested on: Windows/Linux/Android Attacker can using these dorks and...
D-Link DIR-846 - Remote Command Execution (RCE) vulnerability
Exploit Title: D-Link DIR-846 - Remote Command Execution RCE vulnerability Google Dork: NA Date: 30/01/2023 Exploit Author: Françoa Taffarel Vendor Homepage:...
Intel(R) Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path
Exploit Title: IntelR Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : Intel Version : IntelR Management Engine Components 6.0.0.1189 Vendor Homepage : https://www.intel.com Tested on OS: Windows 7 Pro Analyze PoC ...
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
Exploit Title: WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR Date: 2021-05-17 Exploit Author: captainhook Vendor Homepage: https://lifterlms.com Software Link: https://lifterlms.com Version: 4.21.1 Tested on: any Description The plugin was affected by an IDOR...
ProFTPD 1.3.7a - Remote Denial of Service
Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Date: 22/03/2021 Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author =...
Erlang Cookie - Remote Code Execution
Exploit Title: Erlang Cookie - Remote Code Execution Date: 2020-05-04 Exploit Author: 1F98D Original Author: Milton Valencia wetw0rk Software Link: https://www.erlang.org/ Version: N/A Tested on: Debian 9.11 x64 References:...
Apartment Visitors Management System 1.0 - Authentication Bypass
Exploit Title: Apartment Visitors Management System 1.0 - Authentication Bypass Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...
ManageEngine ADSelfService Build prior to 6003 - Remote Code Execution (Unauthenticated)
Exploit Title: ManageEngine ADSelfService Plus 6000 – Unauthenticated Remote Code Execution Date: 2020-08-08 Exploit Author: Bhadresh Patel Vendor link: https://www.manageengine.com/company.html Version: ADSelfService Plus build 6003 CVE : CVE-2020-11552 This is an article with PoC exploit video ...
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...
Kibana 6.6.1 - CSV Injection
Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest versions Tested on: Kibana...
rimbalinux AhadPOS 1.11 - 'alamatCustomer' SQL Injection
Exploit Title: rimbalinux AhadPOS 1.11 - 'alamatCustomer' SQL Injection Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/rimbalinux/AhadPOS Software Link: https://github.com/rimbalinux/AhadPOS.git Version: 1.11 Tested on: CentOS 7 CVE: N/A PoC for time-based and boolean...
WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service
Exploit Title: WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of Service Date: 2019-10-30 Vendor Homepage:https://www.alloksoft.com/ Software Link: https://www.alloksoft.com/wmv.htm Exploit Author: Nithoshitha S Tested Version: v4.6.1217 Tested on: Windows 7 x64 Windows XP SP3 1.- Run python...
WordPress Plugin Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.5.6...
Uplay 92.0.0.6280 - Local Privilege Escalation
Exploit Title: Uplay 92.0.0.6280 - Local Privilege Escalation Date: 2019-08-07 Exploit Author: Kusol Watchara-Apanukorn, Pongtorn Angsuchotmetee, Manich Koomsusi Vendor Homepage: https://uplay.ubisoft.com/ Version: 92.0.0.6280 Tested on: Windows 10 x64 CVE : N/A Vulnerability Description:...
Jobberbase 2.0 CMS - 'jobs-in' SQL Injection
Exploit Title: Jobberbase 2.0 CMS - 'jobs-in' SQL Injection Google Dork: N/A Date: 28, August 2019 Exploit Author: Suvadip Kar Vendor Homepage: http://jobberbase.com/ Software Link: https://github.com/filipcte/jobberbase/zipball/master Version: 2.0 Tested on: Linux CVE : N/A...
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated Configuration Download
!/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated Configuration Download Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://eu3a.mitsubishielectric.com/fa/en/products/cnt/plcccl/items/smartRTU/local Vendor Homepage:...
Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
!/usr/bin/env python -- coding: utf-8 -- Exploit Title: Weblogic wls-wsat Component Deserialization RCE Date Authored: Jan 3, 2018 Date Announced: 10/19/2017 Exploit Author: Kevin Kirsche d3c3pt10n Exploit Github: https://github.com/kkirsche/CVE-2017-10271 Exploit is based off of POC by Luffin fr...
Apache Commons Text 1.10.0 - Remote Code Execution
Exploit Title: Apache Commons Text 1.10.0 - Remote Code Execution Text4Shell - POST-based Date: 2025-04-17 Exploit Author: Arjun Chaudhary Vendor Homepage: https://commons.apache.org/proper/commons-text/ Software Link:https://repo1.maven.org/maven2/org/apache/commons/commons-text/ Version: Apache...
Cosy+ firmware 21.2s7 - Command Injection
Exploit Title: Cosy+ firmware 21.2s7 - Command Injection Google Dork: N/A Date: 2024-8-20 Exploit Author: CodeB0ss Contact: t.me/codeb0ss / [email protected] Version: 21.2s7 Tested on: Windows 11 Home Edition CVE: CVE-2024-33896 import socket import subprocess import time def...
COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNC_Ctrl.dll' Heap Buffer Overflow
Exploit Title: COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNCCtrl.dll' Heap Buffer Overflow Date: 02.08.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX UMS Client ActiveX Control 1.7.0.2 CNCCtrl.dll Heap Buffer Overflow Vendor: COMMAX Co., Ltd. Prodcut web page:...
NBMonitor 1.6.8 - Denial of Service (PoC)
Exploit Title: NBMonitor 1.6.8 - Denial of Service PoC Date: 07/06/2021 Author: Erick Galindo Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nbmonitor.com/downloads/nbmonitorsetup.exe Version: 1.6.8 Tested on: Windows 10 Pro x64 es Proof of Concept: 1.- Copy printed "AAAAA......
WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload
Exploit Title: WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/angwp Date: 23/12/2020 Exploit Author: spacehen Vendor Homepage: http://adning.com/ Version: spacehen www.lunar.sh" def printusage: print"Usage: python3 exploit.py target url ph...