50784 matches found
Old Age Home Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Old Age Home Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Apache Optionsbleed Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Optionsbleed Scanner', 'Description' = %q This module scans for the Apache optionsbleed vulnerability where the Allow response header...
Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands', 'Description' = %q The EtherNet/IP CIP protocol allows a number of unauthenticated...
Apache Solr Backup/Restore API Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Solr Backup/Restore APIs RCE', 'Description' = %q Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1 is affected by an...
KK Star Ratings Race Condition
Exploit Title: kk Star Ratings Extensions Turbo Intruder Send to turbo intruder. 5- Drop the initial request and turn Intercept off. 6- In the Turbo Intruder window, add "%s" to the end of the connection header e.g. "Connection: close %s". 7- Use the code examples/race.py. 8- Click "Attack" at th...
runc 1.1.11 File Descriptor Leak Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'runc docker File Descriptor Leak Privilege Escalation', 'Description' = %q All versions of runc MSFLICENSE, 'Author' = 'h00die', msf module 'Rory...
Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting
St. Pölten UAS ------------------------------------------------------------------------------- title| Multiple XSS in Advantech product| Advantech EKI-1524-CE series, EKI-1522 series, | EKI-1521 series vulnerable version| =1.21 CVE-2023-4202, =1.24 CVE-2023-4203 fixed version| 1.26 CVE number|...
Oracle DB Broken PDB Isolation / Metadata Exposure
Title: CVE-2021-2173 – PDB Isolation is broken through metadata exposure Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 19c Risk Level: Medium Solution Status: Fixed CVE Reference: CVE-2021-2173 Author of Advisory: Emad Al-Mousa Overview:...
WordPress Duplicator 1.4.6 Backup Disclosure
Exploit Title: WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download Google Dork: N/A Date: 07.27.2022 Exploit Author: SecuriTrust Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: 1.4.7 Tested on: Linux, Windows CVE :...
Payroll Management System 1.0 SQL Injection
Title: Payroll Management System v1.0 SQLi Author: nu11secur1ty Date: 04.03.2022 Vendor: https://www.sourcecodester.com/user/257130/activity Software: https://www.sourcecodester.com/php/14475/payroll-management-system-using-phpmysql-source-code.html Reference:...
MTPutty 1.0.1.21 SSH Password Disclosure
Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...
Reprise License Manager 14.2 Unauthenticated Password Change
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44152 Vulnerability Title: Unauthenticated Password Change Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...
Moodle Admin Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle Admin Shell Upload', 'Description' = %q This module will generate a plugin which can receive a malicious payload request and upload it to ...
WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection
?php Title : SuperStoreFinder & SuperInteractiveMaps Wordpress Plugin SQL Injection Researcher : Eagle Eye Exploit Name : SSF & SIM SQL Injection Request type : POST Plugin Author : Joe lz Plugin Website : https://superstorefinder.net/ Version Affected : All version include latest 6.3 Date :...
WordPress Meetup 0.1 Authentication Bypass
CVE-2024-50483 Meetup = 0.1 - Authentication Bypass via Account Takeover Description: The Meetup plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1. This is due to the plugin not properly verifying a user's identity prior to authenticating them v...
Ruby On Rails File Content Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Ruby On Rails File Content Disclosure 'doubletap'", 'Description' = %q This module uses a path traversal vulnerability in Ruby on Rails versions ...
WordPress Google Maps Plugin SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Google Maps Plugin SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in a REST endpoint registered ...
Debezium UI 2.5 Credential Disclosure
Exploit Title: Debezium UI - Credential Leakage Google Dork: N/A Date: 2024-03-11 Exploit Author: Ihsan Cetin, Hamza Kaya Toprak Vendor Homepage: https://debezium.io/ Software Link: N/A Version: 2.5 REQUIRED Tested on: N/A CVE : CVE-2024-28736 Proof of concept: Details Debezium-ui version 2.5 is...
Kemp LoadMaster Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
MinIO Privilege Escalation
Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...
ManageEngine ADManager Plus Recovery Password Disclosure
Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...
PHPJabbers Car Rental 3.0 Missing Rate Limit
Exploit Title: PHPJabbers Car Rental v3.0 - No Rate Limit in Email Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read
KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig Advisory ID: KL-001-2023-001 Publication Date: 2023.08.17 Publication URL:...
Availability Booking Calendar PHP XSS / Arbitrary File Upload
Exploit Title: Availability Booking Calendar PHP - Multiple Issues Date: 07/2023 Exploit Author: Andrey Stoykov Tested on: Ubuntu 20.04 Blog: http://msecureltd.blogspot.com XSS 1: Steps to Reproduce: 1. Browse to Bookings 2. Select All Bookings 3. Edit booking and select Promo Code 4. Enter paylo...
Ivanti Avalanche FileStoreConfig Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Avalanche FileStoreConfig File Upload', 'Description' = %q Ivanti Avalanche prior to v6.4.0.186 permits MS-DOS style short names in the...
Siemens SIMATIC S7-1200 Cross Site Request Forgery
Exploit Title: Siemens SIMATIC S7-1200 CPU Start/Stop Command- Cross-Site Request Forgery Google Dork: inurl:/Portal/Portal.mwsl Date: 2022-03-24 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: SIMATIC S7-1200 CPU family: All versions prior to V4.1.3...
Zyxel Firewall ZTP Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...
Backdoor.Win32.Avstral.e Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/35f0d754f161af35241cb081c73ea6dd.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Avstral.e Vulnerability: Unauthenticated Remote Command Execution Family: Avstral Typ...
