47904 matches found
LibreHealth 2.0.0 - Authenticated Remote Code Execution
Exploit Title: LibreHealth 2.0.0 - Authenticated Remote Code Execution Exploit Author: Bobby Cooke Date: 2020-07-17 Vendor Homepage: https://librehealth.io/ Software Link: https://github.com/LibreHealthIO/lh-ehr Version: 2.0.0 Tested On: Windows 10 Pro 1909 x6486 + XAMPP 7.4.4 Exploit Tested Usin...
Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
Exploit Title: Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service PoC + SEH Overwrite Date: 2020-07-20 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/463c9e7fe9a39888d3c01bc9ad756bba-UpSetup.exe Version: 3.5 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Sad...
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
Exploit Title: Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting Google Dork: inurl:"/vam/indexvamop.php" Date: 2020-06-29 Exploit Author: Peter Blue Vendor Homepage: https://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net Version: 2.6.2 Tested on: Linu...
TimeClock Software 1.01 0 - (Authenticated) Time-Based SQL Injection
!/usr/bin/python3 Exploit Title: TimeClock Software 1.01 Authenticated Time-Based SQL Injection Date: July 21, 2020 Exploit Author: François Bibeau Co Author: Tyler Butler, http://tbutler.org, https://twitter.com/tbutler0x90 Vendor Homepage: http://timeclock-software.net/ Software Link:...
UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass
Title: UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Date: 2020-07-23 Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr Affected version: Firmware 1.5.1 2013.01.3...
FTPDummy 4.80 - Local Buffer Overflow (SEH)
Exploit Title: FTPDummy 4.80 - Local Buffer Overflow SEH Date: 2020-07-22 Author: Felipe Winsnes Software Link: http://www.dummysoftware.com/ftpdummy.html Version: 4.80 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will create the fil...
Snes9K 0.09z - 'Port Number' Buffer Overflow (SEH)
Exploit Title: Snes9K 0.09z - 'Port Number' Buffer Overflow SEH Date: 2020-07-20 Exploit Author: MasterVlad Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://www.exploit-db.com/apps/ef5249b64ce34575c12970b334a08c17-snes9k009z.zip Version: 0.09z Vulnerability Type:...
WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection
Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'searchorder' SQL Injection Google Dork: inurl:/wp-content/themes/nexos/ Date: 2020-06-17 Exploit Author: Vlad Vector Vendor: Sanljiljan https://themeforest.net/user/sanljiljan Software Version: 1.7 Software Link:...
Sophos VPN Web Panel 2020 - Denial of Service (Poc)
Exploit Title: Sophos VPN Web Panel 2020 - Denial of Service Poc Date: 2020-06-17 Exploit Author: Berk KIRAS Vendor Homepage: https://www.sophos.com/ Version:2020 Web Panel Tested on: Apache Berk KIRAS PwC - Cyber Security Specialist Sophos VPN Web Portal Denial of Service Vulnerability System...
Docsify.js 4.11.4 - Reflective Cross-Site Scripting
Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...
NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter)
Exploit Title: NetPCLinker 1.0.0.0 - Buffer Overflow SEH Egghunter Date: 2019-06-28 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/netpclinker/ Software Link: https://sourceforge.net/projects/netpclinker/files/ Version: 1.0.0.0 Tested on: Windows Vista SP1...
CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password)
Exploit Title: CMSUno 1.6 - Cross-Site Request Forgery Change Admin Password Date: 2020-05-31 Exploit Author: Noth Vendor Homepage: https://github.com/boiteasite/cmsuno Software Link: https://github.com/boiteasite/cmsuno Version: v1.6 CVE : 2020-15600 An issue was discovered in CMSUno before 1.6....
Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path
Title: Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path Author: Velayutham Selvaraj Date: 2020-06-03 Vendor Homepage: https://www.sonarqube.org Software Link: https://www.sonarqube.org/downloads/ Version : 8.3.1 Tested on: Windows 10 64bitEN About Unquoted Service Path :...
