Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE)

Exploit Title: Internet Download Manager v6.41 Build 3 - Remote Code Execution RCE Date: 15.11.2022 Exploit Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://www.internetdownloadmanager.com/ Software Link:...

Inbit Messenger v4.9.0 - Unauthenticated Remote SEH Overflow

Exploit Title: Inbit Messenger v4.9.0 - Unauthenticated Remote SEH Overflow Date: 11/08/2022 Exploit Author: a-rey Vendor Homepage: http://www.inbit.com/support.html Software Link: http://www.softsea.com/review/Inbit-Messenger-Basic-Edition.html Version: v4.6.0 - v4.9.0 Tested on: Windows XP SP3,...

Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE)

Exploit Title: Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution RCE Date: 11/08/2022 Exploit Author: a-rey Vendor Homepage: http://www.inbit.com/support.html Software Link: http://www.softsea.com/review/Inbit-Messenger-Basic-Edition.html Version: v4.6.0 - v4.9.0 Tested on: Window...

Helmet Store Showroom v1.0 - SQL Injection

Exploit Title: Helmet Store Showroom v1.0 - SQL Injection Exploit Author: Ameer Hamza Date: November 15, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15851/helmet-store-showroom-site-php-and-mysql-free-source-code.html Software Link:...

Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting XSS Author: Bleron Rrustemi Discovery Date: 2022-11-15 Vendor Homepage: https://www.uniview.com/tr/Products/NVR/Easy/NVR301-04S2-P4/ Datasheet:: https://www.uniview.com/download.do?id=1761643 Device Firmware:...

Outline V1.6.0 - Unquoted Service Path

Exploit Title: Outline V1.6.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Discovery Date: 2022-11-10 Vendor Homepage: https://getoutline.org/ Software Link: https://getoutline.org/ Tested Version: V1.6.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows...

Book Store Management System 1.0.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Book Store Management System 1.0.0 - Stored Cross-Site Scripting XSS Date: 2022-11-08 Exploit Author: Rajeshwar Singh Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsmsci.zip Tested on:...

Senayan Library Management System v9.5.0 - SQL Injection

Title: Senayan Library Management System v9.5.0 - SQL Injection Author: nu11secur1ty Date: 11.03.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.0...

OPSWAT Metadefender Core - Privilege Escalation

Exploit Title: OPSWAT Metadefender Core - Privilege Escalation Date: 24 October 2022 Exploit Author: Ulascan Yildirim Vendor Homepage: https://www.opswat.com/ Version: Metadefender Core 4.21.1 Tested on: Windows / Linux CVE : CVE-2022-32272...

Jetpack 11.4 - Cross Site Scripting (XSS)

Exploit Title: Jetpack 11.4 - Cross Site Scripting XSS Date: 2022-10-19 Author: Behrouz Mansoori Software Link: https://wordpress.org/plugins/jetpack Version: 11.4 Tested on: Mac m1 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search feature and ta...

SuperMailer v11.20 - Buffer overflow DoS

Exploit Title: SuperMailer v11.20 - Buffer overflow DoS Exploit Author: Rafael Pedrero Discovery Date: 2021-02-07 Vendor Homepage: https://int.supermailer.de/downloadnewslettersoftware.htm Software Link : https://int.supermailer.de/smintsw.zip / https://int.supermailer.de/smintswx64.zip Tested...

Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF)

Exploit Title: Label Studio 1.5.0 - Authenticated Server Side Request Forgery SSRF Google Dork: intitle:"Label Studio" intext:"Sign Up" intext:"Welcome to Label Studio Community Edition" Date: 2022-10-03 Exploit Author: @DeveloperNinja, [email protected] Vendor Homepage:...

SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path

Exploit Title: SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Date: 2022-10-20 Vendor Homepage: https://www1.sugarsync.com Software Link: https://www1.sugarsync.com/apps/windows/ Version : 4.1.3 Tested on: Windows 11 64bit CVE : N/A About...

Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access

Exploit Title: Tapo C310 RTSP server v1.3.0- Unauthorised Video Stream Access Date: 19th July 2022 Exploit Author: dsclee1 Vendor Homepage: tp-link.com Software Link: http://download.tplinkcloud.com/firmware/TapoC310v1en1.3.0Build220328Rel.64283nu1649923652150.bin Version: 1.3.0 Tested on: Linux ...

Beauty-salon v1.0 - Remote Code Execution (RCE)

Exploit Title: Beauty-salon v1.0 - Remote Code Execution RCE Exploit Author: nu11secur1ty Date: 10.12.2022 Vendor: https://code4berry.com/projects/beautysalon.php Software: https://code4berry.com/project%20downloads/beautysalondownload.php Reference:...

