50773 matches found
Cyber Cafe Management System 1.0 Cross Site Scripting
Exploit Title: Cyber Cafe Management System Project CCMS 1.0 - Persistent Cross-Site Scripting Date: 04-12-2020 Exploit Author: Pruthvi Nekkanti Vendor Homepage: https://phpgurukul.com Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Version: 1.0 Tested on: Kali...
Foxit Reader 9.0.1.1049 Arbitrary Code Execution
Exploit Title: Foxit Reader 9.0.1.1049 - Arbitrary Code Execution Date: August 29, 2020 Exploit Author: CrossWire Vendor Homepage: https://www.foxitsoftware.com/ Software Link:...
Noise-Java AESGCMFallbackCipherState.encryptWithAd() Insufficient Boundary Checks
Vulnerability title: Noise-Java AESGCMFallbackCipherState.encryptWithAd insufficient boundary checks Author: Pietro Oliva CVE: CVE-2020-25022 Vendor: Rhys Weatherley Creator of Noise Framework's reference implementation in Java Product: Noise-Java Affected version: No version information is...
Exim 4.91 Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'expect' class MetasploitModule 'Exim 4.87 - 4.91 Local Privilege Escalation', 'Description' = %q This module exploits a flaw in Exim versions 4.87 to 4.91...
needrestart Local Privilege Escalation
Qualys Security Advisory LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary...
Employee Management System 1.0 SQL Injection
Exploit Title: Employee Management System - SQLi Date: 23/03/2024 Exploit Author: Özlem Balcı Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16999/employee-management-system.html Software Download:...
Jedox 2020.2.5 Cross Site Scripting
Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...
Backdoor.Win32.SubSeven.c Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bc7f4c4689f1b8ad395404d1e75c776f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SubSeven.c Vulnerability: Remote Stack Buffer Overflow Description: The malware liste...
Simple Music Cloud Community System 1.0 SQL Injection
Title: Simple Music Cloud Community System 1.0 SQL - Injections Author: nu11secur1ty Date: 01.05.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14605/simple-music-cloud-community-system-using-phpmysqli-source-code.html Description: The email...
WordPress Catch Themes Demo Import 1.6.1 Shell Upload
Exploit Title: Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution RCE Authenticated Date 07.12.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wordpress.org/plugins/catch-themes-demo-import/ Software Link:...
Wipro Holmes Orchestrator 20.4.1 Report Disclosure
Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Excel Report Download Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38147 In the Wipro Holmes Orchestrator 20.4.1...
School Registration And Fee System 1.0 Cross Site Scripting
Exploit Title: School Registration and Fee System | Multiple Stored Cross Site Scripting Exploit Author: Richard Jones Date: 01-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0...
D-Link DGS-1210-28 Denial Of Service
Exploit Title: D-Link DGS-1210-28 Denial of Service Date: 18 Sep 2020 Exploit Author: Saeed Reza Zamanian Product : D-Link DGS-1210-28 Vendor Homepage: https://www.dlink.com/ Product Link: https://www.dlink.com/en/products/dgs-1210-28-28-port-gigabit-smart-managed-switch Version : DGS-1210-28...
SpamTitan 7.07 Remote Code Execution
Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...
WebOfisi E-Ticaret 4 SQL Injection
Exploit Title: WebOfisi E-Ticaret V4 - 'urun' SQL Injection Date: 2018-11-21 Exploit Author: Azkan Mustafa AkkuA AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.web-ofisi.com Software Demo: http://demobul.net/eticaretv4/ Software Link:...
Xoops 2.5.4 Blind SQL Injection
------------------------------------------ Xoops 2.5.4 Blind SQL Injection ------------------------------------------ Dork: "Powered by XOOPS 2.5.4" Download: http://sourceforge.net/projects/xoops/ Date: 10/12/2011 Author: blkhtc0rp Mail: blkhtc0rpatyahoodotcom Tested on: Freebsd 8 and Debian...
BeyondTrust 24.3.1 Code Execution
BeyondTrust version 24.3.1 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : BeyondTrust v24.3.1 PHP Code Injection Vulnerability | | Author : indoush...
Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump', 'Description' = %q This module uses a blind SQL injection CVE-2020-572...
PHPJabbers Meeting Room Booking System 1.0 Cross Site Scripting
Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1....
MajorDoMo Remote Code Execution
Introduction MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted name for over a decade. With over 380 stars on its official GitHub repository at the time of writing https://github.com/sergejey/majordomo, its popularity is eviden...
JetBrains TeamCity Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JetBrains TeamCity Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability to...
Delta Electronics InfraSuite Device Master Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics InfraSuite Device Master Deserialization', 'Description' = %q Delta Electronics InfraSuite Device Master versions below v1.0.5...
Bumsys Business Management System 1.0.3-beta Shell Upload
Exploit Title: - unilogies/bumsys v1.0.3-beta - Unrestricted File Upload Google Dork : NA Date: 19-01-2023 Exploit Author: AFFAN AHMED Vendor Homepage: https://github.com/unilogies/bumsys Software Link: https://github.com/unilogies/bumsys/archive/refs/tags/v1.0.3-beta.zip Version: 1.0.3-beta Test...
Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f312e3a436995b86b205a1a37b1bf10f.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Backdoor.Win32.Serman.a Vulnerability:...
Reprise License Manager 14.2 Buffer Overflow
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44154 Vulnerability Title: Authenticated Buffer Overflow Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...
HCL Lotus Notes 12 Unquoted Service Path
Exploit Title: HCL Lotus Notes V12- Unquoted Service Path Exploit Author: Mert DAŞ Version: V12 Date: 01/12/2021 Vendor Homepage: https://www.hcltechsw.com/domino/download Tested on: Windows 10 ProcessId : 3860 Name : LNSUSvc DisplayName : HCL Notes Smart Upgrade Hizmeti PathName :...
Auerswald COMpact 8.0B Arbitrary File Disclosure
Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Details ======= Product:...
Keycloak 12.0.1 Server-Side Request Forgery
Exploit Title: Keycloak 12.0.1 - 'requesturi ' Blind Server-Side Request Forgery SSRF Unauthenticated Date: 2021-10-13 Exploit Author: Mayank Deshmukh Author Twitter: ColdFusionX Vendor Homepage: https://www.keycloak.org/ Software Link: https://www.keycloak.org/archive/downloads-12.0.1.html...
Lexmark Driver Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lexmark Driver Privilege Escalation', 'Description' = %q Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileg...
Baby Care System 1.0 SQL Injection
Exploit Title: Baby Care System 1.0 - 'roleid' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...
📄 WordPress LearnPress 4.2.7 SQL Injection
WordPress LearnPress plugin versions 4.2.7 and below suffer from a remote SQL injection vulnerability. My name: Francisco Moraga BTshell @BTshell https://www.linkedin.com/in/btshell/ Exploit Title: LearnPress WordPress LMS Plugin = 4.2.7 - Unauthenticated SQL Injection via 'conlyfields' Google...
DiCal-RED 4009 Weak Hashing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-037 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Use of Password Hash With Insufficient Computational Effort CWE-916 Risk Level: Medium Solution...
Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERVBSCRIPTTROJANMITIGATIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender Vulnerability Type...
Oracle RMAN Missing Auditing
Title: CVE-2021-2207 - RMAN Controlfile Operation Not Audited Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 19c Risk Level: low Score: 2.3 Solution Status: Fixed CVE Reference: CVE-2021-2207 Author of Advisory: Emad Al-Mousa Overview: Audi...
TSPlus 16.0.2.14 Insecure Permissions
Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v...
Blackboard 2.0.2 Database Disclosure
==================================================================================================================================== | Title : blackboard v 2.0.2 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | ...
Mware Workspace ONE Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access VMSA-2022-0011 exploit chain', 'Description' = %q This module combines two vulnerabilities in order achieve remote co...
Backdoor.Win32.Destrukor.20 MVID-2022-0627 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Unauthenticated Remote Command Execution...
phpMyAdmin 4.8.1 Remote Code Execution
Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Date: 17/08/2021 Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested o...
ThinkPHP 5.0.23 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ThinkPHP Multiple PHP Injection RCEs', 'Description' = %q This module exploits one of two PHP injection vulnerabilities in the ThinkPHP web...
Microsoft Outlook Web Access 14.3.224.2 Header Injection
!/usr/bin/perl -w Microsoft Outlook Web Access build:14.3.224.2 Remote Header 'Host' Injection Copyright 2019 c Todor Donev I suspect "Web Cache Poison" but I'm not sure, so test ; Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual...
SofaWiki 3.9.2 Shell Upload
Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Date: 10/17/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote co...
ABB Cylon Aspect 3.08.01 Remote Code Execution
ABB Cylon Aspect 3.08.01 bigUpload.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...
Backdoor.Win32.Emegrab.b MVID-2024-0675 Buffer Overflow
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/19a14d0414aec62ef38378de2e8b259d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Emegrab.b Vulnerability: Remote Stack Buffer Overflow SEH Family: Emegrab...
CMS Made Simple 2.2.19 Server-Side Template Injection
Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and...
osCommerce 4.13-60075 Shell Upload
Title: osCommerce 4.13-60075 File-Upload-RCE Author: nu11secur1ty Date: 12/14/2023 Vendor: https://www.oscommerce.com/ Software: https://www.oscommerce.com/download-file Reference: https://portswigger.net/web-security/file-upload Description: The parameter "icon-pencil" in the upload-file...
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...
Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a remote unauthenticated command injecti...
Pentaho Business Server Authentication Bypass / SSTI / Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pentaho Business Server Auth Bypass and Server Side Template Injection RCE', 'Description' = %q Hitachi Vantara Pentaho Business Analytics Server...
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor
!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...