47904 matches found
Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection
Exploit Title: Microchip TimeProvider 4100 Configuration modules 2.4.6 - OS Command Injection Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of Disclosure: 27/06/2024 Date...
Vite 6.2.2 - Arbitrary File Read
Exploit Title: Vite Arbitrary File Read - CVE-2025-30208 Date: 2025-04-03 Exploit Author: Sheikh Mohammad Hasan https://github.com/4m3rr0r Vendor Homepage: https://vitejs.dev/ Software Link: https://github.com/vitejs/vite Version: = 6.2.2, = 6.1.1, = 6.0.11, = 5.4.14, = 4.5.9 Tested on: Ubuntu...
Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
Exploit Title: Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...
ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
Exploit Title : ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.01 Summary: ASPECT is an award-winning scalable building energy...
Webmin Usermin 2.100 - Username Enumeration
Exploit Title: Webmin Usermin 2.100 - Username Enumeration Date: 10.02.2024 Exploit Author: Kjesper Vendor Homepage: https://www.webmin.com/usermin.html Software Link: https://github.com/webmin/usermin Version: = 2.100 Tested on: Kali Linux CVE: CVE-2024-44762...
Nagios Log Server 2024R1.3.1 - Stored XSS
Exploit Title: Stored XSS Vulnerability in Nagios Log Server Privilege Escalation to Admin Date: 2025-04-02 Exploit Author: Seth Kraft Vendor Homepage: https://www.nagios.com/ Vendor Changelog: https://www.nagios.com/changelog/log-server Software Link:...
ABB Cylon Aspect 3.07.02 - File Disclosure
Exploit Title : ABB Cylon Aspect 3.07.02 - File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building energy management and...
ollama 0.6.4 - Server Side Request Forgery (SSRF)
Exploit Title: ollama 0.6.4 - SSRF Date: 2025-04-03 Exploit Author: sud0 Vendor Homepage: https://ollama.com/ Software Link: https://github.com/ollama/ollama/releases Version: =0.6.4 Tested on: CentOS 8 import argparse import requests import json from urllib.parse import urljoin def...
AppSmith 1.47 - Remote Code Execution (RCE)
Exploit Title: AppSmith 1.47 - Remote Code Execution RCE Original Author: Rhino Security Labs Exploit Author: Nishanth Anand Exploit Date: April 2, 2025 Vendor Homepage: https://www.appsmith.com/ Software Link: https://github.com/appsmithorg/appsmith Version: Prior to v1.52 Tested Versions: v1.47...
ProSSHD 1.2 - Denial of Service (DOS)
Exploit Title: ProSSHD 1.2 20090726 - Denial of Service DoS Google Dork: N/A Date: 13 january 2024 Exploit Author: Fernando Mengali Vendor Homepage: https://prosshd.com/ Software Link: N/A Version: 1.2 20090726 Tested on: Windows XP CVE: CVE-2024-0725 $sis="$^O"; if $sis eq "windows" $cmd="cls";...
ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)
Exploit Title : ABB Cylon Aspect 3.08.01 - Remote Code Execution RCE Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy manageme...
Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS
Exploit Title: Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS Date: 09/2024 Exploit Author: Haythem Arfaoui CBTW Team Vendor Homepage: https://www.elaine.io/ Software Link: https://www.elaine.io/en/products/elaine-marketing-automation/ Version: 6.18.17 and below Tested on: Windows, Linu...
ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
Exploit Title : ABB Cylon Aspect 3.08.01 - Arbitrary File Delete Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management a...
SAP NetWeaver - 7.53 - HTTP Request Smuggling
Exploit Title: SAPGateBreaker Exploit - CVE-2022-22536 - HTTP Request Smuggling Through SAP's Front Door Google Dork: https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit/blob/main/dorks Date: Tuesday, April 2, 2025 Exploit Author: @C41Tx90 - Victor de Queiroz - Beco do Exploit - Elytron...
XWiki Standard 14.10 - Remote Code Execution (RCE)
Exploit Title: CVE-2023-48292 Remote Code Execution Exploit Google Dork: N/A Date: 23 March 2025 Exploit Author: Mehran Seifalinia Vendor Homepage: https://www.xwiki.org/ Software Link: https://www.xwiki.org/xwiki/bin/view/Download/ Version: XWiki Standard 14.10 Tested on: Ubuntu 20.04 LTS with...
Solstice Pod 6.2 - API Session Key Extraction via API Endpoint
Exploit Title: Solstice Pod API Session Key Extraction via API Endpoint Google Dork: N/A Date: 1/17/2025 Exploit Author: The Baldwin School Ethical Hackers Vendor Homepage: https://www.mersive.com/ Software Link: https://documentation.mersive.com/en/solstice/about-solstice.html Versions: 5.5, 6.2...
