50738 matches found
OpenEMR 6.0.0 / 6.1.0-dev SQL Injection
Trovent Security Advisory 2109-01 Authenticated SQL injection in OpenEMR calendar search Overview Advisory ID: TRSA-2109-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2109-01 Affected product: OpenEMR web application Tested versions: 6.0.0,...
SPA Cart CMS 2021 SQL Injection
Document Title: =============== SPA Cart CMS - Multiple SQL Injection Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2304 Release Date: ============= 2021-10-18 Vulnerability Laboratory ID VL-ID: ====================================...
Backdoor.Win32.Small.n Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fb24c3509180f463c9deaf2ee6705062.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.n Vulnerability: Unauthenticated Remote Command Execution SYSTEM Description: T...
F5 BIG-IP iControl Cross Site Request Forgery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl CSRF File Write SOAP API', 'Description' = %q This module exploits a cross-site request forgery CSRF vulnerability in F5...
WSO Arbitrary File Upload / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WSO2 Arbitrary File Upload to RCE', 'Description' = %q This module abuses a vulnerability in certain WSO2 products that allow unrestricted file...
PHPGurukul Zoo Management System 1.0 Shell Upload
Zoo Management System Unrestricted File Upload + RCE Author: D4rkP0w4r Note = don't need register or login account Description= Upload web shell at Upload CV Step to Reproduct Access Vacancies - upload web shell at - Upload CV - APPLY Exploit Upload web shell at Upload CV When upload success acce...
HEUR.Backdoor.Win32.Winnti.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb272fe923ccf3e66fde1bf309cbc464.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Winnti.gen Vulnerability: Insecure Permissions Description: The malware creates ...
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow
$Id: proftptelnetiac.rb 10900 2010-11-04 18:12:11Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
📄 ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting
ERPNext version 15.67.0 and Frappe version 15.72.4 suffer from a persistent cross site scripting vulnerability. CVE-2025-56379 — Stored Cross-Site Scripting XSS in ERPNext 15.67.0 / Frappe 15.72.4 📌 Summary A stored Cross‑Site Scripting XSS vulnerability exists in the Blog module of ERPNext...
Prison Management System 1.0 Shell Upload
Exploit Title: Prison Management System 1.0 - Unuthenticated RCE Date: 24.07.2024 Exploit Author: Muhammet Ali Dak Vendor Homepage: https://www.sourcecodester.com/sql/17287/prison-management-system.html Software Link:...
LG Simple Editor Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LG Simple Editor Remote Code Execution', 'Description' = %q This Metasploit module exploits broken access control and directory traversal...
Filmora 12 Build 1.0.0.7 Unquoted Service Path
Vendor Name: Filmora Product Name: Filmora 12 version Build 1.0.0.7 Vendor Home Page: https://filmora.wondershare.com/ Affected Versions: Filmora 12 version Build 12.2.1.2088 Vulnerability Type: Unquoted Service Path Vulnerability CWE-428 CVE Reference: CVE-2023-31747 Security Researcher: Thurein...
Mitel 6800/6900 Series SIP Phones Backdoor Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-021 Product: Mitel 6800/6900 Series SIP Phones excluding 6970 Mitel 6900 Series IP MiNet Phones Manufacturer: Mitel Networks Corporation Affected Versions: Rel 5.1 SP8 5.1.0.8016 and earlier Rel 6.0 6.0.0.368 to 6.1 HF4...
F5 BIG-IP iControl Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl RCE via REST Authentication Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in the F5...
zlog 1.2.15 Buffer Overflow
Exploit Title: zlog 1.2.15 - Buffer Overflow Date: 10/23/2021 Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the...
ImportExportTools NG 10.0.4 HTML Injection
Document Title: =============== ImportExportTools NG 10.0.4 - HTML Injection Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2308 Release Date: ============= 2021-11-05 Vulnerability Laboratory ID VL-ID: ===================================...
My Movie Collection Sinatra App Movie Cross Site Scripting
Document Title: =============== My Movie Collection Sinatra App - Movie XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2294 Release Date: ============= 2021-11-01 Vulnerability Laboratory ID VL-ID: ====================================...
