50765 matches found
DOUBLEPULSAR Payload Execution / Neutralization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DOUBLEPULSAR Payload Execution and Neutralization', 'Description' = %q This module executes a Metasploit payload against the Equation Group's...
PHPJabbers Time Slots Booking Calendar 4.0 Cross Site Scripting
Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - Multiple Stored XSS Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on...
Bludit CMS 3.14.1 Cross Site Scripting
Exploit Title: Bludit CMS v3.14.1 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-04-15 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/releases/tag/3.14.1 Version: 3.14.1 Tested on: Windows 10, PHP 7.4.29, Apache...
Sophos Web Appliance 4.3.10.4 Command Injection
!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...
Sales Tracker Management System 1.0 Cross Site Scripting
Exploit Title: Sales Tracker Management System v1.0 - One click account takeover XSS Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 CVE: CVE-2023-26773 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...
Rocket LMS 1.6 Shell Upload
Exploit Title: Rocket LMS - Learning Management System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Version: Version 1.6 Tested on Ubuntu 18.04 base64 encode your...
WordPress Media-Tags 3.2.0.2 Cross Site Scripting
Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on...
Engineers Online Portal 1.0 Cross Site Scripting
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
Backdoor.Win32.Agent.cu Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Authentication Bypass RCE Description: The malware listens on...
Vehicle Parking Management System 1.0 SQL Injection
Exploit Title: Vehicle Parking Management System - Multiple time-based SQL Injection Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/...
GravCMS 1.10.7 Arbitrary YAML Write / Update
Exploit Title: GravCMS 1.10.7 - Arbitrary YAML Write/Update Unauthenticated 2 Original Exploit Author: Mehmet Ince Vendor Homepage: https://getgrav.org Version: 1.10.7 Tested on: Debian 10 Author: legend /usr/bin/python3 import requests import sys import re import base64 target=...
Tagstoo 2.0.1 Cross Site Scripting / Code Execution
Exploit Title: Tagstoo v2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacO...
Eclipse Mosquitto MQTT Broker 2.0.9 Unquoted Service Path
Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path Discovery by: Riadh Bouchahoua Discovery Date: 19-03-2021 Vendor Homepage: https://mosquitto.org/ Software Links : https://mosquitto.org/download/ Tested Version: 2.0.9 Vulnerability Type: Unquoted Service Path...
Epson USB Display 1.6.0.0 Unquoted Service Path
Exploit Title: Epson USB Display 1.6.0.0 - 'EMPUDSA' Unquote Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://epson.com.mx/ Tested Version: 1.6.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...
DotCMS 20.11 Cross Site Scripting
Exploit Title: DotCMS 20.11 - Stored Cross-Site Scripting Exploit Author: Hardik Solanki Vendor Homepage: https://dotcms.com/ Version: 20.11 Tested on Windows 10 Vulnerable Parameters: Template Title Steps to reproduce: 1. Login With Admin Username and password. 2. Navigate to Site -- Template --...
Bakeshop Online Ordering System 1.0 Cross Site Scripting
Exploit Title: Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting Date: 26-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
git-lfs Remote Code Execution
/ Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go Discovered by Dawid Golunski https://legalhackers.com https://exploitbox.io Affected RCE exploit: Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken / SmartGit /...
EPSON 1.124 Unquoted Service Path
Exploit Title: EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path Discovery by: İsmail Önder Kaya Discovery Date: 2020-10-27 Vendor Homepage: https://www.epson.co.uk/support?productID=10820&os=22driversandmanuals Tested Version: 1.124 Vulnerability Type: Unquoted Service Path Tested on OS: Windows...
Student Result Management System 1.0 SQL Injection
Exploit Title: Student Result Management System 1.0 - Multiple SQL Injection Vulnerabilities Date: 2020-10-02 Exploit Author: b1nary Vendor Homepage: https://projectworlds.in/free-projects/php-projects/student-result-management-system-project-in-php/ Software Link:...
Mida eFramework 2.9.0 Backdoor Access
Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
Cisco Email Security Virtual Appliance C300V IronPort Header Injection
!/usr/bin/perl -w Cisco Email Security Virtual Appliance C300V IronPort Remote Header 'Host' Injection Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todo...
