47884 matches found
Desktop Central 9.1.0 - Multiple Vulnerabilities
Exploit Title: Desktop Central 9.1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-02-14 Software Link : http://www.desktopcentral.com Tested Version: 9.1.0 Build No: 91084 Tested on: Windows 10 Vulnerability Type: CRLF injection CRLF - 1 CVSS v3: 6.1 CVSS vector:...
FlatCore CMS 2.1.1 - Stored Cross-Site Scripting (XSS)
Exploit Title: FlatCore CMS 2.1.1 -Stored Cross Site Scripting Date: 2020-09-24 Exploit Author: Sinem Şahin Vendor Homepage: https://flatcore.org/ Version: 2.1.1 Tested on: Windows & XAMPP == Tutorial http://HOST/install/index.php 2- Write XSS Payload into the username of the user account. 3- Pre...
Gestionale Open 12.00.00 - 'DB_GO_80' Unquoted Service Path
Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Pat...
Canteen-Management v1.0 - XSS-Reflected
Exploit Title: Canteen-Management v1.0 - XSS-Reflected Exploit Author: nu11secur1ty Date: 10.04.2022 Vendor: Free PHP Projects & Ideas with Source Codes for Students | mayurik Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayurik/2022/Canteen-Management/Docs...
WebTareas 2.4 - RCE (Authorized)
Exploit Title: WebTareas 2.4 - RCE Authorized Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10...
Aero CMS v0.0.1 - PHP Code Injection (auth)
Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...
Aero CMS v0.0.1 - SQL Injection (no auth)
Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...
Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path
Exploit Title: Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path Exploit Author: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.infonetsoftware.com Software Link : https://www.infonetsoftware.com/soft/instalarMedicontx.exe Tested Version: 3.7.27 Vulnerability...
MiniDVBLinux 5.4 - Arbitrary File Read
Exploit Title: MiniDVBLinux 5.4 - Arbitrary File Read Exploit Author: LiquidWorm !/usr/bin/env python3 MiniDVBLinux 5.4 Arbitrary File Read Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers ...
MiniDVBLinux 5.4 - Change Root Password
Exploit Title: MiniDVBLinux 5.4 - Change Root Password Exploit Author: LiquidWorm MiniDVBLinux 5.4 Change Root Password PoC Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a...
Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)
Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS...
MiniDVBLinux 5.4 - Remote Root Command Injection
Exploit Title: MiniDVBLinux 5.4 - Remote Root Command Injection Exploit Author: LiquidWorm !/usr/bin/env python3 MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM...
MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution (RCE)
Exploit Title: MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution RCE Exploit Author: LiquidWorm MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP svdrpsend.sh Exploit Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4...
AVS Audio Converter 10.3 - Stack Overflow (SEH)
Exploit Title: AVS Audio Converter 10.3 - Stack Overflow SEH Discovered by: Yehia Elghaly - Mrvar0x Discovered Date: 2022-10-16 Tested Version: 10.3.1.633 Tested on OS: Windows 7 Professional x86 pop+ret Address=005154E6 Message= 0x005154e6 : pop ecx pop ebp ret 0x04 | startnull PAGEEXECUTEREAD...
Frhed (Free hex editor) v1.6.0 - Buffer overflow
Exploit Title: Frhed Free hex editor v1.6.0 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://frhed.sourceforge.net/ Software Link : http://frhed.sourceforge.net/ Tested Version: 1.6.0 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...
Grafana <=6.2.4 - HTML Injection
Exploit Title: Grafana Hello...
Employee Performance Evaluation System v1.0 - File Inclusion and RCE
Exploit Title: Employee Performance Evaluation System v1.0 - File Inclusion and RCE Exploit Author: nu11secur1ty Date: 03.17.2023 Vendor: https://www.sourcecodester.com/user/257130/activity Software:...
NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle
Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...
ImpressCMS v1.4.3 - Authenticated SQL Injection
Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor:...
Password Manager for IIS v2.0 - XSS
Exploit Title: Password Manager for IIS v2.0 - XSS Exploit Author: VP4TR10T Vendor Homepage: http://passwordmanager.adiscon.com/en/manual/ Software Link: http://passwordmanager.adiscon.com/ Version: Version 2.0 Tested on: WINDOWS CVE : CVE-2022-36664 Affected URI when changing user password: POST...
