50748 matches found
openVIVA c2 20220101 Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting product: mb Support broker management solution openVIVA c2 vulnerable version: 20220801 CVE number: CVE-2022-39172 impact: Medium homepage:...
FlatApp Premium Admin Dashboard 1.0 SQL Injection
==================================================================================================================================== | Title : FlatApp - Premium Admin Dashboard 1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Kiddoware Kids Place Parental Control Android App vulnerable version: =3.8.49 fixed version: 3.8.50 or higher CVE number: CVE-2023-28153...
Shannon Baseband fmtp SDP Attribute Memory Corruption
Shannon Baseband: Memory corruption when processing fmtp SDP attribute There is a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffe...
Pandora FMS 7.0NG.742 Remote Code Execution
Exploit Title: Pandora FMS v7.0NG.742 - Remote Code Execution RCE Authenticated Date: 05/20/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pandorafms.com/ Software Link:...
Cibele Thinfinity VirtualUI 2.5.41.0 User Enumeration
Exploit Title: Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration Date: 13/12/2021 Exploit Author: Daniel Morales, IT Security Team - ARHS Spikeseed Vendor Homepage: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version: vulnerable v3.0 Tested on:...
Webmin 1.920 rpc.cgi Remote Root
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Webmin %q This exploit takes advantage of a code execution issue within the function unserialisevariable located in web-lib-funcs.pl, in order to...
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference', 'Description' = %q This module exploits an out of bounds function table...
4BRO Insecure Direct Object Reference / API Information Exposure
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Broken access control & API Information Exposure product: 4BRO App vulnerable version: before 2024-04-17 fixed version: 2024-04-17 CVE number: - impact: Critical homepage...
PodcastGenerator 3.2.9 Cross Site Scripting
Exploit Title: PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting XSS Application: PodcastGenerator Version: v3.2.9 Bugs: Stored Xss Technology: PHP Vendor URL: https://podcastgenerator.net/ Software Link: https://github.com/PodcastGenerator/PodcastGenerator Date of found: 14-05-2023...
GLPI 10.0.2 SQL Injection / Remote Code Execution
ADVISORY INFORMATION Exploit Title: GLPI v10.0.2 - SQL Injection Authentication Depends on Configuration Date of found: 11 Jun 2022 Application: GLPI =10.0.0, 10.0.3 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
WebKit HTMLSelectElement Use-After-Free
WebKit use-after-free in HTMLSelectElement There is a use-after-free in HTMLSelectElement. If the length of the HTMLSelectElement is set to a value greater than the existing options length then dummy HTMLOptionElements elements are created. These HTMLOptionsElements are stored as raw pointers in...
WordPress Visual Slide Box Builder 3.2.9 SQL Injection
Title: WordPress 6.0 - Visual Slide Box Builder 3.2.9 SQLi Author: nu11secur1ty Date: 07.11.2022 Vendor: https://wphive.com/ Software: https://wphive.com/plugins/wp-visual-slidebox-builder/?pluginversion=3.2.9 Reference:...
WBCE CMS 1.5.1 Admin Password Reset
Exploit Title: WBCE CMS 1.5.1 - Admin Password Reset Google Dork: intext: "Way Better Content Editing" Date: 20/12/2021 Exploit Author: citril or https://github.com/maxway2021 Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: = 1.5.1 Tested on: Linux CVE :...
AbanteCart Arbitrary File Upload / Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: AbanteCart e-commerce platform vulnerable version: 1.3.2 fixed version: 1.3.2 CVE number: CVE-2021-42050, CVE-2021-42051 impact: Medium...
Virus.Win32.Ipamor.c Unauthenticated Reboot
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b6bfdfe91c3e37865b6a269dc9ff9302.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...
Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery
!-- Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password Vendor: Panasonic Corporation | SANYO Electric Co., Ltd. Product web page: https://www.panasonic.com https://www.sanyo-av.com https://panasonic.net/sanyo/cs/index.html Affected version: Model: VCC-HD5600...
