50738 matches found
Employee Performance Evaluation System 1.0 Insecure Direct Object Reference
Exploit Title: Employee Performance Evaluation System 1.0 - Able to delete Admin user from Local account Unauthenticated Insecure Direct Object Reference IDOR Date: 09/12/2020 Exploit Author: Manish Solanki Vendor Homepage: https://www.sourcecodester.com Software Link:...
Coaster CMS 5.8.18 Cross Site Scripting
Exploit Title: Coastercms 5.8.18 - Stored XSS Exploit Author: Hardik Solanki Vendor Homepage: https://www.coastercms.org/ Software Link: https://www.coastercms.org/ Version: 5.8.18 Tested on Windows 10 XSS IMPACT: 1: Steal the cookie 2: User redirection to a malicious website Vulnerable Parameter...
Oracle Weblogic Server Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - Raw Object', 'Description' = %q An unauthenticated attacker wi...
PHPJabbers Shuttle Booking Software 2.0 CSV Injection
Exploit Title: PHPJabbers Shuttle Booking Software v2.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/shuttle-booking-software/ Version: v2.0 Tested on: Windows 10...
Atlassian Confluence Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an improper input validation issue in...
Bludit 3.13.1 Cross Site Scripting
Exploit Title: Bludit 3.13.1 - 'username' Cross Site Scripting XSS Date: 19/10/2021 Exploit Author: Vasu tamilanmkv Vendor Homepage: https://www.bludit.com Software Link: https://www.bludit.com/releases/bludit-3-13-1.zip Version: bludit-3-13-1 Tested on: kali linux CVE : CVE-2021-35323 Steps to...
4images 1.8 SQL Injection
Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...
UBICOD Medivision Digital Signage 1.5.1 Cross Site Request Forgery
input type="hi...
WordPress BBPress 2.5 Privilege Escalation
Exploit Title: Wordpress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation Date: 2020-05-29 Exploit Author: Raphael Karger Software Link: https://codex.bbpress.org/releases/ Version: BBPress 2.5 CVE: CVE-2020-13693 import argparse import requests import bs4 import urllib3...
Free And Open Source Inventory Management System 1.0 SQL Injection
Exploit Title: Free and Open Source Inventory Management System 1.0 - Unauthenticated SQL Injection Exploit Author: Sefa Ozan Date: 16/09/2023 Vendor: MAYURIK Vendor Homepage: https://mayurik.com/ Software Link:...
Webmin 1.984 Remote Code Execution
Exploit Title: Webmin 1.984 - Remote Code Execution Authenticated Date: 2022-03-06 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.webmin.com/ Software Link: https://github.com/webmin/webmin/archive/refs/tags/1.984.zip Version: = 1.984 Tested on: Ubuntu 18...
OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH...
Joomla J2 Store 3.3.11 SQL Injection
Exploit Title: Joomla J2 Store v3.3.11 - Authenticated SQL Injection Date: 17.04.2020 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://www.j2store.org/ Software Link: https://www.j2store.org/download.html Reference:...
Peplink Balance Routers SQL Injection
class MetasploitModule 'Peplink Balance routers SQLi', 'Description' = %q Firmware versions up to 7.0.0-build1904 of Peplink Balance routers are affected by an unauthenticated SQL injection vulnerability in the bauth cookie, successful exploitation of the vulnerability allows an attacker to...
Simple Task List 1.0 SQL Injection
Exploit Title: Simple Task List 1.0 - 'status' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/simple-task-list-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/12/SimpleTaskListInPHPWithSourceCode.zip Version: 1.0...
Oracle 19c / 21c Sharding Component Password Hash Exposure
Title: CVE-2023-22074 – Oracle database password hash exposure in sharding component Product: Database Manufacturer: Oracle Affected Versions: 19c,21c 19.3-19.20 and 21.3-21.11 Tested Versions: 19c Risk Level: Low Solution Status: Fixed CVE Reference: CVE-2023-22074 Base Score: 2.4 Author of...
Online Examination System 1.0 Cross Site Scripting
Exploit Title: Online examination system 1.0 - 'name' Stored Cross Site Scripting Date: 29/10/2020 Exploit Author: Nikhil Kumar https://www.linkedin.com/in/nikhil-kumar-4b9443166/ Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...
Point Of Sales 1.0 Cross Site Scripting
Exploit Title: Point of Sales 1.0 - Stored Cross Site Scripting Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link:...
Devinim Library Software 19.0504000 Open Redirection
Exploit Title : Devinim Library Software 19.0504000 Open Redirection Vulnerability Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/10/2019 Vendor Homepage : devinim.com.tr Software Affected Versions and Download Links : Koha 16.1104000...
boastMachine 3.1 Cross Site Request Forgery
Exploit Title: boastMachine v3.1 document.nano.submit; Greetz : Dr.WEP , JIKO , All FriendS...
geeklog-rfi.txt
GeekLog = 2. BaseView.php Remote File Include Vulnerabilities Discovered by GolDMMahmnoodali & & Contact: [email protected] URL: http://www.geeklog.net/nightly/geeklog2-cvs-nightly.tar.gz V.CODE: In : path/system/libraries/Geeklog/MVCnPHP/BaseView.php require $glConf'pathlibraries'...
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a vulnerability in Fortra GoAnywhere MFT th...
Reprise License Manager 14.2 Remote Binary Execution
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44153 Vulnerability Title: Authenticated Remote Binary Execution Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...
Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass
Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in...
