Cab Management System 1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Cab Management System 1.0 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html Version : 1.0 Tested on: windows 10 xammp | Kali...

Microsoft Gaming Services 2.52.13001.0 - Unquoted Service Path

Exploit Title: Microsoft Gaming Services 2.52.13001.0 - Unquoted Service Path Discovery by: Johto Robbie Discovery Date: May 12, 2021 Tested Version: 2.52.13001.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 x64 Home Step to discover Unquoted Service Path: Go to Start and ty...

Microweber 1.2.11 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Microweber 1.2.11 - Remote Code Execution RCE Authenticated Google Dork: NA Date: 02/17/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber Version: 1.2.11 Tested on: KALI OS CVE :...

Dbltek GoIP - Local File Inclusion

Exploit Title: Dbltek GoIP - Local File Inclusion Date: 20.02.2022 Exploit Author: Valtteri Lehtinen & Lassi Korhonen Vendor Homepage: http://en.dbltek.com/index.html Software Link: - Version: GHSFVT-1.1-67-5 firmware version Tested on: Target is an IoT device Exploit summary Dbltek GoIP-1 is a...

WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)

Exploit Title: WordPress Plugin Perfect Survey - 1.5.1 - SQLi Unauthenticated Date 18.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.getperfectsurvey.com/ Software Link:...

WordPress Plugin WP User Frontend 3.5.25 - SQLi (Authenticated)

Exploit Title: WordPress Plugin WP User Frontend 3.5.25 - SQLi Authenticated Date 20.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wedevs.com/ Software Link: https://downloads.wordpress.org/plugin/wp-user-frontend.3.5.25.zip Version: 3.5.25 Tested on: Ubuntu 20.04 CVE:...

Cab Management System 1.0 - 'id' SQLi (Authenticated)

Exploit Title: Cab Management System 1.0 - 'id' SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html Version : 1.0 Tested on: windows 10 xammp | Kali linux Category:...

Connectify Hotspot 2018 'ConnectifyService' - Unquoted Service Path

Exploit Title: Connectify Hotspot 2018 'ConnectifyService' - Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : Connectify Inc Version : Connectify Hotspot 2018 Vendor Homepage : https://www.connectify.me/ Tested on OS: Windows 7 Pro Analyze PoC : ==============...

Wondershare FamiSafe 1.0 - 'FSService' Unquoted Service Path

Exploit Title: Wondershare FamiSafe 1.0 - 'FSService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download-es.wondershare.com/famisafefull7869.exe Tested Version: 1.0 Vulnerability Type: Unquote...

Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path

Exploit Title: Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path Exploit Date: 2022-02-17 Vendor : IVT Corp Version : BlueSoleilCS 5.4.277 Vendor Homepage : www.ivtcorporation.com Tested on OS: Windows 7 Pro This software installs EDTService.exe version 11.10.2.1 Analyze PoC :...

TOSHIBA DVD PLAYER Navi Support Service - 'TNaviSrv' Unquoted Service Path

Exploit Title: TOSHIBA DVD PLAYER Navi Support Service - 'TNaviSrv' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : TOSHIBA Version : TOSHIBA Navi Support Service 1.00.0000 Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\Administradorsc qc...

Hotel Druid 3.0.3 - Remote Code Execution (RCE)

Exploit Title: Hotel Druid 3.0.3 - Remote Code Execution RCE Date: 05/01/2022 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://www.hoteldruid.com/ Software Link: https://www.hoteldruid.com/download/hoteldruid3.0.3.tar.gz Version: 3.0.3 CVE : CVE-2022-22909 !/usr/bin/python...

Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path

Exploit Title: Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/drfonefull3360.exe Tested Version: 11.4.9 Vulnerability Type:...

File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path

Exploit Title: File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-14 Vendor : Hewlett-PackardHP Version : File Sanitizer for HP ProtectTools 5.0.1.3 Vendor Homepage : http://www.hp.com Tested on OS: Windows 7 Pro...

