50738 matches found
📄 Crafty Controller 4.6.1 Remote Code Execution / Server-Side Template Injection
Crafty Controller version 4.6.1 allows authenticated remote attackers to execute arbitrary system commands on the target server through server-side template injection the webhook configuration feature...
Blood Bank 1.0 SQL Injection
Exploit Title: Blood Bank 1.0 - 'bid' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...
WordPress LiteSpeed Cache 5.6 Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: LiteSpeed Cache = 5.6 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: LiteSpeed Cache Plugin Slug: litespeed-cache Affected Versions: = 5.6 CVE ID: CVE-2023-4372 CVSS Score: 6.4 Medium CVSS...
Zoho Password Manager Pro XML-RPC Java Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zoho Password Manager Pro XML-RPC Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in Zoho...
Xen PV Guest Non-SELFSNOOP CPU Memory Corruption
Xen: PV guest on non-SELFSNOOP CPUs can validate non-coherent L2 pagetable I'm not sure whether there are any major users of unshimmed Xen PV left, but https://xenbits.xen.org/docs/unstable/support-matrix.html says it's still a security-supported usecase for 64-bit guests. Tested on Debian's Xen...
Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection
Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: 2.7.1.5659 2.0.5.3356-184 Summary: CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a...
Openlitespeed 1.7.9 Cross Site Scripting
Exploit Title: Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting Date: 3/30/2021 Exploit Author: cmOs Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.9 Tested on Ubuntu 20.04 Step 1: Log in to the dashboard using th...
Backdoor.Win32.Delf.zs Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/911e96073cfe807289366343aa8d97ac.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.zs Vulnerability: Unauthenticated Remote Command Execution Description: Backdoor...
ParantezTeknoloji Library Software 16.0519000 Open Redirection
Exploit Title : ParantezTeknoloji Library Software 16.0519000 Open Redirection Vulnerability Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/10/2019 Vendor Homepage : parantezteknoloji.com.tr Software Affected Versions and Download Links : Koha 3.2000000...
WebcamXP / Webcam7 Directory Traversal
Exploit Title: WebcamXP and Webcam7 Directory Traversal Vulnerability Google Dork: "powered by webcamxp" xhtml css Google Dork: "powered by webcam 7" Date: 2/22/2012 Author: Silent Dream Software Link: http://dl.filekicker.com/send/file/230775-FQAC/wlite550.exe Software Link:...
htmly 2.9.9 Cross Site Scripting
Exploit Title: Stored XSS in "Edit Profile" - htmlyv2.9.9 Date: 9/2024 Exploit Author: Andrey Stoykov Version: 2.9.9 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2024/09/friday-fun-pentest-series-11-stored-xss.html Stored XSS 1: Steps to Reproduce: 1. Login as author 2. Browse to...
OpenClinic GA 5.247.01 Information Disclosure
Exploit Title: OpenClinic GA 5.247.01 - Information Disclosure Date: 2023-08-14 Exploit Author: VB Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11 CVE:...
LaborOfficeFree 19.10 MySQL Root Password Calculator
Exploit Title: LaborOfficeFree 19.10 MySQL Root Password Calculator - CVE-2024-1346 Google Dork: N/A Date: 09/02/2023 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.laborofficefree.com/ Software Link: https://www.laborofficefree.com/plans Version: 19.10 Tested on...
FTPDMIN 0.96 Denial Of Service
!/usr/bin/perl use Net::FTP; Exploit Title: FTPDMIN 0.96 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 2024-01-01 Vendor Homepage: https://www.sentex.ca/mwandel/ftpdmin/ Download to demo: https://drive.google.com/file/d/1CpfvaJbJVxR3HPWvcxIVipTaTj7RAaLd/view?usp=sharing...
FixBook Repair Shop Management Tool 3.0 Hash Disclosure
==================================================================================================================================== | Title : FixBook - Repair Shop Management Tool v3.0 Password Hash Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...
WordPress WP Brutal AI Cross Site Scripting
Tittle: WordPress Plugin WP Brutal AI " 3. Save the changes to trigger XSS. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/62deb3ed-a7e4-4cdc-a615-cad2ec2e1e8f...
qdPM 9.1 Cross Site Scripting
Exploit Title: qdPM 9.x -bindtype - Cross-Site Scripting Exploit Author: Or4nG.M4n Date : 4/26/2023 Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 , 9.1 XSS Reflected . GET...
