50738 matches found
Pentaho Business Analytics / Pentaho Business Server 9.1 Insufficient Access Control
Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Insufficient Access Control of Data Source Management Service Solution Status: Fix Released on public GitHub repository Manufacturer Notification: 8th...
F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP TMUI Directory Traversal and File Upload RCE', 'Description' = %q This module exploits a directory traversal in F5's BIG-IP Traffic...
Linux Kernel 2.6.34-rc3 ReiserFS xattr Privilege Escalation
!/usr/bin/env python ''' team-edward.py Linux Kernel http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access the internal ".reiserfspriv" directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions...
Orangescrum 1.8.0 SQL Injection
Exploit Title: orangescrum 1.8.0 - 'Multiple' SQL Injection Authenticated Date: 28/11/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0...
PrestaShop 1.7.6.7 SQL Injection
Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection Date: 2021-04-08 Exploit Author: Vanshal Gaur Vendor Homepage: https://www.prestashop.com/ Version: 1.7.5.x 1.7.6.8 Tested on: Debian 10 buster CVE : CVE-2020-15160 !/usr/bin/python3 ''' Setup Vulnerable Docker on "localhost:8080"...
Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Pepperl+Fuchs IO-Link Master Series See "Vulnerable / tested versions" vulnerable version: System 1.36 / Application 1.5.28 fixed versio...
HanYazilim Paper Submission System .NET 1.0 Shell Upload
Exploit Title : HanYazilim Paper Submission System .NET v1.0 Privilege Escalation / Shell Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 22/02/2019 Vendor Homepage : hanyazilim.com Software Information Link : hanyazilim.com/hakemlimakaletakipsistemi.pdf...
Chrome V8 Type Confusion
Chrome: Extending non-extensible objects leads to type confusion in V8 SUMMARY v8::internal::JSObject::SetAccessor doesn't check if the receiver is extensible before adding a new property. A potential attacker can exploit the ability to extend non-extensible objects to achieve arbitrary code...
DedeCMS 5.8 Cross Site Scripting
Exploit Title: DedeCMS v.5.8 - "keyword" Cross-Site Scripting Date: 2020-07-27 Exploit Author: Noth Vendor Homepage: https://github.com/dedetech/DedeCMSv5 Software Link: https://github.com/dedetech/DedeCMSv5 Version: v.5.8 CVE : CVE-2020-27533 A Cross Site Scripting XSS issue was discovered in th...
Splunk Enterprise 7.2.4 Remote Code Execution
!/usr/bin/python Exploit Title: Splunk Enterprise 7.2.4 Custom App RCE persistent backdoor - custom binary payload Date: March 1, 2019 Exploit Author: Matteo Malvica Original Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link:...
XOS Shop 1.0RC7o SQL Injection
Exploit Title: XOS Shopv1.0rc7o Sql Injection Vulnerability Date: 23/01/2014 Exploit Author: JoKeRStEx Vendor Homepage: http://www.xos-shop.com/ Software Link: http://xos-shop.com/main/index.php/cPath/25/ Version: v1.0 rc7o Tested on: Windows PHP Version 6.0.0-dev CVE : - Description : XOS Shop i...
EzViz Studio 2.2.0 DLL Hijacking
PoC: DLL Hijacking via EzViz Studio Reported by EAFZ from Pythongoras Author: EAFZ aka myantti3m CVE: CVE-2023-41613. Test Environment: OS: Windows 11 Pro 64 bit10.0, Build 2261 EzViz Studio version: 2.2.0 Technical Description 1. Technical Description EzvizStudio.exe searches for a DLL called...
COVID-19 Contact Tracing System With QR Code Scanning 1.0 SQL Injection
Exploit Title: Covid-19 Contact Tracing System Web App with QR Code Scanning CTS-QR by: oretnom23 v1.0 remote SQL-Injection-Bypass-Authentication in /ctsqr/classes/Login.php + XSS-Stored PWNED PHPSESSID Vulnerable parameter "code" in applicatoin State/Province List. Author: nu11secur1ty Testing a...
Courier Management System 1.0 SQL Injection
Exploit Title: Courier Management System 1.0 - 'MULTIPART street ' SQL Injection Exploit Author: Zhaiyi Zeo Date: 2020-12-11 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...
BigtreeCMS 4.4.11 Cross Site Scripting
Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in BigtreeCMS Affected Software: BigtreeCMS Affected Versions: 4.4.11 Vendor Homepage: https://www.bigtreecms.org/ Vulnerability Type: Cross-Site Scripting Severity: Important Status: Fixed CVE-ID:...
Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published:...
Online Reviewer System 2.4.0 SQL Injection
Sourcecodester-Online-Reviewer-System-2.4.0 SQL - 4 types of injection vulnerability Vendor Description: The password parameter appears of the Online Reviewer System 1.0 to be vulnerable to SQL injection attacks - 4 types of injection vulnerability. A single quote was submitted in the password...
Havoc C2 0.7 Server-Side Request Forgery
Exploit Title: Havoc C2 0.7 Unauthenticated SSRF Date: 2024-07-13 Exploit Author: @chebuya Software Link: https://github.com/HavocFramework/Havoc Version: v0.7 Tested on: Ubuntu 20.04 LTS CVE: ? Description: This exploit works by spoofing a demon agent registration and checkins to open a TCP sock...
PostgreSQL 11.7 Remote Code Execution
Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Date: 2022-03-29 Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on:...
WebCTRL OEM 6.5 Cross Site Scripting
Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Date: 4/07/2021 Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the...
IObit Uninstaller 10 Pro Unquoted Service Path
Exploit Title: IObit Uninstaller 10 Pro - Unquoted Service Path Date: 2020–12–24 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version: 10 Tested on Windows 10 Unquoted Service Path: When a service is...
Monitorr 1.7.6m Authorization Bypass
!/usr/bin/python -- coding: UTF-8 -- Exploit Title: Monitorr 1.7.6m - Authorization Bypass Date: September 12, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description:...
ZyXEL PK5001Z Modem Backdoor Account
Exploit Title: ZyXEL PK5001Z Modem - CenturyLink Hardcoded admin and root Telnet Password. Google Dork: n/a Date: 2017-10-31 Exploit Author: Matthew Sheimo Vendor Homepage: https://www.zyxel.com/ Software Link: n/a Version: PK5001Z 2.6.20.19 Tested on: Linux About: ZyXEL PK5001Z Modem is used by...
SumatraPDF 3.5.2 DLL Hijacking
SumatraPDF 3.5.2 DLL Hijack Exploit Title: Sumatra PDF 3.5.2 DLL Hijack Date: 03.03.2024 Exploit Author: Krishna Vamshi Katta Rokkaiah Vendor Homepage: https://www.sumatrapdfreader.org/free-pdf-reader Software Link: https://www.sumatrapdfreader.org/download-free-pdf-viewer Version: 3.5.2 Tested o...
QNAP QTS / QuTS Hero Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and QuTS Hero Unauthenticated Remote Code Execution in quick.cgi', 'Description' = %q There exists an unauthenticated command injection...
HackTool.Win32.HKit Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6209db6e8cfd7c7a315ca858129bd226.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.HKit Vulnerability: Unauthenticated Remote Command Execution Description: HaX0R'Z KiT...
Zabbix 7.0.1rc1 Remote Code Execution
Zabbix server version 7.0.1rc1 remote code execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Zabbix server v 7.0.1rc1 PHP Code Injection...
COVID19 Testing Management System 1.0 SQL Injection
Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Date: 09/08/2021 Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...
Microsoft Windows Containers DP API Cryptography Flaw
Certitude Security Advisory - CSA-2021-002 PRODUCT : Windows Containers VENDOR : Microsoft SEVERITY : High AFFECTED VERSION : Windows 10, Windows Server IDENTIFIERS : CVE-2021-1645 PATCH VERSION : KB4598229, KB4598230, KB4598242, KB4598243 FOUND BY : Marc Nimmerrichter, Certitude Lab Introduction...
Online News Portal Local File Inclusion
Exploit Title: Online News Portal - Local File Inclusion Date: 2020-11-16 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
DotNetNuke CMS 9.5.0 Cross Site Scripting
Exploit Title: File upload vulnerability through bypassing client-side file extension check Date: 23 Feb 2020 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip...
Android GKI Kernels Use-After-Free
A central recurring theme in Linux MM development is that contention on the mmap lock can have a big negative performance impact on multithreaded workloads: If one thread is holding the mmap lock in exclusive mode for an extended amount of time, other threads will block as soon as they try to...
GL.iNet Unauthenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' class MetasploitModule 'GL.iNet Unauthenticated Remote Command Execution via the logread module.', 'Description' = %q A command injection...
Multi Restaurant Table Reservation System 1.0 Cross Site Scripting
Exploit Title: Multi Restaurant Table Reservation System - Multiple Persistent XSS Date: 01-11-2020 Exploit Author: yunaranyancat Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/tablereservation.zip Version: 1.0...