Knockpy 4.1.1 CSV Injection
Exploit Title: Knockpy 4.1.1 - CSV Injection Author: Dolev Farhi Date: 2020-12-29 Vendor Homepage: https://github.com/guelfoweb/knock Version : 4.1.1 Tested on: Debian 9.13 Knockpy, as part of its subdomain brute forcing flow of a remote domain, issues a HEAD request to the server to fetch detail...
D-Link DIR-615 T1 20.10 CAPTCHA Bypass
Exploit Title: D-Link DIR-615 T1 20.10 - CAPTCHA Bypass Date: 2019-10-12 Exploit Author: huzaifa hussain Vendor Homepage: https://in.dlink.com/ Version: DIR-615 T1 ver:20.10 Tested on: D-LINK ROUTER "MODEL NO: DIR-615" with "FIRMWARE VERSION:20.10" & "HARDWARE VERSION:T1 CVE: CVE-2019-17525 D-LIN...
WebLogic Server Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE BadAttributeValueExpException ExtComp', 'Description' = %q There exists a Java object deserialization...
Find A Place CMS Directory 1.5 SQL Injection
Exploit Title: Find a Place CMS Directory 1.5 - 'assets/external/data2.php cate' SQL Injection Google Dork: inurl:"assets/external/data.php" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage: https://themerig.com/...
Apache Rave 0.20 User Information Disclosure
Apache Rave version 0.20 proof of concept user information disclosure exploit that leverages a flaw from 2013. ============================================================================================================================================= | Title : Apache Rave 0.20 Disclosure of use...
Webmin 2.202 Remote Command Execution
Webmin version 2.202 remote command execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Webmin 2.202 Reverse Shell attack | | Author : indoushka | |...
Maid Hiring Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Maid Hiring Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Leads Manager Tool SQL Injection / Cross Site Scripting
x========================================================================================================================================x | Title : Leads Manager Tool SQL & XSSstored Vulnerabilities | Software : Leads Manager Tool Using PHP and MySQL with Source Code | Create By :...
HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: HAWKI Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany vulnerable version: 1.0.0-beta.1,...
SISQUAL WFM 7.1.319.103 Host Header Injection
Exploit Title: SISQUAL WFM 7.1.319.103 Host Header Injection Discovered Date: 17/03/2023 Reported Date: 17/03/2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://www.sisqualwfm.com Version: 7.1.319.103 Tested on: SISQUAL WFM 7.1.319.103 Affected Version: sisqualWFM - 7.1.319.1...
October CMS 3.4.0 About Cross Site Scripting
OctoberCMS v3.4.0 About Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framework...
WordPress Royal Elementor 1.3.78 Shell Upload
Today, on October 13, 2023, the Wordfence Threat Intelligence Team became aware of a vulnerability that was recently patched in Royal Elementor Addons and Templates, a WordPress plugin installed on over 200,000 sites, that makes it possible for unauthenticated attackers to upload arbitrary files ...
TinyWebGallery 2.5 Shell Upload
Exploit Title: TinyWebGallery v2.5 - Remote Code Execution RCE Application: TinyWebGallery Version: v2.5 Bugs: RCE Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023 Author: Mirabbas...
Piwigo 13.5.0 SQL Injection
===== Tempest Security Intelligence - ADV-03/2023 ========================== Piwigo - Version 13.5.0 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeline...
WSO2 Management Console Cross Site Scripting
Exploit Title: WSO2 Management Console Multiple Products - Unauthenticated Reflected Cross-Site Scripting XSS Date: 21 Apr 2022 Exploit Author: cxosmo Vendor Homepage: https://wso2.com Software Link: API Manager https://wso2.com/api-manager/, Identity Server https://wso2.com/identity-server/,...
Backdoor.Win32.Acropolis.10 Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e865fc7225c84165d7aa0c7d8a1bcb77.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Acropolis.10 Vulnerability: Insecure Permissions Description: The malware writes an...
WordPress TheCartPress 1.5.3.6 Privilege Escalation
Exploit Title: Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation Unauthenticated Google Dork: inurl:/wp-content/plugins/thecartpress/ Date: 04/10/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugin/thecartpress Version: spacehen www.github.com/spacehen" def...
