Lot Reservation Management System 1.0 - Authentication Bypass

Exploit Title: lot reservation management system 1.0 - Authentication Bypass Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.html Software Link:...

Gym Management System 1.0 - Authentication Bypass

Exploit Title: Gym Management System 1.0 - Authentication Bypass Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html Software Link:...

School Faculty Scheduling System 1.0 - 'id' SQL Injection

Exploit Title: School Faculty Scheduling System 1.0 - 'id' SQL Injection Date: 22/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...

Point of Sales 1.0 - 'id' SQL Injection

Exploit Title: Point of Sales 1.0 - SQL Injection Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/pos0.zip Version:...

Stock Management System 1.0 - 'brandId and categoriesId' SQL Injection

Exploit Title: Stock Management System 1.0 - SQL Injection Dork: N/A Date: 2020-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0 Tested on: Linux CVE: N/A POC: ...

Ajenti 2.1.36 - Remote Code Execution (Authenticated)

!/usr/bin/python3 import requests import sys import warnings from bs4 import BeautifulSoup import json warnings.filterwarnings"ignore", category=UserWarning, module='bs4' if lensys.argv 6: print"Usage: ./exploit.py https://url username password listenerIP listenerPort" exit url = sys.argv1 userna...

TextPattern CMS 4.8.3 - Remote Code Execution (Authenticated)

!/usr/bin/python3 Exploit Title: TextPattern = 4.8.3 - Authenticated Remote Code Execution via Unrestricted File Upload Google Dork: N/A Date: 16/10/2020 Exploit Author: Michele '0blio' Cisternino Vendor Homepage: https://textpattern.com/ Software Link: https://github.com/textpattern/textpattern...

Stock Management System 1.0 - 'Product Name' Persistent Cross-Site Scripting

Exploit Title: Stock Management System 1.0 - Persistent Cross-Site Scripting Product Name Exploit Author: Adeeb Shah @hyd3sec Date: August 2, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0...

School Faculty Scheduling System 1.0 - Stored Cross Site Scripting POC

Exploit Title: School Faculty Scheduling System 1.0 - Stored Cross Site Scripting Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...

GOautodial 4.0 - Authenticated Shell Upload

Exploit Title: GOautodial 4.0 - Authenticated Shell Upload Author: Balzabu Discovery Date: 07-23-2020 Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 Last relase as of today Tested on OS: CentOS 7...

School Faculty Scheduling System 1.0 - Authentication Bypass POC

Exploit Title: School Faculty Scheduling System 1.0 - Authentication Bypass Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...

Stock Management System 1.0 - 'Brand Name' Persistent Cross-Site Scripting

Exploit Title: Stock Management System 1.0 - Persistent Cross-Site Scripting Brand Name Exploit Author: Adeeb Shah @hyd3sec Date: August 2, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0...

Hrsale 2.0.0 - Local File Inclusion

Exploit Title: Hrsale 2.0.0 - Local File Inclusion Date: 10/21/2020 Exploit Author: Sosecure Vendor Homepage: https://hrsale.com/index.php Version: version 2.0.0 Description: This exploit allow you to download any readable file from server with out permission and login session. Payload :...

Tiki Wiki CMS Groupware 21.1 - Authentication Bypass

Exploit Title: Tiki Wiki CMS Groupware 21.1 - Authentication Bypass Date: 01.08.2020 1st August 2020 Exploit Author: Maximilian Barz aka. Silky Vendor Homepage: tiki.org Software Link: https://jztkft.dl.sourceforge.net/project/tikiwiki/Tiki21.xUYScuti/21.1/tiki-21.1.zip Version: 21.1 Tested on:...

Stock Management System 1.0 - 'Categories Name' Persistent Cross-Site Scripting

Exploit Title: Stock Management System 1.0 - Persistent Cross-Site Scripting Categories Name Exploit Author: Adeeb Shah @hyd3sec Date: August 2, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version:...

