50738 matches found
Microsoft Windows 11 22h2 Kernel Privilege Escalation
// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...
SecurePoint UTM 12.x Memory Leak
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use of Uninitialized Variable CWE-457 Date found: 2023-01-05 Date published: 2023-04-12 CVSSv3 Scor...
Monitorr 1.7.6m / 1.7.7d Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monitorr unauthenticated Remote Code Execution RCE', 'Description' = %q This module exploits an arbitrary file upload vulnerability and achieving...
Readymade Job Portal Script SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Barco Control Room Management Suite Directory Traversal
I. SUMMARY Title: CVE-2022-2623 Barco Control Room Management Suite File Path Traversal Vulnerability Product: Barco Control Room Management Suite before 2.9 build 0275 and all prior versions Vulnerability Type: File Path Traversal Credit by/Researcher: Murat Aydemir from Accenture Cyber Security...
MartFury Marketplace Cross Site Scripting
Document Title: =============== MartFury Marketplace - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2282 Release Date: ============= 2022-02-17 Vulnerability Laboratory ID VL-ID: ====================================...
Netgear Genie 2.4.64 Unquoted Service Path
Exploit Title: Netgear Genie 2.4.64 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 2.4.64 Date: 23.10.2021 Vendor Homepage: https://www.netgear.com/ Tested on: Windows 10 C:\Users\Mertsc qc NETGEARGenieDaemon SC QueryServiceConfig SUCCESS SERVICENAME: NETGEARGenieDaemon TYPE : 10...
Engineers Online Portal 1.0 SQL Injection
Exploit Title: Engineers Online Portal 1.0 is vulnerable to three types of SQL injection attacks. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 10.13.2021 Vendor: https://www.sourcecodester.com/users/janobe Link:...
Backdoor.Win32.NinjaSpy.c Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Remote Command Execution Description: The malware listens ...
DD-WRT 45723 Buffer Overflow
Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Date: 24.03.2021 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...
ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure
ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
Joomla com_contenthistory Error-Based SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla comcontenthistory Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla versions 3.2...
CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chaos RAT XSS to RCE', 'Description' = %q CHAOS v5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to...
Apache mod_proxy_cluster Cross Site Scripting
import requests import argparse from bs4 import BeautifulSoup from urllib.parse import urlparse, parseqs, urlencode, urlunparse from requests.exceptions import RequestException class Colors: RED = '\03391m' GREEN = '\0331;49;92m' RESET = '\0330m' def getclustermanagerurlbaseurl, path:...
Circontrol Raption Buffer Overflow / Command Injection
Circontrol EV Charger vulnerabilities. 1. CVE-2020-8006 Pre-Auth Stack Based Buffer Overflow CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 10 The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the...
Solar-Log 200 PM+ 3.6.0 Cross Site Scripting
Exploit Title: Stored XSS in Solar-Log 200 3.6.0 web panel Date: 10-30-23 Exploit Author: Vincent McRae, Mesut Cetin - Redteamer IT Security Vendor Homepage: https://www.solar-log.com/en/ Version: Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 Tested on: Proprietary devices:...
Reprise License Manager 15.1 Privilege Escalation / File Write
Multiple Vulnerabilities in Reprise License Manager 15.1 CVE-2023-43183, CVE-2023-44031 Credit: Mohaiman Rahim...
etcd-browser 87ae63d75260 Directory Traversal
An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...
pfSense Restore RRD Data Command Injection
class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of pfSense prior to version 2.7.0 which allows an authenticated attacker with the "WebCfg - Diagnostics:...
ILIAS eLearning Platform XSS / Remote Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple high risk vulnerabilities product: ILIAS eLearning platform vulnerable version: see section "Vulnerable version" below fixed version: see section "Solution" belo...
Anonymous Feedback Script 2.1 Cross Site Scripting
==================================================================================================================================== | Title : Anonymous Feedback Script V2.1 xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...
Serendipity 2.4.0 Cross Site Scripting
Exploit Title: Serendipity 2.4.0 - Cross-Site Scripting XSS Author: Mirabbas Ağalarov Application: Serendipity Version: 2.4.0 Bugs: Stored XSS Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found: 13.04.2023 Tested on: Linux 2. Technic...
ASKEY RTF3505VW-N1 Privilege Escalation
Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...
Win32.MarsStealer Web Panel Cross Site Scripting
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8abb41f6e7010d70c90f65fd9a740faaB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Win32.MarsStealer Web Panel Vulnerability: Unauthenticated Remote Persistent XSS Description: The...
Backdoor.Win32.Coredoor.10.a Authentication Bypass / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4d10cd3fa86239ade05d2b741892b1e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Coredoor.10.a Vulnerability: Authentication Bypass RCE Description: The malware liste...
Trojan-Dropper.Win32.Agent.bjtzcp Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Agent.bjtzcp Vulnerability: Insecure Permissions Description: Agent.bjtzcp...
Coturn 4.5.1.x Access Control Bypass
Loopback access control bypass in coturn by using 0.0.0.0, ::1 or :: as the peer address - Fixed version: 4.5.2 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass - Coturn Security Advisory:...
WordPress Litespeed Cache 3.6 Cross Site Scripting
Exploit Title: WordPress Plugin litespeed-cache 3.6 - 'serverip' Cross-Site Scripting Date: 20-12-2020 Software Link: https://downloads.wordpress.org/plugin/litespeed-cache.3.6.zip Version: litespeed-cache Tested on: Windows 10 x64 Description: A Stored Cross-site scripting XSS was discovered in...