Sonatype Nexus Repository 3.53.0-01 - Path Traversal
Exploit Title: Sonatype Nexus Repository 3.53.0-01 - Path Traversal Google Dork: header="Server: Nexus/3.53.0-01 OSS" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4956 Vendor Homepage: https://www.sonatype.com/nexus-repository Software Link:...
Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass
Exploit Title: Progress Telerik Report Server 2024 Q1 10.0.24.305 - Authentication Bypass Fofa Dork: title="Telerik Report Server" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4358 Vendor Homepage: https://www.telerik.com/report-server Software...
Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)
Exploit Title: Rejetto HTTP File Server 2.3m - Remote Code Execution RCE Fofa Dork: "HttpFileServer" && server=="HFS 2.3m" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-23692 Vendor Homepage: http://rejetto.com/hfs/ Software Link:...
CodeCanyon RISE CRM 3.7.0 - SQL Injection
Exploit Title: CodeCanyon RISE CRM 3.7.0 - SQL Injection Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed Author Homepage: https://bytium.com Vulnerable Version: 3.7 Patched Version: 3.7.1 Tested on: Ubuntu 24.04, Debian Testing CVE: CVE-2024-8945 Instruction 1. Login to...
Litespeed Cache 6.5.0.1 - Authentication Bypass
Exploit Title: Litespeed Cache 6.5.0.1 - Authentication Bypass Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://github.com/gbrsh/CVE-2024-44000?tab=readme-ov-file Version: 6.5.0.1 Tested on:...
KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
Exploit Title: KubeSphere 3.4.0 - Insecure Direct Object Reference IDOR Date: 3 September Exploit Author: Okan Kurtulus Vendor Homepage: https://kubesphere.io Software Link: https://github.com/kubesphere/kubesphere Version: = 4.0.0 & = 3.0.0 & 3.4.1 Tested on: Ubuntu 22.04 CVE : CVE-2024-46528 1-...
MoziloCMS 3.0 - Remote Code Execution (RCE)
Exploit Title: MoziloCMS 3.0 - Remote Code Execution RCE Date: 10/09/2024 Exploit Author: Secfortress https://github.com/sec-fortress Vendor Homepage: https://mozilo.de/ Software Link: https://github.com/moziloDasEinsteigerCMS/mozilo3.0/archive/refs/tags/3.0.1.zip Version: 3.0 Tested on: Debian...
X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
Exploit Title: X2CRM 8.5 - Stored Cross-Site Scripting XSS Date: 12 September 2024 Exploit Author: Okan Kurtulus Vendor Homepage: https://x2engine.com/ Software Link: https://github.com/X2Engine/X2CRM Version: X2CRM v8.5 Tested on: Ubuntu 22.04 CVE : CVE-2024-48120 1- Log in to the system with an...
NVIDIA Container Toolkit 1.16.1 - Time-of-check Time-of-Use (TOCTOU)
Exploit Title: Container Breakout with NVIDIA Container Toolkit Date: 17/02/2025 Exploit Author: r0binak Software Link Homepage: https://github.com/NVIDIA/nvidia-container-toolkit Version: 1.16.1 Tested on: NVIDIA Container Tooklit 1.16.1 CVE: CVE-2024-0132 Description: NVIDIA Container Toolkit...
Microsoft Windows - NTLM Hash Leak Malicious Windows Theme
Exploit Title: CVE-2024-21320 - NTLM Hash Leak via Malicious Windows Theme Date: 02/03/2025 Exploit Author: Abinesh Kamal K U CVE : CVE-2024-21320 Ref: https://www.cve.org/CVERecord?id=CVE-2024-21320 Step 1: Install Responder Responder is a tool to capture NTLM hashes over SMB. git clone...
Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)
Exploit Title: Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change Unauthenticated Date: 2025-02-26 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.aztech.com Version: DSL5005EN Tested on: Linux CVE: N/A import requests import argparse print''' aztech DSL5005EN...
TeamPass 3.0.0.21 - SQL Injection
Exploit Title: TeamPass SQL Injection Google Dork: intitle:"Teampass" + inurl:index.php?page=items Date: 02/23/2025 Exploit Author: Max Meyer - Rivendell Vendor Homepage: http://www.teampass.net Software Link: https://github.com/nilsteampassnet/TeamPass Version: 2.1.24 and prior Tested on:...
Jasmin Ransomware - SQL Injection Login Bypass
Exploit Title: Jasmin Ransomware SQL Injection Login Bypass Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez Vendor Homepage: https://github.com/codesiddhant/Jasmin-Ransomware Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: N/A Tested on: Windows How t...
FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)
Exploit Title: FluxBB 1.5.11 Stored xss Date: 3/8/2025 Exploit Author: Chokri Hammedi Vendor Homepage: www.fluxbb.org Software Link: https://www.softaculous.com/apps/forums/FluxBB Version: FluxBB 1.5.11 Tested on: Windows XP 1. login to admin panel 2. go to /adminforums.php 3. click on "add forum...
