47904 matches found
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...
RATES SYSTEM 1.0 - 'Multiple' SQL Injections
Exploit Title: RATES SYSTEM 1.0 - 'Multiple' SQL Injections Date: 11-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Software Link: https://www.sourcecodester.com/php/14904/rates-system.html Version: V1.0 Category: Webapps Tested on: Linux/Windows Description: PHP Dashboards is prone to an...
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
Exploit Title: Altova MobileTogether Server 7.3 - XML External Entity Injection XXE Date: 2021-08-10 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.altova.com/mobiletogether-server Version: 7.3 CVE: 2021-37425 Advisory: XML External Entity Expansion in MobileTogether Server...
COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Date: 09/08/2021 Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
Exploit Title: Xiaomi browser 10.2.4.g - Browser Search History Disclosure Date: 27-Dec-2018 Exploit Author: Vishwaraj101 Vendor Homepage: https://www.mi.com/us Software Link: https://www.apkmirror.com/apk/xiaomi-inc/mi-browse/mi-browse-10-2-4-release/ Version: 10.2.4.g Tested on: Tested in Andro...
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: IPCop 2.1.9 - Remote Code Execution RCE Authenticated Date: 02/08/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipcop.org/ Software Link: https://sourceforge.net/projects/ipcop/files/IPCop/IPCop%202.1.8/ipcop-2.1.8-install-cd.i486.iso -...
Simple Library Management System 1.0 - 'rollno' SQL Injection
Exploit Title: Simple Library Management System 1.0 - 'rollno' SQL Injection Date: 2021-08-08 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.nikhilbhalerao.com/ Software Link: https://www.sourcecodester.com/php/14126/simple-library-management-system.html Version: V1 Category:...
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting XSS Date: 2021-08-06 Exploit Author: Aryan Chehreghani Software Link: https://wordpress.org/plugins/picture-gallery/ Version: 1.4.2 Tested on: Windows 10 How to Reproduce this Vulnerability: 1...
Amica Prodigy 1.7 - Privilege Escalation
Exploit Title: Amica Prodigy 1.7 - Privilege Escalation Date: 2021-08-06 Exploit Author: Andrea Intilangelo Vendor Homepage: https://gestionaleamica.com - https://www.bisanziosoftware.com Software Link: https://gestionaleamica.com/Download/AmicaProdigySetup.exe Version: 1.7 Tested on: Windows 10...
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
Exploit Title: WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR Date: 2021-05-17 Exploit Author: captainhook Vendor Homepage: https://lifterlms.com Software Link: https://lifterlms.com Version: 4.21.1 Tested on: any Description The plugin was affected by an IDOR...
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Exploit Title: Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection Date: 06-08-2021 Exploit Author: Brian Ombongi Vendor Homepage: https://getcockpit.com/ Version: Cockpit 0.11.1 Tested on: Ubuntu 16.04.7 CVE : CVE-2020-35847 & CVE-2020-35848 !/usr/bin/python3 import json...
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Moodle 3.9 - Remote Code Execution RCE Authenticated Date: 12-05-2021 Exploit Author: lanz Vendor Homepage: https://moodle.org/ Version: Moodle 3.9 Tested on: FreeBSD !/usr/bin/python3 Moodle 3.9 - RCE Authenticated as teacher Based on PoC and Payload to assign full permissions to...
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
Exploit Title: GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload Unauthenticated Date: 21/03/2021 Exploit Author: Amin Bohio Original Research & Code By: Paul Taylor / Foregenix Ltd Original Exploit: https://github.com/bao7uo/RAUcrypto Vendor Homepage: https://www.gfi.com Softwa...
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...
qdPM 9.1 - Remote Code Execution (Authenticated)
Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: http://qdpm.net/...
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
Exploit Title: ApacheOfBiz 17.12.01 - Remote Command Execution RCE via Unsafe Deserialization of XMLRPC arguments Date: 2021-08-04 Exploit Author: Álvaro Muñoz, Adrián Díaz s4dbrd Vendor Homepage: https://ofbiz.apache.org/index.html Software Link:...
qdPM 9.2 - Password Exposure (Unauthenticated)
Exploit Title: qdPM 9.2 - DB Connection String and Password Exposure Unauthenticated Date: 03/08/2021 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: Ubuntu 20.04 Apache2...
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting XSS Date: 2021-08-03 Exploit Author: Aryan Chehreghani Software Link: https://wordpress.org/plugins/customize-login/ Version: 1.1 Tested on: Windows 10 How to Reproduce this Vulnerability: 1...
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
Exploit Title: Hotel Management System 1.0 - Cross-Site Scripting XSS Arbitrary File Upload Remote Code Execution RCE Date: 2021-08-01 Exploit Author: Merbin Russel Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7204 Version: V1.0...
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Date: 2021-08-02 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)
Exploit Title: Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF Date: 13.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.panasonic.com !-- Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password Vendor:...
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
Exploit Title: Neo4j 3.4.18 - RMI based Remote Code Execution RCE Date: 7/30/21 Exploit Author: Christopher Ellis, Nick Gonella, Workday Inc. Vendor Homepage: neo4j.com Software Link: https://neo4j.com/download-thanks/?edition=community&release=3.4.18&flavour=unix Version: 3.4.18 Tested on:...