RiteCMS 2.2.1 - Remote Code Execution (Authenticated)

Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: H0j3n Vendor Homepage: http://ritecms.com/ Software Link: http://sourceforge.net/projects/ritecms/files/ritecms2.2.1.zip/download Version: 2.2.1 Tested on: Linux Reference:...

Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution

Exploit Title: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution Google Dork: ext:action | filetype:action Date: 2020/09/09 Exploit Author: Jonatas Fil Vendor Homepage: http://struts.apache.org/release/2.3.x/docs/s2-016.html Version: = 2.3.15 Tested on: Linux CVE : CVE-2013-2251...

User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS

Exploit Title: User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS Google Dork: N/A Date: 2020-08-07 Exploit Author: yusufmalikul Vendor Homepage: https://phpgurukul.com Software Link:...

Loan Management System 1.0 - Multiple Cross Site Scripting (Stored)

Exploit Title: Loan Management System 1.0 - Multiple Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/19 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

Ultimate Project Manager CRM PRO Version 2.0.5 - SQLi (Authenticated)

Exploit Title: Ultimate Project Manager CRM PRO 2.0.5 - SQLi Credentials Leakage Date: 2020-16-09 Exploit Author: nag0mez Vendor Homepage: https://ultimatepro.codexcube.com/ Version: = 2.0.5 Tested on: Kali Linux 2020.2 The SQLi injection does not allow UNION payloads. However, we can guess...

WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting Vulnerability Authenticated Date: 10.8.2020. Exploit Author: n1x MS-WEB Software Homepage: https://wordpress.org/plugins/wp-colorbox/ Software Link v1.1.1:...

WordPress Plugin Rest Google Maps < 7.11.18 - SQL Injection

Exploit Title: WordPress Rest Google Maps Plugin SQL Injection Google Dork: inurl:index.php?restroute=3D/wpgmza/ Date: 2020-09-09 Exploit Author: Jonatas Fil Vendor Homepage: https://wordpress.org/plugins/wp-google-maps/developers Software Link: https://wordpress.org/plugins/wp-google-maps/...

Wordpress Plugin WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure

Exploit Title: WP Courses 2.0.29 - Broken Access Controls leading to Courses Content Disclosure Exploit Author: Stefan Broeder, Marco Ortisi redtimmysec Authors blog: https://www.redtimmy.com Vendor Homepage: https://wpcoursesplugin.com/ Version Vulnerable: 2.0.29 CVE: requested but not assigned...

Mobile Shop System v1.0 - SQL Injection Authentication Bypass

Title: Mobile Shop System v1.0 - SQLi lead to authentication bypass Exploit Author: Moaaz Taha 0xStorm Date: 2020-09-08 Vendor Homepage: https://www.sourcecodester.com/php/14412/mobile-shop-system-php-mysql.html Software Link:...

Visitor Management System in PHP 1.0 - SQL Injection (Authenticated)

Title: Visitor Management System in PHP 1.0 - Authenticated SQL Injection Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On: Windo...

WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload

Exploit Title: WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload Date: 2020-10-20 Exploit Author: Net-Hunter Google Dork: N/A Software Link: https://ms.wordpress.org/plugins/hs-brand-logo-slider/ Vendor Homepage: https://www.heliossolutions.co/ Tested on: Linux Apache / Wordpre...

Comtrend AR-5387un router - Persistent XSS (Authenticated)

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Persistent XSS on Comtrend AR-5387un router Date: 19/10/2020 Exploit Author: OscarAkaElvis Vendor Homepage: https://www.comtrend.com/ Version: Comtrend AR-5387un router Tested on: Software/Firmware version A731-410JAZ-C04R02.A2pD035g.d2...

Typesetter CMS 5.1 - Arbitrary Code Execution (Authenticated)

Exploit Title: Typesetter CMS 5.1 - Arbitrary Code Execution Exploit Author: Rodolfo "t0gu" Tavares Contact: @t0guu TW Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Linux / Apache Category: WebApp Google Dork: intext:"Powered by Typesetter" Date: 2020-09-29 CVE :...

