47884 matches found
Academy-LMS 4.3 - Stored XSS
Exploit Title: Academy-LMS 4.3 - Stored XSS Date: 19/12/2020 Vendor page: https://academy-lms.com/ Version: 4.3 Tested on Win10 and Google Chrome Exploit Author: Vinicius Alves XSS Payload: 1 Access LMS and log in to admin panel 2 Access courses page 3 Open course manager and SEO menu 4 Paste the...
SCO Openserver 5.0.7 - 'outputform' Command Injection
Exploit Title: SCO Openserver 5.0.7 - 'outputform' Command Injection Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 04/09/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products/ Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Test...
FRITZ!Box 7.20 - DNS Rebinding Protection Bypass
Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...
Alumni Management System 1.0 - 'id' SQL Injection
Exploit Title: Alumni Management System 1.0 - 'id' SQL Injection Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
Alumni Management System 1.0 - "Course Form" Stored XSS
Exploit Title: Alumni Management System 1.0 - "Course Form" Stored XSS Exploit Author: Aakash Madaan Date: 2020-12-10 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS
Exploit Title: Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-18 Vendor Homepage: https://xeroneit.net/ Software Link: https://xeroneit.net/portfolio/library-management-system-lms Affected Version: Version 3.1 Tested on: Kali...
Point of Sale System 1.0 - Authentication Bypass
Exploit Title: Point of Sale System 1.0 - Authentication Bypass Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-17 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/9620/point-sale-system-pos.html Software Link:...
Smart Hospital 3.1 - "Add Patient" Stored XSS
Exploit Title: Smart Hospital 3.1 - "Add Patient" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-18 Vendor Homepage: https://smart-hospital.in/index.html Software Link: https://codecanyon.net/item/smart-hospital-hospital-management-system/23205038 Affected Version: Version 3.1 Tested on:...
Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...
Alumni Management System 1.0 - Unrestricted File Upload To RCE
Exploit Title: Alumni Management System 1.0 - Unrestricted File Upload To RCE Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)
Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service Poc Data: 18-Dec-2020 Exploit Author: Ahmed Elkhressy Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7, Windows 10...
Employee Record System 1.0 - Multiple Stored XSS
Exploit Title: Employee Record System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-09 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14588/employee-record-system-phpmysqli-full-source-code.html Software Link:...
Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)
Exploit Title: Dolibarr ERP-CRM 12.0.3 - Remote Code Execution Authenticated Date: 2020.12.17 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://github.com/Dolibarr/dolibarr Software Link: https://sourceforge.net/projects/dolibarr/ Version: 12.0.3 Tested on: Kali Linux 2020.2 Vulnerabilit...
PHPJabbers Appointment Scheduler 2.3 - Reflected XSS (Cross-Site Scripting)
Exploit Title: PHPJabbers Appointment Scheduler 2.3 - Reflected XSS Cross-Site Scripting Date: 2020-12-14 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.phpjabbers.com Software Link: https://www.phpjabbers.com/appointment-scheduler Version: 2.3 Tested on: Latest Version of Deskto...
Interview Management System 1.0 - Stored XSS in Add New Question
Exploit Title: Interview Management System 1.0 - Stored XSS in Add New Question Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-09 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...
Content Management System 1.0 - 'First Name' Stored XSS
Exploit Title:Content Management System 1.0 - 'First Name' Stored XSS Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...
Content Management System 1.0 - 'id' SQL Injection
Exploit Title: Content Management System 1.0 - 'id' SQL Injection Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...
Linksys RE6500 1.0.11.001 - Unauthenticated RCE
Exploit Title: Linksys RE6500 1.0.11.001 - Unauthenticated RCE Date: 31/07/2020 Exploit Author: RE-Solver Public disclosure: https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html4 Vendor Homepage: www.linksys.com Version: FW V1.05 up to FW v1.0.11.001 Tested on: F...
Interview Management System 1.0 - 'id' SQL Injection
Exploit Title: Interview Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...
Victor CMS 1.0 - Multiple SQL Injection (Authenticated)
Exploit Title: Victor CMS 1.0 - Multiple SQL Injection Authenticated Date: 17.12.2020 Exploit Author: Furkan Göksel Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Description: The Victor CMS v1.0...
Content Management System 1.0 - 'email' SQL Injection
Exploit Title: Content Management System 1.0 - 'email' SQL Injection Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...
Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS
Exploit Title: Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Medical Center Portal Management System 1.0 - 'id' SQL Injection
Exploit Title: Medical Center Portal Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...
Online Tours & Travels Management System 1.0 - "id" SQL Injection
Exploit Title: Online Tours & Travels Management System 1.0 - "id" SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Software...
Customer Support System 1.0 - 'id' SQL Injection
Exploit Title: Customer Support System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Nxlog Community Edition 2.10.2150 - DoS (Poc)
Exploit Title: Nxlog Community Edition 2.10.2150 - DoS Poc Date: 15/12/2020 Exploit Author: Guillaume PETIT Vendor Homepage: https://nxlog.co Software Link: https://nxlog.co/products/nxlog-community-edition/download Version: 2.10.2150 Tested on: Linux Debian 10 && Windows Server 2019 CVE:...
Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting
Exploit Title: Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting Date: 13-12-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://getgrav.org/ Software Link: https://getgrav.org/downloads Version: Grav v1.6.30 - Admin v1.9.18 Tested on: Windows 10/Kali Linux...