Men Salon Management System 1.0 - SQL Injection Authentication Bypass
Exploit Title: Men Salon Management System 1.0 - SQL Injection Authentication Bypass Date: 2021-07-30 Exploit Author: Akshay Khanna ConfusedBot Vendor Homepage: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql/ Software Link:...
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Date: 29.07.2021 Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers :...
Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download
Exploit Title: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.ljkj2012.com Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page:...
Denver IP Camera SHO-110 - Unauthenticated Snapshot
Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot Date: 28 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 Version: Denver SHO-110 all firmware versions Tested on: Denver SHO-110...
IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration
Exploit Title: IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Date: 03.05.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.eforcesoftware.com IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page:...
Oracle Fatwire 6.3 - Multiple Vulnerabilities
Exploit Title: Oracle Fatwire 6.3 - Multiple Vulnerabilities Date: 29/07/2021 Exploit Author: J. Francisco Bolivar @Jfrancbit Vendor Homepage: https://www.oracle.com/index.html Version: 6.3 Tested on: CentOS 1. Xss Adt parameter is vulnerable to Xss:...
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)
Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Date: 14.04.2021 Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x,...
Event Registration System with QR Code 1.0 - Authentication Bypass
Exploit Title: Event Registration System with QR Code 1.0 - Authentication Bypass & RCE Exploit Author: Javier Olmedo Date: 27/07/2021 Vendor: Sourcecodester Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/event0.zip Affected Version: 1.0 Category: WebApps...
TripSpark VEO Transportation - Blind SQL Injection
Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...
Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)
Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Date: 27 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested o...
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
Exploit Title: Customer Relationship Management System CRM 1.0 - Sql Injection Authentication Bypass Date: 27/07/2021 Exploit Author: ShafiqueWasta Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
PHP 7.3.15-3 - 'PHP_SESSION_UPLOAD_PROGRESS' Session Data Injection
Exploit Title: PHP 7.3.15-3 - 'PHPSESSIONUPLOADPROGRESS' Session Data Injection Date: 26/7/2021 Exploit Author: SiLvER | Faisal Alhadlaq Tested on: PHP Version is 7.3.15-3 This poc will abusing PHPSESSIONUPLOADPROGRESS then will trigger race condition to get remote code execution, the script will...
XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)
Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Date: 2021-07-25 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on:...
NoteBurner 2.35 - Denial Of Service (DoS) (PoC)
Exploit Title: NoteBurner 2.35 - Denial Of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.noteburner.com/ Software Link: https://anonfiles.com/13h9Hb82ub/noteburnerexe Exploit Author: Achilles Tested Version: 2.35 Tested on: Windows 7 x64 1.- Run python code : 2.- Open EVIL.txt and...
Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
Exploit Title: Leawo Prof. Media 11.0.0.1 - Denial of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.leawo.org Software Link: https://www.leawo.org/downloads/total-media-converter-ultimate.html Exploit Author: Achilles Tested Version: 11.0.0.1 Tested on: Windows 7 x64 1.- Run python...
Elasticsearch ECE 7.13.3 - Anonymous Database Dump
Exploit Title: Elasticsearch ECE 7.13.3 - Anonymous Database Dump Date: 2021-07-21 Exploit Author: Joan Martinez @magichk Vendor Homepage: https://www.elastic.co/ Software Link: https://www.elastic.co/ Version: = 7.10.0 to = 7.13.3 Tested on: Elastic ECE Cloud CVE : CVE-2021-22146 Reference:...
ElasticSearch 7.13.3 - Memory disclosure
Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Date: 21/07/2021 Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import...
WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting XSS Date: 23/07/2021 Exploit Author: Vikas Srivastava Software Link: https://wordpress.org/plugins/simple-post/ Version: 1.1 Category: Web Application Tested on Mac How to Reproduce this Vulnerability: 1...
Microsoft SharePoint Server 2019 - Remote Code Execution (2)
Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution 2 Google Dork: inurl:quicklinks.aspx Date: 2020-08-14 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 ,...
CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion
Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...
KevinLAB BEMS 1.0 - Undocumented Backdoor Account
Exploit Title: KevinLAB BEMS 1.0 - Undocumented Backdoor Account Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Management System Summary:...
KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticated)
Exploit Title: KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure Authenticated Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy...
KevinLAB BEMS 1.0 - Authentication Bypass
Exploit Title: KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Manageme...
Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)
Exploit Title: Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31761 Version: Webmin 1.973 Tested on: All versions POC By \0331;m...
WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting XSS Date: 19/07/2021 Exploit Author: Aakash Choudhary Software Link: https://wordpress.org/plugins/kn-fix-your/ Version: 1.0.1 Category: Web Application Tested on Mac How to Reproduce this...
PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
Exploit Title: PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection Date: 2021-07-10 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.peel.fr Software Link: https://sourceforge.net/projects/peel-shopping/files/peel-shopping930.zip/download Version: prior to...
WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation
Exploit Title: WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation Date: 07-17-2021 Exploit Author: nhattruong or nhattruong.blog Vendor Homepage: https://thimpress.com/learnpress/ Software Link: https://wordpress.org/plugins/learnpress/ Version:...