WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path

Exploit Title: WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://www.gearboxcomputers.com/downloads/wifihotspot.exe Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS:...

Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)

Exploit Title: Human Resource Information System 0.1 - Remote Code Execution Unauthenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection

Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Date: 03.05.2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Test...

Voting System 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Voting System 1.0 - Remote Code Execution Unauthenticated Date: 07/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

Voting System 1.0 - Authentication Bypass (SQLI)

Exploit Title: Voting System 1.0 - Authentication Bypass SQLI Date: 06/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path

Exploit Title: Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.4/Sandboxie-Plus-x64-v0.7.4.exe Tested Version: 0.7.4 Vulnerability Type: Unquoted Servic...

b2evolution 7-2-2 - 'cf_name' SQL Injection

Exploit Title: b2evolution 7-2-2 - 'cfname' SQL Injection Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Date: 05.06.2021 Vendor: https://b2evolution.net/ Link: https://b2evolution.net/downloads/7-2-2 CVE: CVE-2021-28242 Proof: https://streamable.com/x51kso + Exploit Source:...

Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting Authenticated Date: 2021-05-05 Exploit Author: Emircan Baş Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows &...

Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload

Title: Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload Author: h4shur date: 2021-05-06 Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/wp-super-edit/ Version : 2.5.4 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Dor...

Schlix CMS 2.2.6-6 - Remote Code Execution (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - Remote Code Execution Authenticated Date: 2021-05-06 Exploit Author: Eren Saraç Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows & WampServer ==...

Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting

Exploit Title: Markdown Explorer 0.1.1 - XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jersou/markdown-explorer Version: 0.1.1 Tested on: Windows, Linux, MacOs Software Description: Easily...

Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting Date: 2021-05-04 Exploit Author: strider Software Link: https://github.com/savsofts/savsoftquizv5 Vendor: https://savsoftquiz.com Version: 5.0 Tested on: Ubuntu 20.04 LTS / Kali Linux...

Freeter 1.2.1 - Persistent Cross-Site Scripting

Exploit Title: Freeter 1.2.1 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://freeter.io/ Version: 1.2.1 Tested on: Windows, Linux, MacOs Software Description: It is an organizer for...

Marky 0.0.1 - Persistent Cross-Site Scripting

Exploit Title: Marky 0.0.1 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/vesparny/marky Version: 0.0.1 Tested on: Linux, MacOs, Windows Software Description: Marky is an...

SnipCommand 0.1.0 - Persistent Cross-Site Scripting

Exploit Title: SnipCommand 0.1.0 - XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/gurayyarar/SnipCommand Version: 0.1.0 Tested on: Windows, Linux, MacOs Software Description: Open source comman...

Anote 1.0 - Persistent Cross-Site Scripting

Exploit Title: Anote 1.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/AnotherNote/anote Version: 1.0 Tested on: Linux, MacOs Software Description: A simple opensource...

Markdownify 1.2.0 - Persistent Cross-Site Scripting

Exploit Title: Markdownify 1.2.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/amitmerchant1990/electron-markdownify Version: 1.2.0 Tested on: Windows, Linux, MacOs...

Markright 1.0 - Persistent Cross-Site Scripting

Exploit Title: Markright 1.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/dvcrn/markright Version: 1.0 Tested on: Linux, MacOs,Windows Software Description: A minimalis...

StudyMD 0.3.2 - Persistent Cross-Site Scripting

Exploit Title: StudyMD 0.3.2 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jotron/StudyMD Version: 0.3.2 Tested on: Windows, Linux, MacOs Software Description: A cool ap...

Xmind 2020 - Persistent Cross-Site Scripting

Exploit Title: Xmind 2020 - XSS to RCE Exploit Author: TaurusOmar Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://www.xmind.net/ Version: 2020 Tested on: Windows, Linux, MacOs Software Description: XMind, a full-featured mind mapping and...

Tagstoo 2.0.1 - Persistent Cross-Site Scripting

Exploit Title: Tagstoo 2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacOs Software Description: Software to tag folders...

Moeditor 0.2.0 - Persistent Cross-Site Scripting

Exploit Title: Moeditor 0.2.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://moeditor.js.org/ Version: 0.2.0 Tested on: Windows, Linux, MacOs Software Description: Software to view...

Internship Portal Management System 1.0 - Remote Code Execution(Unauthenticated)

Exploit Title: Internship Portal Management System 1.0 - Remote Code Execution Via File Upload Unauthenticated Date: 2021-05-04 Exploit Author: argenestel Vendor Homepage: https://www.sourcecodester.com/php/11712/internship-portal-management-system.html Software Link:...

