47884 matches found
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
Exploit Title: Neo4j 3.4.18 - RMI based Remote Code Execution RCE Date: 7/30/21 Exploit Author: Christopher Ellis, Nick Gonella, Workday Inc. Vendor Homepage: neo4j.com Software Link: https://neo4j.com/download-thanks/?edition=community&release=3.4.18&flavour=unix Version: 3.4.18 Tested on:...
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Date: 2021-08-02 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
Men Salon Management System 1.0 - SQL Injection Authentication Bypass
Exploit Title: Men Salon Management System 1.0 - SQL Injection Authentication Bypass Date: 2021-07-30 Exploit Author: Akshay Khanna ConfusedBot Vendor Homepage: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql/ Software Link:...
Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)
Exploit Title: Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF Date: 13.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.panasonic.com !-- Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password Vendor:...
Oracle Fatwire 6.3 - Multiple Vulnerabilities
Exploit Title: Oracle Fatwire 6.3 - Multiple Vulnerabilities Date: 29/07/2021 Exploit Author: J. Francisco Bolivar @Jfrancbit Vendor Homepage: https://www.oracle.com/index.html Version: 6.3 Tested on: CentOS 1. Xss Adt parameter is vulnerable to Xss:...
IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration
Exploit Title: IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Date: 03.05.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.eforcesoftware.com IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page:...
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)
Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Date: 14.04.2021 Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x,...
Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download
Exploit Title: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.ljkj2012.com Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page:...
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Date: 29.07.2021 Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers :...
Denver IP Camera SHO-110 - Unauthenticated Snapshot
Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot Date: 28 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 Version: Denver SHO-110 all firmware versions Tested on: Denver SHO-110...
Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)
Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Date: 27 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested o...
TripSpark VEO Transportation - Blind SQL Injection
Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...
Event Registration System with QR Code 1.0 - Authentication Bypass
Exploit Title: Event Registration System with QR Code 1.0 - Authentication Bypass & RCE Exploit Author: Javier Olmedo Date: 27/07/2021 Vendor: Sourcecodester Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/event0.zip Affected Version: 1.0 Category: WebApps...
PHP 7.3.15-3 - 'PHP_SESSION_UPLOAD_PROGRESS' Session Data Injection
Exploit Title: PHP 7.3.15-3 - 'PHPSESSIONUPLOADPROGRESS' Session Data Injection Date: 26/7/2021 Exploit Author: SiLvER | Faisal Alhadlaq Tested on: PHP Version is 7.3.15-3 This poc will abusing PHPSESSIONUPLOADPROGRESS then will trigger race condition to get remote code execution, the script will...
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
Exploit Title: Customer Relationship Management System CRM 1.0 - Sql Injection Authentication Bypass Date: 27/07/2021 Exploit Author: ShafiqueWasta Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
Exploit Title: Leawo Prof. Media 11.0.0.1 - Denial of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.leawo.org Software Link: https://www.leawo.org/downloads/total-media-converter-ultimate.html Exploit Author: Achilles Tested Version: 11.0.0.1 Tested on: Windows 7 x64 1.- Run python...
Elasticsearch ECE 7.13.3 - Anonymous Database Dump
Exploit Title: Elasticsearch ECE 7.13.3 - Anonymous Database Dump Date: 2021-07-21 Exploit Author: Joan Martinez @magichk Vendor Homepage: https://www.elastic.co/ Software Link: https://www.elastic.co/ Version: = 7.10.0 to = 7.13.3 Tested on: Elastic ECE Cloud CVE : CVE-2021-22146 Reference:...
NoteBurner 2.35 - Denial Of Service (DoS) (PoC)
Exploit Title: NoteBurner 2.35 - Denial Of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.noteburner.com/ Software Link: https://anonfiles.com/13h9Hb82ub/noteburnerexe Exploit Author: Achilles Tested Version: 2.35 Tested on: Windows 7 x64 1.- Run python code : 2.- Open EVIL.txt and...
XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)
Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Date: 2021-07-25 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on:...
Microsoft SharePoint Server 2019 - Remote Code Execution (2)
Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution 2 Google Dork: inurl:quicklinks.aspx Date: 2020-08-14 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 ,...
ElasticSearch 7.13.3 - Memory disclosure
Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Date: 21/07/2021 Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import...
WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting XSS Date: 23/07/2021 Exploit Author: Vikas Srivastava Software Link: https://wordpress.org/plugins/simple-post/ Version: 1.1 Category: Web Application Tested on Mac How to Reproduce this Vulnerability: 1...
KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticated)
Exploit Title: KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure Authenticated Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy...
KevinLAB BEMS 1.0 - Undocumented Backdoor Account
Exploit Title: KevinLAB BEMS 1.0 - Undocumented Backdoor Account Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary:...
CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion
Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...
KevinLAB BEMS 1.0 - Authentication Bypass
Exploit Title: KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Manageme...
WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting XSS Date: 19/07/2021 Exploit Author: Aakash Choudhary Software Link: https://wordpress.org/plugins/kn-fix-your/ Version: 1.0.1 Category: Web Application Tested on Mac How to Reproduce this...
Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)
Exploit Title: Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31761 Version: Webmin 1.973 Tested on: All versions POC By \0331;m...
WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation
Exploit Title: WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation Date: 07-17-2021 Exploit Author: nhattruong or nhattruong.blog Vendor Homepage: https://thimpress.com/learnpress/ Software Link: https://wordpress.org/plugins/learnpress/ Version:...
PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
Exploit Title: PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection Date: 2021-07-10 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.peel.fr Software Link: https://sourceforge.net/projects/peel-shopping/files/peel-shopping930.zip/download Version: prior to...
WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting XSS Date: 18/07/2021 Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/mimetic-books/ Version: 0.2.13 Category: Web Application Tested on Ma...
WordPress Plugin LearnPress 3.2.6.7 - 'current_items' SQL Injection (Authenticated)
Exploit Title: WordPress Plugin LearnPress 3.2.6.7 - 'currentitems' SQL Injection Authenticated Date: 07-17-2021 Exploit Author: nhattruong or nhattruong.blog Vendor Homepage: https://thimpress.com/learnpress/ Software Link: https://wordpress.org/plugins/learnpress/ Version: /wp-admin 2. Login wi...
Dolibarr ERP/CRM 10.0.6 - Login Brute Force
Exploit Title: Dolibarr ERP/CRM 10.0.6 - Login Brute Force Date:2020-01-18 Exploit Author: Creamy Chicken Soup Vendor Homepage: https://www.dolibarr.org Software Link: https://sourceforge.net/projects/dolibarr/ Version: 10.0.6 Tested on: Windows 10 - 64bit CVE: CVE-2020-7995 function...
ForgeRock Access Manager 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution RCE Unauthenticated Date: 2021-07-14 Exploit Author: Photubias – tijldotdeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://backstage.forgerock.com/knowledge/kb/article/a47894244 Vendor Homepage:...
Argus Surveillance DVR 4.0 - Weak Password Encryption
Exploit Title: Argus Surveillance DVR 4.0 - Weak Password Encryption Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 12.07.2021 Version: Argus Surveillance DVR 4.0 Tested on: Windows 7 x86 Build 7601 & Windows 10 Reference: https://deathflash1411.github.io/blog/dvr4-hash-crack...
Aruba Instant 8.7.1.0 - Arbitrary File Modification
Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification Date: 15/07/2021 Exploit Author: Gr33nh4t Vendor Homepage: https://www.arubanetworks.com/ Version: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below Aruba Instant 6.5.x: 6.5.4.18 and below Aruba Instant 8.3.x: 8.3.0.14 and below Aru...
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
Exploit Title: Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection Date: 15.07.2021 Discovered by: Jeroen - IT Nerdbox Exploit Author: Metin Yunus Kandemir Version: sg2000-2000.1331 Vendor Homepage: https://www.seagate.com/ Software Link:...
Aruba Instant (IAP) - Remote Code Execution
import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def racepapimessageip: global CONTINUERACE payload =...
WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution RCE Authenticated Date: 15/07/2021 Exploit Author: Simone Cristofaro Vendor Homepage: https://it.wordpress.org/plugins/wordpress-popular-posts/ Software Link:...
Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation
/ CVE-2021-22555: Turning \x00\x00 into 10000$ by Andy Nguyen theflow@ theflow@theflow:$ gcc -m32 -static -o exploit exploit.c theflow@theflow:$ ./exploit + Linux Privilege Escalation by theflow@ - 2021 + STAGE 0: Initialization Setting up namespace sandbox... Initializing sockets and message...
osCommerce 2.3.4.1 - Remote Code Execution (2)
Exploit Title: osCommerce 2.3.4.1 - Remote Code Execution 2 Vulnerability: Remote Command Execution when /install directory wasn't removed by the admin Exploit: Exploiting the install.php finish process by injecting php payload into the dbdatabase parameter & read the system command output from...
Webmin 1.973 - 'save_user.cgi' Cross-Site Request Forgery (CSRF)
Exploit Title: Webmin 1.973 - 'saveuser.cgi' Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31762 Version: Webmin 1.973 Tested on: All versions POC By \0331;m...
WordPress Plugin Current Book 1.0.1 - 'Book Title' Persistent Cross-Site Scripting
Exploit Title: WordPress Plugin Current Book 1.0.1 - 'Book Title and Author field' Stored Cross-Site Scripting XSS Date: 14/07/2021 Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/current-book/ Version: 1.0.1 Category: Web Application How to Reproduc...
Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS)
Exploit Title: Apache Tomcat 9.0.0.M1 - Cross-Site Scripting XSS Date: 05/21/2019 Exploit Author: Central InfoSec Version: Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 CVE : CVE-2019-0221 Requirements: SSI support must be enabled within Apache Tomcat. SSI support is no...
Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload
Exploit Title: Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload Date: 05-07-2021 Exploit Author: Luca Bernardi - bernardiluca.job at protonmail.com | luca.bernardi at dedagroup.it Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 12 July 2021 Exploit Author: Subhadip Nag mrl0s3r Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14858/invoice-system-using-phpoop-free-source-code.html Tested...
Apache Tomcat 9.0.0.M1 - Open Redirect
Exploit Title: Apache Tomcat 9.0.0.M1 - Open Redirect Date: 10/04/2018 Exploit Author: Central InfoSec Version: Apache Tomcat 9.0.0.M1 to 9.0.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90 CVE : CVE-2018-11784 Proof of Concept: Identify a subfolder within your application http://example.com/test/...
OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated) (2)
Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated 2 Exploit author: noraj Alexandre ZANNI for SEC-IT http://secit.fr Date: 2021-07-05 Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Docker PoC:...
WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting XSS Date: 11/07/2021 Exploit Author: Swapnil Subhash Bodekar Vendor Homepage: Software Link: https://wordpress.org/plugins/wpfront-notification-bar/ Version: 1.9.1.04012 Tested on Windows Category:...
Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)
Exploit Title: Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting XSS Date: 08/07/2021 Exploit Author: Subhadip Nag Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/zoo-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Server: XAMPP...