50748 matches found
Siemens S7-1200 4.5 Unauthenticated Access
Exploit Title: Unauthenticated Siemens S7-1200 CPU Start/Stop Command Date: 09/03/2022 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: V4.5 and below Tested on: Siemens S7-1200 CPU: 1215C IP == PLC IP address Start Command curl -i -s -k -X $'POST' \ -...
Hospital Management Startup 1.0 SQL Injection
Title: Hospital Management Startup v1.0 remote SQL-Injections Author: nu11secur1ty Date: 02.10.2022 Vendor: https://github.com/kabirkhyrul Software: https://github.com/kabirkhyrul/HMS CVE-2022-23366 Description: The loginid and password parameters from Hospital Management Startup 1.0 appear to be...
Archeevo 5.0 Local File Inclusion
Exploit Title: Archeevo 5.0 - Local File Inclusion Google Dork: intitle:"archeevo" Date: 01/15/2021 Exploit Author: Miguel Santareno Vendor Homepage: https://www.keep.pt/ Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/ Version: 5.0 Tested on: windows 1...
OpenBMCS 2.4 SQL Injection
OpenBMCS 2.4 Authenticated SQL Injection Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your business, the OpenBMCS software has the ability to expand to hundreds of controllers. Ou...
Online DJ Booking Management System 1.0 Cross Site Scripting
Exploit Title: Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting Date: 2021-10-06 Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-dj-booking-management-system-using-php-and-mysql/ Version: V 1.0...
Phpwcms 1.9.30 Cross Site Scripting
Exploit Title: Phpwcms 1.9.30 - File Upload to XSS Date: 30/9/2021 Exploit Author: Okan Kurtulus | okankurtulus.com.tr Software Link: http://www.phpwcms.org/ Version: 1.9.30 Tested on: Ubuntu 16.04 Steps: 1- You need to login to the system. http://target.com/phpwcms/login.php 2- Creating payload...
OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: openvpn-monitor Vendor: https://github.com/furlongm/openvpn-monitor CSNC ID: CSNC-2021-009 CVE ID: CVE-2021-31606 Subject: Authorization Bypass Severity: Medium Effect: Denial of Service Author: Emanuel Duss...
Laundry Booking Management System 1.0 Cross Site Scripting
Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 2021-08-19 Exploit Author: Azumah Foresight Xorlali Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
Email-Worm.Win32.Kipis.a Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/aa703bc17e3177d3b24a57c5d2a91a0c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.a Vulnerability: Unauthenticated Remote Code Execution Description: The malwa...
Internet Explorer jscript9.dll Memory Corruption
Internet Explorer: Memory corruption in jscript9.dll related to scope of the arguments object There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing attacker-controlled website in Internet Explorer. The vulnerability has been...
Profiling System For Human Resource Management 1.0 Remote Code Execution
Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution Unauthenticated Date: 19-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...
SmartAgent 3.1.0 Privilege Escalation
Exploit Title: SmartAgent 3.1.0 - Privilege Escalation Date: 01-11-2021 Exploit Author: Orion Hridoy Vendor Homepage: https://www.smartagent.io/ Version: Build 3.1.0 Tested on: Windows 10/Kali Linux A Low grade user like ViewOnly can create an account with SuperUser permission. Steps To Reproduce...
BoltWire 6.03 Local File Inclusion
Exploit Title: BoltWire 6.03 - Local File Inclusion Date: 2020-05-02 Exploit Author: Andrey Stoykov Vendor Homepage: https://www.boltwire.com/ Software Link: https://www.boltwire.com/downloads/go&v=6&r=03 Version: 6.03 Tested on: Ubuntu 20.04 LAMP LFI: Steps to Reproduce: 1 Using HTTP GET request...
Pulse Secure VPN Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary Command Execution', 'Description' = %q This module exploits a post-auth command injection in the Pulse Secure VPN serv...
