47904 matches found
rConfig 3.9.6 - 'path' Local File Inclusion (Authenticated)
Exploit Title: rConfig 3.9.6 - 'path' Local File Inclusion Authenticated Date: 2021-03-12 Exploit Author: 5a65726f Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.6.zip Version: rConfig v3.9.6 Install scripts :...
Zenario CMS 8.8.53370 - 'id' Blind SQL Injection
Exploit Title: Zenario CMS 8.8.53370 - 'id' Blind SQL Injection Date: 05/02/2021 Exploit Author: Balaji Ayyasamy Vendor Homepage: https://zenar.io/ Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8 Version: 8.8.53370 Tested on: Windows 10 Pro 19041 x6486 + XAMPP 7.4.14 CVE:...
MagpieRSS 0.72 - 'url' Command Injection
Exploit Title: MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery Date: 24 March 2021 Exploit Author: bl4ckh4ck5 Vendor Homepage: http://magpierss.sourceforge.net/ Software Link:...
eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path
Exploit Title: eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Tested Version: 2.5.0.9 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to...
Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path
Exploit Title: Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 700.1631 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es St...
Microsoft Exchange 2019 - Server-Side Request Forgery
import requests from urllib3.exceptions import InsecureRequestWarning import random import string import sys def idgeneratorsize=6, chars=string.asciilowercase + string.digits: return ''.joinrandom.choicechars for in rangesize if lensys.argv " print"使用方式: python PoC.py mail.btwaf.cn [email protected]...
Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths
Exploit Title: Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths Date: 2020-11-6 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.vembu.com/ Software Link: https://sg-build-release.s3.amazonaws.com/BDRSuite/V420/4202020051312/VembuBDRBackupServerSetup4201U1GA.exe Version: Versi...
Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)
Exploit Title: Monitoring System Dashboard 1.0 - File Upload RCE Authenticated Exploit Author: Richard Jones Date: 2021-03-11 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection
Exploit Title: Monitoring System Dashboard 1.0 - 'uname' SQL Injection Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
CouchCMS 2.2.1 - Persistent Cross-Site Scripting
Exploit Title: CouchCMS 2.2.1 - XSS via SVG file upload Date: 2021-01-25 Exploit Author: xxcdd Vendor Homepage: https://github.com/CouchCMS/CouchCMS Software Link: https://github.com/CouchCMS/CouchCMS Version: v2.2.1 Tested on: Windows 7 An issue was discovered in CouchCMS v2.2.1...
NuCom 11N Wireless Router 5.07.90 - Remote Privilege Escalation
Exploit Title: NuCom 11N Wireless Router 5.07.90 - Remote Privilege Escalation Date: 01.03.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.nucom.es Vendor: NUEVAS COMUNICACIONES IBERIA, S.A. Product web page: https://www.nucom.es Affected version: 5.07.90multiNCM01 5.07.89multiNCM01...
Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)
Exploit Title: Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service PoC Exploit Author : Enes Özeser Exploit Date: 2021-02-28 Vendor Homepage : https://www.nsauditor.com/ Link Software : https://www.nsauditor.com/downloads/nhsisetup.exe Version: 1.6.4.0 Tested on: Windows 10...
MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting
Exploit Title: MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Date: 1/30/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1220 Version: 1.8.22 Tested on: Windows 10 CVE: CVE-2021-28115 1. Description: This plugin...
Microsoft Exchange 2019 - Server-Side Request Forgery (Proxylogon) (PoC)
Exploit Title: Microsoft Exchange 2019 - SSRF to Arbitrary File Write Proxylogon Date: 2021-03-10 Exploit Author: testanull Vendor Homepage: https://www.microsoft.com Version: MS Exchange Server 2013, 2016, 2019 CVE: 2021-26855, 2021-27065 import requests from urllib3.exceptions import...
Atlassian JIRA 8.11.1 - User Enumeration
Title: Atlassian JIRA 8.11.1 - User Enumeration Author: Dolev Farhi Vulnerable versions: version ' print'e.g. python3 script.py https://jiratarget.com usernames.txt' sys.exit if lensys.argv 3: help server = sys.argv1 usernames = sys.argv2 randomuser = '0x00001' try: os.path.existsusernames except...
Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path
Exploit Title: Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: sandboxie-plus.com Software Link: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.2/Sandboxie-Plus-x64-v0.7.2.exe Version: Version 0.7.2 Test...
Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)
Golden FTP Server 4.70 - 'PASS' Buffer Overflow 2 Author: 1F98D Original Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on Windows 10 x64 A buffer overflow exists in GoldenFTP during the authentication process. Note that the source ip address of the user performing the...
bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path
Exploit Title: bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Vendor Homepage: https://carolcoral.github.io/no-freevpn/ Software Link: https://github.com/carolcoral/no-freevpn/releases/download/BVPN%4020190225/bVPN251setup.exe Version: Version...
FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path
Exploit Title: FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: www.freelan.org Software Link: https://github.com/freelan-developers/freelan/releases/download/2.2/freelan-2.2.0-x86-install.exe Version: Version 2.2 Tested on:...
GLPI 9.5.3 - 'fromtype' Unsafe Reflection
Exploit Title: GLPI 9.5.3 - 'fromtype' Unsafe Reflection Date: 2021-02-13 Exploit Author: Vadym Soroka @Iterasec https://iterasec.com Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: =9.5.3 Tested on:v9.5.3, 2021-02-13 Technical...