Wondershare UBackit 2.0.5 - 'wsbackup' Unquoted Service Path

Exploit Title: Wondershare UBackit 2.0.5 - 'wsbackup' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/ubackitfull8767.exe Tested Version: 2.0.5 Vulnerability Type: Unquoted...

WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation

Title: WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation Date: 16.02.2022 Author: Numan Türle CVE: CVE-2022-0441 Software Link: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/ Version: 2.7.6 https://www.youtube.com/watch?v=SIO6CHXMZk...

Wondershare MobileTrans 3.5.9 - 'ElevationService' Unquoted Service Path

Exploit Title: Wondershare MobileTrans 3.5.9 - 'ElevationService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/mobiletransfull5793.exe Tested Version: 3.5.9 Vulnerability...

WordPress Plugin dzs-zoomsounds 6.60 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: WordPress Plugin dzs-zoomsounds - Remote Code Execution RCE Unauthenticated Google Dork: inurl:wp-content/plugins/dzs-zoomsounds Date: 16/02/2022 Exploit Author: Overthinker1877 1877 Team Vendor Homepage: https://digitalzoomstudio.net/docs/wpzoomsounds/ Version: 6.60 Tested on:...

Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/fmlurlsvc/ Date: 01-Feb-2022 Exploit Author: Braiant Giraldo Villa Contact: @ironfortress Twitter Vendor Homepage: https://www.fortinet.com/products/email-security Software Link:...

Intel(R) Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path

Exploit Title: IntelR Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : Intel Version : IntelR Management Engine Components 6.0.0.1189 Vendor Homepage : https://www.intel.com Tested on OS: Windows 7 Pro Analyze PoC ...

Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting (XSS) (Unauthenticated)

Exploit Title: Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting XSS Unauthenticated Author: Luis Martinez Discovery Date: 2022-02-13 Vendor Homepage: https://www.uniview.com/Products/NVR/Easy/NVR304-S-P/Product%20features Datasheet of NVR304-S-P:...

ServiceNow - Username Enumeration

Exploit Title: ServiceNow - Username Enumeration Google Dork: NA Date: 12 February 2022 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2021-45901/ Vendor Homepage: https://www.servicenow.com/ Software Link:...

Simple Student Quarterly Result/Grade System 1.0 - SQLi Authentication Bypass

Exploit Title: Simple Student Quarterly Result/Grade System 1.0 - SQLi Authentication Bypass Date: 11/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path

Exploit Title: Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-13 Vendor Homepage: https://www.emerson.com/en-us Software Link : https://www.opertek.com/descargar-software/?prc=326 Tested Version: 9.80 Build 869...

WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)

Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...

H3C SSL VPN - Username Enumeration

Exploit Title: H3C SSL VPN - Username Enumeration Exploit Author: LiquidWorm H3C SSL VPN Username Enumeration Vendor: Hangzhou H3C Technologies Co. | New H3C Technologies Co., Ltd. Product web page: https://www.h3c.com Affected version: n/a Summary: H3C SSL VPN is a secure VPN system based on SSL...

Multi-Vendor Online Groceries Management System 1.0 - 'id' Blind SQL Injection

Exploit Title: Multi-Vendor Online Groceries Management System 1.0 - 'id' Blind SQL Injection Date: 11/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

TeamSpeak 3.5.6 - Insecure File Permissions

Exploit Title: TeamSpeak 3.5.6 - Insecure File Permissions Date: 2022-02-15 Exploit Author: Aryan Chehreghani Contact: [email protected] Vendor Homepage: https://www.teamspeak.com Software Link: https://www.teamspeak.com/en/downloads Version: 3.5.6 Tested on: Windows 10 x64 About -...

Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)

Exploit Title: Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure Unauthenticated Author: Luis Martinez Discovery Date: 2022-02-10 Vendor Homepage: https://www.kyoceradocumentsolutions.com/asia/en/products/business-application/command-center-rx.html Tested Version:...