Seotoaster 3.2.0 - Stored XSS on Edit page properties
Exploit Title: Seotoaster 3.2.0 - Stored XSS on Edit page properties Exploit Author: Hardik Solanki Vendor Homepage: https://www.seotoaster.com/ Software Link: https://crm-marketing-automation-platforms.seotoaster.com/ Version: 3.2.0 Tested on Windows 10 XSS ATTACK: Cross-site Scripting XSS is a...
Raysync 3.3.3.8 - RCE
Exploit Title: Raysync 3.3.3.8 - RCE Date: 04/10/2020 Exploit Author: XiaoLong Zhu Vendor Homepage: www.raysync.io Version: below 3.3.3.8 Tested on: Linux step1: run RaysyncServer.sh to build a web application on the local environment, set admin password to 123456 , which will be write to manage....
PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection
Exploit Title: PrestaShop ProductComments 4.2.0 - 'idproducts' Time Based Blind SQL Injection Date: 2020-12-15 Exploit Author: Frederic ADAM Author contact: [email protected] Vendor Homepage: https://www.prestashop.com Software Link: https://github.com/PrestaShop/productcomments Version: 4.2.0...
Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...
GitLab 11.4.7 - Remote Code Execution (Authenticated)
Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution No Interaction Required Date: 15th December 2020 Exploit Author: Mohin Paramasivam Shad0wQu35t Software Link: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested on...
Magic Home Pro 1.5.1 - Authentication Bypass
Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...
Solaris SunSSH 11.0 x86 - libpam Remote Root
Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root Exploit Author: Hacker Fantastic Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris11-overview.html Version: 11 Tested on: SunOS solaris 5.11 11.0 / SunSSH Solaris 10-11.0 x86 libpam remote root exploit CVE-2020-14871...
Task Management System 1.0 - 'page' Local File Inclusion
Exploit Title: Task Management System 1.0 - 'page' Local File Inclusion Exploit Author: İsmail BOZKURT Date: 2020-12-15 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...
Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)
Exploit Title: Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal 2 Date: 12 Dec 2020 Exploit Author: [email protected] Vendor Homepage: cisco.com Software Link: It’s against Hardware, specifically ASA’s and FTD’s Version: ASAs from version 9.6 to 9.14.1.10 and FTD’s versions 6.2.3 to...
Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2)
Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-14-12 Exploit Author: Andrea Bruschi - www.andreabruschi.net Vendor Homepage: https://phpgurukul.com/ Software Link:...
libbabl 0.1.62 - Broken Double Free Detection (PoC)
Exploit Title: libbabl 0.1.62 - Broken Double Free Detection PoC Date: December 14, 2020 Exploit Author: Carter Yagemann Vendor Homepage: https://www.gegl.org Software Link: https://www.gegl.org/babl/ Version: libbabl 0.1.62 and newer Tested on: Debian Buster Linux 4.19.0-9-amd64 Compile: gcc...
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection Google Dork: Unknown Date: 13-12-2020 Exploit Author: Hodorsec Vendor Homepage: https://www.librenms.org Software Link: https://github.com/librenms/librenms Update notice:...
Seacms 11.1 - 'ip and weburl' Remote Command Execution
Exploit Title: Seacms 11.1 - 'ip and weburl' Remote Command Execution Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SeaCMS111/5f9js3/adminip.php?action=set HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5...
System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path
Exploit Title: System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path Date: 2020-10-14 Exploit Author: Mohammed Alshehri Vendor Homepage: http://systemexplorer.net/ Software Link: http://systemexplorer.net/download/SystemExplorerSetup.exe Version: Version 7.0.0 Tested on:...
Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS
Exploit Title: Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135...
Rumble Mail Server 0.51.3135 - 'servername' Stored XSS
Exploit Title: Rumble Mail Server 0.51.3135 - 'servername' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested...
MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...
Jenkins 2.235.3 - 'X-Forwarded-For' Stored XSS
Exploit Title: Jenkins 2.235.3 - 'X-Forwarded-For' Stored XSS Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: '. To understand how remote build trigger works, have a look at this post:...
Seacms 11.1 - 'file' Local File Inclusion
Exploit Title: Seacms 11.1 - 'file' Local File Inclusion Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 GET /SEACMS111/5f9js3/adminsafe.php?action=download&file=C:/windows/system.ini HTTP/1.1 Host: 192.168.137.139...
Rumble Mail Server 0.51.3135 - 'username' Stored XSS
Exploit Title: Rumble Mail Server 0.51.3135 - 'username' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested o...
Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation
Exploit Title: Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation Date: 03.12.2020 Exploit Author: Maximilian Barz and Daniel Schwendner Vendor Homepage: https://us.macally.com/products/wifisd2 Version: 2.000.010 Tested on: Kali Linux 5.7.0-kali1-amd64 CVE : CVE-2020-29669...
WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download
Exploit Title: WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download Google Dork: intitle:"Index of" AND "wp-content/plugins/boldgrid-backup/=" Date: 2020-12-12 Exploit Author: Wadeek Vendor Homepage: https://www.boldgrid.com/ Software Link:...
GitLab 11.4.7 - Remote Code Execution (Authenticated) (1)
Exploit Title: Gitlab 11.4.7 - Remote Code Execution Date: 14-12-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net, foxlox Vendor Homepage: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested On: Debian 10 +...