Meneame English Pligg 5.8 SQL Injection
Exploit Title: Meneame English Pligg 5.8 - 'search' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/meneame-english/ Software Link: https://master.dl.sourceforge.net/project/meneame/meneame/Beta%205.8/PliggBeta5.8.rar Version...
blueimp jQuery Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "blueimp's jQuery Arbitrary File Upload", 'Description' = %q This module exploits an arbitrary file upload in the sample PHP upload handler for...
Kerio Control Unified Threat Management Code Execution / XSS / Memory Corruption
SEC Consult has also released a blog post describing the attack scenarios of the vulnerabilities within this advisory in detail and a video which shows the remote attack. Exploit code has been developed as well but will not be released for now. Blog:...
📄 BeyondTrust Remote Support / Privileged Remote Access Remote Code Execution
A critical pre‑authentication remote code execution vulnerability identified as CVE-2026-1731 affects products from BeyondTrust, specifically Remote Support and Privileged Remote Access. The vulnerability allows an unauthenticated attacker to execute arbitrary commands on a vulnerable system by...
LTL Freight Quotes – TForce Edition 3.6.4 SQL Injection
LTL Freight Quotes – TForce Edition versions 3.6.4 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2024-13478 LTL Freight Quotes – TForce Edition = 3.6.4 - Unauthenticated SQL Injection Description The LTL Freight Quotes – TForce Edition plugin for WordPress is...
ABB Cylon FLXeon 9.3.4 wsConnect.js WebSocket Command Spawning
ABB Cylon FLXeon version 9.3.4 is vulnerable to an unauthenticated WebSocket implementation that allows an attacker to execute the tcpdump command. This command captures network traffic and filters it on serial ports 4855 and 4851, which are relevant to the device's services. The vulnerability ca...
Printing Business Records Management System 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Printing Business Records Management System v1.0 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Backdoor.Win32.Prorat.jz MVID-2024-0699 Buffer Overflow
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Prorat.jz Vulnerability: Remote Stack Buffer Overflow SEH Description: The RAT...
ABB Cylon Aspect 3.07.00 Remote Code Execution
ABB Cylon Aspect 3.07.00 networkDiagAjax.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.00 Summary: ASPECT is an award-winning scalable building energy management...
Online Bus Ticket Booking Website 1.0 SQL Injection
============================================================================================================================================= | Title : online bus ticket booking Website v1.0 Auth By PAss Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
SysAid Help Desk Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SysAid Help Desk Arbitrary File Download', 'Description' = %q This module exploits two vulnerabilities in SysAid Help Desk that allows an...
Jenkins cli Ampersand Replacement Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins cli Ampersand Replacement Arbitrary File Read', 'Description' = %q This module utilizes the Jenkins cli protocol to run the help command...
Backdoor.Win32.Plugx MVID-2024-0686 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/eeb631127f1b9fb3d13d209d8e675634.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Plugx Vulnerability: Insecure Permissions Family: Plugx Type: PE32 MD5:...
SPA-CART CMS 1.9.0.6 Username Enumeration / Business Logic Flaw
Exploit Title: Business Logic Flaw and Username Enumeration in spa-cartcmsv1.9.0.6 Date: 6/2024 Exploit Author: Andrey Stoykov Version: 1.9.0.6 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2024/04/friday-fun-pentest-series-5-spa.html Description - It was found that the applicatio...
SOPlanning 1.52.00 Cross Site Scripting
Exploit Title: SOPlanning v1.52.00 'groupesave.php' XSS Reflected XSS Application: SOPlanning Version: 1.52.00 Date: 4/22/24 Exploit Author: Joseph McPeters Liquidsky Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/ Tested on: Linux CVE:...
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...
Golden FTP Server 2.02b Denial Of Service
!/usr/bin/perl use IO::Socket::INET; Exploit Title: Golden FTP Server 2.02b - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 21 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1AK6x0xKwjVZxoNHbCOIJsIiRAWeMmP0/view?usp=sharing Notification...
