50773 matches found
OpenEMR 6.0.0 / 6.1.0-dev SQL Injection
Trovent Security Advisory 2109-01 Authenticated SQL injection in OpenEMR calendar search Overview Advisory ID: TRSA-2109-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2109-01 Affected product: OpenEMR web application Tested versions: 6.0.0,...
ImportExportTools NG 10.0.4 HTML Injection
Document Title: =============== ImportExportTools NG 10.0.4 - HTML Injection Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2308 Release Date: ============= 2021-11-05 Vulnerability Laboratory ID VL-ID: ===================================...
Backdoor.Win32.Mazben.es Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fcd611ccbc756fab43761f4b18372b81.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mazben.es Vulnerability: Unauthenticated Open Proxy Description: The malware listens ...
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Configuration Disclosure
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Unauthenticated Config Download Vendor: FatPipe Networks Inc. Product web page: https://www.fatpipeinc.com Affected version: WARP / IPVPN / MPVPN 10.2.2r38 10.2.2r25 10.2.2r10 10.1.2r60p82 10.1.2r60p71 10.1.2r60p65 10.1.2r60p58s1 10.1.2r60p58 10.1.2r60p55...
📄 ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting
ERPNext version 15.67.0 and Frappe version 15.72.4 suffer from a persistent cross site scripting vulnerability. CVE-2025-56379 — Stored Cross-Site Scripting XSS in ERPNext 15.67.0 / Frappe 15.72.4 📌 Summary A stored Cross‑Site Scripting XSS vulnerability exists in the Blog module of ERPNext...
AMPLE BILLS 1.0 Administrative Page Disclosure
============================================================================================================================================= | Title : AMPLE BILLS v1.0 Administrative Page Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Prison Management System 1.0 Shell Upload
Exploit Title: Prison Management System 1.0 - Unuthenticated RCE Date: 24.07.2024 Exploit Author: Muhammet Ali Dak Vendor Homepage: https://www.sourcecodester.com/sql/17287/prison-management-system.html Software Link:...
F5 BIG-IP iControl Cross Site Request Forgery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl CSRF File Write SOAP API', 'Description' = %q This module exploits a cross-site request forgery CSRF vulnerability in F5...
Webmin 1.984 File Manager Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin File Manager RCE', 'Description' = %q In Webmin version 1.984, any authenticated low privilege user without access rights to the File...
WSO Arbitrary File Upload / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WSO2 Arbitrary File Upload to RCE', 'Description' = %q This module abuses a vulnerability in certain WSO2 products that allow unrestricted file...
HEUR.Backdoor.Win32.Winnti.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb272fe923ccf3e66fde1bf309cbc464.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Winnti.gen Vulnerability: Insecure Permissions Description: The malware creates ...
Backdoor.Win32.Small.n Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fb24c3509180f463c9deaf2ee6705062.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.n Vulnerability: Unauthenticated Remote Command Execution SYSTEM Description: T...
Apache OFBiz 18.12.09 Remote Code Execution
From: Jacques Le Roux Date: Mon, 04 Dec 2023 21:04:50 +0000 Severity: moderate Affected versions: - Apache OFBiz before 18.12.10 Description: Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are...
LG Simple Editor Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LG Simple Editor Remote Code Execution', 'Description' = %q This Metasploit module exploits broken access control and directory traversal...
ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication
Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the database of employees and their credentials. Details ======= Product: ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM Affect...
PHPGurukul Zoo Management System 1.0 Shell Upload
Zoo Management System Unrestricted File Upload + RCE Author: D4rkP0w4r Note = don't need register or login account Description= Upload web shell at Upload CV Step to Reproduct Access Vacancies - upload web shell at - Upload CV - APPLY Exploit Upload web shell at Upload CV When upload success acce...
ManageEngine Desktop Central Java Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Desktop Central Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in the...
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow
$Id: proftptelnetiac.rb 10900 2010-11-04 18:12:11Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Linux io_uring Out-Of-Bounds Access
iouaddrmap in iouring handles multi-page region dangerously in a way that may allow for out-of-bounds access. iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. ...
VICIdial Authenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Authenticated Remote Code Execution', 'Description' = %q An attacker with authenticated access to VICIdial as an "agent" can execute...
Wordpress XML-RPC System.multicall Credential Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/wordpressmulticall' class MetasploitModule 'Wordpress XML-RPC...
Openmediavault Remote Code Execution / Local Privilege Escalation
Exploit Title: Openmediavault 7.0.32 Authenticated RCE & Local Privilege Escalation Date: 08.05.2024 Exploit Author: Mert BENADAM Vendor Homepage: https://www.openmediavault.org/ Software Link: https://sourceforge.net/projects/openmediavault/ Version: 7.0.32 Tested on: OMV 7.0.32 & 6.5 @Virtual...
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE', 'Description' = %q An SQLi injection vulnerability exists in FortiNet...
Filmora 12 Build 1.0.0.7 Unquoted Service Path
Vendor Name: Filmora Product Name: Filmora 12 version Build 1.0.0.7 Vendor Home Page: https://filmora.wondershare.com/ Affected Versions: Filmora 12 version Build 12.2.1.2088 Vulnerability Type: Unquoted Service Path Vulnerability CWE-428 CVE Reference: CVE-2023-31747 Security Researcher: Thurein...
Mitel 6800/6900 Series SIP Phones Backdoor Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-021 Product: Mitel 6800/6900 Series SIP Phones excluding 6970 Mitel 6900 Series IP MiNet Phones Manufacturer: Mitel Networks Corporation Affected Versions: Rel 5.1 SP8 5.1.0.8016 and earlier Rel 6.0 6.0.0.368 to 6.1 HF4...
zlog 1.2.15 Buffer Overflow
Exploit Title: zlog 1.2.15 - Buffer Overflow Date: 10/23/2021 Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the...
My Movie Collection Sinatra App Movie Cross Site Scripting
Document Title: =============== My Movie Collection Sinatra App - Movie XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2294 Release Date: ============= 2021-11-01 Vulnerability Laboratory ID VL-ID: ====================================...
FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication
FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-08-freeswitch-SIP-SUBSCRIBE-without-auth - Vendor Security Advisory:...
Atlassian Jira Service Desk 4.9.1 Cross Site Scripting
Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS Date: 07 Mar 2020 Exploit Author: Captainhook Vendor Homepage: https://www.atlassian.com/ Version: 4.10.0 Tested on: All OS CVE: CVE-2020-14166 Summary: The /servicedesk/customer/portals resource in Jira Service De...
Mini Mouse 9.2.0 Path Traversal
Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...
Geoserver Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Geoserver unauthenticated Remote Code Execution', 'Description' = %q GeoServer is an open-source software server written in Java that provides th...
Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities allowing complete bypass product: Faronics WINSelect Standard + Enterprise vulnerable version: 8.30.xx.903 fixed version: 8.30.xx.903 CVE number:...
PHPJabbers Availability Booking Calendar 5.0 Cross Site Scripting
Exploit Title: Multiple Cross Site Scripting in PHPJabbers Availability Booking Calendar v5.0 Date: 12/11/2023 Exploit Author: BugsBD Security Researcher Orpon Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version:...
Gas Agency Management 2022 SQL Injection / XSS / Shell Upload
Title: Gas Agency Management-2022 by Mayuri K - SQLi+FU-RCE+XSS Author: nu11secur1ty Date: 08.12.2022 Vendor Homepage: https://www.mayurik.com/downloadsection Software Link-0: https://www.sourcecodester.com/php/15586/gas-agency-management-system-project-php-free-download-source-code.html Software...
Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass
Exploit Title: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Date: 2022-08-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sophos.com Version: 17.0.10 MR-10 Tested on: Windows 11 CVE : CVE-2022-1040 VULNERABILITY DETAILS : This vulnerability allows an attacker to...
RATES SYSTEM 1.0 SQL Injection
Exploit Title: RATES SYSTEM 1.0 - 'Multiple' SQL Injections Date: 11-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Software Link: https://www.sourcecodester.com/php/14904/rates-system.html Version: V1.0 Category: Webapps Tested on: Linux/Windows Description: PHP Dashboards is prone to an...
Backdoor.Win32.Agent.afq Directory Traversal
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/853754de6b8ffbe1321a8c91aab5c232B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.afq Vulnerability: Directory Traversal Description: The malwares built-in serv...
Backdoor.Win32.Hupigon.das Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.das Vulnerability: Unauthenticated Open Proxy Description: The malware drops ...
WordPress Supsystic Membership 1.4.7 SQL Injection
Exploit Title: WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection Date: 09/08/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/membership-by-supsystic.1.4.7.zip Version: 1.4.7 Tested on: Ubuntu...
Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Siemens Energy Omnivise T3000 vulnerable version: =8.2 SP3 fixed version: see solution section CVE number: CVE-2024-38876, CVE-2024-3887...
Sickbeard 0.1 Cross Site Request Forgery
Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -...
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
KL-001-2020-002 : Cellebrite Restricted Desktop Escape and Escalation of User Privilege Title: Cellebrite Restricted Desktop Escape and Escalation of User Privilege Advisory ID: KL-001-2020-002 Publication Date: 2020.05.14 Publication URL:...
Linux 2.6 Kernel UDEV Exploit
!/bin/sh Linux 2.6 bug found by Sebastian Krahmer lame sploit using LD technique by kcope in 2009 tested on debian-etch,ubuntu,gentoo do a 'cat /proc/net/netlink' and set the first arg to this script to the pid of the netlink socket the pid is udevdpid - 1 most of the time + sploit has to be UNIX...
Ollama 0.5.11 Denial of Service
Ollama supports importing and parsing user-uploaded customized GGUF models via the network request by default. This functionality can be manipulated to cause an out-of-memory denial of service attack. Title: The malicious gguf model can lead to DoS due to out of memory killed via network in ollam...
Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control
Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control Vendor: The Akuvox Company Product web page: https://www.akuvox.com Affected version: Doorphone: S539 S532 X916 X915 X912 R29 Intercom: E16C R20K-2 R20A-2 C313W-2 NS-2 NC-2 NX-2 Firmware: 912.30.1.137 Summary: Vandal-resistan...
IBM Security Verify Access 10.0.8 Open Redirection
IBM Security Verify Access = 10.0.0 ================================================ 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline 5. References 6. Credits 7. Legal Notices ======== ====================================================== Revision: 1.0...
Free And Open Source Inventory Management System 1.0 SQL Injection
Exploit Title: Free and Open Source Inventory Management System 1.0 - Unauthenticated SQL Injection Exploit Author: Sefa Ozan Date: 16/09/2023 Vendor: MAYURIK Vendor Homepage: https://mayurik.com/ Software Link:...
MobileTrans 4.0.11 Weak Service Permissions
Vendor Name: MobileTrans Product Name: MobileTrans Vendor Home Page: https://mobiletrans.wondershare.com/ Affected Versions: MobileTrans version 4.0.11 Vulnerability Type: Weak Service Permissions CWE-276 CVE Reference: CVE-2023-31748 Security Researcher: Thurein Soe Vulnerability description:...
Seowon SLR-120 Router Remote Code Execution
Exploit Title: Seowon SLR-120 Router - Remote Code Execution Unauthenticated Date: 2022-03-11 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=126&bigkind=B05&middlekind=B0530 Version: All versi...
Free MP3 CD Ripper 2.8 Buffer Overflow
Exploit Title: Free MP3 CD Ripper 2.8 - Stack Buffer Overflow SEH + Egghunter Date: 2020-07-22 Exploit Author: Eduard Palisek Vendor Homepage: https://www.cleanersoft.com Software Link: https://www.cleanersoft.com/download/FMCRSetup.exe Version: 2.8 Build 20140611 Tested on: Windows XP,...