50784 matches found
Palo Alto Networks Cross Site Request Forgery
Note : this vulnerability is already fixed by paloalto security team Exploit Title: Missing CSRF Token Leads to account full takeover All accounts can be hijacked Google Dork: N/A Date: JUl 23 2019 Exploit Author: Pankaj Kumar Thakur Nepal @Nep13371998 Vendor...
OpenSSHD 7.2p2 User Enumeration
-------------------------------------------------------------------- User Enumeration using Open SSHD =Latest version. ------------------------------------------------------------------- Abstract: ----------- By sending large passwords, a remote user can enumerate users on system that runs SSHD...
Backdoor.Win32.Zombam.h Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.h Vulnerability: Remote Stack Buffer Overflow Description: Zombam.h HTTP RAT...
Worm.Win32.Ngrbot.acno Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0b3c2053a7c09aa25ba81f2bdebbb873.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Worm.Win32.Ngrbot.acno Vulnerability: Insecure Permissions Description: Creates a dir named "ffffd76...
Barco wePresent Global Hardcoded Root SSH Password
KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password Title: Barco wePresent Global Hardcoded Root SSH Password Advisory ID: KL-001-2020-008 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt 1. Vulnerability Details Affecte...
PostgreSQL COPY FROM PROGRAM Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/postgres' class MetasploitModule 'PostgreSQL COPY FROM PROGRAM Command Execution', 'Description' = %q Installations running Postgres 9.3 and...
Yealink Configuration Encrypt Tool Static AES Key
CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool ======================================================================== Summary ======================================================================== A single, vendorwide, hardcoded AES key in...
Firefox 72 IonMonkey JIT Type Confusion
Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion Date: 2021-05-10 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://www.mozilla.org/en-US/firefox/new/ Versions: Firefox | | /| \ | |\ / / \ | | / | | / / / / |/ | /|/ \ / / || /||...
Geeklog 1.8.1 SQL Injection
In The Name Of GOD ============================================================================== Geeklog SQL Injection Vulnerability ============================================================================== » Title : Geeklog SQL Injection Vulnerability » TestedON: Linux » Download:...
pgAdmin 8.3 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Session Deserialization RCE', 'Description' = %q pgAdmin versions = 8.3 have a path traversal vulnerability within their session manageme...
Oracle Weblogic PreAuth Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule Taken from page 24 of https://docs.oracle.com/cd/E1321101/wle/wle42/corba/giop.pdf NOEXCEPTION = 0 USEREXCEPTION = 1 SYSTEMEXCEPTION = 2...
ProFTPd 1.3.5 Remote Command Execution
Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import requests Banner banner = "" banner += " \n" banner +=" | | /...
Jenkins 2.235.3 Cross Site Scripting
Exploit Title: Jenkins 2.235.3 - 'tooltip' Stored Cross-Site Scripting Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: svgIc...
BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution
BlogEngine.NET, versions 3.3.7 and earlier, is vulnerable to two separate Directory Traversal issues that can lead to Remote Code Execution. CVE-2019-10719 exploits a directory traversal in /api/upload, allowing users to write files to any location within the web root. This bypasses the protectio...
Zoho ManageEngine Endpoint Central / MSP 10.1.2228.10 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Endpoint Central Unauthenticated SAML RCE', 'Description' = %q This exploits an unauthenticated remote code execution vulnerability...
GLPI 10.0.2 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GLPI htmLawed php command injection', 'Description' = %q This exploit takes advantage of a unauthenticated php command injection available from...
WordPress Accesspress Social Icons Theme 1.7.9 SQL Injection
Exploit Title: Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection Authenticated Exploit Author: SunCSR Sun Cyber Security Research - Nguyen Khang Google Dork: N/A Date: 2020-08-24 Vendor Homepage: https://accesspressthemes.com Software Link:...