Atlassian Jira Service Desk 4.9.1 Cross Site Scripting
Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS Date: 07 Mar 2020 Exploit Author: Captainhook Vendor Homepage: https://www.atlassian.com/ Version: 4.10.0 Tested on: All OS CVE: CVE-2020-14166 Summary: The /servicedesk/customer/portals resource in Jira Service De...
ManageEngine Desktop Central Java Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Desktop Central Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in the...
Wordpress XML-RPC System.multicall Credential Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/wordpressmulticall' class MetasploitModule 'Wordpress XML-RPC...
Apache OFBiz 18.12.09 Remote Code Execution
From: Jacques Le Roux Date: Mon, 04 Dec 2023 21:04:50 +0000 Severity: moderate Affected versions: - Apache OFBiz before 18.12.10 Description: Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are...
ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication
Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the database of employees and their credentials. Details ======= Product: ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM Affect...
RATES SYSTEM 1.0 SQL Injection
Exploit Title: RATES SYSTEM 1.0 - 'Multiple' SQL Injections Date: 11-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Software Link: https://www.sourcecodester.com/php/14904/rates-system.html Version: V1.0 Category: Webapps Tested on: Linux/Windows Description: PHP Dashboards is prone to an...
Backdoor.Win32.Hupigon.das Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.das Vulnerability: Unauthenticated Open Proxy Description: The malware drops ...
WordPress Supsystic Membership 1.4.7 SQL Injection
Exploit Title: WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection Date: 09/08/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/membership-by-supsystic.1.4.7.zip Version: 1.4.7 Tested on: Ubuntu...
Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Siemens Energy Omnivise T3000 vulnerable version: =8.2 SP3 fixed version: see solution section CVE number: CVE-2024-38876, CVE-2024-3887...
Geoserver Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Geoserver unauthenticated Remote Code Execution', 'Description' = %q GeoServer is an open-source software server written in Java that provides th...
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE', 'Description' = %q An SQLi injection vulnerability exists in FortiNet...
PHPJabbers Availability Booking Calendar 5.0 Cross Site Scripting
Exploit Title: Multiple Cross Site Scripting in PHPJabbers Availability Booking Calendar v5.0 Date: 12/11/2023 Exploit Author: BugsBD Security Researcher Orpon Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version:...
Gas Agency Management 2022 SQL Injection / XSS / Shell Upload
Title: Gas Agency Management-2022 by Mayuri K - SQLi+FU-RCE+XSS Author: nu11secur1ty Date: 08.12.2022 Vendor Homepage: https://www.mayurik.com/downloadsection Software Link-0: https://www.sourcecodester.com/php/15586/gas-agency-management-system-project-php-free-download-source-code.html Software...
Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass
Exploit Title: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Date: 2022-08-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sophos.com Version: 17.0.10 MR-10 Tested on: Windows 11 CVE : CVE-2022-1040 VULNERABILITY DETAILS : This vulnerability allows an attacker to...
FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication
FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-08-freeswitch-SIP-SUBSCRIBE-without-auth - Vendor Security Advisory:...
Backdoor.Win32.Agent.afq Directory Traversal
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/853754de6b8ffbe1321a8c91aab5c232B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.afq Vulnerability: Directory Traversal Description: The malwares built-in serv...
Mini Mouse 9.2.0 Path Traversal
Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...
Sickbeard 0.1 Cross Site Request Forgery
Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -...
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
KL-001-2020-002 : Cellebrite Restricted Desktop Escape and Escalation of User Privilege Title: Cellebrite Restricted Desktop Escape and Escalation of User Privilege Advisory ID: KL-001-2020-002 Publication Date: 2020.05.14 Publication URL:...
Linux 2.6 Kernel UDEV Exploit
!/bin/sh Linux 2.6 bug found by Sebastian Krahmer lame sploit using LD technique by kcope in 2009 tested on debian-etch,ubuntu,gentoo do a 'cat /proc/net/netlink' and set the first arg to this script to the pid of the netlink socket the pid is udevdpid - 1 most of the time + sploit has to be UNIX...
Ollama 0.5.11 Denial of Service
Ollama supports importing and parsing user-uploaded customized GGUF models via the network request by default. This functionality can be manipulated to cause an out-of-memory denial of service attack. Title: The malicious gguf model can lead to DoS due to out of memory killed via network in ollam...
Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control
Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control Vendor: The Akuvox Company Product web page: https://www.akuvox.com Affected version: Doorphone: S539 S532 X916 X915 X912 R29 Intercom: E16C R20K-2 R20A-2 C313W-2 NS-2 NC-2 NX-2 Firmware: 912.30.1.137 Summary: Vandal-resistan...
Openmediavault Remote Code Execution / Local Privilege Escalation
Exploit Title: Openmediavault 7.0.32 Authenticated RCE & Local Privilege Escalation Date: 08.05.2024 Exploit Author: Mert BENADAM Vendor Homepage: https://www.openmediavault.org/ Software Link: https://sourceforge.net/projects/openmediavault/ Version: 7.0.32 Tested on: OMV 7.0.32 & 6.5 @Virtual...
Seowon SLR-120 Router Remote Code Execution
Exploit Title: Seowon SLR-120 Router - Remote Code Execution Unauthenticated Date: 2022-03-11 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=126&bigkind=B05&middlekind=B0530 Version: All versi...
vBulletin 5.6.3 Cross Site Scripting
Exploit Title: vBulletin 5.6.3 - 'group' Cross Site Scripting Date: 05.09.2020 Author: Vincent666 ibn Winnie Software Link: https://www.vbulletin.com/en/features/ Tested on: Windows 10 Web Browser: Mozilla Firefox & Opera Google Dorks: "Powered by vBulletin® Version 5.6.3" Go to the "Admin CP" -...
Free MP3 CD Ripper 2.8 Buffer Overflow
Exploit Title: Free MP3 CD Ripper 2.8 - Stack Buffer Overflow SEH + Egghunter Date: 2020-07-22 Exploit Author: Eduard Palisek Vendor Homepage: https://www.cleanersoft.com Software Link: https://www.cleanersoft.com/download/FMCRSetup.exe Version: 2.8 Build 20140611 Tested on: Windows XP,...
Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities allowing complete bypass product: Faronics WINSelect Standard + Enterprise vulnerable version: 8.30.xx.903 fixed version: 8.30.xx.903 CVE number:...
MobileTrans 4.0.11 Weak Service Permissions
Vendor Name: MobileTrans Product Name: MobileTrans Vendor Home Page: https://mobiletrans.wondershare.com/ Affected Versions: MobileTrans version 4.0.11 Vulnerability Type: Weak Service Permissions CWE-276 CVE Reference: CVE-2023-31748 Security Researcher: Thurein Soe Vulnerability description:...
GridPro Request Management For Windows Azure Pack 2.0.7905 Directory Traversal
Certitude Securtiy Advisory - CSA-2021-003 PRODUCT : GridPro Request Management for Windows Azure Pack VENDOR : GridPro Software SEVERITY : Critical AFFECTED VERSION : =2.0.7905 IDENTIFIERS : CVE-2021-40371 PATCH VERSION : 2.0.7912 FOUND BY : Giulian Guran, Certitude Lab Introduction ------------...
Employee Performance Evaluation System 1.0 Insecure Direct Object Reference
Exploit Title: Employee Performance Evaluation System 1.0 - Able to delete Admin user from Local account Unauthenticated Insecure Direct Object Reference IDOR Date: 09/12/2020 Exploit Author: Manish Solanki Vendor Homepage: https://www.sourcecodester.com Software Link:...
Coaster CMS 5.8.18 Cross Site Scripting
Exploit Title: Coastercms 5.8.18 - Stored XSS Exploit Author: Hardik Solanki Vendor Homepage: https://www.coastercms.org/ Software Link: https://www.coastercms.org/ Version: 5.8.18 Tested on Windows 10 XSS IMPACT: 1: Steal the cookie 2: User redirection to a malicious website Vulnerable Parameter...
Oracle Weblogic Server Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - Raw Object', 'Description' = %q An unauthenticated attacker wi...
IBM Security Verify Access 10.0.8 Open Redirection
IBM Security Verify Access = 10.0.0 ================================================ 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline 5. References 6. Credits 7. Legal Notices ======== ====================================================== Revision: 1.0...