47884 matches found
Navigate CMS 2.8.7 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Navigate CMS 2.8.7 - Cross-Site Request Forgery Add Admin Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Teste...
vCloud Director 9.7.0.15498291 - Remote Code Execution
!/usr/bin/python Exploit Title: vCloud Director - Remote Code Execution Exploit Author: Tomas Melicher Technical Details: https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/ Date: 2020-05-24 Vendor Homepage: https://www.vmware.com/ Software Link:...
OpenCart 3.0.3.2 - Stored Cross Site Scripting (Authenticated)
Exploit Title: OpenCart 3.0.3.2 - Stored Cross Site Scripting Authenticated Date: 2020-06-01 Exploit Author: Kailash Bohara Vendor Homepage: https://www.opencart.com Software Link: https://www.opencart.com/index.php?route=cms/download Version: OpenCart UsersUsers and click on Action button on top...
Microsoft Windows - 'SMBGhost' Remote Code Execution
!/usr/bin/env python ''' EDB Note Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48537.zip SMBGhostRCEPoC RCE PoC for CVE-2020-0796 "SMBGhost" For demonstration purposes only! Only use this a reference. Seriously. This has not been tested outside of my...
Clinic Management System 1.0 - Authentication Bypass
Exploit Title: Clinic Management System 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-02 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14243/open-source-clinic-management-system-php-full-source-code.html Software Link:...
VMware vCenter Server 6.7 - Authentication Bypass
Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...
QuickBox Pro 2.1.8 - Authenticated Remote Code Execution
Exploit Title: QuickBox Pro 2.1.8 - Authenticated Remote Code Execution Date: 2020-05-26 Exploit Author: s1gh Vendor Homepage: https://quickbox.io/ Vulnerability Details: https://s1gh.sh/cve-2020-13448-quickbox-authenticated-rce/ Version: = 2.1.8 Description: An authenticated low-privileged user...
WordPress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation
Exploit Title: Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation Date: 2020-05-29 Exploit Author: Raphael Karger Software Link: https://codex.bbpress.org/releases/ Version: BBPress 2.5 CVE: CVE-2020-13693 import argparse import requests import bs4 import urllib3...
Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass
Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Date : 2020-05-28 Product : http-protection Crystal Shard Product URI : https://github.com/rogeriozambon/http-protection Version : http-protection = 0.2.0 CVE : N/A About the product...
WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)
Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://www.bdtask.com/ Software Link: https://downloads.wordpress.org/plugin/multi-scheduler.1.0.0.zip Category: Web...
Online-Exam-System 2015 - 'fid' SQL Injection
Exploit Title: Online-Exam-System 2015 - 'fid' SQL Injection Exploit Author: Berk Dusunur Google Dork: N/A Type: Web App Date: 2020-05-28 Vendor Homepage: https://github.com/sunnygkp10/ Software Link: https://github.com/sunnygkp10/Online-Exam-System-.git Affected Version: 2015 Tested on: MacosX C...
QNAP QTS and Photo Station 6.0.3 - Remote Command Execution
Exploit Title: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution Exploit Author: Yunus YILDIRIM Th3Gundy Team: CT-Zer0 @CRYPTTECH - https://www.crypttech.com Date: 2020-05-28 Vendor Homepage: https://www.qnap.com Version: QTS 4.4.1 | Photo Station 6.0.3 CVE: CVE-2019-7192, CVE-2019-7193...
EyouCMS 1.4.6 - Persistent Cross-Site Scripting
Exploit Title: EyouCMS 1.4.6 - Persistent Cross-Site Scripting Date: 2020-05-28 Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd. Vendor Homepage: https://eyoucms.com Software Link: https://qiniu.eyoucms.com/EyouCMS-V1.4.6-UTF8-SP2.zip Version: EyouCMS V1.4.6...
NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection
Exploit Title: NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection Exploit Author: Berk Dusunur Google Dork: N/A Type: Web App Date: 2020-05-28 Vendor Homepage: https://www.nokia.com Software Link: https://www.nokia.com/networks/products/vitalsuite-performance-management-software/ Affected...
LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting
Exploit Title: LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting Date: 05/26/2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 Patch Link:...
Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting
Exploit Title: Kuicms Php EE 2.0 - Persistent Cross-Site Scripting Date: 2020-05-27 Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd. Vendor Homepage: https://kuicms.com Software Link: https://kuicms.com/kuicms.zip Version: Kuicms Php EE 2.0 Tested on: Windows...
Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting
Exploit Title: Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-26 Exploit Author: that faceless coderInveteck Global Vendor Homepage: https://phpgurukul.com/ Software Link:...
osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting
Exploit Title: osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting Date: 2020-06-26 Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link: https://github.com/osTicket/osTicket/commit/d54cca0b265128f119b6c398575175cb10cf1754 Version: osTicket 1.14.1 Tested o...
osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting
Exploit Title: osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting Date: 2020-05-26 Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link: https://github.com/osTicket/osTicket/commit/6c724ea3fe352d10d457d334dc054ef81917fde1 Version: osTicket 1.14.1 Tested o...
OXID eShop 6.3.4 - 'sorting' SQL Injection
Exploit Title: OXID eShop 6.3.4 - 'sorting' SQL Injection Date: 2019-07-29 Exploit Author: VulnSpy Vendor Homepage: https://www.oxid-esales.com/ Software Link: https://github.com/OXID-eSales/oxideshopce Version: Versions 6.x prior to 6.3.4 Tested on:...
WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution
Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/...
Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated)
Exploit Title: Open-AudIT 3.3.0 - Reflective Cross-Site Scripting Authenticated Date: 2020-04-26 Exploit Author: Kamaljeet Kumar Vendor Homepage: https://opmantek.com/network-discovery-inventory-software/ Software Link: https://www.open-audit.org/downloads.php Version: 3.3.0 CVE : CVE-2020-12261...
Pi-hole 4.4.0 - Remote Code Execution (Authenticated)
Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on: https://github.com/Frichetten/CVE-2020-11108-PoC/blob/master/cve-2020-11108-rce.py File na...
StreamRipper32 2.6 - Buffer Overflow (PoC)
Exploit Title: StreamRipper32 2.6 - Buffer Overflow PoC Date: 2020-05-14 Exploit Author: Andy Bowden Tested On: Win10 x64 Download Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Vendor Page: http://streamripper.sourceforge.net/ Version: 2.6 Steps To Reproduce: Double click on...
OpenEMR 5.0.1 - Remote Code Execution (1)
Title: OpenEMR 5.0.1 - Remote Code Execution 1 Exploit Author: Musyoka Ian Date: 2020-05-25 Title: OpenEMR 5.0.1 - Remote Code Execution Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile:...
Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion (Authenticated)
Exploit Title: Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion Authenticated Date: 2020-05-10 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Exploit-Db Author ID: 8763 Reference: https://www.xcloner.com/xcloner-news/security-release-available-for-archived-joomla-version/ Vendor...
Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting
Exploit Title: Victor CMS 1.0 - 'adduser' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-23 Exploit Author: Nitya Nand Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Linux C...
Plesk/myLittleAdmin - ViewState .NET Deserialization (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...
Online Discussion Forum Site 1.0 - Remote Code Execution
Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...
Synology DiskStation Manager - smart.cgi Remote Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...
GoldWave - Buffer Overflow (SEH Unicode)
Exploit Title: GoldWave 5.70 – Buffer Overflow SEH Unicode Date: 2020-05-14 Exploit Author: Andy Bowden Vendor Homepage: https://www.goldwave.com/ Version: 5.70 Download Link: http://goldwave.com//downloads/gwave570.exe Tested on: Windows 10 x86 PoC 1. generate crash.txt, copy contents to clipboa...
WordPress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)
Exploit Title: Wordpress Plugin Form Maker 5.4.1 - 's' SQL Injection Authenticated Exploit Author: SunCSR Sun Cyber Security Research Date: 2020 - 5 - 22 Vender Homepage: https://help.10web.io/ Version: = 5.4.1 Tested on: Ubuntu 18.04 Description: SQL injection in the Form Maker by 10Web WordPres...
Druva inSync Windows Client 6.6.3 - Local Privilege Escalation
Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Date: 2020-05-21 Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage: druva.com Software Link:...
Dolibarr 11.0.3 - Persistent Cross-Site Scripting
Title: Dolibarr 11.0.3 - Persistent Cross-Site Scripting Author: Mehmet Kelepce / Gais Cyber Security Date : 2020-04-14 Vendor: https://www.dolibarr.org/ Exploit-DB Author ID: 8763 Remotely Exploitable: Yes Dynamic Coding Language: PHP CVSSv3 Base Score: 7.4 AV:N, AC:L, PR:L, UI:N, S:C, C:L, I:L,...
Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service (PoC)
Exploit Title: Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service PoC Date: 2020-05-16 Found by: Alvaro J. Gene Socket0x03 Software Link: https://konica-minolta-ftp-utility.software.informer.com/download/ Vulnerable Application: Konica Minolta FTP Utility Version: 1.0 Server: FTP Server...
