50738 matches found
Daily Habit Tracker 1.0 Cross Site Scripting
Exploit Title: Daily Habit Tracker 1.0 - Stored Cross-Site Scripting XSS Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0...
FreeIPA 4.10.1 Denial Of Service / Information Disclosure
Summary: Specially crafted HTTP requests can read files in the DC server. And use keytab files for authorization for different kerberos principals. Tested FreeIPA version: ipa-server-4.10.1 Details The "user" parameter in the HTTP URI "/sip/session/loginpassword" is inserted into the "run" functi...
Anveo Mobile User Enumeration / Missing Certificate Validation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Missing Certificate Validation & User Enumeration product: Anveo Mobile App and Server vulnerable version: Mobile App: 10.0.0.359 / 2016-07-13; Server: 11.0.0.5 fixed...
Magento 2.4.6 XSLT Server Side Injection
Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Date: 2023-11-17 Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: Magento 2.4.6-p3 Version: 2.4.6 Tested on: 2.4.6 POC 1. Enter with admin credentials to this URL:...
Lamano CMS 2.0 SQL Injection
==================================================================================================================================== | Title : Lamano CMS v2.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | |...
WordPress File Manager 6.9 Shell Upload
!/usr/bin/env Exploit Title: WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE Date: 22-01-2023 Exploit Author: BLY Vendor Homepage: https://wpscan.com/vulnerability/10389 Version: File Manager plugin 6.0-6.9 Tested on: Debian CVE : CVE-2020-25213 import...
Zimbra UnRAR Path Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UnRAR Path Traversal in Zimbra CVE-2022-30333', 'Description' = %q This module creates a RAR file that can be emailed to a Zimbra server to explo...
WordPress AccessPress Social Icons 1.8.2 Cross Site Scripting
Exploit Title: WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting XSS Date: 11/12/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://accesspressthemes.com/ Software Link: https://wordpress.org/plugins/accesspress-social-icons/...
WordPress Hotel Listing 3.x Cross Site Scripting
Document Title: =============== Hotel Listing WP Plugin v3.x - MyAccount XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2277 Release Date: ============= 2021-10-28 Vulnerability Laboratory ID VL-ID: ===================================...
Gestionale Open 11.00.00 Privilege Escalation
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...
Simple Phone Book/Directory 1.0 SQL Injection
Exploit Title: Simple Phone book/directory 1.0 - 'Username' SQL Injection Unauthenticated Date: 21/08/2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13011/phone-bookphone-directory.html Version: 1.0 Testeted on:...
Online Hotel Reservation System 1.0 Cross Site Scripting
Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Date: 2021-08-02 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
Pure-FTPd 1.0.48 Remote Denial Of Service
Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service Date: 2020. nov. 26., 09:32:17 CET Exploit Author: xynmaps Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/ Software Link: https://github.com/jedisct1/pure-ftpd/ Version: 1.0.48 Tested on: Parrot Security OS 5.9.0 encoding=utf...
Nord VPN 6.31.13.0 Unquoted Service Path
Exploit Title: Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path Discovery Date: 2020-09-03 Discovery by: chipo Vendor Homepage: https://nordvpn.com Software Link : https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe Tested Version: 6.31.13.0 Tested on OS:...
GNU Mailutils 3.7 Privilege Escalation
Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...
PHPJabbers Car Rental 3.0 Cross Site Scripting
Exploit Title: PHPJabbers Car Rental v3.0 - Multiple Stored XSS Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11,...
AudioCodes VoIP Phones Insufficient Firmware Validation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-055 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.4.1000 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Missing Immutable Root of Trust in Hardware...
Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unsafe Deserialization RCE', 'Description' = %q This module exploits CVE-2023-0669, which is an object deserialization...
Wavlink WN533A8 Password Disclosure
Exploit Title: Wavlink WN533A8 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34046 Tested on: Windows Exploit...
Mailhog 1.0.1 Cross Site Scripting
Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Date: 06.18.2022 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on:...
Wondershare Dr.Fone 12.0.7 Privilege Escalation
Exploit Title: Wondershare Dr.Fone 12.0.7 - Privilege Escalation ElevationService Date: 4/27/2022 Exploit Author: Netanel Cohen & Tomer Peled Vendor Homepage: https://drfone.wondershare.net/ Software Link: https://download.wondershare.net/drfonefull4008.exe Version: up to 12.0.7 Tested on: Window...
WordPress Anti-Malware Security And Brute-Force Firewall Cross Site Scripting
Tittle: WordPress Plugin Anti-Malware Security and Brute-Force Firewall HTTP/1.1 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzi...
Employee Record Management System 1.2 SQL Injection
Title: Employee Record Management System 1.2 - 'empid' SQL injection Unauthenticated Exploit Author: Anubhav Singh Date: 2021-10-31 Vendor Homepage: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/ Version: 1.2 Software Link:...
Photo Share Website 1.0 Cross Site Scripting
Exploit Title: Photo Share Website 1.0 - Persistent Cross-Site Scripting Date: 2020-09-30 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14478/photo-share-website-using-phpmysql-source-code.html Software Link:...
Beauty Parlour Management System 1.0 SQL Injection
Exploit Title: Beauty Parlour Management System 1.0 - Authentication Bypass Google Dork: N/A Exploit Author: Prof. Kailas PATIL krp Date: 2020-06-18 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Version: v1.0...