Bus Pass Management System 1.0 - Cross-Site Scripting (XSS)
Exploit Title: Bus Pass Management System 1.0 - Cross-Site Scripting XSS Date: 2022-07-02 Exploit Author: Ali Alipour Vendor Homepage: https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql Software Link:...
Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal
Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Date: 09.29.2022 Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite...
MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution
Exploit Title: MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 26th Feb'2022 CVE ID: CVE-2022-26149 Confirmed on release 2.8.3-pl Reference: https://github.com/sartlabs/0days/blob/main/Modx/Exploit.txt Vendor...
Composr-CMS Version <=10.0.39 - Authenticated Remote Code Execution
Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...
System Mechanic v15.5.0.61 - Arbitrary Read/Write
/ Exploit Title: System Mechanic v15.5.0.61 - Arbitrary Read/Write Date: 26-09-2022 Exploit Author: Brandon Marshall Vendor Homepage: https://www.iolo.com/ Tested Version - System Mechanic version 15.5.0.61 Driver Version - 5.4.11 - amp.sys Tested on OS - 64 bit Windows 10 18362 Fixed Version -...
D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution
Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...
Abantecart v1.3.2 - Authenticated Remote Code Execution
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...
Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
"camp" Raspberry Pi camera server 1.0 - Authentication Bypass
Exploit Title: "camp" Raspberry Pi camera server 1.0 - Authentication Bypass Date: 2022-07-25 Exploit Author: Elias Hohl Vendor Homepage: https://github.com/patrickfuller Software Link: https://github.com/patrickfuller/camp Version: bf6af5c2e5cf713e4050c11c52dd4c55e89880b1 Tested on: Ubuntu 20.04...
SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution
Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...
Online Diagnostic Lab Management System v1.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Online Diagnostic Lab Management System v1.0 - Remote Code Execution RCE Unauthenticated Google Dork: N/A Date: 2022-9-23 Exploit Author: yousef alraddadi - https://twitter.com/y0usef11 Vendor Homepage:...
PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS
Exploit Title: PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS Date: 2022-10-02 Exploit Author: Prasheek Kamble Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/ Version: V 1.2 Vulnerable endpoint:...
DLink DIR 819 A1 - Denial of Service
Exploit Title: DLink DIR 819 A1 - Denial of Service Date: 30th September, 2022 Exploit Author: @whokilleddb https://twitter.com/whokilleddb Vendor Homepage: https://www.dlink.com/en/products/dir-819-wireless-ac750-dual-band-router Version: DIR-819 Firmware Version : 1.06 Hardware Version : A1...
GuppY CMS v6.00.10 - Remote Code Execution
Exploit Title: GuppY CMS v6.00.10 - Remote Code Execution Date: Sep 30, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.freeguppy.org/ Software Link: https://www.freeguppy.org/fgy6dn.php?lng=en&pg=279927&tconfig=0z2 Version: 6.00.10 Tested on: Linux !/usr/bin/php ?php $username =...
Human Resources Management System v1.0 - Multiple SQLi
Exploit Title: Human Resources Management System v1.0 - Multiple SQLi Date: 16/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.ht...
Yoga Class Registration System v1.0 - Multiple SQLi
Exploit Title: Yoga Class Registration System v1.0 - Multiple SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html Software...
NEX-Forms WordPress plugin < 7.9.7 - Authenticated SQLi
Exploit Title: NEX-Forms WordPress plugin =5.0.12 AND time-based blind query SLEEP Payload: page=nex-forms-dashboard&formid=1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...
Bitbucket v7.0.0 - RCE
Exploit Title: Bitbucket v7.0.0 - RCE Date: 09-23-2022 Exploit Author: khal4n1 Vendor Homepage: https://github.com/khal4n1 Tested on: Kali and ubuntu LTS 22.04 CVE : cve-2022-36804 The following exploit is used to exploit a vulnerability present Atlassian Bitbucket Server and Data Center 7.0.0...