JUX Real Estate 3.4.0 - SQL Injection
Exploit Title: JUX Real Estate 3.4.0 - SQL Injection Exploit Author: CraCkEr Date: 26/02/2025 Vendor: JoomlaUX Vendor Homepage: https://joomlaux.com/ Software Link: https://extensions.joomla.org/extension/jux-real-estate/ Demo Link: http://demo.joomlaux.com/jux-real-estate Tested on: Windows 11 P...
VeeVPN 1.6.1 - Unquoted Service Path
Exploit Title: VeeVPN 1.6.1 - 'VeePNService' Unquoted Service Path Date: 2024-12-27 Exploit Author: Doğukan Orhan Vendor Homepage: https://veepn.com/ Version: 1.6.1 Tested on: Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\Users\PCwmic service where 'name like "%VeePNService%"' get...
Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)
Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested on: windows, linux CVE ID : CVE-2023-0159 Vulnerability Type: Remote Code Execution...
TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version: 3.2.41.10.26 Tested on: Window Server 2016 1. Login to web application 2. Click on Entire...
Loaded Commerce 6.6 - Client-Side Template Injection(CSTI)
Exploit Title: Loaded Commerce 6.6 Client-Side Template InjectionCSTI Date: 03/13/2025 Exploit Author: tmrswrr Vendor Homepage: https://loadedcommerce.com/ Version: 6.6 Tested on: https://www.softaculous.com/apps/ecommerce/LoadedCommerce Injecting 77 into the search parameter...
Gitea 1.24.0 - HTML Injection
Exploit Title: Gitea 1.24.0 - HTML Injection Date: 2025-03-09 Exploit Author: Mikail KOCADAĞ Vendor Homepage: https://gitea.com Software Link: https://dl.gitea.io/gitea/1.24.0/ Version: 1.24.0 Tested on: Windows 10, Linux Ubuntu 22.04 CVE : N/A Vulnerability Description: In Gitea 1.24.0, the...
Chamilo LMS 1.11.24 - Remote Code Execution (RCE)
Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version: 1.11.24 Beersel Tested Versions: 1.11.24 Beersel - August 31, 2023...
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...
openSIS 9.1 - SQLi (Authenticated)
Exploit Title: openSIS 9.1 - SQLi Authenticated Google Dork: intext:"openSIS is a product" Date: 09.09.2024 Exploit Author: Devrim Dıragumandan d0ub1edd Vendor Homepage: https://www.os4ed.com/ Software Link: https://github.com/OS4ED/openSIS-Classic/releases/tag/V9.1 Version: 9.1 Tested on: Linux ...
dizqueTV 1.5.3 - Remote Code Execution (RCE)
Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...
reNgine 2.2.0 - Command Injection (Authenticated)
Exploit Title: reNgine 2.2.0 - Command Injection Authenticated Date: 2024-09-29 Exploit Author: Caner Tercan Vendor Homepage: https://rengine.wiki/ Software Link: https://github.com/yogeshojha/rengine Version: v2.2.0 Tested on: macOS POC : 1. Login the Rengine Platform 2. Click the Scan Engine 3...
Gitea 1.22.0 - Stored XSS
Exploit Title: Stored XSS in Gitea Date: 27/08/2024 Exploit Authors: Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/go-gitea/gitea Version: 1.22.0 Tested on: Linux 5.15.0-107, Go 1.23.0 CVE: CVE-2024-6886 Vulnerability Description Gitea 1.22.0 is vulnerable to a Stored...
Invesalius3 - Remote Code Execution
Exploit Title: Invesalius 3.1 - Remote Code Execution RCE Discovered By: Alessio Romano sfoffo, Riccardo Degli Esposti partywave Exploit Author: Alessio Romano sfoffo, Riccardo Degli Esposti partywave Date: 23/08/2024 Vendor Homepage: https://invesalius.github.io/ Software Link:...
Windows TCP/IP - RCE Checker and Denial of Service
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Windows IPv6 CVE-2024-38063 Checker and Denial-Of-Service Date: 2024-08-07 Exploit Author: Photubias Vendor Homepage: https://microsoft.com Vendor Advisory: 1 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 Version:...
NoteMark < 0.13.0 - Stored XSS
Exploit Title: Stored XSS in NoteMark Date: 07/29/2024 Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio...
Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure
Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...
HughesNet HT2000W Satellite Modem - Password Reset
Exploit Title: HughesNet HT2000W Satellite Modem Arcadyan httpd 1.0 - Password Reset Date: 7/16/24 Exploit Author: Simon Greenblatt Vendor: HughesNet Version: Arcadyan httpd 1.0 Tested on: Linux CVE: CVE-2021-20090 import sys import requests import re import base64 import hashlib import urllib re...
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...
Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver...