50738 matches found
GravCMS 1.10.7 Arbitrary YAML Write / Update
Exploit Title: GravCMS 1.10.7 - Arbitrary YAML Write/Update Unauthenticated 2 Original Exploit Author: Mehmet Ince Vendor Homepage: https://getgrav.org Version: 1.10.7 Tested on: Debian 10 Author: legend /usr/bin/python3 import requests import sys import re import base64 target=...
Tagstoo 2.0.1 Cross Site Scripting / Code Execution
Exploit Title: Tagstoo v2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacO...
DotCMS 20.11 Cross Site Scripting
Exploit Title: DotCMS 20.11 - Stored Cross-Site Scripting Exploit Author: Hardik Solanki Vendor Homepage: https://dotcms.com/ Version: 20.11 Tested on Windows 10 Vulnerable Parameters: Template Title Steps to reproduce: 1. Login With Admin Username and password. 2. Navigate to Site -- Template --...
Bakeshop Online Ordering System 1.0 Cross Site Scripting
Exploit Title: Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting Date: 26-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
git-lfs Remote Code Execution
/ Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go Discovered by Dawid Golunski https://legalhackers.com https://exploitbox.io Affected RCE exploit: Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken / SmartGit /...
Student Result Management System 1.0 SQL Injection
Exploit Title: Student Result Management System 1.0 - Multiple SQL Injection Vulnerabilities Date: 2020-10-02 Exploit Author: b1nary Vendor Homepage: https://projectworlds.in/free-projects/php-projects/student-result-management-system-project-in-php/ Software Link:...
Mida eFramework 2.9.0 Backdoor Access
Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
WordPress Satoshi 2.0 Cross Site Request Forgery / File Upload
Exploit Title : WordPress Satoshi Themes 2.0 CSRF Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/06/2019 Vendor Homepage : vooshthemes.com - tecnoge.com - netsons.com WordPress Affected Versions : 4.7.13 - 3.4.2 Theme Affected Version :...
Compal ConnectBox Wireless Filter Bypass
Document Title: =============== Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1705 Release Date: ============= 2016-02-03 Vulnerability Laboratory ID VL-ID:...
NetAlertX 24.9.12 Code Execution
NetAlertX version 24.9.12 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : NetAlertX 24.9.12 PHP Code Injection Vulnerability | | Author : indoushka ...
Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability Title: Artica Proxy Unauthenticated File Manager Vulnerability Advisory ID: KL-001-2024-003 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt 1. Vulnerability Detail...
ConQuest Dicom Server 1.5.0d Remote Command Execution
!/usr/bin/env python3 --------------------------------------------------------- preauth rce poc for ConQuest Dicom Server 1.5.0d --------------------------------------------------------- 04.08.2023 @ 22:07 code610 blogspot com import socket target = '192.168.56.106' rport = 5678 pkt1 =...
PHPJabbers Car Rental 3.0 CSV Injection
Exploit Title: PHPJabbers Car Rental v3.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11, MS Offi...
VMWare Aria Operations For Networks SSH Private Key Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight SSH Private Key Exposure',...
Sophos Web Appliance 4.3.10.4 Command Injection
!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...
Sales Tracker Management System 1.0 Cross Site Scripting
Exploit Title: Sales Tracker Management System v1.0 - One click account takeover XSS Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 CVE: CVE-2023-26773 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...
Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubuntu Enlightenment Mount Priv Esc', 'Description' = %q This module exploits a command injection within Enlightenment's enlightenmentsys binary...
Engineers Online Portal 1.0 Cross Site Scripting
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
Backdoor.Win32.Agent.cu Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Authentication Bypass RCE Description: The malware listens on...
Shenzhen Skyworth RN510 Buffer Overflow
itle :- Authenticated Stack Overflow in RN510 mesh Device CVE-ID:- CVE-2021-25328 Author: Kaustubh G. Padwad Vendor: Shenzhen Skyworth Digital Technology Company Ltd.http://www.skyworthdigital.com/products Products: 1. RN510 with firmware V.3.1.0.4 Tested and verified Potential 2.RN620 with...
