50738 matches found
Automotive Shop Management System 1.0 SQL Injection
Title: ASMS - PHP by: oretnom23 v1.0 SQLi Author: nu11secur1ty Date: 12.03.2022 Vendor: https://github.com/oretnom23, https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/download-code?nid=15312&title=Automotive+Shop+Management+System+in+PHP%2FOOP+Free+Source+Code...
Rocket LMS 1.6 Shell Upload
Exploit Title: Rocket LMS - Learning Management System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Version: Version 1.6 Tested on Ubuntu 18.04 base64 encode your...
Feehi CMS 2.1.1 Cross Site Scripting
Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting XSS Date: 02-08-2022 Exploit Author: Shivam Singh Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/ Version: 2.1.1 REQUIRED Tested on: Linu...
Ionic Identity Vault 5.0.4 PIN Unlock Lockout Bypass
COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Identity Vault Vendor: Ionic CSNC ID: CSNC-2021-020 CVE ID: CVE-2021-44033 Subject: PIN Unlock Lockout Bypass Android & iOS Severity: Medium Effect: Authentication Bypass Author: Emanuel Duss Date: 2021-11-19...
GravCMS 1.10.7 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...
Mini Mouse 9.3.0 Local File Inclusion / Path Traversal
Exploit Title: Mini Mouse 9.3.0 - Local File inclusion / Path Traversal Author: gosh Date: 05-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://apps.apple.com/us/app/mini-mouse-remote-control/id914250948 Version: 9.3.0 Tested on: iPhone; iOS 14.4.2 GET /op=getdeviceinfo HTTP/1.1...
Whatsapp 2.19.216 Remote Code Execution
Exploit Title: Whatsapp 2.19.216 - Remote Code Execution Date: 2019-10-16 Exploit Author: Valerio Brussani @valbrux Vendor Homepage: https://www.whatsapp.com/ Version: include include include typedef uint8t byte; char gadgetp; void libc, lib; //dls iteration for rop int dlcallbackstruct dlphdrinf...
📄 Xiongmai XM530 IP Camera Hardcoded RTSP Credential Exposure
The GetStreamUri ONVIF endpoint in Xiongmai XM530-series IP cameras exposes RTSP URIs containing hardcoded credentials, enabling direct unauthorized access to live video streams. CVE-2025-65857 Xiongmai XM530 IP Camera Hardcoded RTSP Credentials Exposure --- Summary The GetStreamUri ONVIF endpoin...
📄 Joomla 3.7.1 SQL Injection
Joomla version 3.7.1 proof of concept remote SQL injection exploit. Exploit Title: Joomla 3.7.1 - Sql Injection Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H:...
LTL Freight Quotes – Estes Edition 3.3.7 SQL Injection
LTL Freight Quotes – Estes Edition versions 3.3.7 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2024-13488 LTL Freight Quotes – Estes Edition = 3.3.7 - Unauthenticated SQL Injection Description The LTL Freight Quotes – Estes Edition plugin for WordPress is...
Gleamtech FileVista 9.2.0.0 Missing Authorization
A vulnerability exists in Gleamtech FileVista version 9.2.0.0 that allows unauthorized access to image files, even after the HTTP cookie associated with the session is deleted. The issue arises due to insufficient validation of session or authentication tokens on the server side. Exploit Title:...
Multilaser RE160 Cookie Manipulation Access Bypass
=====Tempest Security Intelligence - Security Advisory - CVE-2023-38946======= Access Control Bypass in Multilaser router's Web Management Interface Author: Vinicius Moraes =====Table of Contents======================================================== 1. Overview 2. Detailed description 3. Other...
helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference
==================================================================================================================================== | Title : helloGTX Travel Portal CRM v1.6 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser ...
GitLab 15.3 Remote Code Execution
Exploit Title: GitLab v15.3 - Remote Code Execution RCE Authenticated Date: 2022-12-25 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install/ Version: GitLab CE/EE, all versions from 11.3.4 prior to 15.1.5, 15.2 to...