Subrion CMS 4.2.1 - Cross Site Request Forgery (CSRF) (Add Amin)

Exploit Title: Subrion CMS 4.2.1 - Cross Site Request Forgery CSRF Add Amin Date: 2022-02-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://subrion.org Software Link: https://subrion.org/download Version: 4.2.1 Tested on: Windows 10 About - Subrion CMS : Subrion is a PHP/MySQL based C...

Accounting Journal Management System 1.0 - 'id' SQLi (Authenticated)

Exploit Title: Accounting Journal Management System 1.0 - 'id' SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15155/accounting-journal-management-system-trial-balance-php-free-source-code.html Version : 1.0 Tested on...

WordPress Plugin Jetpack 9.1 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Jetpack 9.1 - Cross Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/jetpack Version: 9.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search...

WordPress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/contact-forms-builder/ Version: 1.6.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Contact Form Builder...

Hospital Management Startup 1.0 - 'Multiple' SQLi

Exploit Title: Hospital Management Startup 1.0 - 'loginid' SQLi Exploit Author: nu11secur1ty Date: 02.10.2022 Vendor: https://github.com/kabirkhyrul Software: https://github.com/kabirkhyrul/HMS CVE-2022-23366 Description: The loginid and password parameters from Hospital Management Startup 1.0...

WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Account Takeover Unauthenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Cain & Abel 4.9.56 - Unquoted Service Path

Exploit Title: Cain & Abel 4.9.56 - Unquoted Service Path Exploit Author: Aryan Chehreghani Date: 2022-02-08 Software Link: https://www.malavida.com/en/soft/cain-and-abel Version: 4.9.56 Tested on: Windows 10 x64 PoC SERVICENAME: Abel TYPE : 110 WIN32OWNPROCESS interactive STARTTYPE : 2 AUTOSTART...

Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection

Exploit Title: Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Home Owners Collection Management System 1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Remote Code Execution RCE Authenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

AtomCMS v2.0 - SQLi

Exploit Title: AtomCMS v2.0 - SQLi Date: 08/02/2022 Exploit Author: Luca Cuzzolin aka czz78 Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Version: v2.0 Category: Webapps Tested on: Debian linux CVE : CVE-2022-24223 ==================================================== PoC : SQLi :...

Exam Reviewer Management System 1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Exam Reviewer Management System 1.0 - Remote Code Execution RCE Authenticated Date: 2022-02-08 Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...

Exam Reviewer Management System 1.0 - ‘id’ SQL Injection

Exploit Title: Exam Reviewer Management System 1.0 - ‘id’ SQL Injection Date: 2022-02-18 Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...

Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wing FTP Server - Authenticated RCE Date: 02/06/2022 Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe Version: " %...

FileBrowser 2.17.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)

Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Date: 5/2/2022 Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...

WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting XSS Date: 2022-02-04 Author: Milad karimi Software Link: https://wordpress.org/plugins/cf7-international-sms-integration/ Version: 1.2 Tested on: Windows 11 CVE: N/A 1. Description: This...

Hospital Management System 4.0 - 'multiple' SQL Injection

Title: Hospital Management System 4.0 - 'multiple' SQL Injection Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multipl...

Hotel Reservation System 1.0 - SQLi (Unauthenticated)

Exploit Title: Hotel Reservation System 1.0 - SQLi Unauthenticated Google Dork: None Date: 01/29/2022 Exploit Author: Nefrit ID Author Website: https://manadocoder.com Vendor Homepage: https://github.com/dhruvmullick Software Link: https://github.com/dhruvmullick/hotel-reservation-system Tested o...

Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion

Exploit Title: Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion Date: 2022-02-06 Exploit Author: Ven3xy Vendor Homepage: https://wordpress.org/plugins/simple-job-board/ Software Link: https://downloads.wordpress.org/plugin/simple-job-board.2.9.3.zip Version: 2.9.3 Tested on: Ubuntu...

WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...

WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...