WordPress Satoshi 2.0 Cross Site Request Forgery / File Upload
Exploit Title : WordPress Satoshi Themes 2.0 CSRF Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/06/2019 Vendor Homepage : vooshthemes.com - tecnoge.com - netsons.com WordPress Affected Versions : 4.7.13 - 3.4.2 Theme Affected Version :...
Compal ConnectBox Wireless Filter Bypass
Document Title: =============== Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1705 Release Date: ============= 2016-02-03 Vulnerability Laboratory ID VL-ID:...
Axigen 8.10 Directory Traversal
Axigen version 8.10 directory traversal exploit that demonstrates a flaw discovered in 2012. ============================================================================================================================================= | Title : Axigen 8.10 WebAdmin interface Directory Traversal...
NetAlertX 24.9.12 Code Execution
NetAlertX version 24.9.12 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : NetAlertX 24.9.12 PHP Code Injection Vulnerability | | Author : indoushka ...
Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability Title: Artica Proxy Unauthenticated File Manager Vulnerability Advisory ID: KL-001-2024-003 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt 1. Vulnerability Detail...
ConQuest Dicom Server 1.5.0d Remote Command Execution
!/usr/bin/env python3 --------------------------------------------------------- preauth rce poc for ConQuest Dicom Server 1.5.0d --------------------------------------------------------- 04.08.2023 @ 22:07 code610 blogspot com import socket target = '192.168.56.106' rport = 5678 pkt1 =...
PHPJabbers Car Rental 3.0 CSV Injection
Exploit Title: PHPJabbers Car Rental v3.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-rental-script/ Version: v3.0 Tested on: Windows 10, Windows 11, MS Offi...
VMWare Aria Operations For Networks SSH Private Key Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight SSH Private Key Exposure',...
WordPress Social Login And Register 7.6.4 Authentication Bypass
Description: WordPress Social Login and Register Discord, Google, Twitter, LinkedIn = 7.6.4 – Authentication Bypass Affected Plugin: WordPress Social Login and Register Discord, Google, Twitter, LinkedIn Plugin Slug: woocommerce-abandoned-cart Affected Versions: = 7.6.4 CVE ID: CVE-2023-2982 CVSS...
FLIR AX8 1.46.16 Remote Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'FLIR AX8 unauthenticated RCE', 'Description' = %q All FLIR AX8 thermal sensor cameras versions up to and including 1.46.1...
FLIX AX8 1.46.16 Remote Command Execution
-- coding: utf-8 -- Exploit Title: FLIR AX8 Unauthenticated OS Command Injection Date: 8/19/2022 Exploit Author: Samy Younsi Naqwada https://samy.link Vendor Homepage: https://www.flir.com/ Software Link: https://www.flir.com/products/ax8-automation/ PoC: https://www.youtube.com/watch?v=dh0rfAIWo...
Confluence OGNL Injection Remote Code Execution
!/usr/bin/python3 Exploit Title: Confluence Pre-Auth Remote Code Execution via OGNL Injection Google Dork: N/A Date: 06/006/2022 Exploit Author: h3v0x Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: All 7.4.17...
Shenzhen Skyworth RN510 Buffer Overflow
itle :- Authenticated Stack Overflow in RN510 mesh Device CVE-ID:- CVE-2021-25328 Author: Kaustubh G. Padwad Vendor: Shenzhen Skyworth Digital Technology Company Ltd.http://www.skyworthdigital.com/products Products: 1. RN510 with firmware V.3.1.0.4 Tested and verified Potential 2.RN620 with...
Responsive FileManager 9.13.4 Path Traversal
Exploit Title: Responsive FileManager 9.13.4 - 'path' Path Traversal Date: 12/12/2018 PoC Date: 04/01/2020 Auto Exploit Exploit Author: SunCSR Sun Cyber Security Research Google Dork: intitle:"Responsive FileManager 9.x.x" Vendor Homepage: http://responsivefilemanager.com/ Software Link:...
