50738 matches found
Concrete5 8.5.4 Cross Site Scripting
Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS Date: 2021-01 Exploit Author: Quadron Research Lab Version: Concrete5 8.5.4 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: Concrete5 CMS https://www.concrete5.org CVE: CVE-2021-3111 Suggested description The Express Entries Dashboard...
Cockpit CMS Remote Code Execution
Cockpit CMS 0.6.1 - Remote Code Execution Product: Cockpit CMS https://getcockpit.com Version: Cockpit CMS = 0.6.1...
WordPress W3 Total Cache 0.9.3 File Read / Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress W3 Total Cache File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability i...
GilaCMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting
===== Tempest Security Intelligence - ADV-07/2020 ========================== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timelin...
Plesk / myLittleAdmin ViewState .NET Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...
Confluence Server Local File Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/uAsvOg . CVE ID: CVE-2019-3394. Product: Confluence Server. Affected Confluence Server product versions: 6.1.0 = 6.1.0 but less than 6.6.16 or who have downloaded and...
CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery
Cross-Site Request Forgery CSRF ==================================================================== Information ==================================================================== Product : CWP Control Web Panel version : 0.9.8.837 Fixed on : 0.9.8.851 Test on : CentOS 7.6.1810 Core Reference :...
FortiOS 5.6.7 / 6.0.4 Credential Disclosure
Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/fortigate/fortios.html...
Comsenz SupeSite CMS 7.0 Code Execution
Comsenz SupeSite CMS Arbitrary Code Execution Security Vulnerabilities Exploit Title: Comsenz SupeSite CMS Arbitrary Code Execution Security Vulnerabilities Product: SupeSite CMS Content Management System Vendor: Comsenz Vulnerable Versions: 6.0.1UC 7.0 Tested Version: 7.0 Advisory Publication: F...
Atlassian Confluence Administrator Code Macro Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Administrator Code Macro Remote Code Execution', 'Description' = %q This module exploits an authenticated administrator-leve...
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Kiuwan SAST on-premise KOP & cloud/SaaS Kiuwan Local Analyzer KLA vulnerable version: Kiuwan SAST 2.8.2402.3 Kiuwan Local...
GetSimple CMS 3.3.2 Cross Site Scripting
==================================================================================================================================== | Title : GetSimple CMS v3.3.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vend...
RenderDoc 1.26 Local Privilege Escalation / Remote Code Execution
Qualys Security Advisory LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 ======================================================================== Contents ======================================================================== Summary CVE-2023-33865, a symlink...
Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path
Exploit Title: Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path Date: 2023/04/22 Exploit Author: msd0pe Vendor Homepage: https://www.arcsoft.com/ My Github: https://github.com/msd0pe-1 Arcsoft PhotoStudio: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto |...
Nokia OneNDS 17 Insecure Permissions / Privilege Escalation
=============================================================================== title: Incorrect Permission Assignment product: Nokia OneNDS 17 vulnerability type: Security Misconfiguration severity: High CVSS Score: 7.8 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H found on: 31/03/20...
WordPress Profile Builder 3.9.0 Missing Authorization
Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given ‘userid’. During this process, capability checks are not properly implemented to ensure that the user executing the function is authorized to...
WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery
==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress WoodMart Theme deactivate; $this-notices-addsuccess 'Theme license is successfully deactivated.' ; return; if isset $POST'woodmart-purchase-code' &...
Backdoor.Win32.Hellza.120 MVID-2022-0641 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hellza.120 Vulnerability: Unauthorized Remote Command Execution Description...
Fiberhome AN5506-02-B Cross Site Scripting
Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS Date: 10/08/2022 Exploit Author: Leonardo Goncalves Version: Firmware RP2521 1 Log in the equipment via your web browser 2 Go to Network authsettings 3 In the "sncfgloid" inject the payload "alert" 4 Click Save 5 Exploit!...
SAP FRUN Simple Diagnostics Agent 1.0 Missing Authentication
Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Because the Simple Diagnostic Agent SDA handles several important configuration and critical credential information, a successful attack could lead to the control o...
PKP Open Journals System 3.3 Cross Site Scripting
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...
Backdoor.Win32.Psychward.03.a Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/d069738f18957117367b8a79195a6a96.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...
RLM 14.2 Cross Site Scripting
Product: RLM 14.2 Vendor: Reprise Software CVE ID: CVE-2021-45422 Vulnerability Title: Reflected Cross-Site Scripting Severity: Medium Authors: Giulia Melotti Garibaldi Date: 2022-01-11 Introduction: An issue was discovered in Reprise License Manager 14.2, Reprise License Manager 14.2 is affected...
Microsoft Internet Explorer Active-X Control Security Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Internet Explorer MSIE...
Simple Client Management System 1.0 Cross Site Scripting
Exploit Title: Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Sentinal920 Date: 5-11-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html Software Link:...
Adobe ColdFusion 8 Remote Command Execution
Exploit Title: Adobe ColdFusion 8 - Remote Command Execution RCE Google Dork: intext:"adobe coldfusion 8" Date: 24/06/2021 Exploit Author: Pergyz Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html Version: 8 Tested on: Microsoft Windows Server 2008 R2 Standard CVE :...
