Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)

Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Date: 2020-12-27 Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...

Billing Management System 2.0 - 'email' SQL injection Auth Bypass

Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass Date: 2021-02-16 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software: Billi...

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.htm...

Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass

Exploit Title: Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass Date: 16-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...

Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)

Exploit Title: Nsauditor 3.2.2.0 - 'Event Description' Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.2.0 Tested on: Windows 10 Home x64 STEPS Open the...

BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting (XSS)

Exploit Title: BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting XSS Date: 16-02-2021 Exploit Author: Kamaljeet Kumar - TATA Advanced Systems Limited Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Tested on...

AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)

Exploit Title: AgataSoft PingMaster Pro 2.1 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: http://agatasoft.com/ Software Link: http://agatasoft.com/PingMasterPro.exe Version: 2.1 Tested on: Windows 10 Home x64 STEPS Open the program AgataSoft PingMaster Pro...

Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)

Exploit Title: Managed Switch Port Mapping Tool 2.85.2 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download.htm Version: 2.85.2 Tested on: Windows 10 Home x64 STEPS Open the program...

Tasks 9.7.3 - Insecure Permissions

Exploit Title: Tasks 9.7.3 - Insecure Permissions Date: 18th of July, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/07/18/how-the-white-box-hacking-works-ok-google-i-wanna-pwn-this-app/ Vendor Homepage: https://tasks.org/ Software Link:...

TestLink 1.9.20 - Unrestricted File Upload (Authenticated)

Exploit Title: TestLink 1.9.20 - Unrestricted File Upload Authenticated Date: 14th February 2021 Exploit Author: snovvcrash Original Research by: Ackcent AppSec Team Original Research: https://ackcent.com/testlink-1-9-20-unrestricted-file-upload-and-sql-injection/ Vendor Homepage:...

Teachers Record Management System 1.0 - 'searchteacher' SQL Injection

Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Date: 13/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14399/teacher-record-system-phpmysql.html Version:1.0...

School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14155/school-file-management-system.html Software: : School...

PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path

Exploit Title: PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-11-2020 Vendor Homepage: https://www.pdfcomplete.com/cms/dpl/tabid/111/Default.aspx?r=du2vH8r Software Links : https://pdf-complete.informer.com/download/ Test...

School Event Attendance Monitoring System 1.0 - 'Item Name' Stored Cross-Site Scripting

Exploit Title: School Event Attendance Monitoring System 1.0 - 'Item Name' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

b2evolution 6.11.6 - 'tab3' Reflected XSS

Exploit Title: b2evolution 6.11.6 - 'tab3' Reflected XSS CVE: CVE-2020-22839 Date: 10/02/2021 Exploit Author: Nakul Ratti, Soham Bakore Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version...

b2evolution 6.11.6 - 'redirect_to' Open Redirect

Exploit Title: b2evolution 6.11.6 - 'redirectto' Open Redirect Date: 10/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version of Chrome,...

Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote code execution 3 Date: 10/02/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0...

PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting

Exploit Title: PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: : PEEL SHOPPING 9.3.0 Vulnerability Type: Stored Cross-site...

Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)

Exploit Title: Openlitespeed WebServer 1.7.8 - Command Injection Authenticated 2 Date: 26/1/2021 Exploit Author: Metin Yunus Kandemir Discovered by: cmOs - SunCSR Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.8 import...

Node.JS - 'node-serialize' Remote Code Execution (2)

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...

b2evolution 6.11.6 - 'plugin name' Stored XSS

Exploit Title: b2evolution 6.11.6 - 'plugin name' Stored XSS Date: 09/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version of Chrome,...

Online Car Rental System 1.0 - Stored Cross Site Scripting

Exploit Title: Online Car Rental System 1.0 - Stored Cross Site Scripting Date: 9/2/2021 Exploit Author: Naved Shaikh Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html Version: V 1.0 Tested on Windo...

Adobe Connect 10 - Username Disclosure

Title: Adobe Connect 10 - Username Disclosure Author: h4shur date:2021-02-07 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 10 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Description : By adding...

Epson USB Display 1.6.0.0 - 'EMP_UDSA' Unquoted Service Path

Exploit Title: Epson USB Display 1.6.0.0 - 'EMPUDSA' Unquoted Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://epson.com.mx/ Tested Version: 1.6.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...

AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path

Exploit Title: AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: Anytxt.net Software Link: https://sourceforge.net/projects/anytxt/files/AnyTXT.Searcher.1.2.394.exe Version: Version 1.2.394 Tested on: Microsoft Windows ...

WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/digital-publications-by-supsystic.1.6.9.zip Version: 1.6...

WordPress Plugin Supsystic Ultimate Maps 1.1.12 - 'sidx' SQL injection

Exploit Title: WordPress Plugin Supsystic Ultimate Maps 1.1.12 - 'sidx' SQL injection Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/ultimate-maps-by-supsystic.1.1.12.zip Category: Web Application...

SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS

Exploit Title: SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6...

WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/pricing-table-by-supsystic.1.8.7.zip Version: 1.8.7 and 1.8.6...

Jenzabar 9.2.2 - 'query' Reflected XSS.

Exploit Title: Jenzabar 9.2.2 - 'query' Reflected XSS. Date: 2021–02–06 Exploit Author: y0ungdst Vendor Homepage: https://jenzabar.com Version: Jenzabar — v9.2.0-v9.2.1-v9.2.2 and maybe other versions Tested on: Windows 10 CVE : CVE-2021–26723 -Description: A Reflected Cross-site scripting XSS...

WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/contact-form-by-supsystic.1.7.5.zip Version: 1.7.5 Tested on:...

WordPress Plugin Supsystic Newsletter 1.5.5 - 'sidx' SQL injection

Exploit Title: WordPress Plugin Supsystic Newsletter 1.5.5 - 'sidx' SQL injection Date: 24/07 2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/newsletter-by-supsystic.1.5.5.zip Category: Web Application Version:...

WordPress Plugin Welcart e-Commerce 2.0.0 - 'search[order_column][0]' SQL injection

Exploit Title: WordPress Plugin Welcart e-Commerce 2.0.0 - 'searchordercolumn0' SQL injection Date: 04/08 2020 Exploit Author: Erik David Martin Vendor Homepage: https://www.welcart.com/ Software Link: https://downloads.wordpress.org/plugin/usc-e-shop.2.0.0.zip Category: Web Application Version:...

SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution

Exploit Title: SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6...

Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS)

Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail 3. We can see execution code and after saving it, each time we visits the distribution list...

Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)

Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail .jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right...

Millewin 13.39.146.1 - Local Privilege Escalation

Exploit Title: Millewin 13.39.146.1 - Local Privilege Escalation Date: 2021-02-07 Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link:...

WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection

Exploit Title: WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection Date: 09/08/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/membership-by-supsystic.1.4.7.zip Version: 1.4.7 Tested on: Ubuntu...

WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/data-tables-generator-by-supsystic.1.9.96.zip Category...

Microsoft Internet Explorer 11 32-bit - Use-After-Free

Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Date: 2021-02-05 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7...

AMD Fuel Service - 'Fuel.service' Unquote Service Path

Exploit Title: AMD Fuel Service - 'Fuel.service' Unquote Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://www.amd.com/ Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...

YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery

Title: YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery Date: 09.01.2021 Author: Numan Türle Vendor Homepage: https://mfscripts.com Software Link: https://yetishare.com Version: v5.1.0 Tested on: YetiShare - File Hosting Script v5.1.0, Php Version : 7.4 Summary ---------...

SmartFoxServer 2X 2.17.0 - Credentials Disclosure

Exploit Title: SmartFoxServer 2X 2.17.0 - Credentials Disclosure Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com SmartFoxServer 2X 2.17.0 Credentials Disclosure Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Serve...

WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion

Exploit Title: WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/backup-by-supsystic.zip Version: 2.3.9 Tested on: Ubuntu 16.04.6 LTS /...

LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)

Exploit Title: LiteSpeed Web Server Enterprise 5.4.11 - Command Injection Authenticated Date: 05/20/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://www.litespeedtech.com/products Version: 5.4.11 Ubuntu/Kali Linux Step 1: Log in to the...

PhreeBooks 5.2.3 ERP - Remote Code Execution (2)

Exploit Title: PhreeBooks 5.2.3 - Remote Code Execution Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: 5.2.3 Tested on: Windows Server 2016 !/usr/bin/env python3 ''' DESCRIPTION: - PhreeBooks...

SEO Panel 4.6.0 - Remote Code Execution (2)

Exploit Title: SEO Panel 4.6.0 - Remote Code Execution 2 Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.seopanel.org/https://www.kentico.com/ Software Link: https://www.seopanel.org/spdownload/4.6.0 Version: 4.6.0 Tested on: Ubuntu 20.04 !/usr/bin/env python3 ''' DESCRIPTION...

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 2 Authors and Contributors: cts, help from r4j, debug by nu11secur1ty Date: 30.01.2021 Vendor: https://www.sudo.ws/ Link: https://www.sudo.ws/download.html CVE: CVE-2021-3156 + Source:...

Pixelimity 1.0 - 'password' Cross-Site Request Forgery

Exploit Title: Pixelimity 1.0 - 'password' Cross-Site Request Forgery Date: 2020-06-03 Exploit Author: Noth Vendor Homepage: https://github.com/pixelimity/pixelimity Software Link: https://github.com/pixelimity/pixelimity Version: v1.0 CVE : 2020-23522 Pixelimity 1.0 has cross-site request forger...

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Date: 2021-02-02 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE :...