50738 matches found
Sample Blog Site 1.0 Remote File Inclusion
============================================================================================================================================= | Title : Sample Blog Site 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64...
Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...
VSFTPD 2.3.2 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSFTPD 2.3.2 Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the VSFTPD server in versions before...
Daily Habit Tracker 1.0 Broken Access Control
Exploit Title: Daily Habit Tracker 1.0 - Broken Access Control Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on:...
PHPJabbers Hotel Booking System 4.0 Missing Rate Limiting
Exploit Title: PHPJabbers Hotel Booking System v4.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/hotel-booking-system/sectionDemo Version: v4.0 Tested on: Windows...
FortiWeb VM 7.4.0 build577 CLI Crash
;; ;; FortiWeb VM v7.4.0 build577 Post-auth CLI Crash ;; ;; ... ;; ;; code610 / some debug notes fyi ;; ;; 17.11.2023 @ 23:33 ;; FortiWeb diagnose debug crashlog show 2023-11-16 05:07:00 application cli 2023-11-16 05:07:00 signal Segmentation fault received 2023-11-16 05:07:00 RIP 00007fdd1febf44...
Rollout::UI 0.5 Cross Site Scripting
ADVISORY INFORMATION ======================= Exploit Title: Rollout::UI v0.5 Cross-site scripting Date: 2023-05-05 Exploit Author: Eduardo José de Borba Vendor Homepage: https://github.com/fetlife Software Link: https://github.com/fetlife/rollout-ui Type: Cross-Site Scripting CWE-79 Tested on:...
CASAP Automated Enrollment System 1.1 SQL Injection
Exploit Title: CASAP Automated Enrollment System 1.1 - Authentication Bypass cookie session Exploit Author: @nu11secur1ty Date: 03.02.2021 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...
Online News Portal System 1.0 Cross Site Scripting
Exploit Title: Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting Date: 24-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/php/14600/online-news-portal-using-phpmysqli-source-code.html Software Link:...
Mac OS X Feedback Assistant Race Condition
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X Feedback Assistant Race Condition', 'Description' = %q This module exploits a race condition vulnerability in Mac's Feedback Assistant. ...
phpMyAdmin 4.8.1 Authenticated Local File Inclusion
Exploit Title: phpMyAdmin 4.8.1 - Authenticated Local File Inclusion Date: 27-11-2018 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://www.phpmyadmin.net/ Software Link:...
Samba 3.5.0 Remote Code Execution
! /usr/bin/env python Title : ETERNALRED Date: 05/24/2017 Exploit Author: steelo Vendor Homepage: https://www.samba.org Samba 3.5.0 - 4.5.4/4.5.10/4.4.14 CVE-2017-7494 import argparse import os.path import sys import tempfile import time from smb.SMBConnection import SMBConnection from smb import...
Evento Multivendor Event Ticket Booking 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
WordPress Real Estate 7 Theme 3.3.4 Abuse Of Functionality
==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Abuse of Functionality Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz https://fearzzzz.ru Component...
e107 CMS 2.3.0 Cross Site Request Forgery
Exploit Title: e107 CMS 2.3.0 - CSRF Date: 04/03/2021 Exploit Author: Tadjmen Vendor Homepage: https://e107.org Software Link: https://e107.org/download Version: 2.3.0 Tested on: Windows 10 CVE : CVE-2021-27885 CSRF vulnerability on e107 CMS Bug Description Hi. I found a CSRF on the e107 CMS...
Backdoor.Win32.Burbul.b Anonymous Login
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3ee4cb2e06eb1f7fe54c89db903f3e7a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Burbul.b Vulnerability: Anonymous Logon Description: Backdoor Burbul.b listens on TCP...
ChurchCRM 4.2.1 Cross Site Scripting
Exploit Title: ChurchCRM 4.2.1- Persistent Cross Site ScriptingXSS Date: 2020- 10- 29 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM Version: 4.2.1 Tested on: Kali Linux 2020.3 Proof Of Concept: ChurchCRM application allo...
Nagios XI 5.7.3 Remote Command Injection
Exploit Title: Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection Authenticated Date: 10-27-2020 Vulnerability Discovery: Chris Lyne Vulnerability Details: https://www.tenable.com/security/research/tra-2020-58 Exploit Author: Matthew Aberegg Vendor Homepage:...
Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 LFI
Exploit Title: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - 'getPreviewImage' Directory Traversal/Local File Inclusion Date: 2020-10-27 Exploit Author: Ivo Palazzolo @palaziv Reference: https://www.oracle.com/security-alerts/cpuoct2020.html Vendor Homepage...
Kentico CMS 9.0-12.0.49 Cross Site Scripting
Exploit Title: Kentico CMS 9.0-12.0.49 - Persistent Cross Site Scripting Exploit Author: Ataberk YAVUZER CVE: CVE-2019-19493 Type: Webapps Vendor Homepage: https://www.kentico.com/ Version: 9.0-12.0.49 Date: 29-11-2019 CVE Details: https://nvd.nist.gov/vuln/detail/CVE-2019-19493 Details Persisten...
Watchguard AP100/AP102/AP200 1.2.9.15 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Watchguard AP Backdoor Shell', 'Description' = 'Watchguard AP's have a backdoor account with known credentials. This can be used to gain a valid...
Apache Reverse Proxy Bypass
===============================ADVISORY============================== Systems Affected: Apache httpd Severity: High Category: Proxy Bypass Author: Context Information Security Ltd Reported to vendor: 16th November 2011 Advisory Issued: 5th October 2011 Reference: CVE-2011-3368...
📄 motionEye 0.43.1b4 Remote Command Injection
A remote command injection vulnerability exists in motionEye versions up to and including 0.43.1b4. The issue arises from improper validation and sanitization of user‑supplied input within camera configuration parameters. Under certain conditions, authenticated users can inject crafted input that...
BlackNET 3.7.0.0 Missing Authentication / File Deletion / Traversal
Exploit Title: BlackNET - Multiple Vulnerabilities Exploit Author: bRpsd Date: 20/09/2024 Vendor Homepage: https://github.com/AndroVirus Software Link: https://github.com/AndroVirus/BlackNET/ Version: v3.7.0.0 Tested on: MacOS - Xampp CVE: NA import requests Define the target URL for the POST...
Veritas Backup Exec Server Registry Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Server Registry Access', 'Description' = %q This modules exploits a remote registry access flaw in the BackupExec Windows...
Joomla 4.2.8 Information Disclosure
!/bin/bash Exploit Title: Joomla! \n" exit 1 else echo -e "\n Joomla! out.tmp echo -e "\ni Database info:\n" echo -e "+ DB Type: $sed -E 's/."dbtype":"^"+"./\1/' out.tmp" echo -e "+ DB Host: $sed -E 's/."host":"^"+"./\1/' out.tmp" echo -e "\e92m+ DB User: $sed -E 's/."user":"^"+"./\1/' out.tmp\e0...
Magento 2.4.6 XSLT Server Side Injection / Command Execution
Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Date: 2023-11-17 Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: https://github.com/magento/magento2/archive/refs/tags/2.4.6-p3.zip Version: 2.4.6 Tested on: 2.4.6 POC: 1 Enter with adm...
Lacabane 1.0 SQL Injection
==================================================================================================================================== | Title : lacabane v1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...
STARFACE 7.3.0.10 Broken Authentication
Advisory: STARFACE: Authentication with Password Hash Possible RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext...
Ancillary Function Driver (AFD) For Winsock Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ancillary Function Driver AFD for WinSock Elevation of Privilege', 'Description' = %q A vulnerability exists in the Windows Ancillary Function...
PAN-OS 10.0 Remote Code Execution
Exploit Title: PAN-OS 10.0 - Remote Code Execution RCE Authenticated Date: 2022-08-13 Exploit Author: UnD3sc0n0c1d0 Software Link: https://security.paloaltonetworks.com/CVE-2020-2038 Category: Web Application Version: 10.0.1, 9.1.4 and 9.0.10 Tested on: PAN-OS 10.0 - Parrot OS CVE : CVE-2020-2038...
Trojan-Dropper.Win32.Small.fp Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/07122dd3b069bbbb445e060c1249d5a2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Small.fp Vulnerability: Unauthenticated Open Proxy Description: The malware...
Company Crime Tracking Software 1.0 Cross Site Scripting
Exploit Title: Company Crime Tracknig Software | 'fname,surname,email' Stored Cross Site Scripting Exploit Author: Richard Jones Date: 01-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/12644/company-crime-tracking-system.html Version: 1....
Windows Server 2012 SrClient DLL Hijacking
class MetasploitModule 'Windows Server 2012 SrClient DLL hijacking', 'Description' = %q All editions of Windows Server 2012 but not 2012 R2 are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This...
WordPress Under Construction, Coming Soon, And Maintenance Mode 1.1.1 SSRF / XSS
There are SSRF and RXSS vulnerabilities in the WordPress plugin Under Construction, Coming Soon & Maintenance Mode version 1.1.1. Both vulnerabilities are fixed in version 1.1.2: https://wordpress.org/plugins/under-construction-maintenance-mode/developers 1 SSRF Here is the relevant code from fil...
Backdoor.Win32.DarkKomet.irv Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a229acff4e0605ad24eaf3d9c44fdb1b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.irv Vulnerability: Insecure Permissions Description: DarkKomet.irv creates ...
Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Remote Stack Buffer Overflow Description: The specimen drop...
GitLab Omnibus 12.2.1 Logrotate Privilege Escalation
Privilege Escalation via Logrotate in Gitlab Omnibus Overview Identifier: AIT-SA-20190930-01 Target: GitLab Omnibus Vendor: GitLab Version: 7.4 through 12.2.1 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: CVE-2019-15741 Accessibility: Local Severity: Low Author: Wolfgang Hotwagner AIT Austrian...
DOUBLEPULSAR Payload Execution / Neutralization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DOUBLEPULSAR Payload Execution and Neutralization', 'Description' = %q This module executes a Metasploit payload against the Equation Group's...
Listing Hub CMS 1.0 SQL Injection
Exploit Title: Listing Hub CMS 1.0 - 'pages.php id' SQL Injection Google Dork: inurl:"pages.php?title=privacy-policy" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage: https://themerig.com/ Software Link:...
Online Tours And Travels Management System 1.0 SQL Injection
Titles: Travel-Manager-OTMSP-1.0 Multiple SQLi Author: nu11secur1ty Date: 05/01/2024 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Reference: https://portswigger.net/web-security/sql-injectio...
NDtaskmatic 1.0 SQL Injection
Title: NDtaskmatic-1.0-by-Mayuri.K Multiple-SQLi Author: nu11secur1ty Date: 03/07/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Reference: https://portswigger.net/web-security/sql-injection...
KiTTY 0.76.1.13 Command Injection
!/usr/bin/python ---------------------------------------------------------------------------------------- Exploit: KiTTY ≤ 0.76.1.13 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input CVE-2024-23749 OS: Microsoft Windows 11/10/8/7/XP Author: DEFCESCO Austin A. DeFrancesco...
Bludit CMS 3.14.1 Cross Site Scripting
Exploit Title: Bludit CMS v3.14.1 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-04-15 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/releases/tag/3.14.1 Version: 3.14.1 Tested on: Windows 10, PHP 7.4.29, Apache...
WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: BeCustom Wordpress Plugin Vendor URL: https://muffingroup.com/betheme/features/be-custom/ Type: Cross-Site Request Forgery CWE-253 Date found: 2021-10-28 Date published: 2022-11-10 CVSSv3...
Transposh WordPress Translation 1.0.8.1 SQL Injection
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Improper Authorization CWE-285 Date found: 2022-02-21 Date...
FusionPBX 4.5.29 Remote Code Execution
Exploit Title: FusionPBX 4.5.29 - Remote Code Execution RCE Authenticated Date: 11/08/2021 Exploit Author: Luska Vendor Homepage: https://www.fusionpbx.com/ Software Link: https://github.com/fusionpbx/fusionpbx Version: 4.5.30 Tested on: Debian CVE : CVE-2021-43405 !/usr/bin/python3 import reques...
Backdoor.Win32.Hupigon.afjk Directory Traversal
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/80b0fc8c0657c0ae7971f09af45c706b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.afjk Vulnerability: Directory Traversal Description: The malware deploys a We...
WordPress Media-Tags 3.2.0.2 Cross Site Scripting
Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on...
Online Traffic Offense Management System 1.0 Remote Code Execution
Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 20-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...