SOS JobScheduler 1.13.3 Stored Password Decryption
Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com Software Link: www.sos-berlin.com/en/jobscheduler-downloads Version: Tested on 1.12.9 and 1.13.3, vendor reported 1.12 and 1.13...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval', 'Description' = %q| This module identifies IPMI 2.0-compatible systems and attempts to retrie...
GLPI 9.5.3 Unsafe Reflection
Exploit Title: GLPI 9.5.3 - 'fromtype' Unsafe Reflection Date: 2021-02-13 Exploit Author: Vadym Soroka @Iterasec https://iterasec.com Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: =9.5.3 Tested on:v9.5.3, 2021-02-13 Technical...
Zortam MP3 Media Studio 27.60 Remote Code Execution
Exploit Title: Zortam Mp3 Media Studio 27.60 - Remote Code Execution SEH Date: November 19, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: https://www.zortam.com/index.html Software Link: https://www.zortam.com/download.html Version: 27.60 Tested on: Windows 7 Professional SP 1 Build 760...
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
Chrome: malicious WPAD server can proxy localhost leading to XSS in http://localhost:/ VERSION Chrome Version: 70.0.3538.77 stable Operating System: Windows 10 version 1803 When Chrome is installed on Windows and the user joins a malicious network that advertises a WPAD script e.g. via DHCP, Chro...
1CRM 8.6.7 Insecure Direct Object Reference
Security Advisory ARA-2020-005: Insecure Direct Object Reference CVE-2020-15958 Affected Products and Environments Product: 1CRM =8.6.7, confirmed for CRBM System ENT-8.6.5, CRBM System ENT-8.6.6 and Startup+ Edition 8.5.15 Environments: All host environments Security Risk Severity: High CVSS v3:...
📄 Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass
There is a complete authentication bypass in the ONVIF implementation of Xiongmai XM530-series IP cameras that allows unauthenticated remote access to sensitive device information, configuration, and video streams. CVE-2025-65856 Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass ---...
Simple College Website 1.0 Code Execution / SQL Injection
Exploit Title: Simple College Website 1.0 - SQL Injection / Remote Code Execution Date: 30-10-2020 Exploit Author: yunaranyancat Vendor Homepage: https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html Software Link:...
IBM Tivoli Storage Manager 5.2.0.1 Buffer Overflow
Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...
Vehicle Service Management System 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Vehicle Service Management System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Wondershare Driver Install Service Help 10.7.1.321 Unquoted Service Path
Exploit Title: Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path Date: 2020-11-24 Exploit Author: Luis Sandoval Vendor Homepage: https://www.wondershare.com/ Software Link: https://www.wondershare.com/drfone/ Version: 10.7.1.321 Tested on: Windows 10 Hom...
Atos Unify OpenScape Authentication Bypass / Remote Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Argument injection leading to unauthenticated RCE and authentication bypass product: Atos Unify OpenScape Session Border Controller SBC Atos Unify OpenScape Branch Atos...
Google Chrome 86.0.4240 V8 Remote Code Execution
Exploit Title: Google Chrome prior 87.0.4280.88 V8 - Remote Code Execution Date: 06/04/2021 Exploit Author: Tobias Marcotto Tested on: Kali Linux x64 Version: 87.0.4280.88 Description: Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potential...
WordPress Hash Form 1.1.0 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Hash Form Plugin RCE', 'Description' = %q The Hash Form – Drag & Drop Form Builder plugin for WordPress suffers from a critical...
Apache APISIX Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'APISIX Admin API default access token RCE', 'Description' = %q Apache APISIX has a default, built-in API token edd1c9f034335f136f87ad84b625c8f1...
PayPal/Credit Card/Debit Card Payment 1.0 SQL Injection
Exploit Title: PayPal/Credit Card/Debit Card Payment 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/tubigangarden.zip Version...