TypeSetter 5.1 Cross Site Request Forgery
Exploit Title: TypeSetter 5.1 - CSRF Change admin e-mail Exploit Author: Alperen Ergel Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Kali & ubuntu Category: WebApp Description Attacker can change admin e-mail address Vulnerable - Go to the admin page view preferences ...
Raisecom Technology GPON-ONU HT803G-07 Command Injection
===================================== Authenticated Shell Command Injection ===================================== . contents:: Table Of Content Overview ======== Title:- Authenticated Shell command Injection Author: Kaustubh G. Padwad Vendor: Raisecom technology co.,LTD Product: GPON-ONU HT803G-0...
Drupal 7.2 XML Injection
Drupal version 7.2 XML external entity injection proof of concept exploit that demonstrates a vulnerability distributed in 2012. ============================================================================================================================================= | Title : Drupal 7.2 via...
Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage
!/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password Encryption CVE: CVE-2023-43261 Script Author: Bipin Jitiya @win3zz Vendor: Milesight IoT - https://www.milesight-iot.com/ Formerly Xiamen Ursalink Technology Co., Ltd...
Android DeviceVersionFragment.java Privilege Escalation
!/usr/bin/env python import subprocess Connect to the device via ADB subprocess.run"adb", "devices" Check if the device is in secure USB mode device = subprocess.run"adb", "shell", "getprop", "ro.adb.secure", stdout=subprocess.PIPE if "1" in device.stdout.decode: Secure USB mode is enabled, so we...
2023 Online Course Registration 1.0 SQL Injection
Title: 2023-Online-Course-Registration-1.0-Bypass-login-SQLi-RCE-password-changing Author: nu11secur1ty Date: 05.25.2023 Vendor: https://github.com/nikhilkeshava Software: https://github.com/nikhilkeshava/online-course-registration- Reference: https://portswigger.net/web-security/sql-injection,...
JM-DATA ONU JF511-TV 1.0.67 / 1.0.62 / 1.0.55 XSS / CSRF / Open Redirect
JM-DATA ONU JF511-TV Multiple Remote Vulnerabilities Vendor: JM-DATA GmbH Product web page: https://www.jm-data.at Affected version: 1.0.67 1.0.62 1.0.55 Summary: This ONU is the perfect GEPON home and business gateway. It is an all-rounder in perfection. It can BRIDGE/NAT/RIP ROUTEND and COMBINE...
Child's Day Care Management System 1.0 SQL Injection
Title: Child's Day Care Management System 1.0 SQL - Injection Author: nu11secur1ty Date: 12.16.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15085/childs-day-care-management-system-phpoop-free-source-code.html Description: The username in...
OpenPLC 3 Remote Code Execution
Exploit Title: OpenPLC 3 - Remote Code Execution Authenticated Date: 25/04/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.openplcproject.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3 Version: OpenPLC v3 Tested on: Ubuntu 16.04,Debian 9,Debian 10 Buster...
Microsoft Exchange Proxylogon SSRF Proof Of Concept
Original Author: testanull https://github.com/testanull https://twitter.com/testanull PoC of proxylogon chain SSRFCVE-2021-26855 to write file Original "Archive" https://web.archive.org/web/20210310164403/https://gist.github.com/testanull/fabd8eeb46f120c4b15f8793617ca7d1 import requests from...
PRTG Network Monitor 20.4.63.1412 Cross Site Scripting
Exploit Title: PRTG Network Monitor 20.4.63.1412 - 'maps' Stored XSS Date: 2/12/2020 Exploit Author: Amin Rawah Vendor Homepage: https://www.paessler.com/prtg Software Link: https://www.paessler.com/prtg Version: 20.4.63.1412 x64 Tested on: Windows CVE : CVE-2020-14073 Description: Since there is...
Online Farm Management System 0.1.0 Cross Site Scripting
Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...
📄 Appsmith Remote Code Execution
An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
Webmin 1.580 Directory Traversal
Webmin version 1.580 proof of concept directory traversal exploit that leverages a vulnerability from 2012. ============================================================================================================================================= | Title : Webmin 1.580 Directory Traversal...
WordPress WP Brutal AI Cross Site Request Forgery / SQL Injection
Tittle: WordPress Plugin WP Brutal AI 2.0.0 - SQL Injection via CSRF References: CVE-2023-2601 Author: Taurus Omar Description: The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin via CSRF. Affects Plugin...
Clarity PPM 14.3.0.298 Cross Site Scripting
================================================================================================================================== Title : Insufficient input validation , in CA PPM 14.3 allows remote attackers to execute stored cross-site scripting attacks. | Author : Kaizen | Tested on : windows...
Jedox 2020.2.5 Cross Site Scripting
Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...
Swagger UI 4.1.3 Critical Information Misrepresentation
Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Date: 14 April, 2023 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py...
Reprise License Manager 14.2 Cross Site Scripting / Information Disclosure
Multiple Vulnerabilities in Reprise License Manager 14.2 Credit: Giulia Melotti Garibaldi ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Product:...
10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...
Gatekeeper Bypass Proof Of Concept
!/bin/zsh -e This script will create a zip file exploiting CVE-2021-1810 by creating a directory hierarchy deep enough for Archive Utility to fail setting quarantine attributes on certain files while also making some path names long enough to prevent Safari automating unzipping from unpacking the...
Backdoor.Win32.PsyRat.b Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130cB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Remote Denial of Service Description: The PsyRAT 1.02 malwar...