Eclipse Mosquitto MQTT Broker 2.0.9 Unquoted Service Path
Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path Discovery by: Riadh Bouchahoua Discovery Date: 19-03-2021 Vendor Homepage: https://mosquitto.org/ Software Links : https://mosquitto.org/download/ Tested Version: 2.0.9 Vulnerability Type: Unquoted Service Path...
Epson USB Display 1.6.0.0 Unquoted Service Path
Exploit Title: Epson USB Display 1.6.0.0 - 'EMPUDSA' Unquote Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://epson.com.mx/ Tested Version: 1.6.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...
Responsive FileManager 9.13.4 Path Traversal
Exploit Title: Responsive FileManager 9.13.4 - 'path' Path Traversal Date: 12/12/2018 PoC Date: 04/01/2020 Auto Exploit Exploit Author: SunCSR Sun Cyber Security Research Google Dork: intitle:"Responsive FileManager 9.x.x" Vendor Homepage: http://responsivefilemanager.com/ Software Link:...
EPSON 1.124 Unquoted Service Path
Exploit Title: EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path Discovery by: İsmail Önder Kaya Discovery Date: 2020-10-27 Vendor Homepage: https://www.epson.co.uk/support?productID=10820&os=22driversandmanuals Tested Version: 1.124 Vulnerability Type: Unquoted Service Path Tested on OS: Windows...
YouPHPTube 7.7 SQL Injection
---------------------------------------------------------------- YouPHPTube = 7.7 getChat.json.php SQL Injection Vulnerability ---------------------------------------------------------------- - Software Link: https://www.youphptube.com - Affected Versions: Version 7.7 and prior versions. -...
Cisco Email Security Virtual Appliance C300V IronPort Header Injection
!/usr/bin/perl -w Cisco Email Security Virtual Appliance C300V IronPort Remote Header 'Host' Injection Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todo...
Edu-Sharing Arbitrary File Upload
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Arbitrary File Upload product: edu-sharing metaVentis GmbH vulnerable versions: =8.0.8-RC2, =8.1.4-RC0, =9.0.0-RC19 CVE number: CVE-2024-28147 impact: high homepage:...
Financials By Coda Cross Site Scripting
Vulnerability type: Cross-site Scripting Vendor: https://www.unit4.com/ Product: Financials by Coda Product site: https://www.unit4.com/fr/products/financial-management-software Affected version: HTTP/2 Host: TIMELINE – 30/10/2023: Vulnerability found – 02/11/2023: Vendor informed – 05/12/2023:...
Client Details System 1.0 SQL Injection
Exploit Title: CVE-2023-7137ClientDetailsSystem-SQLInjection1 + Date: 2023-26-12 + Exploit Author: Hamdi Sevben + Vendor Homepage: https://code-projects.org/client-details-system-in-php-with-source-code/ + Software Link:...
PHPJabbers Time Slots Booking Calendar 4.0 Cross Site Scripting
Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - Multiple Stored XSS Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on...
PHP Shopping Cart 4.2 SQL Injection
Title: PHP Shopping Cart-4.2 Multiple-SQLi Author: nu11secur1ty Date: 09/13/2023 Vendor: https://www.phpjabbers.com/ Software:https://www.phpjabbers.com/php-shopping-cart-script/sectionPricing Reference: https://portswigger.net/web-security/sql-injection Description: The id parameter appears to b...
WordPress Social Login And Register 7.6.4 Authentication Bypass
Description: WordPress Social Login and Register Discord, Google, Twitter, LinkedIn = 7.6.4 – Authentication Bypass Affected Plugin: WordPress Social Login and Register Discord, Google, Twitter, LinkedIn Plugin Slug: woocommerce-abandoned-cart Affected Versions: = 7.6.4 CVE ID: CVE-2023-2982 CVSS...
ManageEngine ADManager Plus Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADManager Plus ChangePasswordAction Authenticated Command Injection', 'Description' = %q ManageEngine ADManager Plus prior to build...
FLIR AX8 1.46.16 Remote Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'FLIR AX8 unauthenticated RCE', 'Description' = %q All FLIR AX8 thermal sensor cameras versions up to and including 1.46.1...
