50786 matches found
Wipro Holmes Orchestrator 20.4.1 File Disclosure
Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Log File Disclosure Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38283 import requests as rq import argparse import...
YouTube Video Grabber 1.9.9.1 Buffer Overflow
Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...
Trojan.Win32.Pasta.mca Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4692b129b0034fd53cd76867d9869e49.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Pasta.mca Vulnerability: Insecure Permissions Description: The malware writes an .DLL...
Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: Multiple Korenix Technology products: Korenix: JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706, JetNet...
Online Shopping Alphaware 1.0 SQL Injection
Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Date: 2020-07-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
Cisco RV130W Routers Management Interface Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework linux/armle/meterpreter/bindtcp - segfault linux/armle/meterpreter/reversetcp - segfault linux/armle/meterpreterreversehttp - works linux/armle/meterpreterreversehttps -...
SPIP CMS 2.x / 3.x Add Administrator / File Upload
Exploit Title : Spip CMS 2.x/3.x Add Administrator Account & Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Published Date : 26/03/2019 First Discovered Date : 2013 - 2014 Vendor Homepage : spip.net Software Download Links :...
Jenkins 2.150.2 Remote Command Execution Via Node JS
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Jenkins %q This module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The...
WordPress WP-Automatic SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class SQLExecutionError 'WordPress wp-automatic Plugin SQLi Admin Creation', 'Description' = %q This module exploits an unauthenticated SQL injection vulnerability in th...
StimulusReflex 3.5.0 Arbitrary Code Execution
StimulusReflex CVE-2024-28121 Arbitrary code execution in StimulusReflex. This affects version 3.5.0 up to and including 3.5.0.rc2 and v3.5.0.pre10. Vulnerable code excerpt stimulusreflex/lib/stimulusreflex/reflex.rb Invoke the reflex action specified by name and run all callbacks def processname...
Kopage Website Builder 4.4.15 Shell Upload
Title: Kopage-Website-Builder-4.4.15-File-Upload-RCE Author: nu11secur1ty Date: 12/08/2023 Vendor: https://www.kopage.com/ Software: https://demo.kopage.com/index.php Reference: https://portswigger.net/web-security/file-upload,...
WBCE CMS 1.6.1 Shell Upload
Exploit Title: WBCE CMS Version : 1.6.1 Remote Command Execution Date: 30/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.1.zip Version: 1.6.1 Tested on: https://www.softaculous.com/apps/cms/WBCECMS POC: 1...
SPA-Cart eCommerce CMS 1.9.0.3 SQL Injection
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4548 CWE: CWE-89 - CWE-74 -...
TerraMaster TOS 4.2.06 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TerraMaster TOS 4.2.06 or lower - Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unauthenticated remote...
VMware vCenter vScalation Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter vScalation Priv Esc', 'Description' = %q This module exploits a privilege escalation in vSphere/vCenter due to improper permission...
Wavlink WN533A8 Cross Site Scripting
Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...
Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Infiray IRAY-A8Z3 thermal camera vulnerable version: V1.0.957 fixed version: None CVE number: CVE-2022-31208, CVE-2022-31209,...
Online Sports Complex Booking System 1.0 Cross Site Scripting
Title: Online Sports Complex Booking System 1.0 XSS Author: Zllggggg Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...
Tiny File Manager 2.4.3 Shell Upload
Tiny File Manager Example: ./exploit.sh http://files.ubuntu.local/index.php admin "admin@123" https://github.com/febinrev/tinyfilemanager-2.4.3-exploit !/bin/bash check which curl if $? = 0 then printf "✔ Curl found! \n" else printf "❌ Curl not found! \n" exit fi which jq if $? = 0 then printf "✔...
FormaLMS 2.4.4 Authentication Bypass
Exploit Title: FormaLMS 2.4.4 - Authentication Bypass Google Dork: inurl:index.php?r=adm/ Date: 2021-11-10 Exploit Author: Cristian 'void' Giustini @ Hacktive Security Vendor Homepage: https://formalms.org Software Link: https://formalms.org Version: = 2.4.4 Tested on: Linux CVE : CVE-2021-43136...
Backdoor.Win32.VB.afu Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6ba7fcb9eb9bdd7e081e2e84e784dcb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.afu Vulnerability: Insecure Permissions Description: The malware writes an .EXE wi...
Sequoia: A Deep Root In Linux's Filesystem Layer
Qualys Security Advisory Sequoia: A deep root in Linux's filesystem layer CVE-2021-33909 ======================================================================== Contents ======================================================================== Summary Analysis Exploitation overview Exploitation...
Zenphoto CMS 1.5.7 Shell Upload
Authenticated arbitrary file upload to RCE Product : Zenphoto Affected : Zenphoto CMS - = 1.5.7 Attack Type : Remote login then go to plugins then go to uploader and press on the check box elFinder then press apply , after that you go to upload then FileselFinder drag and drop any malicious php...
Oracle PeopleSoft HCM 9.2 XXE Injection
Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Nadya Krivdyuk ERPScan Description 1...
Lansweeper Credential Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lansweeper Credential Collector', 'Description' = %q Lansweeper stores the credentials it uses to scan the computers in its Microsoft SQL databas...