WordPress Download Manager 3.2.43 Cross Site Scripting
Exploit Title: Download Manager Cross-Site Scripting Date: 2022-06-16 Exploit Author : Andrea Bocchetti Vendor Homepage : https://wordpress.org/plugins/download-manager/ Version : = 3.2.43 Tested on: windows CVE : CVE-2022-2101 Description 1- Login in the plugin page 2- add the xss payload in the...
EaseUS Data Recovery 15.1.0.0 Unquoted Service Path
Exploit Title: EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.easeus.com/ Tested Version: 15.1.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquote...
Movie Seat Reservation System 1.0 File Disclosure / SQL Injection
Movie Seat Reservation System Sql Injection Author: D4rkP0w4r Note = exploit don't need login account Exploit Use Burp Suite capture request with payload GET...
Loan Management System 1.0 Cross Site Scripting
Exploit Title: Loan Management System 1.0 - Multiple Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/19 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...
SOPlanning 1.52.01 Remote Code Execution
Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...
3DSecure 2.0 3DS Method Authentication Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Privilege Escalation
Advisory ID: SYSS-2024-027 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Improper Privilege Management CWE-269 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05...
RIOT 2024.01 Buffer Overflows / Lack Of Size Checks / Out-Of-Bound Access
-- HNS-2024-07 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in RIOT OS OS: RIOT Date: 2024-05-07 CVE ID and severity: CVE-2024-31225 - High CVE-2024-32017 - Critical CVE-2024-32018 - High low-severity vulnerabilities were not assigned a CVE ID Vendor...
PHPJabbers Availability Booking Calendar 5.0 CSV Injection
Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - CSV Injection Date: 12/11/2023 Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version: v5.0...
Dawa Pharma 1.0-2022 SQL Injection
Title: dawa-pharma-1.0-2022 Multiple-SQLi Author: nu11secur1ty Date: 10/12/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The email...
Easy Address Book Web Server 1.6 Buffer Overflow / Cross Site Scripting
Exploit Title: Easy Address Book Web Server v1.6 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-01-10 CVE: CVE-2023-4491, CVE-2023-4492, CVE-2023-4493 Vendor Homepage: http://www.efssoft.com/web-address-book-server.html Software Link : http://www.efssoft.com/eabws.ex...
PrinterLogic Build 1.0.757 XSS / SQL Injection / Authentication Bypass
PrinterLogic SaaS, multiple vulnerabilities =========================================================== PrinterLogic's Enterprise Print Management software allows IT professionals to simplify printer driver management and empower end users. -- https://www.printerlogic.com/ Background...
Centreon 22.04.0 Cross Site Scripting
Exploit Title: Stored XSS in name parameter in Centreon version 22.04.0 Date: Exploit Author: syad, yunaranyancat, saitamang Vendor Homepage: Centreon Software Link: https://download.centreon.com/ Version: 22.04.0 CVE ID : CVE-2022-36194 Tested on: Centos 7 Centreon 22.04.0 is vulnerable to Cross...
Backdoor.Win32.NinjaSpy.c Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9f39606d9e19771af5acc6811ccf557f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Authentication Bypass Description: The malware listens on T...
TRIGONE Remote System Monitor 3.61 Unquoted Service Path
Exploit Title: TRIGONE Remote System Monitor 3.61 Unquoted Service Path Discovery by: Yehia Elghaly Date: 30-12-2021 Vendor Homepage: https://www.trigonesoft.com/ Software Link: https://www.trigonesoft.com/download/RemoteSystemmonitorServer3.61x86Setup.exe Tested Version: 3.61 Vulnerability Type:...
WordPress WP Guppy 1.1 Information Disclosure
Exploit Title: Wordpress Plugin WP Guppy 1.1 - WP-JSON API Sensitive Information Disclosure Exploit Author: Keyvan Hardani Date: 22/11/2021 Vendor Homepage: https://wp-guppy.com/ Version: up to 1.1 Tested on: Kali Linux - Windows 10 - Wordpress 5.8.x and apache2 Usage ./exploit.sh -h !/bin/bash...
