50786 matches found
Dell OpenManage Server Administrator 9.4.0.0 File Read
Exploit Title: Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read Date: 4/27/2020 Exploit Author: Rhino Security Labs Version: :' exit This XML to imitate a Dell OMSA remote system comes from https://www.exploit-db.com/exploits/39909 Also check out...
Billing Management System 2.0 SQL Injection
Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass Date: 2021-02-16 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software: Billi...
Millewin 13.39.028 Unquoted Service Path / Insecure Permissions
Exploit Title: Millewin - Local Privilege Escalation Date: 2021-02-07 Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link:...
Jorani Leave Management System 1.0.2 Host Header Injection
Exploit Title: Jorani Leave Management System v1.0.2 Host Header Attack Date: 12/11/2023 Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://jorani.org/ Software Link: https://github.com/bbalet/jorani/releases/download/v1.0.2/jorani-1.0.2.zip Version: v1.0.2 Tested...
Kyocera TASKalfa 4053ci 2VG_S000.002.561 Path Traversal / Denial Of Service
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Path traversal bypass & Denial of service product: Kyocera TASKalfa 4053ci printer vulnerable version: TASKalfa 4053ci Version = 2VGS000.002.561 fixed version:...
HealthMonitor 3.1 Unquoted Service Path
Exploit Title: HealthMonitor 3.1 - Unquoted Service Path Discovery by: yunaranyancat Discovery Date: October 2020 Vendor Homepage: https://sourceforge.net/projects/healthmonitor/ Software Link :...
ElasticSearch Unauthenticated Remote Code Execution
!/bin/python2 coding: utf-8 Author: Darren Martyn, Xiphos Research Ltd. Version: 20150309.1 Licence: WTFPL - wtfpl.net import json import requests import sys import readline readline.parseandbind'tab: complete' readline.parseandbind'set editing-mode vi' version = "20150309.1" def banner: print...
WordPress Bricks Builder Theme 1.9.6 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unauthenticated RCE in Bricks Builder Theme', 'Description' = %q This module exploits an unauthenticated remote code execution vulnerability in t...
Email-Worm.Win32.Deltad Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/33f1dc8cf5987751ac0f063601f1c324.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Deltad Vulnerability: Insecure Permissions Description: The malware writes an .EXE...
Apache HTTP Server 2.4.50 Remote Code Execution
Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Date: 24/07/2021 Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo...
Mida Solutions eFramework ajaxreq.php Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mida Solutions eFramework ajaxreq.php Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Mida...
Palo Alto Deep Packet Inspection Data Exfiltration
Palo Alto firewalls allow for exfiltration of data via multiple egress methodologies. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism Advisory URL:...
WordPress 4.2.4 XMLRPC GHOST Vulnerability Scanner
WordPress version 4.2.4 XMLRPC GHOST vulnerability scanning script that checks to see if an instance is vulnerable. ============================================================================================================================================= | Title : WordPress 4.2.4 XMLRPC GHOST...
Supermicro X9 Buffer Overflow Scanner
Supermicro X9 generation motherboards before SMT X9 317 overflow scanner that checks for two flaws that date back to 2013 related to IPMI. ============================================================================================================================================= | Title :...
Open WebUI 0.1.105 File Upload / Path Traversal
KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal Title: Open WebUI Arbitrary File Upload + Path Traversal Advisory ID: KL-001-2024-006 Publication Date: 2024.08.D06 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt 1. Vulnerability Details Affected...
Jetty 9.4.37.v20210219 Information Disclosure
Exploit Title: Jetty 9.4.37.v20210219 - Information Disclosure Date: 2021-10-21 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.37.v20210219/ Version: 9.4.37.v20210219 and...
Oracle Weblogic Server Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE', 'Description' = %q An unauthenticated attacker with network...
D Tale 3.10.0 Remote Command Execution
D Tale version 3.10.0 proof of concept remote command execution exploit. ============================================================================================================================================= | Title : D Tale v3.10.0 PHP code execution vulnerability | | Author : indoushka |...
Simple Startup Manager 1.17 Buffer Overflow
Exploit Title: Simple Startup Manager 1.17 - 'File' Local Buffer Overflow PoC Exploit Author: PovlTekstTV Date: 2020-07-15 Vulnerable Software: Simple Startup Manager Software Link Download: http://www.ashkon.com/download/startup-manager.exe Version: 1.17 Vulnerability Type: Local Buffer Overflow...
Gila CMS 1.11.8 SQL Injection
Exploit Title: Gila CMS 1.11.8 - 'query' SQL Injection Date: 2020-06-15 Exploit Author: Carlos Ramírez L. BillyV4 Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/releases/tag/1.11.8 Version: Gila 1.11.8 Tested on: Gila 1.11.8 CVE : CVE-2020-5515 import request...
js2py 0.74 Code Execution
js2py version 0.74 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : js2py versions 0.74 Code Injection Vulnerability | | Author : indoushka | | Teste...
Metabase Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metabase Setup Token RCE', 'Description' = %q Metabase versions before 0.46.6.1 contain a flaw where the secret setup-token is accessible even...
Cisco AnyConnect Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco AnyConnect Privilege Escalations CVE-2020-3153 and CVE-2020-3433', 'Description' = %q The installer component of Cisco AnyConnect Secure...
PMB 5.6 Cross Site Scripting
Exploit Title: PMB 5.6 Cross Site Scripting XSS Google Dork: inurl:opaccss Date: 20-04-2020 Exploit Author: 41-trk Tarik Bakir Email: tarikbak999atgmail.com Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : alert1&critical=1...
Code Blocks 17.12 Local Buffer Overflow
Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/17.12/Windows/codeblocks-17.12-setup.exe/download Exploit Author: Paras Bhatia...
Frigate Professional 3.36.0.9 Buffer Overflow
Exploit Title: Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-04 Vulnerable Software: Frigate...
Rite CMS 2.2.1 Remote Code Execution
Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: H0j3n Vendor Homepage: http://ritecms.com/ Software Link: http://sourceforge.net/projects/ritecms/files/ritecms2.2.1.zip/download Version: 2.2.1 Tested on: Linux Reference:...
BIND 9 DNS Server Denial Of Service
import socket import struct TARGET = '192.168.200.10', 53 QA = 1 QTSIG = 250 DNSMESSAGEHEADERLEN = 12 def buildbindnukequestion="\x06google\x03com\x00", udpsize=512: queryA = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16QA + "\x00\x01" sweetspot = udpsize -...
MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF
MySchool version 1.0 suffers from remote SQL injection, php code injection, cross site request forgery, and cross site scripting vulnerabilities. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title MySchool System - Multiple Vulnerabilities .:. Google Dorks .:...
Cloud Filter Arbitrary File Creation / Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2020-1170 Cloud Filter Arbitrary File Creation EOP', 'Description' = %q The Cloud Filter driver, cldflt.sys, on Windows 10 v1803 and later,...
Medical Center Portal Management System SQL Injection
Exploit Title: Medical Center Portal Management System - SQL Injections Date: 2020-11-16 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Atlassian Products Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Cross-Site Scripting Vulnerabilities products: PlantUML, Refined Toolkit for Confluence, Linking for Confluence, Countdown Timer, Server Status vulnerable...
PrusaSlicer 2.6.1 Arbitrary Code Execution
Exploit Title: PrusaSlicer 2.6.1 - Arbitrary code execution on g-code export Date: 16/01/2024 Exploit Author: Kamil Breński Vendor Homepage: https://www.prusa3d.com Software Link: https://github.com/prusa3d/PrusaSlicer Version: PrusaSlicer up to and including version 2.6.1 Tested on: Windows and...
FiberHome HG6245D Disclosure / Bypass / Privilege Escalation / DoS
Hello, Please find a text-only version below sent to security mailing lists. The complete version on "Multiple vulnerabilities found in FiberHome HG6245D routers" is posted here: https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html === text-version of the advisory =...