Simple Startup Manager 1.17 - 'File' Local Buffer Overflow (PoC)
Exploit Title: Simple Startup Manager 1.17 - 'File' Local Buffer Overflow PoC Exploit Author: PovlTekstTV Date: 2020-07-15 Vulnerable Software: Simple Startup Manager Software Link Download: http://www.ashkon.com/download/startup-manager.exe Version: 1.17 Vulnerability Type: Local Buffer Overflow...
RiteCMS 2.2.1 - Remote Code Execution
Exploit Title: RiteCMS 2.2.1 - Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Ă–zeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux 1- Go to following url. http://CHANGE-THIS/ritecms/cms/ 2- Default username and password is admin:admin. 3- Go "Filemanager" and...
Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated)
Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...
Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting
Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...
Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...
Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass
Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...
Online Polling System 1.0 - Authentication Bypass
Exploit Title: Online Polling System 1.0 - Authentication Bypass Date: 2020-07-20 Author: AppleBois Version: NULL Software Link: https://www.sourcecodester.com/php/14330/online-polling-system.html Administration Control Panel || Authentication Bypass Unthenticated User perform SQL Injection bypas...
Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Date: 2020-06-17 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Update :...
Zyxel Armor X1 WAP6806 - Directory Traversal
Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal Date: 2020-06-19 Exploit Author: Rajivarnan R Vendor Homepage: https://www.zyxel.com/ Software http://www.zyxelguard.com/WAP6806.asp Version: V1.00ABAL.6C0 CVE: 2020-14461 Tested on: Linux Mint / Windows 10 Vulnerabilities Discovered Dat...
SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
Exploit Title: SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Date: 2020-07-15 Vendor Homepage: https://www.supermicro.com/ Version: X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 CVE: CVE-2020-15046 Source:...
Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual Appliance Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities together in...
BSA Radar 1.6.7234.24750 - Local File Inclusion
Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Date: 2020-07-08 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion Description: The Administrator section of th...
Park Ticketing Management System 1.0 - Authentication Bypass
Exploit Title: Park Ticketing Management System 1.0 - Authentication Bypass Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...
Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution
Exploit Title: Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution Date: 2020-07-06 Exploit Author: SpicyItalian Vendor Homepage: https://www.arubanetworks.com/products/security/network-access-control/ Version: ClearPass 6.7.x prior to 6.7.13-HF, ClearPass 6.8.x prior ...
Barangay Management System 1.0 - Authentication Bypass
Exploit Title: Barangay Management System 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-07-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/13484/barangay-management-system.html Software Link:...
HelloWeb 2.0 - Arbitrary File Download
Exploit Title: HelloWeb 2.0 - Arbitrary File Download Date: 2020-07-09 Vendor Homepage: https://helloweb.co.kr/ Version: 2.0 Latest and previous versions Exploit Author: bRpsd Contact Author: cyatlive.no Google Dork: inurl:exec/file/download.asp Type: WebApps / ASP...
Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting Date: 2020-07-07 Vendor Homepage: https://powie.de Vendor Changelog: https://wordpress.org/plugins/powies-whois/developers Software Link: https://wordpress.org/plugins/powies-whois/ Exploit Author:...
CompleteFTP Professional 12.1.3 - Remote Code Execution
Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...
Savsoft Quiz 5 - Persistent Cross-Site Scripting
Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Date: 2020-07-09 Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux ---Vulnerable Source Code---- functio...
BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)
Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Date: 2020-06-22 Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-14944 Description: The Global RADAR BSA Radar...
Qmail SMTP 1.03 - Bash Environment Variable Injection
Exploit Title: Qmail SMTP 1.03 - Bash Environment Variable Injection Date: 2020-07-03 Exploit Author: 1F98D Original Authors: Mario Ledo, Mario Ledo, Gabriel Follon Version: Qmail 1.03 Tested on: Debian 9.11 x64 CVE: CVE-2014-6271 References: http://seclists.org/oss-sec/2014/q3/649...
SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)
Exploit Title: SuperMicro IPMI 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.supermicro.com/ Software Link: https://www.supermicro.com/en/solutions/management-software/bmc-resources Version: X10DRH-iT motherboards with BIOS 2.0a and...
Sickbeard 0.1 - Remote Command Injection
Exploit Title: Sickbeard 0.1 - Remote Command Injection Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -- git :...
Online Shopping Portal 3.1 - 'email' SQL Injection
Exploit Title: Online Shopping Portal 3.1 - 'email' SQL Injection Date: 2020-07-06 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/shopping-portal-free-download/ Software Link:...
PHP 7.4 FFI - 'disable_functions' Bypass
?php / FFI Exploit - uses 3 potential BUGS. PHP was contacted and said nothing in FFI is a security issue. Able to call system$cmd without using FFI::load or FFI::cdefs BUG 1 maybe intended, but why have any size checks then? no bounds check for FFI::String when type is ZENDFFITYPEPOINTER...
Exhibitor Web UI 1.7.1 - Remote Code Execution
Exploit Title: Exhibitor Web UI 1.7.1 - Remote Code Execution Date: 2019-11-13 Exploit Author: Logan Sanderson Web Site: https://github.com/soabase/exhibitor/wiki/Running-Exhibitor Version : 1.7.1 CVE : CVE-2019-5029 Exhibitor UI command injection vulnerability November 13, 2019 CVE Number...
Microsoft Windows mshta.exe 2019 - XML External Entity Injection
Exploit Title: Microsoft Windows mshta.exe 2019 - XML External Entity Injection Date: 2020-07-07 Exploit Author: hyp3rlinx Vendor homepage: https://www.microsofft.com/ CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation
Exploit Title: BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation Date: 2020-07-06 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14945 - Privilege Escalation Description: A privilege...
Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Date: 2020-06-17 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Update :...
Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution
Exploit Title: Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution Date: 2020-04-11 Exploit Author: Basim Alabdullah Vendor homepage: https://www.nagios.com Version: 5.6.12 Software link: https://www.nagios.com/downloads/nagios-xi/ Tested on: CentOS REDHAT 7.7.1908 core Authenticated Remote...
File Management System 1.1 - Persistent Cross-Site Scripting
Exploit Title: File Management System 1.1 - Persistent Cross-Site Scripting Date: 2020-06-30 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/download-code?nid=13333&title=File+Management+System+Very+Complete+Using+PHP%2FMySQLi+version+1.1 Software Link:...
RSA IG&L Aveksa 7.1.1 - Remote Code Execution
Exploit Title: RSA IG&L Aveksa 7.1.1 - Remote Code Execution Date: 2019-04-16 Exploit Author: Jakub Palaczynski, Lukasz Plonka Vendor Homepage: https://www.rsa.com/ Version: 7.1.1, prior to P02 CVE : CVE-2019-3759 all vulnerable versions can be found at...
RiteCMS 2.2.1 - Authenticated Remote Code Execution
Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Ă–zeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux CVE: CVE-2020-23934 1- Go to following url. http://HOST/cms/ 2- Default username and password is admin:admin. We mus...
BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution
!/bin/bash EDB Note Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48642.zip Exploit Title: F5 BIG-IP Remote Code Execution Date: 2020-07-06 Exploit Authors: Charles Dardaman of Critical Start, TeamARES Rich Mirch of Critical Start, TeamARES CVE:...
Fire Web Server 0.1 - Remote Denial of Service (PoC)
Exploit Title: Fire Web Server 0.1 - Remote Denial of Service PoC Date: 2020-06-26 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alpha Tested on: Windows 7 ,...
Grafana 7.0.1 - Denial of Service (PoC)
Exploit Title: Grafana 7.0.1 - Denial of Service PoC Date: 2020-05-23 Exploit Author: mostwanted002 Vendor Homepage: https://grafana.com/ Software Link: https://grafana.com/grafana/download Version: 3.0.1 - 7.0.1 Tested on: Linux CVE : CVE-2020-13379 !/bin/bash if $1 != "" ; then curl -I...