Piwigo 11.3.0 - 'language' SQL

Exploit Title: Piwigo 11.3.0 - 'language' SQL Author: @nu11secur1ty Testing and Debugging: nu11secur1ty Date: 04.30.2021 Vendor: https://piwigo.org/ Link: https://github.com/Piwigo/Piwigo/releases/tag/11.3.0 CVE: CVE-2021-27973 + Exploit Source: !/usr/bin/python3 Author: @nu11secur1ty Debug:...

Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)

Exploit Title: Voting System 1.0 - Time based SQLI Unauthenticated SQL injection Date: 02/05/2021 Exploit Author: Syed Sheeraz Ali Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

GetSimple CMS Custom JS 0.1 - Cross-Site Request Forgery

Exploit Title: GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE Exploit Author: Bobby Cooke boku & Abhishek Joshi Date: 30/04/201 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/download/ & http://get-simple.info/extend/plugin/custom-js/1267/ Vendor: 4Enzo Version:...

GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration

Exploit Title: GitLab Community Edition CE 13.10.3 - 'SignUp' User Enumeration Date: 4/29/2021 Exploit Author: @4D0niiS https://github.com/4D0niiS Vendor Homepage: https://gitlab.com/ Version: 13.10.3 Tested on: Kali Linux 2021.1 INFO: An unauthenticated attacker can remotely enumerate the...

GitLab Community Edition (CE) 13.10.3 - User Enumeration

Exploit Title: GitLab Community Edition CE 13.10.3 - User Enumeration Date: 4/29/2021 Exploit Author: @4D0niiS https://github.com/4D0niiS Vendor Homepage: https://gitlab.com/ Version: 13.10.3 Tested on: Kali Linux 2021.1 !/bin/bash Colors RED='\03338;5;196m' GREEN='\e38;5;47m' NC='\0330m'...

GNU Wget < 1.18 - Arbitrary File Upload (2)

Exploit Title: GNU Wget 1.18 - Arbitrary File Upload / Remote Code Execution 2 Original Exploit Author: Dawid Golunski Exploit Author: liewehacksie Version: GNU Wget 1.18 CVE: CVE-2016-4971 import http.server import socketserver import socket import sys class...

Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)

Exploit Title: Moodle 3.6.1 - Persistent Cross-Site Scripting XSS Date: 04/2021 Exploit Author: farisv Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org https://github.com/moodle/moodle/archive/refs/tags/v3.6.1.zip Version: Moodle 3.6.2, 3.5.4, 3.4.7, 3.1.16 CVE:...

NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write

Exploit Title: NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write Date: 2021-02-01 Exploit Author: 1F98D Software Link: https://nodebb.org/ Version: Emoji for NodeBB ', r.text, re.IGNORECASE if csrf is None: print'! Could not extract csrf token to proceed.' sys.exit1 auth = 'username': USERNAME,...

Cacti 1.2.12 - 'filter' SQL Injection

Exploit Title: Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution Date: 04/28/2021 Exploit Author: Leonardo Paiva Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/downloads/cacti-1.2.12.tar.gz Version: 1.2.12 Tested on: Ubuntu 20.04 CVE : CVE-2020-14295...

FOGProject 1.5.9 - File Upload RCE (Authenticated)

Exploit Title: FOGProject 1.5.9 - File Upload RCE Authenticated Date: 2021-04-28 Exploit Author: [email protected] Vendor Homepage: https://fogproject.org Software Link: https://github.com/FOGProject/fogproject/archive/1.5.9.zip Tested on: Debian 10 On the Attacker Machine: 1 Create an empty 10Mb...

Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)

Exploit Title: Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting XSS Date: 21-04-2021 Exploit Author: Sreenath Raghunathan Vendor Homepage: https://getkirby.com/ Software Link: https://github.com/getkirby/kirby Version: 3.5.3.1REQUIRED CVE : CVE-2021-29460 POST /api/users//avatar HTTP/1.1 Host:...

Kimai 1.14 - CSV Injection

Exploit Title: Kimai 1.14 - CSV Injection Date: 26/04/2021 Exploit Author: Mohammed Aloraimi Vendor Homepage: https://www.kimai.org/ Software Link: https://github.com/kevinpapst/kimai2 Version: 1.14 Payload: @SUM1+9cmd|' /C calc'!A0 Tested on: Win10x64 Proof Of Concept: CSV Injection aka Excel...