Wipro Holmes Orchestrator 20.4.1 File Disclosure
Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Log File Disclosure Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38283 import requests as rq import argparse import...
Exim base64d Buffer Overflow
!/usr/bin/python import sys import time import socket import struct s = None f = None def logo: print print " CVE-2018-6789 Poc Exploit" print "@straightblast ; [email protected]" print def connecthost, port: global s global f s = socket.createconnectionhost,port f = s.makefile'rw', bufsize=0...
ExifTool DjVu ANT Perl Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ExifTool DjVu ANT Perl injection', 'Description' = %q This module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifToo...
Trojan-Downloader.Win32.FraudLoad.xevn Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/17da6737cb94c11fa2363772d8eac0b1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.FraudLoad.xevn Vulnerability: Insecure Permissions Description: FraudLoad.xe...
Cisco RV130W Routers Management Interface Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework linux/armle/meterpreter/bindtcp - segfault linux/armle/meterpreter/reversetcp - segfault linux/armle/meterpreterreversehttp - works linux/armle/meterpreterreversehttps -...
Overlayfs Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Overlayfs Privilege Escalation', 'Description' = %q This module attempts to exploit two different CVEs related to overlayfs...
Pyload Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Pyload RCE CVE-2024-39205 with js2py sandbox escape CVE-2024-28397', 'Description' = %q CVE-2024-28397 is sandbox escape ...
StimulusReflex 3.5.0 Arbitrary Code Execution
StimulusReflex CVE-2024-28121 Arbitrary code execution in StimulusReflex. This affects version 3.5.0 up to and including 3.5.0.rc2 and v3.5.0.pre10. Vulnerable code excerpt stimulusreflex/lib/stimulusreflex/reflex.rb Invoke the reflex action specified by name and run all callbacks def processname...
Hitachi NAS SMU Backup And Restore Insecure Direct Object Reference
!/usr/bin/python3 Title: Hitachi NAS HNAS System Management Unit SMU Backup & Restore IDOR Vulnerability CVE: CVE-2023-5808 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host",...
Taskhub 2.8.8 Cross Site Scripting
Title: TASKHUB-2.8.8-XSS-Reflected Author: nu11secur1ty Date: 09/22/2023 Vendor: https://codecanyon.net/user/infinitietech Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Reference: https://portswigger.net/web-security/cross-site-scripting Description: T...
Atos Unify OpenScape Code Execution / Missing Authentication
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated Remote Code Execution and Missing Authentication product: Atos Unify OpenScape Session Border Controller Atos Unify OpenScape Branch Atos Unify OpenScape BC...
islamnt CMS 2.1.0 Cross Site Scripting
==================================================================================================================================== | Title : islamnt CMS v2.1.0 XSS Vulnerability Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-b...
TerraMaster TOS 4.2.06 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TerraMaster TOS 4.2.06 or lower - Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated remote...
Backdoor.Win32.Dsklite.a Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6c9665de78ae60a8e057d2c9cdb91596.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Dsklite.a Vulnerability: Remote Denial of Service Description: The malware listens on...
YouTube Video Grabber 1.9.9.1 Buffer Overflow
Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...
Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: Multiple Korenix Technology products: Korenix: JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706, JetNet...
MyBB 1.8.25 Remote Command Execution
Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...
Zenphoto CMS 1.5.7 Shell Upload
Authenticated arbitrary file upload to RCE Product : Zenphoto Affected : Zenphoto CMS - = 1.5.7 Attack Type : Remote login then go to plugins then go to uploader and press on the check box elFinder then press apply , after that you go to upload then FileselFinder drag and drop any malicious php...
Online Shopping Alphaware 1.0 SQL Injection
Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Date: 2020-07-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
SPIP CMS 2.x / 3.x Add Administrator / File Upload
Exploit Title : Spip CMS 2.x/3.x Add Administrator Account & Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Published Date : 26/03/2019 First Discovered Date : 2013 - 2014 Vendor Homepage : spip.net Software Download Links :...