Backdoor.Win32.Zaratustra Remote File Write / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f240c16af2189ea9c94f317281ce7e59.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zaratustra Vulnerability: Unauthenticated Remote File Write Remote Code Exec...
Schneider Electric EVlink Charging Stations Authentication Bypass / Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authentication bypass & Remote code execution product: Multiple Schneider Electric EVlink Charging Stations vulnerable version: Firmware R7 Version V3.3.0.15 fixed versio...
WebDamn User Registration And Login System With User Panel SQL Injection
Exploit Title: WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass Date: 18-11-2020 Exploit Author: Aakash Madaan Vendor Homepage: https://webdamn.com/ Software Link : https://webdamn.com/user-management-system-with-php-mysql/ Version: N/A Default Tested on: Windows 10...
Microsoft IIS 5.0 IDQ Path Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft II...
Linux Kernel 5.4 BleedingTooth Remote Code Execution
/ BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution by Andy Nguyen theflow@ This Proof-Of-Concept demonstrates the exploitation of CVE-2020-12351 and CVE-2020-12352. Compile using: $ gcc -o exploit exploit.c -lbluetooth and execute as: $ sudo ./exploit targetmac sourceip sourceport ...
Chrome V8 Turbofan Type Confusion
V8: Turbofan fails to deoptimize code after map deprecation, leading to type confusion NOTE: We have evidence that the following bug is being used in the wild. Therefore, this bug is subject to a 7 day disclosure deadline. VULNERABILITY DETAILS When turbofan compiles code that performs a Map...
SAP Cloud Connector 2.16.1 Missing Validation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Tolerating Self-Signed Certificates product: SAP® Cloud Connector vulnerable version: 2.15.0 - 2.16.1 Portable and Installer fixed version: 2.16.2 Portable and Installer...
Barcodes Generator 1.0 Cross Site Scripting
Exploit Title: Barcodes generator 1.0 - 'name' Stored Cross Site Scripting Date: 10/12/2020 Exploit Author: Nikhil Kumar Vendor Homepage: http://egavilanmedia.com/ Software Link: http://egavilanmedia.com/barcodes-generator-using-php-mysql-and-jsbarcode-library/ Version: 1.0 Tested On: Ubuntu 1...
Online Doctor Appointment Booking System PHP And MySQL 1.0 SQL Injection
Exploit Title: Online Doctor Appointment Booking System PHP and Mysql 1.0 - 'q' SQL Injection Google Dork: N/A Date: 11/16/2020 Exploit Author: Ramil Mustafayev Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-doctor-appointment-booking-system-php-and-mysql/ Software...
Ricoh myPrint Hardcoded Credentials / Information Disclosure
Exploit Title: Ricoh myPrint - Hardcoded application credentials and information disclosure via WSDL webservices Google Dork: intitle:"ricoh myprint" "Copyright Ricoh. All Rights Reserved" Date: 19-11-18 Exploit Author: Hodorsec Vendor Homepage: https://www.ricoh.com Software Link:...
Backdoor.Win32.Cafeini.08.b Missing Authentication
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8225bb6b430d5cdf523c4d0cabbe5793.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.08.b Vulnerability: Missing Authentication Description: The backdoor is writt...
WordPress Fancy Product Designer For WooCommerce Cross Site Scripting
About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce is a WordPress plugin which allows users to design custom products in a vendor's WooCommerce store. It is sold through the third-party marketplace "Envato Market" and boasts over 15,000 sales. Stored XSS via SVG...
Inlislite 3.1 Insecure Settings
==================================================================================================================================== | Title : Inlislite V3.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | ...
Digital Guardian Management Console 7.1.2.0015 XXE Injection
Title: Digital Guardian Managment Console - XML External Entity Vulnerability Author: Pawel Gocyla Date: 18 April 2018 CVE: CVE-2018-10175 Affected software: ================== Digital Guardian Managment Console Version 7.1.2.0015 Description: ============ Digital Guardian is an American data los...
Open WebUI 0.1.105 Persistent Cross Site Scripting
KL-001-2024-005: Open WebUI Stored Cross-Site Scripting Title: Open WebUI Stored Cross-Site Scripting Advisory ID: KL-001-2024-005 Publication Date: 2024.08.06 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt 1. Vulnerability Details Affected Vendor: Open WebUI...
SAP Fiori Launchpad Cross Site Scripting
Onapsis Security Advisory 2022-0005: Cross-Site Scripting XSS vulnerability in SAP Fiori launchpad Impact on Business Impact depends on the victim's privileges. In most cases, a successful attack allows an attacker to hijack a session, or force the victim to perform undesired requests in the SAP...