SWF Upload Cross Site Scripting
Hello list! I will draw your attention to XSS vulnerability in other web applications with swfupload. Earlier I've wrote about swfupload in WordPress CVE-2012-3414 and that this hole is available in many web applications. In previous letter I've wrote the information about different versions of...
deV!L`z Clanportal 1.5.5.2 Shell Upload
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Backdoor.Win32.DarkKomet.gozu Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/00199eb3fd1a0aa6771b7f12fad895a0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.gozu Vulnerability: Insecure Permissions Description: Creates a hidden dir...
nopCommerce Store 4.30 Cross Site Scripting
Exploit Title: nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.nopcommerce.com/ Version: 4.30 Tested on: Windows 10/Kali Linux Stored Cross-site scriptingXSS: Stored XSS, also known as persistent...
Aardvark Topsites XSS / Disclosure
Hi, Here's the vulnerabilities descriptions and POCs: I write to report three vulnerabilities that I found in the last version of Aardvark Topsites PHP5.2.1 and older versions. The cause of all of them is the incorrect verification of input parameters. Here are the vulnerabilities:...
ConnectWise ScreenConnect 23.9.7 Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ConnectWise ScreenConnect Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability...
Fortra Digital Guardian Agent Uninstaller Cross Site Scripting / UninstallKey Cached
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Uninstall Key Caching product: Fortra Digital Guardian Agent Uninstaller Data Loss Prevention vulnerable version: Agent: 7.9.4 fixed version: Agent: 7.9.4 CVE number:...
BlogEngine.NET 3.3.6 Directory Traversal / Remote Code Execution
Exploit Title: BlogEngine.NET = 3.3.6 Directory Traversal RCE Date: 02-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://github.com/rxtur/BlogEngine.NET/ Software Link: https://github.com/rxtur/BlogEngine.NET/releases/download/v3.3.6.0/3360.zip Version: = 3.3.6 Tested on: Windows 2016...
Library Management System With QR Code 1.0 SQL Injection
Title: Library Management System with QR code Attendance 1.0 SQL Injection Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
vBulletin 4.2.5 Advanced User Tagging 3.1.3 Open Redirection
Exploit Title : vBulletin 4.2.5 Advanced User Tagging v3.1.3 Pro Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 02/03/2019 Vendor Homepage : vbulletin.com dragonbyte-tech.com Software Information Link :...
WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation
Vulnerability Details & Technical Analysis Password Reset to Privilege Escalation using the Sensitive Information Disclosure via Shortcode Description: UserPro = 5.1.1 – Insecure Password Reset Mechanism Affected Plugin: UserPro Plugin Slug: userpro Affected Versions: = 5.1.1 CVE ID: CVE-2023-244...
Binwalk 2.3.2 Remote Command Execution
Exploit Title: Binwalk v2.3.2 - Remote Command Execution RCE Exploit Author: Etienne Lacoche CVE-ID: CVE-2022-4510 import os import inspect import argparse print"" print"" print"------------------CVE-2022-4510----------------" print"" print"--------Binwalk Remote Command Execution--------"...
Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal Vulnerability', 'Description' = %q This module exploits a vulnerability...
VICIdial 2.14-917a SQL Injection
KL-001-2024-011: VICIdial Unauthenticated SQL Injection Title: VICIdial Unauthenticated SQL Injection Advisory ID: KL-001-2024-011 Publication Date: 2024-09-10 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-011.txt 1. Vulnerability Details Affected Vendor: VICIdial Affect...
Boxoft Convert Master 1.3.0 Local Buffer Overflow
Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...
Free MP3 CD Ripper 2.8 Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Free MP3 CD Ripper 2.6 %q This module exploits a buffer overflow in Free MP3 CD Ripper versions 2.6 and 2.8. By constructing a specially crafted...
WBCE CMS 1.6.2 Remote Code Execution
Exploit Title: WBCE CMS v1.6.2 - Remote Code Execution RCE Date: 3/5/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.2.zip Version: 1.6.2 Tested on: MacOS import requests from bs4 import BeautifulSo...