50738 matches found
Online Course Registration 1.0 SQL Injection
Exploit Title: Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Authenticated Exploit Author: Sam Ferguson @AffineSecurity and Drew Jones @qhum7sec Date: 2021-10-21 Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...
WordPress Events Made Easy 2.0.68 Database Disclosure
Exploit Title : WordPress Events Made Easy Plugins 2.0.68 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/events-made-easy/ Software Download Link :...
Gitea 1.24.0+dev HTML Injection / Cross Site Scripting
Gitea version 1.24.0+dev suffers from an html injection vulnerability that can allow for cross site scripting. Title: Gitea 1.24.0+dev HTML Injection Vulnerability Description: Gitea version 1.24.0+dev-355-g74c8e95e87 is vulnerable to an HTML Injection vulnerability. The issue arises due to...
NEXT-EMP 1.0 Shell Upload
NEXT-EMP version 1.0 suffers from a remote shell upload vulnerability. Titles: NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Date: 01/29/2025 Vendor: https://www.mayurik.com/ Software:...
AMSS++ 4.2 Insecure Settings
=================================================================== | Title : AMSS++ v 4.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on: windows 8.1 Français V.Pro | | Vendor : http://amssplus.ubn4.go.th/amssplusdownload/ | | Dork : Education Area Management Support System...
WordPress Ad Inserter Cross Site Scripting
Tittle: WordPress Plugin Ad Inserter Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba...
Seeddms 5.1.10 Remote Command Execution
Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...
ScadaBR 1.0 / 1.1CE Windows Shell Upload
!/usr/bin/python Exploit Title: Authenticated Arbitrary File Upload Remote Code Execution Google Dork: N/A Date: 03/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Software Link: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for...
b2evolution CMS 6.11.6 Open Redirection
Exploit Title: Open redirect in b2evolution CMS 6.11.6 redirectto parameter in emailpassthrough.php Google Dork: N/A Date: 10/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405...
Online Hotel Reservation System 1.0 SQL Injection
Exploit Title: Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
WordPress WP24 Domain Check 1.6.2 Cross Site Scripting
Exploit Title: WordPress Plugin WP24 Domain Check 1.6.2 - 'fieldnameDomain' Stored Cross Site Scripting Date: 2021-01-03 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://wordpress.org/plugins/wp24-domain-check/ Software Link:...
WordPress Poll Maker 5.3.2 SQL Injection
Exploit Title: WordPress Poll Maker Plugin SQL Injection Date: 2024-07-11 Exploit Author: tmrswrr Category : Webapps Vendor: https://ays-pro.com/wordpress/poll-maker Version 5.3.2 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to Poll Maker Results...
Music Gallery Site 1.0 SQL Injection
Music Gallery Site - SQL Injection on page musiclist.php and parameter cid is vulnerable, application url is ?page=musiclist&cid=?. Any remote attacker can access this page to exploit the vulnerbility. Date: 21 February 2023 CVE Assigned: CVE-2023-0938 mitre.org nvd.nist.org Author Name: Muhammad...
Zstore 6.5.4 Cross Site Scripting
Title: zstore-6.5.4 - XSS-Reflected Development: nu11secur1ty Date: 01.18.2023 Vendor: https://zippy.com.ua/ Software: https://github.com/leon-mbs/zstore/releases/tag/6.5.4 Reproduce: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.5.4 Description: The value of...
Backdoor.Win32.GateHell.21 Man-In-The-Middle
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55dB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.GateHell.21 Vulnerability: Port Bounce Scan Description: The malware runs an FTP...
OpenCATS 0.9.4 Remote Code Execution
Exploit Title: OpenCATS 0.9.4 - Remote Code Execution RCE Google Dork: intext:"Current Available Openings, Recently Posted Jobs" Date: 21/09/2021 Exploit Author: Nicholas Ferreira - https://github.com/Nickguitar Vendor Homepage: https://www.opencats.org/ Software Link:...
HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Hoax.Win32.FrauDrop.gen Vulnerability: Insecure Permissions Description: FrauDrop.gen creates a...
WebLogic Server Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE - BadAttributeValueExpException', 'Description' = %q There exists a Java object deserialization vulnerability...
HiSilicon DVR/NVR hi3520d Firmware Backdoor Account
Exploit Title: HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account Dork: N/A Date: 2020-02-03 Exploit Author: Snawoot Vendor Homepage: http://www.hisilicon.com Product Link: http://www.hisilicon.com/en/Products Version: hi3520d Tested on: Linux CVE: N/A References:...
FusionPBX Operator Panel exec.php Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...
LayerBB 1.1.3 Cross Site Request Forgery
Exploit Title: LayerBB 1.1.3 - Multiple CSRF Date: 4/7/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=30 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-16531 1. Description: LayerBB is a free open-source forum...
Joomla Jumi 3.0.5 Database Disclosure / SQL Injection
Exploit Title : Joomla Jumi Components 3.0.5 SQL Injection / Database Disclosure / Remote File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/02/2019 Vendor Homepage : 2glux.com Software Download Link :...
📄 Tomcat Partial PUT Java Deserialization
This Metasploit module exploits a Java deserialization vulnerability in Apache Tomcats session restoration functionality that can be exploited with a partial HTTP PUT request to place an attacker controlled deserialization payload in the tomcatrootdir/webapps/ROOT/ directory. For the exploit to...
CyberPanel upgrademysqlstatus Arbitrary Command Execution
import httpx import sys def getCSRFtokenclient: resp = client.get"/" return resp.cookies'csrftoken' def pwnclient, CSRFtoken, cmd: headers = "X-CSRFToken": CSRFtoken, "Content-Type":"application/json", "Referer": strclient.baseurl payload = '"statusfile":"/dev/null; %s; ","csrftoken":"%s"' % cmd,...