Montiorr 1.7.6m - Persistent Cross-Site Scripting

Exploit Title: Montiorr 1.7.6m - Persistent Cross-Site Scripting Date: 25/4/2021 Exploit Author: Ahmad Shakla Software Link: https://github.com/Monitorr/Monitorr Tested on: Kali GNU/Linux 2020.2 Detailed Bug Description :...

WordPress Plugin WPGraphQL 1.3.5 - Denial of Service

Exploit Title: WordPress Plugin WPGraphQL 1.3.5 - Denial of Service Author: Dolev Farhi Date: 2021-04-12 Vendor Homepage: https://www.wpgraphql.com/ Version: 1.3.5 Tested on: Ubuntu """ This attack uses duplication of fields amplified by GraphQL batched queries, resulting in server OOM and MySQL...

OpenPLC 3 - Remote Code Execution (Authenticated)

Exploit Title: OpenPLC 3 - Remote Code Execution Authenticated Date: 25/04/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.openplcproject.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3 Version: OpenPLC v3 Tested on: Ubuntu 16.04,Debian 9,Debian 10 Buster...

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 2 Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 04/25/2021 Vendor: https://www.seopanel.org/ Link: https://www.seopanel.org/spdownload/4.8.0 CVE: CVE-2021-28419 + Exploit Source: !/usr/bin/python3 Author: @nu11secur1...

Hasura GraphQL 1.3.3 - Remote Code Execution

Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/23/2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.34.57.144'...

GetSimple CMS My SMTP Contact Plugin 1.1.2 - Persistent Cross-Site Scripting

Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE Exploit Author: Bobby Cooke boku Date: 22/04/2021 Vendor Homepage: http://get-simple.info & Software Link: http://get-simple.info/download/ Version: Exploit = v1.1.1 | Stored XSS = v1.1.2 Tested against Server...

DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting XSS Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty, g3ck0dr1v3r Date: 04/23/2021 Vendor: http://www.dzzoffice.com/ Link: https://github.com/zyx0814/dzzoffice CVE: CVE-2021-3318 + Exploit Source: !/usr/bin/python3 Author...

Sipwise C5 NGCP CSC - 'Multiple' Persistent Cross-Site Scripting (XSS)

Exploit Title: Sipwise C5 NGCP CSC - 'Multiple' Stored/Reflected Cross-Site Scripting XSS Date: 13.04.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.sipwise.com Sipwise C5 NGCP CSC Multiple Stored/Reflected XSS Vulnerabilities Vendor: Sipwise GmbH Product web page:...

Sipwise C5 NGCP CSC - Click2Dial Cross-Site Request Forgery (CSRF)

Exploit Title: Sipwise C5 NGCP CSC - Click2Dial Cross-Site Request Forgery CSRF Date: 13.04.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.sipwise.com Sipwise C5 NGCP CSC CSRF Click2Dial Exploit Vendor: Sipwise GmbH Product web page: https://www.sipwise.com Affected version:...

Moodle 3.10.3 - 'url' Persistent Cross Site Scripting

Exploit Title: Moodle 3.10.3 - 'url' Persistent Cross Site Scripting Date: 22/04/2021 Exploit Author: UVision Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org Version: 3.10.3 Tested on: Debian/Windows 10 By having the role of a teacher or an administrator or a manag...

OTRS 6.0.1 - Remote Command Execution (2)

Exploit Title: OTRS 6.0.1 - Remote Command Execution 2 Date: 21-04-2021 Exploit Author: Hex26 Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE : CVE-2017-16921...

CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS)

Exploit Title: CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting XSS Date: 2021/03/19 Exploit Author: bt0 Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: https://s3.amazonaws.com/cmsms/downloads/14832/cmsms-2.2.15-install.zip Version: 2.2.15 CVE: CVE-2021-28935...

RemoteClinic 2.0 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: RemoteClinic 2.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 13/04/2021 Exploit Author: Saud Ahmad Vendor Homepage: https://remoteclinic.io/ Software Link: https://github.com/remoteclinic/RemoteClinic Version: 2.0 Tested on: Windows 10 CVE : CVE-2021-30030, CVE-2021-30034,...

WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Himamshu Dilip Kulkarni Software Link: https://wordpress.org/plugins/rss-for-yandex-turbo/ Version: 1.29 Tested on: Windows Steps to reproduce vulnerability: 1. Install...

RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: RemoteClinic 2 - 'Multiple' Cross-Site Scripting XSS Exploit Author: nu11secur1ty Debug: g3ck0dr1v3r Date: 04/21/2021 Vendor Homepage: https://remoteclinic.io/ Software Link: https://github.com/remoteclinic/RemoteClinic CVE: CVE-2021-30044 + Exploit Source:...