Sonlogger 4.2.3.3 SuperAdmin Account Creation / Information Disclosure
Exploit Title: Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Date: 04-02-2021 Exploit Author: Berkan Er Vendor Homepage: https://www.sonlogger.com/ Version: 4.2.3.3 Tested on: Windows 10 Enterprise x64 Version 1803 A remote attacker can be create an user with SuperAdmin...
MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MobileIron MDM Hessian-Based Java Deserialization RCE', 'Description' = %q This module exploits an ACL bypass in MobileIron MDM products to execu...
Gotenberg 6.2.0 Traversal / Code Execution / Insecure Permissions
1 Multiple vulnerabilities in Gotenberg │ │ │ │ My PDF │ │ │ │ Path: │ .DirPath │ PASSWD: │ toHTML .DirPath "../../../../etc/passwd" │ IP: │ toHTML .DirPath "../../../...
Bolt CMS 3.7.0 Authenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bolt CMS 3.7.0 - Authenticated Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities in Bolt CMS version 3.7.0...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SYSTEM-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. Vendor us.dlink.com Product D-LINK Central WifiManager...
📄 phpMyFAQ 3.1.7 Cross Site Scripting
phpMyFAQ version 3.1.7 suffers from a cross site scripting vulnerability. Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Versio...
Multi Branch School Management System 3.5 Backup Disclosure
============================================================================================================================================= | Title : Multi Branch School Management System 3.5 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
OpenEMR 5.0.1 Patch 6 SQL Injection
require 'csv' This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenEMR 5.0.1 Patch 6 SQLi Dump', 'Description' = ' This module exploits a SQLi vulnerability found in OpenEMR version 5.0.1 Patch ...
Online Pizza Ordering System 1.0 SQL Injection
Titles: opos-1.0 Multiple SQLi Author: nu11secur1ty Date: 06/07/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection Description: The email...
Northwind Demo 1.0 Cross Site Scripting
Exploit Title: Northwind, company operations database - Cross-Site Scripting Reflected Date: 04.06.2024 Exploit Author: Furkan Eren Tetik Vendor Homepage: https://bigprof.com/appgini/free-open-source-web-applications Software Link: https://github.com/bigprof-software/northwind-demo Version: 1.0...
Prison Management System Using PHP SQL Injection
Exploit : Prison Management System Using PHP -SQL Injection Authentication Bypass Date: 15/03/2024 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/sql/17287/prison-management-system.html Tested on: Windows ,XAMPP CVE :...
Atlassian Confluence SSTI Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence SSTI Injection', 'Description' = %q This module exploits an SSTI injection in Atlassian Confluence servers. A specially...
ProSysInfo TFTP Server TFTPDWIN 0.4.2 Denial Of Service
!/usr/bin/perl use IO::Socket::INET; Exploit Title: ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 20 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1MLqBkCyu0dA-cNgYxCAO8xbsVcof060Z/view?usp=sharin...
freeSSHd 1.0.9 Denial Of Service
!/usr/bin/perl use IO::Socket; Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 13 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: freeSSHd 1.0.9 - Denial of Service DoS Tested on: Window XP...
Greeva 2.0 SQL Injection
==================================================================================================================================== | Title : Greeva 2.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | | Vendo...
Hospital Management System 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
MyBB External Redirect Warning 1.3 Cross Site Scripting
Exploit Title: MyBB External Redirect Warning Plugin 1.3 – Cross-Site Scripting Date: February 1, 2021 Author: 0xB9 Twitter: @0xB9sec Software Link: https://community.mybb.com/mods.php?action=view&pid=493 Version: 1.3 Tested On: Windows 10 CVE: CVE-2022-28353 Description: This plugin notifies the...
F5 BIG-IP iControl Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl Authenticated RCE via RPM Creator', 'Description' = %q This module exploits a newline injection into an RPM .rpmspec file that...
Blink1Control2 2.2.7 Weak Password Encryption
// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Date: 2022-08-12 // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const...
Car Rental System 1.0 SQL Injection
Car Rental System SQL Injection Author: D4rkP0w4r Note = Login to customer Injection Point = http://192.168.1.101:8080/CarRental/booking.php?id=1 Exploit Exploit with Sqlmap + Burp Suite Use Burp Suite capture request Then save as sqlicar.txt GET /CarRental/booking.php?id=1 HTTP/1.1 Host:...
Backdoor.Win32.Controlit.10 Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/859aab793a42868343346163bd42f485.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Controlit.10 Vulnerability: Unauthenticated Remote Command Execution Description: The...
Vehicle Service Management System 1.0 Shell Upload
Exploit Title: Vehicle Service Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 30.09.2021 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html Software Link:...
Backdoor.Win32.NerTe.781 Authentication Bypass / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/776e8bb41adf8bd95865c0b03637d8d7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NerTe.781 Vulnerability: Authentication Bypass RCE Description: The malware listens o...
Microsoft Exchange 2019 Unauthenticated Email Download
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...