📄 Qualys Security Advisory - Exim 21Nails Advisory
Qualys audited central parts of the Exim mail server and discovered 21 vulnerabilities, with 11 being local vulnerabilities and 10 being remote vulnerabilities. This is older research from 2021 that was missing from the archive. Qualys Security Advisory 21Nails: Multiple vulnerabilities in Exim...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Privilege Escalation
Advisory ID: SYSS-2024-027 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Improper Privilege Management CWE-269 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05...
Edu-Sharing Arbitrary File Upload
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Arbitrary File Upload product: edu-sharing metaVentis GmbH vulnerable versions: =8.0.8-RC2, =8.1.4-RC0, =9.0.0-RC19 CVE number: CVE-2024-28147 impact: high homepage:...
Financials By Coda Cross Site Scripting
Vulnerability type: Cross-site Scripting Vendor: https://www.unit4.com/ Product: Financials by Coda Product site: https://www.unit4.com/fr/products/financial-management-software Affected version: HTTP/2 Host: TIMELINE – 30/10/2023: Vulnerability found – 02/11/2023: Vendor informed – 05/12/2023:...
Client Details System 1.0 SQL Injection
Exploit Title: CVE-2023-7137ClientDetailsSystem-SQLInjection1 + Date: 2023-26-12 + Exploit Author: Hamdi Sevben + Vendor Homepage: https://code-projects.org/client-details-system-in-php-with-source-code/ + Software Link:...
Splunk 9.0.4 Information Disclosure
Exploit Title: Splunk 9.0.4 - Information Disclosure Date: 2023-09-18 Exploit Author: Parsa rezaie khiabanloo Vendor Homepage: https://www.splunk.com/ Version: 9.0.4 Tested on: Windows OS Splunk through 9.0.4 allows information disclosure by appending...
ManageEngine ADManager Plus Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADManager Plus ChangePasswordAction Authenticated Command Injection', 'Description' = %q ManageEngine ADManager Plus prior to build...
Automotive Shop Management System 1.0 SQL Injection
Title: ASMS - PHP by: oretnom23 v1.0 SQLi Author: nu11secur1ty Date: 12.03.2022 Vendor: https://github.com/oretnom23, https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/download-code?nid=15312&title=Automotive+Shop+Management+System+in+PHP%2FOOP+Free+Source+Code...
Feehi CMS 2.1.1 Cross Site Scripting
Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting XSS Date: 02-08-2022 Exploit Author: Shivam Singh Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/ Version: 2.1.1 REQUIRED Tested on: Linu...
Grav CMS 1.7.10 Server-Side Template Injection
Title: Grav CMS 1.7.10 - Server-Side Template Injection SSTI Authenticated Author: enox Date: 06-06-2021 Vendor: https://getgrav.org/ Software Link: https://getgrav.org/download/core/grav-admin/1.7.10 Vulnerable Versions: Grav CMS 1.7.10 CVE: CVE-2021-29440 Credits:...
GravCMS 1.10.7 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...
Mini Mouse 9.3.0 Local File Inclusion / Path Traversal
Exploit Title: Mini Mouse 9.3.0 - Local File inclusion / Path Traversal Author: gosh Date: 05-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://apps.apple.com/us/app/mini-mouse-remote-control/id914250948 Version: 9.3.0 Tested on: iPhone; iOS 14.4.2 GET /op=getdeviceinfo HTTP/1.1...
Trojan.Win32.Sharer.h Buffer Overflow / Denial Of Service / Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9f80c3b1e7f5f6f7d0c8aea25fe83551C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Sharer.h Vulnerability: Known Vulnerable Component - Heap Corruption Description:...
RarmaRadio 2.72.5 Denial Of Service
Exploit Title: RarmaRadio 2.72.5 - Denial of Service PoC Date: 2020-05-12 Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: https://www.raimersoft.com/rarmaradio.html Version: 2.75.5 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program TapinRadio In...
Pharmacy Store Management System 1.0 SQL Injection
Exploit Title: Pharmacy Store Management System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 1.12.2020 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/13225/pharmacy-store-management-system.html Software Link:...