ReQlogic v11.3 - Reflected Cross-Site Scripting (XSS)

Exploit Title: ReQlogic v11.3 - Reflected Cross-Site Scripting XSS Date: 9 October 2022 Exploit Author: Okan Kurtulus Vendor Homepage: https://reqlogic.com Version: 11.3 Tested on: Linux CVE : 2022-41441 Proof of Concept: 1- Install ReQlogic v11.3 2- Go to...

ZKTeco ZEM/ZMM 8.88 - Missing Authentication

Exploit Title: ZKTeco ZEM/ZMM 8.88 - Missing Authentication Exploit Author: RedTeam Pentesting GmbH CVE: CVE-2022-42953 Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the databas...

X-Skipper-Proxy v0.13.237 - Server Side Request Forgery (SSRF)

Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Date: 24/10/2022 Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580...

Subrion CMS 4.2.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting XSS Date: 2022-08-10 Exploit Author: Sinem Şahin Vendor Homepage: https://intelliants.com/ Version: 4.2.1 Tested on: Windows & XAMPP == Tutorial http://HOST/panel/fields/add 2- Write XSS Payload into the tooltip value of the field add...

YouPHPTube<= 7.8 - Multiple Vulnerabilities

Exploit Title: YouPHPTube getLanguage; if !empty$GET'lang' $GET'lang' = striptags$GET'lang'; $SESSION'language' = $GET'lang'; @includeonce "$global'systemRootPath'locale/$SESSION'language'.php"; The parameter "lang" can be modified and load a ph...

iBooking v1.0.8 - Arbitrary File Upload

Exploit Title: iBooking v1.0.8 - Arbitrary File Upload Exploit Author: d1z1n370/oPty Date: 01/11/2022 Vendor Homepage: https://codecanyon.net/item/ibooking-laravel-booking-system/30362088 Tested on: Linux Version: 1.0.8 Exploit Description: The application is prone to an arbitrary file-upload...

Moodle LMS 4.0 - Cross-Site Scripting (XSS)

Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting XSS Date: 26/10/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://moodle.org/ Software Link: https://git.in.moodle.com/moodle Version: 4.0 Tested on: XAMPP, Windows 10 Contact: https://twitter.com/dmaral3noz Description: A Cross Site...

HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path

Exploit Title: HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Date: 2022-10-19 Vendor Homepage: https://www.panterasoft.com Software Link: https://hdd-health.softonic.com Version : 4.2.0.112 Tested on: Windows 11 64bit CVE : N/A About Unquoted...

Online shopping system advanced 1.0 - Multiple Vulnerabilities

Exploit Title: Online shopping system advanced 1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2020-09-24 Vendor Homepage: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software Link :...

rukovoditel 3.2.1 - Cross-Site Scripting (XSS)

Title: rukovoditel 3.2.1 - Cross-Site Scripting XSS Author: nu11secur1ty Date: 11.03.2022 Vendor: https://www.rukovoditel.net/ Software: https://sourceforge.net/projects/rukovoditel/files/rukovoditel3.2.1.zip/download Reference:...

Hashicorp Consul v1.0 - Remote Command Execution (RCE)

Exploit Title: Hashicorp Consul v1.0 - Remote Command Execution RCE Date: 26/10/2022 Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://www.consul.io/ Description: Exploit for gain reverse shell on Remote Command Execution via API References:...

Social-Share-Buttons v2.2.3 - SQL Injection

Title: Social-Share-Buttons v2.2.3 - SQL Injection Author: nu11secur1ty Date: 09.16.2022 Vendor: https://wordpress.org/ Software: https://downloads.wordpress.org/plugin/social-share-buttons-by-supsystic.2.2.3.zip Reference:...

Tunnel Interface Driver - Denial of Service

// Exploit Title: Tunnel Interface Driver - Denial of Service // Date: 07/15/2022 // Exploit Author: ExAllocatePool2 // Vendor Homepage: https://www.microsoft.com/ // Software Link: https://www.microsoft.com/en-us/software-download/windows10 // Version: Windows 10 Pro Version 21H2 OS Build...

BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)

Exploit Title: BoxBilling POC Video : https://drive.google.com/file/d/1m2glCeJ9QXc8epuY2QfvbWwjLTJ8Hjx/view?usp=sharing...

VMware Workstation 15 Pro - Denial of Service

Title: VMware Workstation 15 Pro - Denial of Service Author: Milad Karimi Date: 2022-10-17 Tested on: Windows 10 Pro and Windows 7 Pro SP1 with VMware® Workstation 15 Pro 15.5.6 build-16341506 Affected: VMware Workstation Pro/Player 15.x config.version = "8" virtualHW.version = "4" displayName =...

Pega Platform 8.1.0 - Remote Code Execution (RCE)

Exploit Title: Pega Platform 8.1.0 - Remote Code Execution RCE Google Dork: N/A Date: 20 Oct 2022 Exploit Author: Marcin Wolak using MOGWAI LABS JMX Exploitation Toolkit Vendor Homepage: www.pega.com Software Link: Not Available Version: 8.1.0 on-premise and higher, up to 8.3.7 Tested on: Red Hat...