OX App Suite / Ox Documents 7.10.x XSS / Code Injection / Traversal
Product: OX App Suite, OX Documents Vendor: OX Software GmbH Internal reference: MWB-993 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev35,...
Trojan-Downloader.Win32.Delf.oxz Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/373b1d95ccdbbc6531dff43bbbe43534.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Delf.oxz Vulnerability: Insecure Permissions Description: Win32.Delf.oxz...
FortiLogger 4.4.2.2 Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
NETGEAR R6700v3 Password Reset / Remote Code Execution
tokyodrift ======= Summary This document describes a stack overflow vulnerability that was found by Pedro Ribeiro @pedrib1337 | [email protected] and Radek Domanski @RabbitPro in October 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the...
VMware vCenter Server 6.7 Authentication Bypass
Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...
WordPress 4.8.2 Activation Key Failed Expiry
Details ================ Software: WordPress Version: 4.8.2 Homepage: https://wordpress.org/ Advisory report: https://security.dxw.com/advisories/wordpress-signups-activation/ CVE: CVE-2017-14990 CVSS: 0 Low; AV:L/AC:H/Au:M/C:N/I:N/A:N Description ================ WordPress does not hash or expir...
VICIdial Authenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Authenticated Remote Code Execution', 'Description' = %q An attacker with authenticated access to VICIdial as an "agent" can execute...
HTTP Open Proxy Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Open Proxy Detection', 'Description' = %q Checks if an HTTP proxy is open. False positive are avoided verifying the HTTP return code and...
Codoforum 5.2.1 File Upload
==================================================================================================================================== | Title : Codoforum v5.2.1 Arbitrary file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
Found Information System 1.0 SQL Injection
Title: Found Information System 1.0 Multiple-SQLi Author: nu11secur1ty Date: 05.07.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Reference:...
Matrimonial PHP Script 1.0 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass
Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Bypass of Filename Extension Restrictions Solution Status: Fix Released on public GitHub repository Manufacturer Notification: June 2021 Public...
Hasura GraphQL 1.3.3 Remote Code Execution
Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/23/2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.34.57.144'...
Socket.io-file 2.0.31 Arbitrary File Upload
Exploit Title: Socket.io-file 2.0.31 - Arbitrary File Upload Date: 2020-07-02 Exploit Author: Cr0wTom Vendor Homepage: https://www.npmjs.com/package/socket.io-file Software Link: https://www.npmjs.com/package/socket.io-file/v/2.0.31 Version: = v2.0.31 Tested on: node v10.19.0, Socket.io-file...
Cayin Content Management Server 11.0 Root Remote Command Injection
Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.com Affected version: CMS-SE v11.0 Build 19179 CMS-SE v11.0 Build 19025 CMS-SE v11.0 Build 18325 CMS Station CMS-SE-LXC CMS-60 v11.0 Build 19025 CMS-40 v9....
Zimbra XML Injection / Server-Side Request Forgery
coding=utf8 import requests import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning baseurl=sys.argv1 baseurl=baseurl.rstrip"/" upload file name and content modify by k8gege Connect "shell.jsp" using K8fly...
Lawo AG vsm LTC Time Sync Path Traversal
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated Path Traversal Vulnerability product: Lawo AG - vsm LTC Time Sync vTimeSync vulnerable version: 4.5.6.0 fixed version: 4.5.6.0 CVE number: CVE-2024-6049...
Tourism Management System 2.0 Cross Site Scripting
Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Date: 13 July 2024 Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version:...
LumisXP 16.1.x Hardcoded Credentials / IDOR
===== Tempest Security Intelligence - ADV-6/2024 ========================== LumisXP v15.0.x to v16.1.x Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeli...
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion
Vulnerability Details and Technical Analysis The AI ChatBot plugin provides website owners with a plug and play chat solution that can be expanded upon with customizable FAQs and custom text responses. It provides website users with an interface that allows them to look up order information, leav...
Progress Software WS_FTP Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Progress Software WSFTP Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unsafe .NET deserialization...
Enlightenment 0.25.3 Privilege Escalation
Title: Enlightenment Version: 0.25.3 LPE Author: nu11secur1ty Date: 12.26.2022 Vendor: https://www.enlightenment.org/ Software: https://www.enlightenment.org/download Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2022-37706 Description: The Enlightenment Version: 0.25.3 is...
Omnia MPX 1.5.0+r1 Path Traversal
Exploit Title: Omnia MPX 1.5.0+r1 - Path Traversal Date: 24/7/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.telosalliance.com/ Software Link: https://support.telosalliance.com/article/934ixoaz3l-mpx-node-release-notes-and-update-instructions Version: 1.5.0+r1 Tested...
Backdoor.Win32.Hupigon.acio Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/21f324a6a62d8125bc83b8d1865e17f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.acio Vulnerability: Insecure Service Path Description: The malware creates a...
Moodle Atto Editor Cross Site Scripting
Exploit Title: Moodle Atto Editor Cross Site Scripting Date: 26.03.2021 Author: Vincent666 ibn Winnie Software Link: https://moodle.org/plugins/editoratto Tested on: Windows 10 Web Browser: Mozilla Firefox Google Dorks: inurl:/lib/editor/atto/plugins/managefiles/ or calendar/view.php?view=month M...
LanSpy 2.0.1.159 Stack Buffer Overflow
""" Exploit title: LanSpy v.2.0.1.159 - Stack Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec - [email protected] - https://voidsec.com Vendor Homepage: https://lizardsystems.com/ Download: https://www.exploit-db.com/apps/70a780b78ee7dbbbbc99852259f75d53-lanspysetup2.0.1.159.exe Versio...