Nortek Linear eMerge E3-Series Command Injection
Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection Exploit Author: Omar Hashim Version: 0.32-09c Vendor home page: https://www.nortekcontrol.com/access-control/ Vendor home page: https://linear-solutions.com/ Authentication Required: No CVE: CVE-2022-31499 POC:...
Wondershare Dr.Fone 12.0.7 Privilege Escalation
Exploit Title: Wondershare Dr.Fone 12.0.7 - Privilege Escalation InstallAssistService Date: 4/27/2022 Exploit Author: Netanel Cohen & Tomer Peled Vendor Homepage: https://drfone.wondershare.net/ Software Link: https://download.wondershare.net/drfonefull4008.exe Version: up to 12.0.7 Tested on:...
HealthForYou 1.11.1 / HealthCoach 2.9.2 Missing Password Policy
Trovent Security Advisory 2104-03 Missing server-side password policy Overview Advisory ID: TRSA-2104-03 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-03 Affected product: HealthForYou & Sanitas HealthCoach mobile and web applications Tested...
GitLab Unauthenticated Remote ExifTool Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab Unauthenticated Remote ExifTool Command Injection', 'Description' = %q This module exploits an unauthenticated file upload and command...
Moodle Authenticated Spelling Binary Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Moodle Authenticated Spelling Binary RCE', 'Description' = %q Moodle allows an authenticated user to define spellcheck...
LinuxKI Toolset 6.01 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LinuxKI Toolset 6.01 Remote Command Execution', 'Description' = %q This module exploits a vulnerability in LinuxKI Toolset MSFLICENSE, 'Author' =...
Acronis Cyber Infrastructure Default Password Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'Acronis Cyber Infrastructure default password remote code execution', 'Description' = %q Acronis Cyber Infrastructure ACI is an ...
Hitachi NAS SMU 14.8.7825 Information Disclosure
Exploit Title: Hitachi NAS HNAS System Management Unit SMU 14.8.7825 - Information Disclosure CVE: CVE-2023-6538 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host", required=Tru...
PHPJabbers Bus Reservation System 1.1 Cross Site Scripting
Exploit Title: PHPJabbers Bus Reservation System v1.1 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/bus-reservation-system/sectionDemo Version: v1.1 Tested o...
Fortinet FortiOS / FortiProxy / FortiSwitchManager Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet FortiOS, FortiProxy, and FortiSwitchManager authentication bypass.', 'Description' = %q This module exploits an authentication bypass...
Pharmacy Point Of Sale System 1.0 SQL Injection
Exploit Title: Pharmacy Point of Sale System 1.0 - 'Multiple' SQL Injection SQLi Date: 28.09.2021 Exploit Author: Murat Vendor Homepage: https://www.sourcecodester.com/php/14957/pharmacy-point-sale-system-using-php-and-sqlite-free-source-code.html Software Link:...
Eibiz i-Media Server Digital Signage 3.8.0 File Path Traversal
Eibiz i-Media Server Digital Signage 3.8.0 oldfile File Path Traversal Vendor: EIBIZ Co.,Ltd. Product web page: http://www.eibiz.co.th Affected version: =3.8.0 Summary: EIBIZ develop advertising platform for out of home media in that time the world called "Digital Signage". Because most business...
Microsoft Windows LNK File Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LNK Code Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that...
Xoops 2.5.6 Cross Site Scripting
Xoops 2.5.6 Multiple XSS vulnerabilities ------------------------------------------------------------ == Description == - Software link: http://xoops.org/ - Affected versions: version 2.5.6last version is vulnerable. Other versions might be affected as well. - Vulnerability discovered by: Mehdi...
Artica Proxy 4.40 Code Injection
============================================================================================================================================= | Title : Artica Proxy appliance 4.40 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
ABB Cylon Aspect 3.08.01 Arbitrary File Deletion
ABB Cylon Aspect 3.08.01 databaseFileDelete.php Arbitrary File Delete Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
Backdoor.Win32.Delf.yj MVID-2024-0693 Information Disclosure
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/f991c25f1f601cc8d14dca4737415238.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Delf.yj Vulnerability: Information Disclosure Description: The malware listens on...
