50786 matches found
Tibco ObfuscationEngine 5.11 Fixed Key Password Decryption
Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Date: December 8th 2020 Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation...
WordPress Simple File List Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Simple File List Unauthenticated Remote Code Execution', 'Description' = %q Simple File List simple-file-list plugin before 4.2.3 for...
Port Forwarding Wizard 4.8.0 Buffer Overflow
Exploit Title: Port Forwarding Wizard 4.8.0 - Buffer Overflow SEH Exploit Author: Sarang Tumne Date: 2020-07-18 CVE ID: N/A Confirmed on release 4.8.0 and 4.5.0 Vendor: http://www.port-forwarding.net/ Tested on OS- Windows Vista Buffer overflow in upRedSun Port Forwarding Wizard 4.8.0 and earlier...
CloudMe 1.11.2 SEH / DEP / ASLR Buffer Overflow
Exploit Title: CloudMe 1.11.2 - SEH/DEP/ASLR Buffer Overflow Date: 2020-05-20 Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Step...
MikroTik RouterOS 6.45.6 DNS Cache Poisoning
Exploit Title: MikroTik RouterOS 6.45.6 - DNS Cache Poisoning Date: 2019-10-30 Exploit Author: Jacob Baines Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download Version: 6.45.6 Stable and below or 6.44.5 Long-term and below Tested on: Various x86 and MIPSBE RouterOS...
Ewon Cosy+ Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-018 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Special Element...
Microsoft 365 MSO 2306 Build 16.0.16529.20100 Remote Code Execution
Title: Microsoft Outlook ®Microsoft 365 MSO Version 2306 Build 16.0.16529.20100 32-bit RCE Author: nu11secur1ty Date: 07.07.2023 Vendor: https://www.microsoft.com/ Software: https://outlook.live.com/owa/ Reference: https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/...
VMware Workspace ONE Access Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access CVE-2022-31660', 'Description' = %q VMware Workspace ONE Access contains a vulnerability whereby the horizon user can...
Nextar C472 POS DLL Hijacking
/ Description: A vulnerability exists in windows that allows other applications dynamic link libraries to execute malicious code without the users consent, in the privelage context of the targeted application. Exploit Title: Nextar C472 POS DLL Hijacking Exploit nxmm.dll - mdmdregistration.dll...
Joomla JCK Editor 6.4.4 SQL Injection
Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...
Gym Management System 1.0 SQL Injection
Exploit Title: Gym Management System 1.0 - Authentication Bypass Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html Software Link:...
Django REST Framework SimpleJWT 5.3.1 Information Disclosure
Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...
util-linux wall Escape Sequence Injection
Wall-Escape CVE-2024-28085 Skyler Ferrante: Escape sequence injection in util-linux wall ================================================================= Summary ================================================================= The util-linux wall command does not filter escape sequences from...
Micro Focus Operations Bridge Reporter Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Reporter Unauthenticated Command Injection', 'Description' = %q This module exploits a command injection...
Trojan-Dropper.Win32.Injector.aobl Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/842f6f21a2a83792e98900df90c9340b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Injector.aobl Vulnerability: Insecure Permissions Description: The malware...
Webmail Edition 5.2.22 XSS / Remote Code Execution
Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty System Administrator - Infrastructure Engineer Date: 04.14.2021 Vendor: webmail Link:...
Docsify.js 4.11.4 Cross Site Scripting
Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...
📄 BentoML Runner Server Remote Code Execution
There was an insecure deserialization in BentoML's runner server prior to version 1.4.8. By setting specific headers and parameters in the POST request, it is possible to execute unauthorized arbitrary code in the context of the user running the server, which will grant initial access and...
CE Phoenixcart 1.0.8.20 Shell Upload
Title: PhoenixCart-1.0.8.20-File-Upload-Bypass-override-htaccess-security-RCE Author: nu11secur1ty Date: 12/06/2023 Vendor: https://phoenixcart.org/index.php Software: https://github.com/CE-PhoenixCart/PhoenixCart/archive/master.zip Reference: https://portswigger.net/web-security/file-upload,...
Senayan Library Management System 9.2.0 SQL Injection
Title: Senayan Library Management System v9.2.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 12.19.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.0 Reference:...
Backdoor.Win32.Agent.afq Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/853754de6b8ffbe1321a8c91aab5c232C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.afq Vulnerability: Remote Heap Corruption Description: The malwares built-in...
Simple College Website 1.0 Local File Inclusion
Exploit Title: Simple College Website 1.0 - 'page' Local File Inclusion Date: 30-10-2020 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html Software Link:...
Microsoft Exchange ProxyLogon Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework begin auxiliary class class MetasploitModule 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q This module exploit a vulnerability on Microsoft Exchange Serv...
Online Food Ordering System 2.0 SQL Injection
Exploit Title: Online Food Ordering System v2 - Sql Injection Time-Based Blind Date: 01/11/2023 Exploit Author: Hasan Baskın Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...
Oracle WebLogic Server 14.1.1.0.0 Local File Inclusion
Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Date: 25/1/2022 Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0,...
CommScope Ruckus IoT Controller 1.7.1.0 Web Application Arbitrary Read/Write
KL-001-2021-006: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write Title: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write Advisory ID: KL-001-2021-006 Publication Date: 2021.05.26 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-006.t...
Zoom 5.4.3 (54779.1115) / 5.5.4 (13142.0301) Information Disclosure
Advisory ID: SYSS-2020-044 Product: Zoom Manufacturer: Zoom Video Communications, Inc. Affected Versions: 5.4.3 54779.1115 5.5.4 13142.0301 Tested Versions: 5.4.3 54779.1115 5.5.4 13142.0301 Vulnerability Type: Exposure of Resource to Wrong Sphere CWE-668 Risk Level: Medium Solution Status: Open...
