WordPress Plugin Wappointment 2.2.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Wappointment 2.2.4 - Stored Cross-Site Scripting XSS Date: 2021-07-31 Exploit Author: Renos Nikolaou Software Link: https://downloads.wordpress.org/plugin/wappointment.2.2.4.zip Version: 2.2.4 Tested on: Windows Description : Wappointment is prone to Stored Cross...

XAMPP 7.4.3 - Local Privilege Escalation

Exploit Title: XAMPP 7.4.3 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Original Author: Maximilian Barz @S1lkys Date: 27/09/2021 Vendor Homepage: https://www.apachefriends.org Version: XAMPP 7.2.29, 7.3.x 7.3.16 & 7.4.x 7.4.4 Tested on: Windows 10 +...

Ether_MP3_CD_Burner 1.3.8 - Buffer Overflow (SEH)

Exploit Title: EtherMP3CDBurner 1.3.8 - Buffer Overflow SEH Date: 24.09.2021 Software Link: https://mp3-avi-mpeg-wmv-rm-to-audio-cd-burner.software.informer.com/download/?caa8ec-1.2 Software Link 2: https://anonfiles.com/X2Ff36J6ue/ethercdburnerexe Exploit Author: Achilles Tested Version: 1.3.8...

Library System 1.0 - 'student_id' SQL injection (Authenticated)

Exploit Title: Library System 1.0 - 'studentid' SQL injection Authenticated Google Dork: intitle: "Library System by YahooBaba" Date: 26/08/2021 Exploit Author: Vinay Bhuria Vendor Homepage: https://www.yahoobaba.net Software Link: https://www.yahoobaba.net/project/library-system-in-php Version:...

SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure

Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure Google Dork: intext:"Powered by SmarterTrack" Date: 23/01/2020 Exploit Author: Andrei Manole Vendor Homepage: https://www.smartertools.com/ Software Link: https://www.smartertools.com/smartertrack Version: TESTED ON...

Pharmacy Point of Sale System 1.0 - SQLi Authentication BYpass

Exploit Title: Pharmacy Point of Sale System 1.0 - SQLi Authentication Bypass Date: 23.09.2021 Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/php/14957/pharmacy-point-sale-system-using-php-and-sqlite-free-source-code.html Software Link:...

Microsoft Windows cmd.exe - Stack Buffer Overflow

Title: Microsoft Windows cmd.exe - Stack Buffer Overflow Author: John Page aka hyp3rlinx Date: 15/09/2021 Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CMD.EXE-STACK-BUFFER-OVERFLOW.txt ISR: ApparitionSec Vendor www.microsoft.com Product cmd.exe is the default command-line...

Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control

Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...

Police Crime Record Management Project 1.0 - Time Based SQLi

Exploit Title: Police Crime Record Management Project 1.0 - Time Based SQLi Exploit Author: t//\1 Date: 23/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Tested on: Linux Version: 1.0 Exploit Description: The application is prone to an...

Budget and Expense Tracker System 1.0 - Arbitrary File Upload

Exploit Title: Budget and Expense Tracker System 1.0 - Arbitrary File Upload Exploit Author: t//\1 Date: 23/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Tested on: Linux Version: 2.0 Exploit Description: The...

Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)

Exploit Title: Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery CSRF Exploit Author: V1n1v131r4 Date: 2021-09-22 Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.20.0/backdrop.zip Version: 1.20.0 Tested On: Kali Linux,...

WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting XSS Date: 15/2/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woo-order-export-lite/ Version: 3.1.7 Tested on: Windows 10 CVE: CVE-2021-24169 1. Description: This plugin...

Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload

Exploit Title: Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/3dprint-lite/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/3dprint-lite/ Version: spacehen www.github.com/spacehen" def printusage:...

WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery (CSRF)

Exploit Title: WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery CSRF Date: 2/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/fitness-calculators/ Version: 1.9.5 Tested on: Windows 10 CVE: CVE-2021-24272 1. Description: The plugin add calculators for Water...

Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial of Service (PoC)

Exploit Title: Redragon Gaming Mouse - 'REDRAGONMOUSE.sys' Denial of Service PoC Date: 27/08/2021 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.redragonzone.com/pages/download Reference:...

Online Reviewer System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Reviewer System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Date: 2021-09-21 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...

OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection (XXE)

Exploit Title: OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection XXE Date: 2021-09-20 Exploit Author: Jake Ruston Vendor Homepage: https://opencats.org Software Link: https://github.com/opencats/OpenCATS/releases/download/0.9.4-2/opencats-0.9.4-2-full.zip Version: w:document...

Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Sentry 8.2.0 - Remote Code Execution RCE Authenticated Date: 22/09/2021 Exploit Author: Mohin Paramasivam Shad0wQu35t Vulnerability Discovered By : Clement Berthaux SYNACKTIV Software Link: https://sentry.io/welcome/ Advisory:...

e107 CMS 2.3.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: e107 CMS 2.3.0 - Remote Code Execution RCE Authenticated Date: 21-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 2.3.0 Category: Webapps Tested on: Linux/Windows e107 is a free website content...

Simple Attendance System 1.0 - Unauthenticated Blind SQLi

Exploit Title: Simple Attendance System 1.0 - Unauthenticated Blind SQLi Exploit Author: t//\1 Date: September 21, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Tested on: Linux Version: v1.0 Exploit Description: The...