Zoo Management System 1.0 Cross Site Scripting
Exploit Title: Zoo Management System 1.0 - Reflected Cross-Site-Scripting XSS Date: 06/22/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15344/zoo-management-system-phpoop-free-source-code.html Version: 1...
Orangescrum 1.8.0 Cross Site Scripting
Exploit Title: orangescrum 1.8.0 - 'Multiple' Cross-Site Scripting XSS Authenticated Date: 28/11/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/...
WordPress TaxoPress 3.0.7.1 Cross Site Scripting
Exploit Title: WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting XSS Authenticated Date: 23-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: Software Link: https://wordpress.org/plugins/simple-tags/ Tested on Windows CVE: CVE-2021-24444...
Simple Water Refilling Station Management System 1.0 SQL Injection
Exploit Title: Simple Water Refilling Station Management System 1.0 - Authentication Bypass Exploit Author: Matt Sorrell Date: 2021-08-14 Vendor Homepage: https://www.sourcecodester.com Software Link:...
Okta Access Gateway 2020.5.5 Authenticated Remote Root
Okta Access Gateway v2020.5.5 Post-Auth Remote Root RCE CVE-2021-28113 ======= Details ======= There are two command injection bugs can that be triggered after authenticating to the web UI. Since the injection occurs when a script is executed with sudo, the commands are ran with root privileges...
Hasura GraphQL 1.3.3 Server-Side Request Forgery
Exploit Title: Hasura GraphQL 1.3.3 - Service Side Request Forgery SSRF Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19/2021 Tested on: Ubuntu import requests HASURASCHEME = 'http' HASURAHOST = '192.168.1.1'...
Joomla K2 2.9.0 Database Disclosure / SQL Injection
Exploit Title : Joomla K2 Components 2.9.0 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/02/2019 Vendor Homepage : getk2.org Software Download Link : getk2.org/downloads/?f=K2v2.9.0.zip Software Information Link :...
Online Book Store 1.0 SQL Injection
Exploit Title: Online Book Store 1.0 - process.php SQL injection Google Dork: 4/26/2023 Exploit Author: Or4nG.M4n Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
SecurePoint UTM 12.x Session ID Leak
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2023-01-05 Date...
WordPress Social Warfare 3.5.2 Remote Code Execution
Author = Raed Ahsan Creation Date = 24/07/2021 Vulnerability : SocialWarfare 3.5.2 plugin wordpress Remote Code Execution Linkedin = https://linkedin.com/in/raed-ahsan/ import socket import requests import subprocess import time import pyautogui print"Start your python SimpleHTTPServer on port 12...
Zen Cart 1.5.7b Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit write payload in database and trig to command a bug in an zencart v1.5.7b web application class MetasploitModule 'zencart authenticated remote code executio...
Genexis Platinum-4410 P4410-V2-1.28 Cross Site Request Forgery
Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Cross Site Request Forgery to Reboot Date: 10/28/2020 Exploit Author: Mohammed Farhan Vendor Homepage: https://genexis.co.in/product/ont/ Version: Platinum-4410 Software version - P4410-V2-1.28 Tested on: Windows 10 Author Contact:...
Easy File Sharing Web Server 7.2 Local Buffer Overflow
Exploit Title: Easy File Sharing Web Server 7.2 - SMTP 'Password' Local Buffer Overflow SEH Date: 03/16/2020 Author: Felipe Winsnes Vendor Homepage: http://www.sharing-file.com/ Software Link: http://www.sharing-file.com/download.php Version: 7.2 Tested on: Windows 7 Proof of Concept: 1.- Run the...
Windows Pass-Through Authentication Methods Improper Validation
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Pass-Through Authentication Methods Improper Validation 1. Advisory Information Title: Windows Pass-Through Authentication Methods Improper Validation Advisory ID: CORE-2015-0005 Advisory URL:...
Edunext Systems + School Management Software 1.0 SQL Injection
Edunext Systems + School Management Software version 1.0 suffers from multiple remote SQL injection vulnerabilities. Exploit Title: Edunext Systems + School Management Software Multiple SQL injection Google Dork: inurl:/page.php?PAGE= , inurl:/image-gallery-detail.php?galid= , intext:Powered by...
WordPress File Manager Advanced Shortcode 2.3.2 Code Injectin / Shell Upload
============================================================================================================================================= | Title : WordPress File Manager Advanced Shortcode 2.3.2 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...