Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)

Exploit Title: Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting XSS Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25679...

Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration

Exploit Title: Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25681 CVE-2021-25681 - AdTran Personal Phone...

rconfig 3.9.6 - Arbitrary File Upload

Exploit Title: rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution Authenticated 2 Exploit Author: Vishwaraj Bhattrai Date: 18/04/2021 Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: = v3.9.6 Tested against Server Host:...

Fast PHP Chat 1.3 - 'my_item_search' SQL Injection

Exploit Title: Fast PHP Chat 1.3 - 'myitemsearch' SQL Injection Date: 15/04/2021 Exploit Author: Fatih Coskun Vendor Homepage: https://codecanyon.net/item/fast-php-chat-responsive-live-ajax-chat/10721076 Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows a...

Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting (XSS)

Exploit Title: Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting XSS Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25680...

Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass

Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Date: 14/01/2021 Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ...

GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...

Hasura GraphQL 1.3.3 - Denial of Service

Exploit Title: Hasura GraphQL 1.3.3 - Denial of Service Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Author: Dolev Farhi Date: 4/19/2021 Tested on: Ubuntu import sys import requests import threading HASURASCHEME = 'http' HASURAHOST = '192.168.1.1...

Hasura GraphQL 1.3.3 - Local File Read

Exploit Title: Hasura GraphQL 1.3.3 - Local File Read Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19./2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.168.1.1' HASURAPO...

OpenEMR 5.0.2.1 - Remote Code Execution

Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...

BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting XSS Date: 04/07/2021 Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Step 1 : Login to admin account in...

Tenda D151 & D301 - Configuration Download (Unauthenticated)

Exploit Title: Tenda D151 & D301 - Configuration Download Unauthenticated Date: 19-04-2021 Exploit Author: BenChaliah Author link: https://github.com/BenChaliah Vendor Homepage: https://www.tendacn.com Software Link: https://www.tendacn.com/us/download/detail-3331.html Versions: - D301 1.2.11.2EN...

Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF)

Exploit Title: Hasura GraphQL 1.3.3 - Service Side Request Forgery SSRF Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19/2021 Tested on: Ubuntu import requests HASURASCHEME = 'http' HASURAHOST = '192.168.1.1'...

Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)

Exploit Title: Multilaser Router RE018 AC1200 - Cross-Site Request Forgery Enable Remote Access Date: 14/04/2021 Exploit Author: Rodolfo Mariano Version: Firmware V02.03.01.45pt CVE: 2021-31152 Exploit Code: document.forms0.submit;...

GetSimple CMS My SMTP Contact Plugin 1.1.1 - Cross-Site Request Forgery

Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: 15/04/2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor: NetExplorer...

Horde Groupware Webmail 5.2.22 - Stored XSS

Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty Date: 04.14.2021 Vendor: https://www.horde.org/apps/webmail Link: https://github.com/horde/webmail/releases CVE: CVE-2021-26929 + Exploit Source:...

Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS)

Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting XSS Date: 15/04/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://tileserver.org/ Software Link: https://github.com/maptiler/tileserver-gl Version: versions alertdocument.domain...

glFTPd 2.11a - Remote Denial of Service

Exploit Title: glFTPd 2.11a - Remote Denial of Service Date: 15/05/2021 Exploit Author: xynmaps Vendor Homepage: https://glftpd.io/ Software Link: https://glftpd.io/files/glftpd-LNX-2.11a1.1.1kx64.tgz Version: 2.11a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8...

htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS)

Exploit Title: htmly 2.8.0 - 'description' Stored Cross-Site Scripting XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor Homepage: https://www.htmly.com/ Software Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 !/usr/bin/python3 from selenium import webdriver from...

jQuery 1.2 - Cross-Site Scripting (XSS)

Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1:...

CITSmart ITSM 9.1.2.22 - LDAP Injection

Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...

jQuery 1.0.3 - Cross-Site Scripting (XSS)

Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: "...

Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE

Exploit Title: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE Date: 12-4-2021 Exploit Author: Jay Sharma Version: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Tested on: V2.1 CVE : CVE-2021-29003 steps to reproduce Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute...

CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated)

Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...

MariaDB 10.2 - 'wsrep_provider' OS Command Execution

Exploit Title: MariaDB 10.2 /MySQL - 'wsrepprovider' OS Command Execution Date: 03/18/2021 Exploit Author: Central InfoSec Version: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through...

Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass)

Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...

Blitar Tourism 1.0 - Authentication Bypass SQLi

Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Date: 13 April 2021 Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1....

Simple Student Information System 1.0 - SQL Injection (Authentication Bypass)

Exploit Title: Simple Student Information System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://www.sourcecodester.com/php/11400/simple-student-information-system-ajax-live-search.html Software Link:...

ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow

Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow Date: 09-04-2021 Exploit Author: Jai Kumar Sharma Vendor Homepage: https://www.expressvpn.com/ Software Link: https://www.expressvpn.com/vpn-software/vpn-router Version: version 1 Tested on: Windows/Ubuntu/MacOS CVE ...

vsftpd 2.3.4 - Backdoor Command Execution

Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution Date: 9-04-2021 Exploit Author: HerculesRD Software Link: http://www.linuxfromscratch.org/thomasp/blfs-book-xsl/server/vsftpd.html Version: vsftpd 2.3.4 Tested on: debian CVE : CVE-2011-2523 !/usr/bin/python3 from telnetlib import Telnet...

PrestaShop 1.7.6.7 - 'location' Blind Sql Injection

Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection Date: 2021-04-08 Exploit Author: Vanshal Gaur Vendor Homepage: https://www.prestashop.com/ Version: 1.7.5.x 1.7.6.8 Tested on: Debian 10 buster CVE : CVE-2020-15160 !/usr/bin/python3 ''' Setup Vulnerable Docker on "localhost:8080"...

CMSimple 5.2 - 'External' Stored XSS

Exploit Title: CMSimple 5.2 - 'External' Stored XSS Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: CMSimple 5.2 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.cmsimple.org/en/ Description The CMSimple 5.2 allow stored XSS via the Settings CMS Filebrowser...

DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147 input type="...

Composr 10.0.36 - Remote Code Execution

Exploit Title: Composr 10.0.36 - Remote Code Execution Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30149 A RCE on Composr CMS has been discovered by BugsBD...

Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution

Exploit Title: Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution Date: 06/04/2020 Exploit Author: Google Security Research Andy Nguyen Tested on: 5.4.0-48-generic 52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020 x8664 x8664 x8664 GNU/Linux CVE : CVE-2020-12351, CVE-2020-1235...

Composr CMS 10.0.36 - Cross Site Scripting

Exploit Title: Composr CMS 10.0.36 - Cross Site Scripting Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30150 Vulnerable Endpoint:...

Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read

Exploit Title: Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read Date: 4/27/2020 Exploit Author: Rhino Security Labs Version: :' exit This XML to imitate a Dell OMSA remote system comes from https://www.exploit-db.com/exploits/39909 Also check out...

Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS

Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS Date: 07 Mar 2020 Exploit Author: Captainhook Vendor Homepage: https://www.atlassian.com/ Version: 4.10.0 Tested on: All OS CVE: CVE-2020-14166 Summary: The /servicedesk/customer/portals resource in Jira Service De...

Google Chrome 86.0.4240 V8 - Remote Code Execution

Exploit Title: Google Chrome 86.0.4240 V8 - Remote Code Execution Exploit Author: r4j0x00 Version: 87.0.4280.88 Description: Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE:...

Google Chrome 81.0.4044 V8 - Remote Code Execution

Exploit Title: Google Chrome 81.0.4044 V8 - Remote Code Execution Exploit Author: r4j0x00 Version: 83.0.4103.106 Description: Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE:...

Mini Mouse 9.3.0 - Local File inclusion

Exploit Title: Mini Mouse 9.3.0 - Local File inclusion / Path Traversal Author: gosh Date: 05-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://apps.apple.com/us/app/mini-mouse-remote-control/id914250948 Version: 9.3.0 Tested on: iPhone; iOS 14.4.2 GET /op=getdeviceinfo HTTP/1.1...

Rockstar Service - Insecure File Permissions

Exploit Title: Rockstar Service - Insecure File Permissions Date: 2020-04-02 Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability...

Mini Mouse 9.2.0 - Path Traversal

Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...

Mini Mouse 9.2.0 - Remote Code Execution

Exploit Title: Mini Mouse 9.2.0 - Remote Code Execution Author: gosh Date: 01-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 !/usr/bin/python3 import requests import json...

Simple Food Website 1.0 - Authentication Bypass

Exploit Title: Simple Food Website 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Software Link:...

OpenEMR 4.1.0 - 'u' SQL Injection

Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection Date: 2021-04-03 Exploit Author: Michael Ikua Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v410.zip Version: 4.1.0 Original Advisory:...

Basic Shopping Cart 1.0 - Authentication Bypass

Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html Software Link:...

ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation

Exploit Title: ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Date: 31.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.zblchina.com http://www.wd-thailand.com Vendor: Zhejiang BC&TV Technology Co., Ltd. ZBL | W&D Corporation WAD TECHNOLOGY THAILAND Product web page...

F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)

Exploit Title: F5 BIG-IP 16.0.x - iControl REST Remote Code Execution Unauthenticated Exploit Author: Al1ex Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5....

ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2)

Exploit Title: ScadaBR 1.0 - Arbitrary File Upload Authenticated 2 Date: 04/21 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Debian9,10Ubuntu16.04 !/usr/bin/python import requests,sys,time if...