Filetto 1.0 - 'FEAT' Denial of Service (PoC)
Exploit Title: Filetto 1.0 - 'FEAT' Denial of Service PoC Date: 2020-05-13 Found by: Alvaro J. Gene Socket0x03 Vendor Homepage: http://www.utillyty.eu Software Link: https://sourceforge.net/projects/filetto Vulnerable Application: Filetto Version: 1.0 last version. Updated: 01/31/2020 Server: FTP...
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR)
Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Date: 2020-05-22 Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py ===================================...
WebLogic Server - Deserialization RCE - BadAttributeValueExpException (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE - BadAttributeValueExpException', 'Description' = %q There exists a Java object deserialization vulnerability...
Gym Management System 1.0 - Unauthenticated Remote Code Execution
Exploit Title: Gym Management System 1.0 - Unauthenticated Remote Code Execution Exploit Author: Bobby Cooke Date: 2020-05-21 Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/gym-management-system-project-in-php/ Version: 1.0 Tested On:...
Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)
Exploit Title: Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service PoC Date: 2020-05-16 Found by: Alvaro J. Gene Socket0x03 Software Link: https://konica-minolta-ftp-utility.software.informer.com/download/ Vulnerable Application: Konica Minolta FTP Utility Version: 1.0 Server: FTP Server...
forma.lms 5.6.40 - Cross-Site Request Forgery (Change Admin Email)
Exploit Title: forma.lms 5.6.40 - Cross-Site Request Forgery Change Admin Email Date: 2020-05-21 Exploit Author: Daniel Ortiz Vendor Homepage: https://sourceforge.net/projects/forma/ Tested on: XAMPP for Linux 64bit 5.6.40-0 1 - Description - Vulnerable form: Edit Profile - Details: The validatio...
OpenEDX platform Ironwood 2.5 - Remote Code Execution
Exploit Title: OpenEDX platform Ironwood 2.5 - Remote Code Execution Google Dork: N/A Date: 2020-05-20 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://open.edx.org/ Software Link: https://github.com/edx/edx-platform Version: Ironwood 2.5 Tested on: Debian x64 CVE : CVE-2020-13144...
Composr CMS 10.0.30 - Persistent Cross-Site Scripting
Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting Author: Manuel Garcia Cardenas Date: 2020-02-06 Vendor: https://compo.sr/ CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last revised: May 21, 2020 - Discovered by:...
CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)
Exploit Title: CloudMe 1.11.2 - Buffer Overflow SEH,DEP,ASLR Date: 2020-05-20 Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Step...
PHPFusion 9.03.50 - Persistent Cross-Site Scripting
Exploit Title: PHPFusion 9.03.50 - Persistent Cross-Site Scripting Date: 2020-05-20 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: v9.03.50 How? When creating a thread or editing one of h...
AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)
Exploit Title: AbsoluteTelnet 11.21 - 'Username' Denial of Service PoC Discovered by: Xenofon Vassilakopoulos Discovered Date: 2020-05-21 Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.21.exe Tested Version: 11.21...
CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution
Exploit Title: CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution Date: 2020-05-18 Exploit Author: Wade Guest Vendor Homepage: https://craftcms.com/ Software Link: https://plugins.craftcms.com/vcard Vulnerability Details: https://gitlab.com/wguest/craftcms-vcard-exploit Version: 1.0.0 Tested o...
BIND - 'TSIG' Denial of Service
!/usr/bin/python coding:utf-8 from scapy.all import DNS, DNSQR, IP, sr1, UDP, DNSRRTSIG, DNSRROPT tsig = DNSRRTSIGrrname="local-ddns", algoname="hmac-sha256", rclass=255, maclen=0, macdata="", timesigned=0, fudge=300, error=16 dnsreq = IPdst='127.0.0.1'/UDPdport=53/DNSrd=1, ad=1,...
Victor CMS 1.0 - Authenticated Arbitrary File Upload
Exploit Title: Victor CMS 1.0 - Authenticated Arbitrary File Upload Google Dork: N/A Date: 2020-05-19 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on:...
qdPM 9.1 - 'cfg[app_app_name]' Persistent Cross-Site Scripting
Exploit Title: qdPM 9.1 - 'cfgappappname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-19 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://qdpm.net Software Link: https://sourceforge.net/projects/qdpm/ Version: 9.1 Tested on: Windows 10 Description: The form paramet...