47884 matches found
Latrix 0.6.0 - 'txtaccesscode' SQL Injection
Exploit Title: Latrix 0.6.0 – 'txtaccesscode' SQL Injection Date: 03/30/2021 Exploit Author: cptsticky Vendor Homepage: https://sourceforge.net/projects/latrix Software Link: https://sourceforge.net/projects/latrix/files/latest/download Version: 0.6.0 Tested on: Ubuntu 20.04 POST...
ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1)
Exploit Title: ScadaBR 1.0 - Arbitrary File Upload Authenticated 1 Date: 03/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Windows7, Windows10 !/usr/bin/python import requests,sys,time if...
phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)
Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution Authenticated Date: 29/03/2021 Exploit Author: Valerio Severini Vendor Homepage: Software Link: https://github.com/phppgadmin/phppgadmin/releases/tag/REL7-13-0 Version: 7.13.0 or lower Tested on: Debian 10 and Ubuntu...
Zabbix 3.4.7 - Stored XSS
Exploit Title: Zabbix 3.4.7 - Stored XSS Date: 30-03-2021 Exploit Author: Radmil Gazizov Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/rn/rn3.4.7 Version: 3.4.7 Tested on: Linux Reference - https://github.com/GloryToMoon/POCcodes/blob/main/zabbixstoredxss347.txt 1...
CourseMS 2.1 - 'name' Stored XSS
Exploit Title: CourseMS 2.1 - 'name' Stored XSS Date: 03/30/2021 Exploit Author: cptsticky Vendor Homepage: http://sourceforge.net/projects/coursems Software Link: https://sourceforge.net/projects/coursems/files/latest/download Version: 2.1 Tested on: Ubuntu 20.04 POST /coursems/admin/addjobs.php...
DD-WRT 45723 - UPNP Buffer Overflow (PoC)
Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Date: 24.03.2021 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...
Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting
Exploit Title: Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting Date: 3/30/2021 Exploit Author: cmOs Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.9 Tested on Ubuntu 20.04 Step 1: Log in to the dashboard using th...
GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting
Exploit Title: GetSimple CMS 3.3.16 - Reflected XSS to RCE Exploit Author: Bobby Cooke boku Discovery Credits: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: March 29th, 2021 CVE ID: CVE-2020-23839 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23839 Vendor Homepage: http://get-simple.in...
WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated)
Exploit Title: WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution Authenticated Google Dork: inurl:/wp-content/plugins/wp-super-cache/ Date: 2021-03-13 Exploit Author: m0ze Version: Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this...
Equipment Inventory System 1.0 - 'multiple' Stored XSS
Exploit Title: Equipment Inventory System 1.0 - 'multiple' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/php/11327/equipment-inventory.html Software Link:...
Concrete5 8.5.4 - 'name' Stored XSS
Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS Date: 2021-01 Exploit Author: Quadron Research Lab Version: Concrete5 8.5.4 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: Concrete5 CMS https://www.concrete5.org CVE: CVE-2021-3111 Suggested description The Express Entries Dashboard...
Novel Boutique House-plus 3.5.1 - Arbitrary File Download
Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Date: 27/03/2021 Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerab...
Budget Management System 1.0 - 'Budget title' Stored XSS
Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html Version: 1 Tested on Windows 10 + Xampp 8.0.3 XSS...
vsftpd 3.0.3 - Remote Denial of Service
Exploit Title: vsftpd 3.0.3 - Remote Denial of Service Date: 22-03-2021 Exploit Author: xynmaps Vendor Homepage: https://security.appspot.com/vsftpd.html Software Link: https://security.appspot.com/downloads/vsftpd-3.0.3.tar.gz Version: 3.0.3 Tested on: Parrot Security OS 5.9.0...
SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow
Exploit Title: SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow Date: 03/27/2021 Author: Filipe Oliveira - filipecenturiaoathotmail.com Rafael Machado - nnszsatprotonmail.com Vendor: https://www.syncbreeze.com/ Software Link:...
TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated)
Exploit Title: TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting Unauthenticated Date: 24-07-2020 Exploit Author: Smriti Gaba, Kaustubh Padwad Vendor Homepage: https://www.tp-link.com Version: Multiple ============================================================== Unauthenticated...
'customhs_js_content' - 'customhs_js_content' Cross-Site Request Forgery
Exploit Title: GetSimple CMS Custom JS Plugin 0.1 - 'customhsjscontent' Cross-Site Request Forgery Exploit Author: Abhishek Joshi Date: March 25, 2021 Vendor Homepage: http://get-simple.info/extend/plugin/custom-js/1267 / http://get-simple.info/download Software Link:...
Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting
Title: Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting Exploit Author: George Tsimpidas Date: 2021-03-25 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/regisinventory.zip Version ...
Moodle 3.10.3 - 'label' Persistent Cross Site Scripting
Exploit Title: Moodle 3.10.3 - 'label' Persistent Cross Site Scripting Date: 25.03.2021 Author: Vincent666 ibn Winnie Software Link: https://moodle.org/ Tested on: Windows 10 Web Browser: Mozilla Firefox Google Dorks: inurl:/lib/editor/atto/plugins/managefiles/ or calendar/view.php?view=month...
Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting
Exploit Title: Genexis Platinum-4410 P4410-V2-1.31A - 'startaddr' Persistent Cross-Site Scripting Date: 03/25/2020 Exploit Author: Jithin KS Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: Platinum-4410 Software version - P4410-V2-1.31A Tested on: Windows 10 Author Contact:...
Linksys EA7500 2.0.8.194281 - Cross-Site Scripting
Exploit Title: Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Date: 3/24/21 Exploit Author: MiningOmerta Vendor Homepage: https://www.linksys.com/ Version: EA7500 Firmware Version: 2.0.8.194281 CVE: CVE-2012-6708 Tested On: Linksys EA7500 jQuery version 1.7.1 Cross-Site Scripting Vulnerabilit...
Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)
Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Date: 16/06/2020 Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE :...
Ovidentia 6 - 'id' SQL injection (Authenticated)
Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...
Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path
Exploit Title: Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Software Link: https://sourceforge.net/projects/ext2fsd/files/latest/download Version: 0.68 Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763 Service info:...
Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS
Exploit Title: Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html Software Link:...
Codiad 2.8.4 - Remote Code Execution (Authenticated)
Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 !/usr/bin/env python encoding: utf-8 import requests import...
Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path
Exploit Title: Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path Dicovery by: Ekrem Can Kök Discovery Date: 2021-03-22 Vendor Homepage: https://www.hirezstudios.com Version: 5.1.6.3 Tested on: Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic service get name,...
Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path
Exploit Title: Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-23 Vendor Homepage: https://eventlogxp.com/ Software Links : https://eventlogxp.com/ Tested Version: Version: 4.9.3 Vulnerability Type: Unquoted...
ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path
Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-21 Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010...
MyBB 1.8.25 - Poll Vote Count SQL Injection
Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...
ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path
Exploit Title: ELAN Touchpad 15.2.13.1X64WHQL - 'ETDService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-22 Vendor : ELAN Microelectronics Version : ELAN Touchpad 15.2.13.1X64WHQL Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 8 This software installs...
OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path
Exploit Title: OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path Exploit Auth: Tech Johnny Vendor Homepage: https://www.osas.com Version: 11 x86 Tested on: Windows 2012R2 Details: C:\Windows\system32wmic service get name, pathname, displayname, startmode | findstr /i "Auto...
Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path
Exploit Title: Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...
SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path
Exploit Title: SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://help.sap.com/ Software Links : https://help.sap.com/ SAP Tested Version: 750 Final Release...
ProFTPD 1.3.7a - Remote Denial of Service
Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Date: 22/03/2021 Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author =...
WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal
Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Date: 19/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3....
KZTech T3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd...
MyBB 1.8.25 - Chained Remote Command Execution
Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...
Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path
Exploit Title: Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPr...
MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path
Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...
Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path
Exploit Title: Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated)
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection Authenticated Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Produ...
Plone CMS 5.2.3 - 'Title' Stored XSS
Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://plone.com/ Software Link: https://github.com/plone/Products.CMFPlone/tags Version: 5.2.3 Tested on: Windows 10 Reference -...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...
SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF
Exploit Title: SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com...
Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting
Exploit Title: Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd...
Boonex Dolphin 7.4.2 - 'width' Stored XSS
Exploit Title: Boonex Dolphin 7.4.2 - 'width' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.boonex.com/ Software Link: https://www.boonex.com/downloads Version: 7.4.2 Tested on: Windows 10 Reference -...
Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path
Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path Discovery by: Riadh Bouchahoua Discovery Date: 19-03-2021 Vendor Homepage: https://mosquitto.org/ Software Links : https://mosquitto.org/download/ Tested Version: 2.0.9 Vulnerability Type: Unquoted Service Path...
Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution Unauthenticated Date: 19-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...