Trojan.Win32.Agentb.iofv Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agentb.iofv Vulnerability: Insecure Permissions Description: Agentb.iofv creates an...
rConfig 3.9.6 Shell Upload
Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution Authenticated Date: 2021-03-17 Exploit Author: Murat ŞEKER Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.6.zip Version: rConfig v3.9.6 Install scripts :...
Backdoor.Win32.Aphexdoor.LiteSock Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a8bb1744bedf43849ed808b7dfa32da4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Aphexdoor.LiteSock Vulnerability: Remote Stack Buffer Overflow Description:...
WordPress SuperForms 4.9 Shell Upload
Exploit Title: WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution Exploit Author: ABDO10 Date : Jan - 28 - 2021 Google Dork : inurl:"/wp-content/plugins/super-forms/" Vendor Homepage : https://renstillmann.github.io/super-forms// Version : All = 4.9.X data in http...
BlogEngine 3.3.8 Cross Site Scripting
Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...
Microsoft Windows VCF Denial Of Service
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-VCF-MAILTO-LINK-DENIAL-OF-SERVICE.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product A VCF file is a standard file format for...
WordPress wpmu-dev-post-votes 2.2.5 Database Disclosure
Exploit Title : WordPress wpmu-dev-post-votes Plugins 2.2.5 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wordpress.org premium.wpmudev.org Software Download Link :...
Hospital Management System Project In ASP.Net MVC 1 SQL Injection
Exploit Title: Hospital Management System Project in ASP.Net MVC - SQL Injection / Authentication Bypass Date: 07/16/2024 Exploit Author: 0xMykull Vendor Hompage: https://itsourcecode.com/free-projects/asp/hospital-management-system-project-in-asp-net-mvc-with-source-code/ Software Link:...
ManageEngine ADAudit Plus Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus Authenticated File Write RCE', 'Description' = %q This module exploits security issues in ManageEngine ADAudit Plus pri...
Tenda N300 F3 12.01.01.48 Header Processing
!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Date: 09/03/2023 Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...
io_uring Same Type Object Reuse Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'iouring Same Type Object Reuse Priv Esc', 'Description' = %q This module exploits a bug in iouring leading to an additional putcred that can be...
WordPress Zephyr Project Manager 3.2.42 SQL Injection
Exploit Title: Wordpress Plugin Zephyr Project Manager 3.2.42 - Multiple SQLi Date: 14-08-2022 Exploit Author: Rizacan Tufan Blog Post: https://rizax.blog/blog/wordpress-plugin-zephyr-project-manager-multiple-sqli-authenticated Software Link: https://wordpress.org/plugins/zephyr-project-manager/...
WordPress Duplicator 1.4.7 Information Disclosure
Exploit Title: WordPress Plugin Duplicator 1.4.7 - Information Disclosure Google Dork: N/A Date: 07.27.2022 Exploit Author: SecuriTrust Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: = 1.4.7 Tested on: Linux, Windows CVE : CVE-2022-2552...
Musical World 1 Shell Upload
Musical-World-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Note Login to client. don't need login to admin Description Upload web shell at UploadedSongs Step to Reproduct Login to user - TRACK - UploadedSongs - Choose File - UPLOAD - access /songs/uploadedsongs/shell.php Exploit When upload...
Banco Guayaquil 8.0.0 Cross Site Scripting
Document Title: =============== Banco Guayaquil Versión 8.0.0 IOS - Cross Site Scripting Stored Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.com Vendor Homepage: https://apps.apple.com/ec/app/banco-guayaquil/id624963066 =============== Release...
Accu-Time Systems MAXIMUS 1.0 Buffer Overflow / Denial Of Service
Exploit Title: Accu-Time Systems MAXIMUS 1.0 Telnet Remote Buffer Overflow Discovered by: Yehia Elghaly Discovered Date: 2021-12-22 Vendor Homepage: https://www.accu-time.com/ Software Link : https://www.accu-time.com/maximus-employee-time-clock-3/ Tested Version: 1.0 Vulnerability Type: Buffer...