Joomla JCK Editor 6.4.4 - 'parent' SQL Injection (2)
Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...
Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path
Exploit Title: Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://www.oki.com Software Links:...
Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path
Exploit Title: Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://www.oki.com Software Links:...
Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Date: 07-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html...
Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path
Exploit Title: Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://pingzapper.com Software Links: https://pingzapper.com/download Tested Version: 2.3.1 Vulnerability Type: Unquoted Service Path Tested on: Windows 8.1 Pro...
Fluig 1.7.0 - Path Traversal
Exploit Title: Fluig 1.7.0 - Path Traversal Date: 26/11/2020 Exploit Author: Lucas Souza Vendor Homepage: https://www.totvs.com/fluig/ Version: payload.txt curl -s https://raw.githubusercontent.com/lucxssouza/banners/main/xFluig/banner banner -- FUNCTIONS -- function create-payload wordlist.txt...
CatDV 9.2 - RMI Authentication Bypass
Exploit Title: CatDV 9.2 - RMI Authentication Bypass Date: 3/1/2021 Exploit Author: Christopher Ellis, Nick Gonella, Workday Inc. Vendor Homepage: https://catdv.com/ Software Link: https://www.squarebox.com/download/CatDVServer9.2.0.exe Version: 9.2 and lower Tested on: Windows, Mac import...
Textpattern 4.8.3 - Remote code execution (Authenticated) (2)
Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Date: 03/03/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0...
Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS)
Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...
Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)
Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection Authenticated Date: 04-03-2021 Exploit Author: Deepak Kumar Bharti Vendor Homepage: https://www.sourcecodester.com Software Download Link:...
Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)
Exploit Title: Online Ordering System 1.0 - Blind SQL Injection Unauthenticated Date: 2021-03-04 Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: v1.0 Vulnerable...
e107 CMS 2.3.0 - CSRF
Exploit Title: e107 CMS 2.3.0 - CSRF Date: 04/03/2021 Exploit Author: Tadjmen Vendor Homepage: https://e107.org Software Link: https://e107.org/download Version: 2.3.0 Tested on: Windows 10 CVE : CVE-2021-27885 CSRF vulnerability on e107 CMS Bug Description Hi. I found a CSRF on the e107 CMS...
Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting (XSS)
Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...
Online Ordering System 1.0 - Arbitrary File Upload
Exploit Title: Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Date: 04/03/2021 Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: 1.0...
Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - Blind & Error based SQL injection Authenticated Date: 2021-03-02 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...
Local Services Search Engine Management System (LSSMES) 1.0 - 'name' Persistent Cross-Site Scripting (XSS)
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - 'name' Persistent Cross-Site Scripting XSS Date: 2021-03-03 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...
AnyDesk 5.5.2 - Remote Code Execution
Exploit Title: AnyDesk 5.5.2 - Remote Code Execution Date: 09/06/20 Exploit Author: scryh Vendor Homepage: https://anydesk.com/en Version: 5.5.2 Tested on: Linux Walkthrough: https://devel0pment.de/?p=1881 !/usr/bin/env python import struct import socket import sys ip = '192.168.x.x' port = 50001...
Zen Cart 1.5.7b - Remote Code Execution (Authenticated)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit write payload in database and trig to command a bug in an zencart v1.5.7b web application class MetasploitModule 'zencart authenticated remote code executio...
Web Based Quiz System 1.0 - 'MCQ options' Persistent Cross-Site Scripting
Exploit Title: Web Based Quiz System 1.0 - 'MCQ options' Persistent/Stored Cross-Site Scripting Date: 2021-03-02 Exploit Author: Praharsh Kumar Singh Vendor Homepage: https://www.sourcecodester.com Software Download Link:...
Tiny Tiny RSS - Remote Code Execution
Exploit Title: Tiny Tiny RSS - Remote Code Execution Date: 21/09/2020 Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
Web Based Quiz System 1.0 - 'name' Persistent Cross-Site Scripting
Exploit Title: Web Based Quiz System 1.0 - 'name' Persistent/Stored Cross-Site Scripting Date: 2021-03-02 Exploit Author: P.Naveen Kumar Vendor Homepage: https://www.sourcecodester.com Software Download Link :...
Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Online Catering Reservation System 1.0 - Unauthenticated Remote Code Execution Date: 28-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11355/online-catering-reservation.html Version:...
VMware vCenter Server 7.0 - Unauthenticated File Upload
Exploit Title: VMware vCenter Server 7.0 - Unauthenticated File Upload Date: 2021-02-27 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2021-0002.html Version: vCenter Server 6.5 7515524. File name CVE-2021-21972.py written by tijldotdeneutathowestdotb...
WiFi Mouse 1.7.8.5 - Remote Code Execution
Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Date: 25-02-2021 Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option whic...
FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Covid-19 Contact Tracing System 1.0 - Remote Code Execution Unauthenticated Date: 28-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...
Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)
!/usr/bin/env python3 -- coding: utf-8 -- standard modules from metasploit import module extra modules DEPENDENCIESMISSING = False try: import base64 import itertools import os import requests except ImportError: DEPENDENCIESMISSING = True Metasploit Metadata metadata = 'name': 'Microsoft RDP Web...
Triconsole 3.75 - Reflected XSS
Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...
Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated)
Exploit Title: Simple Employee Records System 1.0 - File Upload RCE Unauthenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11393/employee-records-system.html Software Link:...
LightCMS 1.3.4 - 'exclusive' Stored XSS
Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Date: 25/02/2021 Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux...