50784 matches found
Free MP3 CD Ripper 2.8 Buffer Overflow
Exploit Title: Free MP3 CD Ripper 2.8 - Stack Buffer Overflow SEH + Egghunter Date: 2020-07-22 Exploit Author: Eduard Palisek Vendor Homepage: https://www.cleanersoft.com Software Link: https://www.cleanersoft.com/download/FMCRSetup.exe Version: 2.8 Build 20140611 Tested on: Windows XP,...
PHPJabbers Shuttle Booking Software 2.0 CSV Injection
Exploit Title: PHPJabbers Shuttle Booking Software v2.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/shuttle-booking-software/ Version: v2.0 Tested on: Windows 10...
Atlassian Confluence Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an improper input validation issue in...
Active eCommerce CMS 6.5.0 Cross Site Scripting
Exploit Title: Active eCommerce CMS 6.5.0 - 'svg' Stored Cross-Site Scripting XSS Date: 19/01/2023 Exploit Author: Sajibe Kanti Vendor Name: ActiveITzone Vendor Homepage: https://activeitzone.com/ Software Link: https://codecanyon.net/item/active-ecommerce-cms/23471405 Version: 6.5.0 Tested on:...
Bludit 3.13.1 Cross Site Scripting
Exploit Title: Bludit 3.13.1 - 'username' Cross Site Scripting XSS Date: 19/10/2021 Exploit Author: Vasu tamilanmkv Vendor Homepage: https://www.bludit.com Software Link: https://www.bludit.com/releases/bludit-3-13-1.zip Version: bludit-3-13-1 Tested on: kali linux CVE : CVE-2021-35323 Steps to...
GridPro Request Management For Windows Azure Pack 2.0.7905 Directory Traversal
Certitude Securtiy Advisory - CSA-2021-003 PRODUCT : GridPro Request Management for Windows Azure Pack VENDOR : GridPro Software SEVERITY : Critical AFFECTED VERSION : =2.0.7905 IDENTIFIERS : CVE-2021-40371 PATCH VERSION : 2.0.7912 FOUND BY : Giulian Guran, Certitude Lab Introduction ------------...
Employee Performance Evaluation System 1.0 Insecure Direct Object Reference
Exploit Title: Employee Performance Evaluation System 1.0 - Able to delete Admin user from Local account Unauthenticated Insecure Direct Object Reference IDOR Date: 09/12/2020 Exploit Author: Manish Solanki Vendor Homepage: https://www.sourcecodester.com Software Link:...
Coaster CMS 5.8.18 Cross Site Scripting
Exploit Title: Coastercms 5.8.18 - Stored XSS Exploit Author: Hardik Solanki Vendor Homepage: https://www.coastercms.org/ Software Link: https://www.coastercms.org/ Version: 5.8.18 Tested on Windows 10 XSS IMPACT: 1: Steal the cookie 2: User redirection to a malicious website Vulnerable Parameter...
Oracle Weblogic Server Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - Raw Object', 'Description' = %q An unauthenticated attacker wi...
Oracle 19c / 21c Sharding Component Password Hash Exposure
Title: CVE-2023-22074 – Oracle database password hash exposure in sharding component Product: Database Manufacturer: Oracle Affected Versions: 19c,21c 19.3-19.20 and 21.3-21.11 Tested Versions: 19c Risk Level: Low Solution Status: Fixed CVE Reference: CVE-2023-22074 Base Score: 2.4 Author of...
Reprise License Manager 14.2 Remote Binary Execution
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44153 Vulnerability Title: Authenticated Remote Binary Execution Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...
4images 1.8 SQL Injection
Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...
UBICOD Medivision Digital Signage 1.5.1 Cross Site Request Forgery
input type="hi...
WordPress BBPress 2.5 Privilege Escalation
Exploit Title: Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation Date: 2020-05-29 Exploit Author: Raphael Karger Software Link: https://codex.bbpress.org/releases/ Version: BBPress 2.5 CVE: CVE-2020-13693 import argparse import requests import bs4 import urllib3...
Webmin 1.984 Remote Code Execution
Exploit Title: Webmin 1.984 - Remote Code Execution Authenticated Date: 2022-03-06 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.webmin.com/ Software Link: https://github.com/webmin/webmin/archive/refs/tags/1.984.zip Version: = 1.984 Tested on: Ubuntu 18...
Point Of Sales 1.0 Cross Site Scripting
Exploit Title: Point of Sales 1.0 - Stored Cross Site Scripting Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link:...
Online Examination System 1.0 Cross Site Scripting
Exploit Title: Online examination system 1.0 - 'name' Stored Cross Site Scripting Date: 29/10/2020 Exploit Author: Nikhil Kumar https://www.linkedin.com/in/nikhil-kumar-4b9443166/ Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...
OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH...
Joomla J2 Store 3.3.11 SQL Injection
Exploit Title: Joomla J2 Store v3.3.11 - Authenticated SQL Injection Date: 17.04.2020 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://www.j2store.org/ Software Link: https://www.j2store.org/download.html Reference:...
Peplink Balance Routers SQL Injection
class MetasploitModule 'Peplink Balance routers SQLi', 'Description' = %q Firmware versions up to 7.0.0-build1904 of Peplink Balance routers are affected by an unauthenticated SQL injection vulnerability in the bauth cookie, successful exploitation of the vulnerability allows an attacker to...
Simple Task List 1.0 SQL Injection
Exploit Title: Simple Task List 1.0 - 'status' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/simple-task-list-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/12/SimpleTaskListInPHPWithSourceCode.zip Version: 1.0...
Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass
Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in...
OX App Suite / Ox Documents 7.10.x XSS / Code Injection / Traversal
Product: OX App Suite, OX Documents Vendor: OX Software GmbH Internal reference: MWB-993 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev35,...
Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass
Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Bypass of Filename Extension Restrictions Solution Status: Fix Released on public GitHub repository Manufacturer Notification: June 2021 Public...
FortiLogger 4.4.2.2 Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
NETGEAR R6700v3 Password Reset / Remote Code Execution
tokyodrift ======= Summary This document describes a stack overflow vulnerability that was found by Pedro Ribeiro @pedrib1337 | [email protected] and Radek Domanski @RabbitPro in October 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the...
Devinim Library Software 19.0504000 Open Redirection
Exploit Title : Devinim Library Software 19.0504000 Open Redirection Vulnerability Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/10/2019 Vendor Homepage : devinim.com.tr Software Affected Versions and Download Links : Koha 16.1104000...
boastMachine 3.1 Cross Site Request Forgery
Exploit Title: boastMachine v3.1 document.nano.submit; Greetz : Dr.WEP , JIKO , All FriendS...
geeklog-rfi.txt
GeekLog = 2. BaseView.php Remote File Include Vulnerabilities Discovered by GolDMMahmnoodali & & Contact: [email protected] URL: http://www.geeklog.net/nightly/geeklog2-cvs-nightly.tar.gz V.CODE: In : path/system/libraries/Geeklog/MVCnPHP/BaseView.php require $glConf'pathlibraries'...
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a vulnerability in Fortra GoAnywhere MFT th...
Found Information System 1.0 SQL Injection
Title: Found Information System 1.0 Multiple-SQLi Author: nu11secur1ty Date: 05.07.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Reference:...
Hasura GraphQL 1.3.3 Remote Code Execution
Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/23/2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.34.57.144'...
Trojan-Downloader.Win32.Delf.oxz Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/373b1d95ccdbbc6531dff43bbbe43534.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Delf.oxz Vulnerability: Insecure Permissions Description: Win32.Delf.oxz...
VMware vCenter Server 6.7 Authentication Bypass
Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...
WordPress 4.8.2 Activation Key Failed Expiry
Details ================ Software: WordPress Version: 4.8.2 Homepage: https://wordpress.org/ Advisory report: https://security.dxw.com/advisories/wordpress-signups-activation/ CVE: CVE-2017-14990 CVSS: 0 Low; AV:L/AC:H/Au:M/C:N/I:N/A:N Description ================ WordPress does not hash or expir...
RaspberryMatic 3.73.9.20240130 Remote Code Execution
RaspberryMatic / OCCU contains a unauthenticated remote code execution vulnerability, caused by multiple issues within the Java based HMIPServer.jar component. The webui allows for Firmware uploads which can be reached through the URL /pages/jpages/system/DeviceFirmware/addFirmware. This allows a...
Lawo AG vsm LTC Time Sync Path Traversal
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated Path Traversal Vulnerability product: Lawo AG - vsm LTC Time Sync vTimeSync vulnerable version: 4.5.6.0 fixed version: 4.5.6.0 CVE number: CVE-2024-6049...
HTTP Open Proxy Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Open Proxy Detection', 'Description' = %q Checks if an HTTP proxy is open. False positive are avoided verifying the HTTP return code and...
Tourism Management System 2.0 Cross Site Scripting
Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Date: 13 July 2024 Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version:...
Aero CMS 0.0.1 Cross Site Request Forgery
============================================================================================================================================= | Title : Aero CMS v0.0.1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | | Vendor...
LumisXP 16.1.x Hardcoded Credentials / IDOR
===== Tempest Security Intelligence - ADV-6/2024 ========================== LumisXP v15.0.x to v16.1.x Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeli...
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion
Vulnerability Details and Technical Analysis The AI ChatBot plugin provides website owners with a plug and play chat solution that can be expanded upon with customizable FAQs and custom text responses. It provides website users with an interface that allows them to look up order information, leav...
Progress Software WS_FTP Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Progress Software WSFTP Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unsafe .NET deserialization...
Codoforum 5.2.1 File Upload
==================================================================================================================================== | Title : Codoforum v5.2.1 Arbitrary file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
Matrimonial PHP Script 1.0 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Backdoor.Win32.Hupigon.acio Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/21f324a6a62d8125bc83b8d1865e17f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.acio Vulnerability: Insecure Service Path Description: The malware creates a...
Socket.io-file 2.0.31 Arbitrary File Upload
Exploit Title: Socket.io-file 2.0.31 - Arbitrary File Upload Date: 2020-07-02 Exploit Author: Cr0wTom Vendor Homepage: https://www.npmjs.com/package/socket.io-file Software Link: https://www.npmjs.com/package/socket.io-file/v/2.0.31 Version: = v2.0.31 Tested on: node v10.19.0, Socket.io-file...
Cayin Content Management Server 11.0 Root Remote Command Injection
Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.com Affected version: CMS-SE v11.0 Build 19179 CMS-SE v11.0 Build 19025 CMS-SE v11.0 Build 18325 CMS Station CMS-SE-LXC CMS-60 v11.0 Build 19025 CMS-40 v9....
Zimbra XML Injection / Server-Side Request Forgery
coding=utf8 import requests import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning baseurl=sys.argv1 baseurl=baseurl.rstrip"/" upload file name and content modify by k8gege Connect "shell.jsp" using K8fly...
SmartAgent 1.1.0 SQL Injection
Exploit Title: SmartAgent v1.1.0 - Unauthenticated SQL Injection SQLi Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can inject SQL queries through a POST request ...