HPE Edgeline Infrastructure Manager Improper Authorization
!/usr/bin/python -- coding: UTF-8 -- billhader.py HPE Edgeline Infrastructure Manager Multiple Remote Vulnerabilities Jeremy Brown jbrown3264/gmail Dec 2020 In \opt\hpe\eim\containers\api\eim\api\urls.py, some private paths are defined which are intended to only be accessible via the local consol...
EgavilanMedia User Registration And Login System With Admin Panel SQL Injection
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel Exploit - SQLi Auth Bypass Date: 17-11-2020 Exploit Author: Kislay Kumar Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/user-registration-and-login-system-with-admin-pane=l/ Version:...
Directory Management System (DMS) 1.0 SQL Injection
Exploit Title: Directory Management System DMS 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/directory-management-system-using-php-and-mysql/ Software Link:...
Complaints Report Management System 1.0 SQL Injection / Remote Code Execution
Exploit Title: Complaints Report Management System 1.0 - 'username' SQL Injection / Remote Code Execution Date: 3-11-2020 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14566/complaints-report-management-system-using-phpmysqli-source-code.html Software Link:...
Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rejetto HTTP File Server HFS Unauthenticated Remote Code Execution', 'Description' = %q The Rejetto HTTP File Server HFS version 2.x is vulnerabl...
F5 BIG-IP TMUI AJP Smuggling Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/apachejp' class MetasploitModule 'F5 BIG-IP TMUI AJP Smuggling RCE', 'Description' = %q This module exploits a flaw in F5's BIG-IP Traffic Management...
WordPress Age Gate 2.13.4 Open Redirect
Exploit Title: URL Redirection to Untrusted Site 'Open Redirect' Age Gate Wordpress Plugin = 2.13.4 Date: 11/27/2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: https://agegate.io/ Software Link: https://wordpress.org/plugins/age-gate/ Version: = 2.13.4 Tested on: Latest Version of Deskto...
Wattsense Bridge 6.x Remote Root / Information Disclosure
Wattsense Bridge suffers a multitude of security issues. The JTAG interface can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. A serial interface can be accessed with physical access to the PCB. After connecting to the...
Craft CMS 4.4.14 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Craft CMS unauthenticated Remote Code Execution RCE', 'Description' = %q This module exploits Remote Code Execution vulnerability CVE-2023-41892 ...
ManageEngine ServiceDesk Plus Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ServiceDesk Plus CVE-2021-44077', 'Description' = %q This module exploits CVE-2021-44077, an unauthenticated remote code execution...
F5 BIG-IQ VE 8.0.0-2923215 Remote Root
F5 BIG-IQ VE v8.0.0-2923215 Post-auth Remote Root RCE CVE-2021-23024 ======= Details ======= It was possible to execute commands with root privileges as an authenticated privileged user via command injection in easy-setup-test-connection. There are two blind command injection bugs in Test DNS...
Avaya Web License Manager XML Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Blind Out-Of-Band XML External Entity Injection Authenticated product: Avaya Web License Manager vulnerable version: 6.x, 7.0 through 7.1.3.6, 8.0 through 8.1.2.0.0 fixed...
Water Billing System 1.0 SQL Injection
Exploit Title: Water Billing System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor: https://www.sourcecodester.com/php/14560/water-billing-system-phpmysqli-full-source-code.html Version: 1.0 Tested on: Apache2 an...
WordPress Popular Posts 5.3.2 Shell Upload
Exploit Title: WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution RCE Authenticated Date: 15/07/2021 Exploit Author: Simone Cristofaro Vendor Homepage: https://it.wordpress.org/plugins/wordpress-popular-posts/ Software Link:...
Backdoor.Win32.Zdemon.10 Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d12f38e959d70af76fd263aa1933033c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zdemon.10 Vulnerability: Unauthenticated Remote Command Execution Description: Zdemon...
PESCMS TEAM 2.3.2 Cross Site Scripting
Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...