PHPJabbers Car Park Booking System 3.0 Cross Site Scripting / HTML Injection
Exploit Title: PHPJabbers Car Park Booking System v3.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-park-booking/sectionDemo Version: v3.0 Tested on:...
Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution
Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...
Emaar Real Estate Agency Directory System 5.7 Shell Upload
==================================================================================================================================== | Title : Emaar – Real Estate Agency Directory System v5.7 Unrestricted File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...
Ekushey Project Manager CRM 3.1 Insecure Settings
==================================================================================================================================== | Title : Ekushey Project Manager CRM V3.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
CSC-CMS 1.0.0 Insecure Settings
==================================================================================================================================== | Title : CSC-CMS v1.0.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | |...
Pyro CMS 3.9 Server-Side Template Injection
Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection SSTI Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Date: 03/08/2023 Vendor: https://pyrocms.com/ Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation Vulnerable...
QuickHomes Real Estate CMS 1.3 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass
!/usr/bin/env python3 -- coding: utf-8 -- Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass Exploit Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3 FPGA:10.19...
Roxy WI 6.1.0.0 Improper Authentication Control
Exploit Title: Roxy WI v6.1.0.0 - Improper Authentication Control Date of found: 21 July 2022 Application: Roxy WI = v6.1.0.0 Author: Nuri Çilengir Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Advisory:...
D-Link DIR 819 A1 Denial Of Service
Exploit Title: DLink DIR 819 A1 - Denial of Service Date: 30th September, 2022 Exploit Author: @whokilleddb https://twitter.com/whokilleddb Vendor Homepage: https://www.dlink.com/en/products/dir-819-wireless-ac750-dual-band-router Version: DIR-819 Firmware Version : 1.06 Hardware Version : A1...
WordPress WPtouch 3.7.5 Open Redirection
==================================================================================================================================== | Title : WordPress - WPtouch 3.7.5 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Genesys PureConnect Cross Site Scripting
Product: Genesys PureConnect - Interaction Web Tools Chat Service Description: Interaction Web Tools Chat Service allows XSS within the Printable Chat History via the participant - name JSON POST parameter. Vulnerability Type: XSS Vendor of Product: Genesys PureConnect Affected Product Code Base:...
Backdoor.Win32.Hupigon.aspg MVID-2022-0634 Unquoted Service Path
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/121bf601275e2aed0c3a6fe7910f9826.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aspg Vulnerability: Insecure Service Path Description: The malware...
Backdoor.Win32.Bushtrommel.122 MVID-2022-0630 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bushtrommel.122 Vulnerability: Unauthenticated Remote Command Execution...
Classified Listing 2.2.9 Cross Site Scripting
Exploit Title: Classified Listing – Classified ads & Business Directory Plugin - Cross site scripting Date: 29.06.2022 Exploit Author: ASCII Vendor Homepage: https://www.radiustheme.com/ Version: 2.2.9 Tested on: 2.2.9 Classified Listing – Classified ads & Business Directory Plugin - Cross site...
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root
!/usr/bin/env python3 -- coding: utf-8 -- Schneider Electric C-Bus Automation Controller 5500SHAC 1.10 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com | https://www.clipsal.com Product details: -...
IdeaRE RefTree Shell Upload
=============================================================================== title: IdeaRE RefTree Remote Code Execution product: IdeaRE RefTree 2021.09.17 vulnerability type: Unrestricted File Upload CVE ID: CVE-2022-27249 severity: High CVSSv3 score: 8.8 CVSSv3 vector:...
BuilderOrcus Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/cc3670f1b3e60e00b43c86d787563a44B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BuilderOrcus Orcus.Administration-cracked.exe Vulnerability: Insecure Credential Storage Descriptio...
Exam Reviewer Management System 1.0 Shell Upload
Exploit Title: Exam Reviewer Management System 1.0 - Remote Code Execution RCE Authenticated Date: 2022-02-08 Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...