FLIX AX8 1.46.16 Remote Command Execution
-- coding: utf-8 -- Exploit Title: FLIR AX8 Unauthenticated OS Command Injection Date: 8/19/2022 Exploit Author: Samy Younsi Naqwada https://samy.link Vendor Homepage: https://www.flir.com/ Software Link: https://www.flir.com/products/ax8-automation/ PoC: https://www.youtube.com/watch?v=dh0rfAIWo...
Confluence OGNL Injection Remote Code Execution
!/usr/bin/python3 Exploit Title: Confluence Pre-Auth Remote Code Execution via OGNL Injection Google Dork: N/A Date: 06/006/2022 Exploit Author: h3v0x Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: All 7.4.17...
Vehicle Parking Management System 1.0 SQL Injection
Exploit Title: Vehicle Parking Management System - Multiple time-based SQL Injection Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/...
Grav CMS 1.7.10 Server-Side Template Injection
Title: Grav CMS 1.7.10 - Server-Side Template Injection SSTI Authenticated Author: enox Date: 06-06-2021 Vendor: https://getgrav.org/ Software Link: https://getgrav.org/download/core/grav-admin/1.7.10 Vulnerable Versions: Grav CMS 1.7.10 CVE: CVE-2021-29440 Credits:...
Trojan.Win32.Sharer.h Buffer Overflow / Denial Of Service / Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9f80c3b1e7f5f6f7d0c8aea25fe83551C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Sharer.h Vulnerability: Known Vulnerable Component - Heap Corruption Description:...
RarmaRadio 2.72.5 Denial Of Service
Exploit Title: RarmaRadio 2.72.5 - Denial of Service PoC Date: 2020-05-12 Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: https://www.raimersoft.com/rarmaradio.html Version: 2.75.5 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program TapinRadio In...
Pharmacy Store Management System 1.0 SQL Injection
Exploit Title: Pharmacy Store Management System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 1.12.2020 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/13225/pharmacy-store-management-system.html Software Link:...
Razer Chroma SDK Server 3.16.02 Race Condition
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in th...
Genexis Platinum-4410 P4410-V2-1.28 Missing Access Control / CSRF
Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF Date: 28-08-2020 Vendor Homepage: https://www.gxgroup.eu/ont-products/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...
Safari Type Confusion / Sandbox Escape
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Safari in Operator Side Effect Exploit', 'Description' = %q This module exploits an incorrect side-effect modeling of the 'in' operator. The DFG...
Axigen 8.10 Directory Traversal
Axigen version 8.10 directory traversal exploit that demonstrates a flaw discovered in 2012. ============================================================================================================================================= | Title : Axigen 8.10 WebAdmin interface Directory Traversal...
GL-iNet MT6000 4.5.5 Arbitrary File Download
Exploit Title: GL-iNet MT6000 4.5.5 - Arbitrary File Download CVE: CVE-2024-27356 Google Dork: intitle:"GL.iNet Admin Panel" Date: 2/26/2024 Exploit Author: Bandar Alharbi aggressor Vendor Homepage: www.gl-inet.com Tested Software Link:...
Splunk 9.0.4 Information Disclosure
Exploit Title: Splunk 9.0.4 - Information Disclosure Date: 2023-09-18 Exploit Author: Parsa rezaie khiabanloo Vendor Homepage: https://www.splunk.com/ Version: 9.0.4 Tested on: Windows OS Splunk through 9.0.4 allows information disclosure by appending...
Apache Commons Text 1.9 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Commons Text RCE', 'Description' = %q This exploit takes advantage of the StringSubstitutor interpolator class, which is included in the...
Academy LMS 6.0 Cross Site Scripting
Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4119...
Automotive Shop Management System 1.0 SQL Injection
Title: ASMS - PHP by: oretnom23 v1.0 SQLi Author: nu11secur1ty Date: 12.03.2022 Vendor: https://github.com/oretnom23, https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/download-code?nid=15312&title=Automotive+Shop+Management+System+in+PHP%2FOOP+Free+Source+Code...