Online Discussion Forum Site 1.0 - XSS in Messaging System

Exploit Title: Online Discussion Forum Site 1.0 - XSS in Messaging System Google Dork: N/A Date: 2020-10-17 Exploit Author: j5oh Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...

Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection

Exploit Title: Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...

Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)

Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, City Google Dork: N/A Date: 2020-10-08 Exploit Author: Kokn3t Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/hostel-management-syste...

HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...

HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: https://www.szuray.com/ Software Link: N/A Version: up to 1.97 Tested on: Linux CVE: CVE-2020-24219 Vendors: URayTech...

Tourism Management System 1.0 - Arbitrary File Upload

Exploit Title: Tourism Management System 1.0 - Arbitrary File Upload Date: 2020-10-19 Exploit Author: Ankita Pal & Saurav Shukla Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7204 Version: V1...

HiSilicon Video Encoders - RCE via unauthenticated command injection

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated command injection Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech, J-Tech...

Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting

Exploit Title: Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...

HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...

Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in

Exploit Title: Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in Date: 8th October 2020 Exploit Author: dmw0ng Vendor Homepage: https://www.jenkins.io Software Link: http://archives.jenkins-ci.org/windows/jenkins-2.63.zip Version: Jenkins 2.63 Tested on: Ubuntu 18.04 / 20.04 CVE :...

HiSilicon Video Encoders - Full admin access via backdoor password

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...

Online Job Portal 1.0 - Cross Site Scripting (Stored)

Exploit Title: Online Job Portal 1.0 Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/17 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/13850/online-job-portal-phppdo.html Software Link:...

Online Student's Management System 1.0 - Remote Code Execution (Authenticated)

Exploit Title: Online Student's Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020/10/18 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14490/online-students-management-system-php-full-source-code-2020.html Software Link:...

Textpattern CMS 4.6.2 - Cross-site Request Forgery

Exploit Title: Textpattern CMS 4.6.2 - Cross-site Request Forgery Exploit Author: Alperen Ergel Contact: @alprenae Software Homepage: https://textpattern.com/ Version : 4.6.2 Tested on: windows 10 / xammp Category: WebApp Google Dork: intext:"Published with Textpattern CMS" Date: 2020-10-29...

Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection

Exploit Title: Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...

Restaurant Reservation System 1.0 - 'date' SQL Injection (Authenticated)

Exploit Title: Restaurant Reservation System 1.0 - 'date' SQL Injection Authenticated Date: 2020-10-05 Exploit Author: b1nary Vendor Homepage: https://www.sourcecodester.com/php/14482/restaurant-reservation-system-php-full-source-code-2020.html Software Link:...

CS-Cart 1.3.3 - authenticated RCE

Exploit Title: CS-Cart authenticated RCE Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.3 Vulnerability Type: authenticated RCE get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell edit ...

Company Visitor Management System (CVMS) 1.0 - Authentication Bypass

Exploit Title: Company Visitor Management System CVMS 1.0 - Authentication Bypass Date: 16/10/2020 Exploit Author: Oğuz Türkgenç Vendor Homepage: https://phpgurukul.com/company-visitor-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=96...

Employee Management System 1.0 - Authentication Bypass

Exploit Title: Employee Management System 1.0 - Authentication Bypass Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...

aaPanel 6.6.6 - Privilege Escalation & Remote Code Execution (Authenticated)

Exploit Title: aaPanel 6.6.6 - Authenticated Privilege Escalation Google Dork: Date: 04.05.2020 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.aapanel.com/ Software Link: https://github.com/aaPanel/aaPanel Version: 6.6.6 REQUIRED Tested on: Linux ubuntu 4.4.0-131-gener...

Seat Reservation System 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Seat Reservation System 1.0 - Unauthenticated Remote Code Execution Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/seat-reservation-system-using-php0.zip...

CS-Cart 1.3.3 - 'classes_dir' LFI

Exploit Title: CS-Cart unauthenticated LFI Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.4 Vulnerability Type: unauthenticated LFI...