50738 matches found
BlackCat CMS 1.3.6 Cross Site Scripting
Exploit Title: BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting XSS Date: 16-02-2021 Exploit Author: Kamaljeet Kumar - TATA Advanced Systems Limited Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Tested on...
Cyber Cafe Management System 1.0 Cross Site Scripting
Exploit Title: Cyber Cafe Management System Project CCMS 1.0 - Persistent Cross-Site Scripting Date: 04-12-2020 Exploit Author: Pruthvi Nekkanti Vendor Homepage: https://phpgurukul.com Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Version: 1.0 Tested on: Kali...
D-Link DGS-1210-28 Denial Of Service
Exploit Title: D-Link DGS-1210-28 Denial of Service Date: 18 Sep 2020 Exploit Author: Saeed Reza Zamanian Product : D-Link DGS-1210-28 Vendor Homepage: https://www.dlink.com/ Product Link: https://www.dlink.com/en/products/dgs-1210-28-28-port-gigabit-smart-managed-switch Version : DGS-1210-28...
SpamTitan 7.07 Remote Code Execution
Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...
needrestart Local Privilege Escalation
Qualys Security Advisory LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary...
Kemp LoadMaster Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
Employee Management System 1.0 SQL Injection
Exploit Title: Employee Management System - SQLi Date: 23/03/2024 Exploit Author: Özlem Balcı Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16999/employee-management-system.html Software Download:...
MajorDoMo Remote Code Execution
Introduction MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade. With over 380 stars on its official GitHub repository at the time of writing https://github.com/sergejey/majordomo, its popularity is eviden...
JetBrains TeamCity Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JetBrains TeamCity Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability to...
Clarity PPM 14.3.0.298 Cross Site Scripting
================================================================================================================================== Title : Insufficient input validation , in CA PPM 14.3 allows remote attackers to execute stored cross-site scripting attacks. | Author : Kaizen | Tested on : windows...
Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f312e3a436995b86b205a1a37b1bf10f.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Backdoor.Win32.Serman.a Vulnerability:...
Simple Music Cloud Community System 1.0 SQL Injection
Title: Simple Music Cloud Community System 1.0 SQL - Injections Author: nu11secur1ty Date: 01.05.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14605/simple-music-cloud-community-system-using-phpmysqli-source-code.html Description: The email...
WordPress Catch Themes Demo Import 1.6.1 Shell Upload
Exploit Title: Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution RCE Authenticated Date 07.12.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wordpress.org/plugins/catch-themes-demo-import/ Software Link:...
Lexmark Driver Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lexmark Driver Privilege Escalation', 'Description' = %q Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileg...
Backdoor.Win32.PsyRat.b Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130cB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Remote Denial of Service Description: The PsyRAT 1.02 malwar...
Foxit Reader 9.0.1.1049 Arbitrary Code Execution
Exploit Title: Foxit Reader 9.0.1.1049 - Arbitrary Code Execution Date: August 29, 2020 Exploit Author: CrossWire Vendor Homepage: https://www.foxitsoftware.com/ Software Link:...
WebOfisi E-Ticaret 4 SQL Injection
Exploit Title: WebOfisi E-Ticaret V4 - 'urun' SQL Injection Date: 2018-11-21 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.web-ofisi.com Software Demo: http://demobul.net/eticaretv4/ Software Link:...
Xoops 2.5.4 Blind SQL Injection
------------------------------------------ Xoops 2.5.4 Blind SQL Injection ------------------------------------------ Dork: "Powered by XOOPS 2.5.4" Download: http://sourceforge.net/projects/xoops/ Date: 10/12/2011 Author: blkhtc0rp Mail: blkhtc0rpatyahoodotcom Tested on: Freebsd 8 and Debian...
Webmin 1.580 Directory Traversal
Webmin version 1.580 proof of concept directory traversal exploit that leverages a vulnerability from 2012. ============================================================================================================================================= | Title : Webmin 1.580 Directory Traversal...
Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump', 'Description' = %q This module uses a blind SQL injection CVE-2020-572...
DiCal-RED 4009 Weak Hashing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-037 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Use of Password Hash With Insufficient Computational Effort CWE-916 Risk Level: Medium Solution...
PHPJabbers Meeting Room Booking System 1.0 Cross Site Scripting
Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1....
TSPlus 16.0.2.14 Insecure Permissions
Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v...
Blackboard 2.0.2 Database Disclosure
==================================================================================================================================== | Title : blackboard v 2.0.2 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | ...
Delta Electronics InfraSuite Device Master Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics InfraSuite Device Master Deserialization', 'Description' = %q Delta Electronics InfraSuite Device Master versions below v1.0.5...
Mware Workspace ONE Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access VMSA-2022-0011 exploit chain', 'Description' = %q This module combines two vulnerabilities in order achieve remote co...
Auerswald COMpact 8.0B Arbitrary File Disclosure
Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Details ======= Product:...
Wipro Holmes Orchestrator 20.4.1 Report Disclosure
Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Excel Report Download Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38147 In the Wipro Holmes Orchestrator 20.4.1...
phpMyAdmin 4.8.1 Remote Code Execution
Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Date: 17/08/2021 Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested o...
Baby Care System 1.0 SQL Injection
Exploit Title: Baby Care System 1.0 - 'roleid' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...
Microsoft Outlook Web Access 14.3.224.2 Header Injection
!/usr/bin/perl -w Microsoft Outlook Web Access build:14.3.224.2 Remote Header 'Host' Injection Copyright 2019 c Todor Donev I suspect "Web Cache Poison" but I'm not sure, so test ; Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual...
📄 WordPress LearnPress 4.2.7 SQL Injection
WordPress LearnPress plugin versions 4.2.7 and below suffer from a remote SQL injection vulnerability. My name: Francisco Moraga BTshell @BTshell https://www.linkedin.com/in/btshell/ Exploit Title: LearnPress WordPress LMS Plugin = 4.2.7 - Unauthenticated SQL Injection via 'conlyfields' Google...
BeyondTrust 24.3.1 Code Execution
BeyondTrust version 24.3.1 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : BeyondTrust v24.3.1 PHP Code Injection Vulnerability | | Author : indoush...
ABB Cylon Aspect 3.08.01 Remote Code Execution
ABB Cylon Aspect 3.08.01 bigUpload.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...
Backdoor.Win32.Emegrab.b MVID-2024-0675 Buffer Overflow
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/19a14d0414aec62ef38378de2e8b259d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Emegrab.b Vulnerability: Remote Stack Buffer Overflow SEH Family: Emegrab...
Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERVBSCRIPTTROJANMITIGATIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender Vulnerability Type...
osCommerce 4.13-60075 Shell Upload
Title: osCommerce 4.13-60075 File-Upload-RCE Author: nu11secur1ty Date: 12/14/2023 Vendor: https://www.oscommerce.com/ Software: https://www.oscommerce.com/download-file Reference: https://portswigger.net/web-security/file-upload Description: The parameter "icon-pencil" in the upload-file...
Oracle RMAN Missing Auditing
Title: CVE-2021-2207 - RMAN Controlfile Operation Not Audited Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 19c Risk Level: low Score: 2.3 Solution Status: Fixed CVE Reference: CVE-2021-2207 Author of Advisory: Emad Al-Mousa Overview: Audi...
Bumsys Business Management System 1.0.3-beta Shell Upload
Exploit Title: - unilogies/bumsys v1.0.3-beta - Unrestricted File Upload Google Dork : NA Date: 19-01-2023 Exploit Author: AFFAN AHMED Vendor Homepage: https://github.com/unilogies/bumsys Software Link: https://github.com/unilogies/bumsys/archive/refs/tags/v1.0.3-beta.zip Version: 1.0.3-beta Test...
Pentaho Business Server Authentication Bypass / SSTI / Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pentaho Business Server Auth Bypass and Server Side Template Injection RCE', 'Description' = %q Hitachi Vantara Pentaho Business Analytics Server...
Backdoor.Win32.Destrukor.20 MVID-2022-0627 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Unauthenticated Remote Command Execution...
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor
!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...
Reprise License Manager 14.2 Buffer Overflow
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44154 Vulnerability Title: Authenticated Buffer Overflow Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...
HCL Lotus Notes 12 Unquoted Service Path
Exploit Title: HCL Lotus Notes V12- Unquoted Service Path Exploit Author: Mert DAŞ Version: V12 Date: 01/12/2021 Vendor Homepage: https://www.hcltechsw.com/domino/download Tested on: Windows 10 ProcessId : 3860 Name : LNSUSvc DisplayName : HCL Notes Smart Upgrade Hizmeti PathName :...
📄 EasyApp Limited 2.5 Remote Code Execution / Deserialization / File Upload
EasyApp Limited versions 2.5 and below suffer from PHP object injection allowing for remote code execution, arbitrary file upload, and hardcoded credential vulnerabilities. It looks like it may also suffer from cross site request forgery, cross site scripting, etc. Obviously, security is hard, an...
SofaWiki 3.9.2 Shell Upload
Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Date: 10/17/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote co...
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...
Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a remote unauthenticated command injecti...
Linux watch_queue Filter Out-Of-Bounds Write
Linux: watchqueue filter OOB write and other bugs This bug report is about things in the watchqueue subsystem, which is only enabled under CONFIGWATCHQUEUE. That seems to be disabled e.g. on Debian, but Ubuntu and Fedora enable it. The watchqueue subsystem has a bug that leads to out-of-bounds...
Ericsson Network Location MPS GMPC21 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...