Cisco UCS Director Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Unauthenticated Remote Code Execution', 'Description' = %q The Cisco UCS Director virtual appliance contains two flaws that ca...
📄 Exim Vulnerability Scanner
This is a multi-phase vulnerability scanning tool designed to detect and analyze security weaknesses in Exim mail servers. The tool performs comprehensive security assessments by testing for all known Exim vulnerabilities, misconfigurations, and security weaknesses. These include remote code...
WordPress Plugin A/B Image Optimizer 3.3 Arbitrary File Download
WordPress Plugin A/B Image Optimizer plugin versions 3.3 and below suffers from an arbitrary file download vulnerability. CVE-2025-25163 Plugin A/B Image Optimizer = 3.3 - Authenticated Subscriber+ Arbitrary File Download Description The Plugin A/B Image Optimizer plugin for WordPress is vulnerab...
Supermicro Onboard IPMI CGI Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Supermicro Onboard IPMI CGI Vulnerability Scanner', 'Description' = %q This module checks for known vulnerabilities in the CGI...
Apache mod_isapi Dangling Pointer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache modisapi Dangling Pointer', 'Description' = %q This module triggers a use-after-free vulnerability in the Apache Software Foundation...
OpenMediaVault rpc.php Authenticated Cron Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMediaVault rpc.php Authenticated Cron Remote Code Execution', 'Description' = %q OpenMediaVault allows an authenticated user to create cron...
WordPress WPtouch Pro 3.0.9.1 Open Redirection
==================================================================================================================================== | Title : WordPress -WPtouch Pro 3.0.9.1 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Apache CouchDB 3.2.1 Remote Code Execution
Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Date: 2022-01-21 Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name...
Mult-e-Cart Ultimate 2.4 SQL Injection
Document Title: =============== Mult-e-Cart Ultimate v2.4 - SQL Injection Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2306 Release Date: ============= 2021-10-22 Vulnerability Laboratory ID VL-ID: ====================================...
Joomla Matukio Events 7.0.5 Cross Site Scripting
Exploit Title:Joomla Matukio Events 7.0.5 Stored XSS Date:08.03.2021 Author: Vincent666 ibn Winnie Software Link: https://matukio.compojoom.com/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel : https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ Google Dorks:...
God Kings 0.60.1 Notification Spoofing
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: God Kings Vendor URL: https://play.google.com/store/apps/details?id=com.innogames.gkandroid Type: Improper Verification of Intent by Broadcast Receiver CWE-925 Date found: 2020-09-07 Date...
Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands', 'Description' = %q The EtherNet/IP CIP protocol allows a number of unauthenticated...
Apache Superset Signed Cookie Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Superset Signed Cookie Priv Esc', 'Description' = %q Apache Superset versions 'h00die', MSF module 'paradoxis', original flask-unsign tool...
Apache Solr Backup/Restore API Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Solr Backup/Restore APIs RCE', 'Description' = %q Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1 is affected by an...
Gila CMS 1.10.9 Remote Code Execution
Exploit Title: Gila CMS 1.10.9 - Remote Code Execution RCE Authenticated Date: 05-07-2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/ Version: Gila 1.10.9 Tested on: Linux import requests from termcolor import...
Cisco ASA-X With FirePOWER Services Authenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA-X with FirePOWER Services Authenticated Command Injection', 'Description' = %q This module exploits an authenticated command injection...
WordPress Duplicator 1.4.6 Backup Disclosure
Exploit Title: WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download Google Dork: N/A Date: 07.27.2022 Exploit Author: SecuriTrust Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: 1.4.7 Tested on: Linux, Windows CVE :...
JBOSS EAP/AS 6.x Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBOSS EAP/AS Remoting Unified Invoker RCE', 'Description' = %q An unauthenticated attacker with network access to the JBOSS EAP/AS 'Joao Matos ',...
Payroll Management System 1.0 SQL Injection
Title: Payroll Management System v1.0 SQLi Author: nu11secur1ty Date: 04.03.2022 Vendor: https://www.sourcecodester.com/user/257130/activity Software: https://www.sourcecodester.com/php/14475/payroll-management-system-using-phpmysql-source-code.html Reference:...
Employee Performance Evaluation System 1.0 SQL Injection
Title: Employee Performance Evaluation v1.0 SQLi Author: nu11secur1ty Date: 03.11.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14617/employee-performance-evaluation-system-phpmysqli-source-code.html Reference:...
MTPutty 1.0.1.21 SSH Password Disclosure
Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...
Wipro Holmes Orchestrator 20.4.1 Arbitrary File Download
Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Arbitrary File Read PoC Date: 05/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38146 import requests as rq import argparse por...
WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection
?php Title : SuperStoreFinder & SuperInteractiveMaps Wordpress Plugin SQL Injection Researcher : Eagle Eye Exploit Name : SSF & SIM SQL Injection Request type : POST Plugin Author : Joe lz Plugin Website : https://superstorefinder.net/ Version Affected : All version include latest 6.3 Date :...
Realtek Andrea RT Filters 1.0.64.10 Unquoted Service Path
Exploit Title: Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path Discovery by: Erika Figueroa Discovery Date: 2020-11-07 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 1.0.64.10 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 x64 es Step ...
Dnsmasq Integer Underflow
Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the following option is specified: --add-mac, --add-cpe-id ...