ClanSphere 2011.0 Shell Upload / Local File Inclusion
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
SmartNode SN200 3.21.2-23021 OS Command Injection
Advisory ID: SYSS-2023-019 Product: SmartNode SN200 Analog Telephone Adapter ATA & VoIP Gateway Manufacturer: Patton LLC Affected Versions: = 3.21.2-23021 Tested Versions: 2.21.1-22041, 3.21.2-23021, 3.22.0-23083 Vulnerability Type: OS Command Injection CWE-78 Vulnerability Type: Improper Access...
HP OfficeJet 4630/7110 MYM1FN2025AR 2117A Cross Site Scripting
Exploit Title: HP OfficeJet 4630/7110 MYM1FN2025AR 2117A – Stored Cross-Site Scripting XSS Date: 01/08/2021 Exploit Author: Tyler Butler Vendor Homepage: https://www8.hp.com/ Vendor Bulletin: https://support.hp.com/ie-en/document/ish4433829-4433857-16/hpsbpi03742 Researcher Bulletin:...
URVE Software Build 24.03.2020 Authentication Bypass / Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-040 Product: URVE Software Manufacturer: Eveo Sp. z o.o. Affected Versions: Build "24.03.2020" Tested Versions: Build "24.03.2020" Vulnerability Type: Missing Authentication for Critical Function CWE-306 Risk Level: High...
Chrome NewFixedArray Missing Array Size Check
Chrome: Missing array size check in NewFixedArray VULNERABILITY DETAILS V8 caps the number of elements a fixed array can contain1. Most of the code that needs to create or resize a fast JS array i.e. one that's backed by a fixed array rather than a dictionary ends up calling either the regular C+...
Easy Chat Server 3.1 Denial Of Service
!/usr/bin/perl use Net::FTP; Exploit Title: Easy Chat Server 3.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 05 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1ZbfeaWSEKlpvCG1eUtD0vNnfkNz8PlE/view Notification vendor: No reported...
ManageEngine Applications Manager Authenticated Remote Code Execution
!/usr/bin/python3 Exploit Title: ManageEngine Applications Manager - Authenticated RCE via Java class reflection in Weblogic server test credential API Google Dork: None Date: 04-09-2020 Exploit Author: Hodorsec Vendor Homepage: https://manageengine.co.uk Vendor Vulnerability Description:...
SUPERAntiSpyware Professional X Trial Privilege Escalation
Exploit Title: SUPERAntiSpyware Professional X Trial 10.0.1206 Local Privilege Escalation Date: 2020-08-28 Exploit Author: b1nary Vendor Homepage: https://www.superantispyware.com/ Software Link: https://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWARE Version: 10.0.1206 lowe...
Ewon Cosy+ Password Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-017 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Cleartext Storage of Sensitive Information...
RiteCMS 3.1.0 Arbitrary File Overwrite
Exploit Title: RiteCMS 3.1.0 - Arbitrary File Overwrite Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: Browse...
GitLab 11.4.7 Remote Code Execution
Exploit Title: GitLab 11.4.7 - RCE Authenticated Date: 24th December 2020 Exploit Author: Sam Redmond Software Link: https://gitlab.com/ Environment: GitLab 11.4.7, community edition CVE: CVE-2018-19571 + CVE-2018-19585 Version: 11.4.7 !/usr/bin/python3 import requests from bs4 import BeautifulSo...
Nagios Log Server 2.1.6 Cross Site Scripting
Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...
Symphony CMS 3.0.0 Cross Site Scripting
Exploit Title: SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2020-08-28 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.getsymphony.com/ Software Link: https://www.getsymphony.com/ Version: 3.0.0 Tested on: Windows CVE : N/A...
Webmin 1.920 password_change.cgi Backdoor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin passwordchange.cgi Backdoor', 'Description' = %q This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the...
eHub SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
PHPJabbers Availability Booking Calendar 5.0 HTML Injection
Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - HTML Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version: v5.0...
Windows sxs!CNodeFactory::XMLParser_Element_doc_assembly_assemblyIdentity Heap Buffer Overflow
Windows: Heap buffer overflow in sxs!CNodeFactory::XMLParserElementdocassemblyassemblyIdentity SUMMARY A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges. VULNERABILITY DETAILS In 2020, Proje...
SciKit-Learn 0.23.2 Denial Of Service
Description svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence technique with a large value in the nsuppo...
Microsoft Spooler Local Privilege Elevation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Spooler Local Privilege Elevation Vulnerability', 'Description' = %q This exploit leverages a file write vulnerability in the print...
SolarWinds Serv-U FTP 15.1.6.25 Cross Site Scripting
Issue: Reflected Cross-Site Scripting CVE: CVE-2018-19934 Security researcher: Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.6.25 current as of Dec 2018 Fixed in: Serv-U 15.1.6 hotfix 3 Overview The Serv-U FTP Server is vulnerable to a...
WordPress Core 5.6.2 XPath Injection
Exploit Title: WordPress Core 5.6.2 - Xpath Injection Date: 13/08/2023 Exploit Author: Behrouz Mansoori Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/download/releases Version: 5.6.2 Tested on: Mac VULNERABILITY DETAILS : This vulnerability allows remote attackers to...
GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal
Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees C...
WordPress Duplicator 1.4.7 Unauthenticated Backup Download
Title: WordPress Plugin Duplicator 1.4.7 - Unauthenticated Backup Download Author: nu11secur1ty Date: 08.03.2022 Vendor: https://wordpress.org/ Software: https://wordpress.org/plugins/duplicator/ Reference:...