FortiOS, FortiProxy, FortiSwitchManager v7.2.1 - Authentication Bypass

Exploit Title: Fortinet Authentication Bypass v7.2.1 - FortiOS, FortiProxy, FortiSwitchManager Date: 13/10/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.fortinet.com/ Version: FortiOS from 7.2.0 to 7.2.1 FortiOS from 7.0.0 to 7.0.6 FortiProxy 7.2.0 FortiProxy from...

Atom CMS v2.0 - SQL Injection (no auth)

Exploit Title: Atom CMS v2.0 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Windows 10...

WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities

Exploit Title: WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://wpn-xm.org/ Software Link : https://github.com/WPN-XM/WPN-XM/ Tested Version: 0.8.6 Tested on: Windows 10 using XAMPP Vulnerability Type:...

Hex Workshop v6.7 - Buffer overflow DoS

Exploit Title: Hex Workshop v6.7 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.bpsoft.com, http://www.hexworkshop.com Software Link : http://www.bpsoft.com, http://www.hexworkshop.com Tested Version: v6.7 Tested on: Windows 10 CVSS v3: 7...

Resource Hacker v3.6.0.92 - Buffer overflow

Exploit Title: Resource Hacker 3.6.0.92 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.angusj.com/resourcehacker/ Software Link : http://www.angusj.com/resourcehacker/ Tested Version: 3.6.0.92 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

MiniDVBLinux 5.4 - Unauthenticated Stream Disclosure

Exploit Title: MiniDVBLinux 5.4 - Unauthenticated Stream Disclosure Exploit Author: LiquidWorm MiniDVBLinux 5.4 Unauthenticated Stream Disclosure Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: /dev/null...

MiniDVBLinux <=5.4 - Config Download Exploit

Exploit Title: MiniDVBLinux =5.4 Config Download Exploit Exploit Author: LiquidWorm Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based ...

WebTareas 2.4 - SQL Injection (Unauthorised)

Exploit Title: WebTareas 2.4 - SQL Injection Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on:...

Scdbg 1.0 - Buffer overflow DoS

Exploit Title: Scdbg 1.0 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2021-06-13 Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152 Software Link : https://github.com/dzzie/VSLIBEMU Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45 Tested on: Windows ...

Tftpd32_SE 4.60 - 'Tftpd32_svc' Unquoted Service Path

Exploit Title: Tftpd32SE 4.60 - 'Tftpd32svc' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 10-13-2022 Vendor Homepage: https://pjo2.github.io/tftpd64/ Software Links : https://bitbucket.org/phjounin/tftpd64/downloads/Tftpd32SE-4.60-setup.exe Tested Version: 4.60 Vulnerability...

Explorer32++ v1.3.5.531 - Buffer overflow

Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass

Exploit Title: Zoneminder v1.36.26 - Log Injection - CSRF Bypass - Stored Cross-Site Scripting XSS Date: 10/01/2022 Exploit Author: Trenches of IT Vendor Homepage: https://github.com/ZoneMinder/zoneminder Version: v1.36.26 Tested on: Linux/Windows CVE: CVE-2022-39285, CVE-2022-39290, CVE-2022-392...

Clansphere CMS 2011.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...

Canteen-Management v1.0 - SQL Injection

Exploit Title: Canteen-Management v1.0 - SQL Injection Exploit Author: nu11secur1ty Date: 10.04.2022 Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/Canteen-Management/Docs/youthappam.zip?raw=true Reference:...

WebTareas 2.4 - Reflected XSS (Unauthorised)

Exploit Title: WebTareas 2.4 - Reflected XSS Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Tested on:...

Zentao Project Management System 17.0 - Authenticated Remote Code Execution (RCE)

Exploit Title: Zentao Project Management System 17.0 - Authenticated Remote Code Execution RCE Exploit Author: mister0xf Date: 2022-10-8 Software Link: https://github.com/easysoft/zentaopms Version: tested on 17.0 probably works also on newer/older versions Tested On: Kali Linux 2022.2 Exploit...

Webgrind 1.1 - Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE)

Exploit Title: Webgrind 1.1 - Reflected Cross-Site Scripting XSS & Remote Command Execution RCE Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://github.com/jokkedk/webgrind/ Software Link : http://github.com/jokkedk/webgrind/ Tested Version: 1.1 Tested on: Windows 1...

eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)

Exploit Title: eXtplorer= 2.1.14 - Authentication Bypass & Remote Code Execution RCE Exploit Author: ErPaciocco Author Website: https://erpaciocco.github.io Vendor Homepage: https://extplorer.net/ Vendor: ============== extplorer.net Product: ================== eXtplorer = v2.1.14 eXtplorer is a...