WordPress Theme My Login 2FA Brute Force
The theme my login plugin before 1.2 does not check how often a 2FA code was wrongly entered, allowing a bruteforce of codes to bypass 2FA effectively. A working python exploit: from typing import KeysView from selenium.webdriver.common.by import By from selenium import webdriver from...
Osprey Pump Controller 1.0.1 Cross Site Request Forgery
!-- Osprey Pump Controller 1.0.1 Cross-Site Request Forgery Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...
HP LaserJet Professional M1210 MFP Series Receive Fax Service Unquoted Service Path
Exploit Title: HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path Date: 2022-06-06 Exploit Author: Ali Alipour Vendor Homepage: https://support.hp.com/us-en/document/c01998934 Software Link:...
Spring Cloud Function SpEL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Function SpEL Injection', 'Description' = %q Spring Cloud Function versions prior to 3.1.7 and 3.2.3 are vulnerable to remote code...
Sports Complex Booking System 1.0 Shell Upload
Title: Sports Complex Booking System 1.0 Shell Upload Author: Hejap Zairy Date: 24.07.2022 Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip...
Wondershare MirrorGo 2.0.11.346 Insecure File Permissions
Exploit Title: Wondershare MirrorGo 2.0.11.346 - Insecure File Permissions Discovery by: Luis Martinez Discovery Date: 2022-02-23 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/mirrorgofull8050.exe Tested Version: 2.0.11.346 Vulnerability Type: Loca...
IFSC Code Finder Project 1.0 SQL Injection
Hello, dear friends. KR CVE-2021-42224 Vendor Description: - vulnerability: all or nothing SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php. The searchifsccode parameter appears to be vulnerable to SQL injection attacks. The...
Backdoor.Win32.Surila.j Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b1cec4b806c71c82bbd9002bdaf21d1fC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Surila.j Vulnerability: Remote Denial of Service Description: The malware listens on...
Rocket.Chat 3.12.1 NoSQL Injection / Code Execution
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python...
PLANEX CS-QP50F-ING2 Remote Configuration Disclosure
!/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer...
berliCRM 1.0.24 SQL Injection
Exploit Title: berliCRM 1.0.24 - 'srcrecord' SQL Injection Google Dork: N/A Date: 2020-10-11 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.berlicrm.de Software Link: https://github.com/berliCRM/berlicrm/archive/1.0.24.zip Version: 1.0.24 Tested on: Kali Linux CVE : N/A ==========...
DiCal-RED 4009 Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-042 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Risk Level: Medium Solution...
WyreStorm Apollo VX20 Credential Disclosure
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...
Academy LMS 6.2 SQL Injection
Exploit Title: Academy LMS 6.2 - SQL Injection Exploit Author: CraCkEr Date: 29/08/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4974 CWE: CWE-89 / CWE-74 /...
FastMatch Iddaa Tahmin Scripti 2.0 SQL Injection
==================================================================================================================================== | Title : FastMatch İddaa Tahmin Scripti v2.0 auth by pass vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...
InnovaStudio WYSIWYG Editor Asset Manager 5.4 Shell Upload
Exploit Title: InnovaStudio WYSIWYG Editor 5.4 ASSET MANAGER Unrestricted File Upload / Directory Traversal / Multiple WebApps Exploit Date: 11/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: innovastudio.com Product: Asset Manager Version: = Asset Manager ASP Version 5....
PHPGurukul Zoo Management System 1.0 SQL Injection
Zoo Management System SQL Injection Author: D4rkP0w4r Description = sql injection at /animals?classid=1 Injection Point http://192.168.1.101:8080/ZooManagementSystem/publichtml/animals?classid=1 Exploit Exploit with Sqlmap python3 sqlmap.py -u...
pfSense 2.5.2 Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense Diag Routes Web Shell Upload', 'Description' = %q This module exploits an arbitrary file creation vulnerability in the pfSense HTTP...
Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting
Exploit Title: Online Enrollment Management System in PHP and PayPal 1.0 - 'UNAME' Stored Cross-Site Scripting Date: 2021-08-31 Exploit Author: Tushar Jadhav Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Backdoor.Win32.BlueAdept.02.a Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/694d21679cc212c59515584d1b65dc84.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BlueAdept.02.a Vulnerability: Remote Buffer Overflow Description: The malware listens...
Backdoor.Win32.Antilam.11 Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/290477c9707f64a316888493ae67b1ef.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.11 Vulnerability: Unauthenticated Remote Command Execution Description: The...
Trojan.Win32.SkynetRef.x Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/339ec4617eababfd46006f2219e68cb8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.SkynetRef.x Vulnerability: Unauthenticated Open Proxy Description: The malware listens ...
Build Smart ERP 21.0817 SQL Injection
Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Date: 24/10/2021 Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 ...
Trojan-PSW.Win32.PdPinch.gen Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0e4fbfeb6f7a98e437a497013b285ffc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-PSW.Win32.PdPinch.gen Vulnerability: Remote Denial of Service Description: The malware listen...
GetSimple CMS My SMTP Contact 1.1.1 CSRF/ XSS / Code Execution
Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to Stored XSS to RCE Exploit Author: Bobby Cooke boku Date: April 22nd, 2021 Vendor Homepage: http://get-simple.info & Software Link: http://get-simple.info/download/ Version: Exploit = v1.1.1 | Stored XSS = v1.1.2 Tested against...