Hospital Management System 4.0 Cross Site Scripting
Exploit Title: Hospital Management System 4.0 Multiple Reflected XSS Google Dork: N/A Date: 1/2/2020 Exploit Author: FULLSHADE Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Tested on: Windows CVE : CVE-2020-5193...
ABB Cylon Aspect 3.08.02 PHP Session Fixation
ABB Cylon Aspect version 3.08.02 is vulnerable to session fixation, allowing an attacker to set a predefined PHPSESSID value. An attacker can leverage an unauthenticated reflected cross site scripting vulnerability in jsonProxy.php to inject a crafted request, forcing the victim to adopt a fixate...
Gleamtech FileVista 9.2.0.0 Directory Traversal
A security vulnerability in FileVista version 9.2.0.0 allows an authenticated admin user to upload malicious files via directory traversal, bypassing security controls. Exploit Title: Gleamtech FileVista 9.2.0.0 - Directory Traversal Leading to Unrestricted File Upload Date: Feb 6, 2025 Exploit...
Online Exam System 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Exam System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits...
3DSecure 2.0 3DS Method Authentication Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...
Dell Security Management Server Privilege Escalation
Exploit Title: title Dell Security Management Server versions prior to 11.9.0 Exploit Author: author Amirhossein Bahramizadeh CVE : if applicable CVE-2023-32479 Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege...
XoopsCore25 2.5.11 Cross Site Scripting
Title: XoopsCore25-2.5.11-XSS-Reflected Author: nu11secur1ty Date: 02/12/2024 Vendor: https://xoops.org/ Software: https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.11 Reference: https://portswigger.net/kb/issues/00200300cross-site-scripting-reflected Description: The value of the yname...
Typora 1.7.4 Command Injection
Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 13.09.2023 Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps t...
WordPress PrePost SEO 3.0 Cross Site Scripting
Tittle: WordPress Plugin PrePost SEO " 2. Save and see XSS exploit. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b...
Car Listing Script 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Advance Charity Management 1.0 Insecure Settings
Title: Advance Charity Management-1.0 - TLS cookie without secure flag set-PHPSESSID NEVER EXPIRATION-current session-Hijacking Author: nu11secur1ty Date: 06.04.2023 Vendor: https://www.sourcecodester.com/users/aown-shah Software:...
OCS Inventory NG 2.3.0.0 Unquoted Service Path
Exploit Title: OCS Inventory NG 2.3.0.0 - Unquoted Service Path Date: 2023/04/21 Exploit Author: msd0pe Vendor Homepage: https://oscinventory-ng.org Software Link: https://github.com/OCSInventory-NG/WindowsAgent My Github: https://github.com/msd0pe-1 Fixed in version 2.3.1.0 OCS Inventory NG...
B&R Systems Diagnostics Manager Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple XSS Vulnerabilities product: B&R Systems Diagnostics Manager vulnerable version: =3.00 and =D4.93 CVE number: CVE-2022-4286 impact: medium homepage:...
Feehi CMS 2.1.1 Remote Code Execution
Exploit Title: Feehi CMS 2.1.1 - Remote Code Execution RCE Authenticated Date: 22-08-2022 Exploit Author: yuyudhn Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Version: 2.1.1 REQUIRED Tested on: Linux, Docker CVE : CVE-2022-34140 Proof of Concept: 1. Login using...
Backdoor.Win32.Hupigon.haqj Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/d9542df20f8df457747451dd9e16d1c0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.haqj Vulnerability: Insecure Service Path Description: The malware creates a...
Medical Hub Directory Site 1.0 Shell Upload
Title: Medical Hub Directory Site 1.0 Shell Upload Author: Hejap Zairy Date: 30.07.2022 Vendor: https://www.sourcecodester.com/php/15252/simple-medical-hub-directory-site-phpoop-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/mhds.zip Reference:...
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote ABAP Code Injection in SAP IUUCRECONRCCOUNTTABLEBIG product: SAP Netweaver vulnerable version: SAP DMIS 20111731 SP 0013 fixed version: see solution section below...
Google Assistant Authentication Bypass
0011 Vendor: Google Status: fixed Reported: Nov 25, 2019 Disclosed: Oct 10, 2021 685 days Auth Bypass in Google Assistant Summary: Webpage can execute Google Assistant commands without any permissions Steps to reproduce: Generate the TTS audio files using the Google Cloud TTS API, using the text...
Kmaleon 1.1.0.205 SQL Injection
Exploit Title: Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection Authenticated Google Dork: intitle: "Inicio de Sesión - Kmaleon" Date: 2021-11-05 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.levelprograms.com Software Link: https://www.levelprograms.com/kmaleon-abogados/ Version...
Small CRM 3.0 Cross Site Scripting
Exploit Title: Small CRM 3.0 - 'description' Stored Cross-Site Scripting XSS Date: 20/10/2021 Exploit Author: Ghuliev Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Tested on: Server: Ubuntu When a user or admin creates a ticket, we can...
Apache Tomcat 9.0.0.M1 Cross Site Scripting
Exploit Title: Apache Tomcat 9.0.0.M1 - Cross-Site Scripting XSS Date: 05/21/2019 Exploit Author: Central InfoSec Version: Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 CVE : CVE-2019-0221 Requirements: SSI support must be enabled within Apache Tomcat. SSI support is no...
Voting System 1.0 SQL Injection
Exploit Title: Voting System 1.0 - Authentication Bypass SQLI Date: 06/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...