WorkOrder CMS 0.1.0 - SQL Injection
Exploit Title: WorkOrder CMS 0.1.0 - SQL Injection Date: Sep 22, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/romzes13/WorkOrderCMS Software Link: https://github.com/romzes13/WorkOrderCMS/archive/refs/tags/v0.1.0.zip Version: 0.1.0 Tested on: Linux Auth Bypass: username...
MAN-EAM-0003 V3.2.4 - XXE
Exploit Title: MAN-EAM-0003 V3.2.4 - XXE Date: 2022-09-19 Exploit Author: Ahmed Alroky Author: http://guralp.com/ Version: 3.2.4 Authentication Required: NO CVE : CVE-2022-38840 Google dork: " webconfig menu.cgi " Tested on: Windows Exploit 1 - browse to http:// name/cgi-bin/xmlstatus.cgi 2 - cli...
Owlfiles File Manager 12.0.1 - Multiple Vulnerabilities
Exploit Title: Owlfiles File Manager 12.0.1 - Multiple Vulnerabilities Date: Sep 19, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/owlfiles-file-manager/id510282524 Version: 12.0.1 Tested on: iPhone iOS 16.0 path traversa...
wkhtmltopdf 0.12.6 - Server Side Request Forgery
Exploit Title: wkhtmltopdf 0.12.6 - Server Side Request Forgery Date: 20/8/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://wkhtmltopdf.org Software Link: https://wkhtmltopdf.org/downloads.html Version: 0.12.6 Tested on: Windows ASP.NET POST /PDF/FromHTML HTTP/1.1 Host:...
SoX 14.4.2 - Denial Of Service
Exploit Title: SoX 14.4.2 - Denial Of Service Exploit Author: LiquidWorm Vendor: Chris Bagwell Product web page: http://sox.sourceforge.net https://en.wikipedia.org/wiki/SoX Affected version: =14.4.2 Summary: SoX Sound eXchange is the Swiss Army knife of sound processing tools: it can convert sou...
VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities
Exploit Title: VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username" Date: 18/09/2022 Exploit Author: Edd13Mora Vendor Homepage: www.viaviweb.com Version: N/A Tested on: Windows 11 - Kali Linux ------------------ SQLI on the...
Linksys AX3200 V1.1.00 - Command Injection
Exploit Title: Linksys AX3200 V1.1.00 - Command Injection Date: 2022-09-19 Exploit Author: Ahmed Alroky Author: Linksys Version: 1.1.00 Authentication Required: YES CVE : CVE-2022-38841 Tested on: Windows Proof Of Concept: 1 - login into AX3200 webui 2 - go to diagnostics page 3 - put...
pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)
Exploit Title: pfBlockerNG 2.1.426 - Remote Code Execution RCE Shodan Results: https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22 Date: 5th of September 2022 Exploit Author: IHTeam Vendor Homepage:...
SmartRG Router SR510n 2.6.13 - Remote Code Execution
Exploit Title: SmartRG Router SR510n 2.6.13 - RCE Remote Code Execution Date: 13/06/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import...
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal
Exploit Title: AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal Exploit Author: Jens Regel CRISEC IT-Security Date: 11/11/2022 CVE: CVE-2022-23854 Version: Access Anywhere Secure Gateway versions 2020 R2 and older Proof of Concept: GET...
Open Web Analytics 1.7.3 - Remote Code Execution
Exploit Title: Open Web Analytics 1.7.3 - Remote Code Execution RCE Date: 2022-08-30 Exploit Author: Jacob Ebben Vendor Homepage: https://www.openwebanalytics.com/ Software Link: https://github.com/Open-Web-Analytics Version: 1.7.4 Tested on: Linux CVE : CVE-2022-24637 import argparse import...
IOTransfer V4 - Unquoted Service Path
Exploit Title: IOTransfer V4 - Unquoted Service Path Exploit Author: BLAY ABU SAFIAN Inveteck Global Discovery Date: 2022-28-07 Vendor Homepage: http://www.iobit.com/en/index.php Software Link: https://iotransfer.itopvpn.com/download/ Tested Version: V4 Vulnerability Type: Unquoted Service Path...