WordPress Simple Backup File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Simple Backup File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress Plugin...
Allegro Software RomPager Misfortune Cookie (CVE-2014-9222) Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Allegro Software RomPager 'Misfortune Cookie' CVE-2014-9222 Scanner", 'Description' = %q This module scans for HTTP servers that appear to be...
vTiger CRM 7.4.0 Cross Site Scripting
CVE-ID:CVE-2024-44778 ------------------------------------------ Suggested description:A reflected cross-site scripting XSS vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a...
Artica Proxy 4.50 Unauthenticated PHP Deserialization
KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID: KL-001-2024-002 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt 1...
Shuttle Booking Software 2.0 Cross Site Scripting
Exploit Title: Shuttle Booking Software v2.0 - Multiple Stored Cross-Site Scripting Authenticated Date: 09/11/2023 Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/shuttle-booking-software/ Software Link:...
PyTorch Model Server Registration / Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'PyTorch Model Server Registration and Deserialization RCE', 'Description' = %q The PyTorch model server contains multiple...
Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Oracle E-Business Suite EBS Unauthenticated Arbitrary File Upload', 'Description' = %q This module exploits an unauthenticated...
Raspberry Pi 5.10 Default Credentials
Exploit Title: Raspberry Pi 5.10 - Default Credentials Date: 08/12/2021 Exploit Author: netspooky Vendor Homepage: https://www.raspberrypi.com/ Software Link: https://www.raspberrypi.com/software/operating-systems/ Version: Raspberry Pi OS = 5.10 Tested on: Raspberry Pi OS 5.10 CVE : CVE-2021-387...
Avaya IP Office 11 Insecure Transit / Password Disclosure
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-IP-OFFICE-INSECURE-TRANSIT-PASSWORD-DISCLOSURE.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.avaya.com Product Avaya IP Office v9.1.8.0 - 11 IP Office...
PHP-Fusion 9.03.50 SQL Injection
Exploit Title: php-fusion 9.03.50 - 'ctype' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Date: 2020-05-19 Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: 9.03.50 Tested On: Windows 10 + XAMPP...
Apache ActiveMQ 5.x Web Shell Upload
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ActiveMQ web shell upload', 'Description' = %q The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uplo...
📄 Microsoft Windows 11 Administrator Protection UAC Bypass / Privilege Escalation
A privilege escalation vulnerability exists in Windows 11 Insider Preview Build 10.0.27919.1000 due to improper handling of user‑controlled environment variables by the Unified Background Process Manager UBPM when launching elevated scheduled tasks under Administrator Protection. Proof of concept...
Online Job Recruitment Portal Project 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Online Job Recruitment Portal project v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Zope 5.9 Command Injection
Vulnerability Report Title: Command Argument Injection Vulnerability in Zope WSGI Instance Creation Script Leading to RCE Description: A command Argument injection vulnerability has been identified in the Zope WSGI instance creation script used by the Zope web application server framework, which ...
PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting
Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0...
Instagram App 287.0.0.22.85 Denial Of Service
Exploit Title: Instagram App 287.0.0.22.85 - Denial of Service PoC Date: 2023-06-13 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.instagram.com Software Link: https://play.google.com/store/apps/details?id=com.instagram.android Version: 287.0.0.22.85 Tested on: Android 12 About Ap...
Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ServiceDesk Plus Unauthenticated SAML RCE', 'Description' = %q This exploits an unauthenticated remote code execution vulnerability...
Razer Synapse 3.7.0731.072516 Local Privilege Escalation
Advisory ID: SYSS-2022-047 Product: Razer Synapse Manufacturer: Razer Inc. Affected Versions: Versions before 3.7.0830.081906 Tested Versions: 3.7.0731.072516 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: High Solution Status: Open Manufacturer Notification: 2022-08-02...
BuilderTorCTPHPRAT.b Shell Upload
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BuilderTorCTPHPRAT.b Vulnerability: Arbitrary File Upload - RCE Family: TorCTPHPRAT Type: WebUI MD5...
Online Pre-Owned / Used Car Showroom Management System 1.0 SQL Injection
Exploit Title: Online Pre-owned/Used Car Showroom Management System 1.0 - SQLi Authentication Bypass Date: 01-12-2021 Exploit Author: Mohamed habib Smidi Craniums Vendor Homepage: https://www.sourcecodester.com/php/15067/online-pre-ownedused-car-showroom-management-system-php-free-source-code.htm...
Pluck CMS 4.7.13 Remote Shell Upload
Exploit Title: Pluck CMS 4.7.13 - File Upload Remote Code Execution Authenticated Date: 25.05.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck/releases/tag/4.7.13 Version: 4.7.13 Tested on Xubuntu 20.0...
Hasura GraphQL 1.3.3 Arbitrary File Read
Exploit Title: Hasura GraphQL 1.3.3 - Local File Read Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19./2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.168.1.1' HASURAPO...
Trojan.Win32.NanoBot.onh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.NanoBot.onh Vulnerability: Insecure Permissions Description: NanoBot.onh creates an...
Trojan.Win32.Agent.zfgh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.zfgh Vulnerability: Insecure Permissions Description: Agent.zfgh creates an hidde...
SAP Solution Manager 7.2 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Solution Manager remote unauthorized OS commands execution', 'License' = MSFLICENSE, 'Author' = 'Yvan Genuer', @1ggy The researcher who...
Fuel CMS 1.4.8 SQL Injection
Exploit Title: Fuel CMS 1.4.8 - 'fuelreplaceid' SQL Injection Authenticated Date: 2020-08-19 Exploit Author: c0mpu7er(@ymbank.cn) Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.8.zip Version: 1.4.7 Tested on: PHP 5.4.45, Apache...