Cloudron 6.2 - 'returnTo ' Cross Site Scripting (Reflected)

Exploit Title: Cloudron 6.2 - 'returnTo ' Cross Site Scripting Reflected Date: 10.06.2021 Exploit Author: Akıner Kısa Vendor Homepage: https://cloudron.io Software Link: https://www.cloudron.io/get.html Version: 6.3 CVE : CVE-2021-40868 Proof of Concept: 1. Go to...

TotalAV 5.15.69 - Unquoted Service Path

Exploit Title: TotalAV 5.15.69 - Unquoted Service Path Date: 22/09/2021 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.totalav.com Software Link: https://download.totalav.com/windows/beta-trial or https://install.protected.net/windows/cdn3/5.15.69/TotalAV.exe Version: 5.15.69...

Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service (PoC)

Exploit Title: Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service PoC Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.yenkee.eu/gaming-mouse-hornet-aim/yms-3029 Reference:...

WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WebsiteBaker 2.13.0 - Remote Code Execution RCE Authenticated Date: 18-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://websitebaker.org/ Software Link: http://wiki.websitebaker.org/doku.php/en/downloads Version: 2.13.0 Category: Webapps Tested on:...

Budget and Expense Tracker System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Budget and Expense Tracker System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-21 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...

Budget and Expense Tracker System 1.0 - Authenticated Bypass

Exploit Title: Budget and Expense Tracker System 1.0 - Authenticated Bypass Exploit Author: Prunier Charles-Yves Date: September 20, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...

T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)

Exploit Title: T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery CSRF Exploit Author: Alperen Ergel Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux 2021.4 / xammp Category: WebApp Google Dork: intext:'T-Soft E-Ticaret Sistemleriyle...

Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)

Exploit Title: Church Management System 1.0 - 'search' SQL Injection Unauthenticated Exploit Author: Erwin Krazek Nero Date: 17/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Lin...

Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Church Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

WordPress 5.7 - 'Media Library' XML External Entity Injection (XXE) (Authenticated)

Exploit Title: WordPress 5.7 - 'Media Library' XML External Entity Injection XXE Authenticated Date: 16/09/2021 Exploit Author: David Utón M3n0sD0n4ld Vendor Homepage: https://wordpress.com Affected Version: WordPress 5.6-5.7 & PHP8 Tested on: Linux Ubuntu 18.04.5 LTS CVE : CVE-2021-29447...

Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)

Exploit Title: Library Management System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Bobby Cooke @0xBoku & Adeeb Shah @hyd3sec Date: 16/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/12469/library-management-system-using-php-mysql.html Software Link:...

Simple Attendance System 1.0 - Authenticated bypass

Exploit Title: Simple Attendance System 1.0 - Authenticated bypass Exploit Author: Abdullah Khawaja hax.3xploit Date: September 17, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass

Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Date: 2021-09-16 Exploit Author: Sebastian Kriesten 0xB455 Contact: https://twitter.com/0xB455 Affected Plugin: Booster for WooCommerce Plugin Slug: woocommerce-jetpack Vulnerability disclosure:...

ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.impresscms.org/ Software Link: https://www.impresscms.org/modules/downloads/ Version: 1.4.2 Category: Webapps Tested on: Linux/Windows...

Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)

Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Date: 29.08.2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LT...

Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Evolution CMS 3.1.6 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://evo.im/ Software Link: https://github.com/evolution-cms/evolution/releases Version: 3.1.6 Category: Webapps Tested on: Linux/Windows Exampl...

AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)

Exploit Title: AlphaWeb XE - File Upload Remote Code Execution RCE Authenticated Date: 09/09/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor website: https://www.zenitel.com/ Product website: https://wiki.zenitel.com/wiki/AlphaWeb Example: python3 CVE-2021-40845.py -u "http://$ip:80/" -c...

Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)

Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Date: 2021-09-15 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version...

Purchase Order Management System 1.0 - Remote File Upload

Exploit Title: Purchase Order Management System 1.0 - Remote File Upload Date: 2021-09-14 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html...

Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload

Exploit Title: Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/download-from-files Date: 10/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/download-from-files/ Version: spacehen www.github.com/spacehen" def...

ECOA Building Automation System - Local File Disclosure

Exploit Title: ECOA Building Automation System - Local File Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Local File Disclosure Vulnerability Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw...

Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai

Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Date: 2021-09-11 Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...

Men Salon Management System 1.0 - Multiple Vulnerabilities

Exploit Title: Men Salon Management System 1.0 - Multiple Vulnerabilities Date: 2021-09-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql Version: 1.0 Tested on: Windows 10 - XAMPP...

ECOA Building Automation System - Path Traversal Arbitrary File Upload

Exploit Title: ECOA Building Automation System - Path Traversal Arbitrary File Upload Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Path Traversal Arbitrary File Upload Vendor: ECOA Technologies Corp. Product web page:...

ECOA Building Automation System - Hard-coded Credentials SSH Access

Exploit Title: ECOA Building Automation System - Hard-coded Credentials SSH Access Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hard-coded Credentials SSH Access Vendor: ECOA Technologies Corp. Product web page:...

Apartment Visitor Management System (AVMS) 1.0 - 'username' SQL Injection

Exploit Title: Apartment Visitor Management System AVMS 1.0 - 'username' SQL Injection Date: 2021-08-13 Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...

ECOA Building Automation System - Directory Traversal Content Disclosure

Exploit Title: ECOA Building Automation System - Directory Traversal Content Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Directory Traversal Content Disclosure Vendor: ECOA Technologies Corp. Product web page:...

ECOA Building Automation System - Weak Default Credentials

Exploit Title: ECOA Building Automation System - Weak Default Credentials Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Weak Default Credentials Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affecte...