50738 matches found
Secure Web Gateway 10.2.11 Cross Site Scripting
RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is possible to inject arbitrary content types, the primary risk...
mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting
Exploit Title: mbDrive Lite - WiFi flash disk 1.4.0 Reflected XSS Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://apps.apple.com/us/developer/haw-yuan-yang/id291212805 Software Link: https://apps.apple.com/us/app/mbdrive-lite-wifi-flash-disk/id343254033 Version: 1.4.0...
Backdoor.Win32.Prorat.cwx Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/2d81bf2c55c81778533b55fb444d4dc6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Prorat.cwx Vulnerability: Insecure Permissions Description: The malware writes a ".EX...
Loki RAT (Relapse) Directory Traversal / Arbitrary File Deletion
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/aabb54951546132e70a8e9f02bf8b5ba.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Loki RAT Relapse Vulnerability: Directory Traversal - Arbitrary File Delete Description: The LokiRAT...
WordPress 5.9 Cross Site Scripting
Document Title: =============== Wordpress = 5.9 Cross-Site Scripting Reflected Authenticated Credits & Authors: ================== Taurus Omar [email protected] Disclosure Type: ================ Independent Security Research Release Date: ============= 2022-31-01 Vulnerability Disclosure...
SonicWall SMA 100 Series Authenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonicWall SMA 100 Series Authenticated Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabili...
Backdoor.Win32.PsyRat.b Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Unauthenticated Remote Command Execution Description: The...
Dell OpenManage Enterprise Hardcoded Credentails / Privilege Escalation / Deserialization
Hello, Please find a text-only version below sent to security mailing lists. The complete version on "Multiple vulnerabilities in Dell OpenManage Enterprise" is posted here: https://pierrekim.github.io/blog/2021-07-19-dell-openmanage-enterprise-0day-vulnerabilities.html === text-version of the...
Online News Portal 1.0 Cross Site Scripting
Exploit Title: Online News Portal | Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-03-15 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...
Openpilot Default SSH Key Scanner
!/bin/bash openpilot-scan.sh Jeremy Brown jbrown3264/gmail Dec 2020 Checks for openpilot devices using the default SSH key Setup apt-get install -y masscan && setcap capnetraw=ep /usr/bin/masscan wget -q https://raw.githubusercontent.com/commaai/openpilot/master/tools/ssh/idrsa chmod 600 idrsa...
ShoreTel Conferencing 19.46.1802.0 Cross Site Scripting
Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting Date: 11/8/2020 Exploit Author: Joe Helle Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products Version: 19.46.1802.0 Tested on: Linux CVE: 2020-28351 PoC: The conferencing component on...
Siemens LOGO! 8 Hard-Coded Cryptographic Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-012 Product: LOGO! Manufacturer: Siemens Affected Versions: LOGO! 8 all versions Tested Versions: LOGO! 8, 6ED1052-2MD00-0BA8 FS:03, 0BA8.Standard V1.08.03 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Risk...
Musicbox 2.3.8 Cross Site Scripting / Shell Upload / SQL Injection
Exploit Title : Musicbox 2.3.8 Multiple Vulnerabilities Author : DevilScreaM Date : 25/08/2013 Category : Web Applications Vendor : http://www.musicboxv2.com/ Version : 1.0 - 2.3.8 Dork intext:Musicbox Version intext:Musicbox Version 2.3.8 © 2008 inurl:genrealbums.php?id= Vulnerability : SQL...
📄 Malicious Windows Script Host Script File
This Metasploit module creates a Windows Script Host WSH Windows Script File .wsf. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host Script File .wsf', 'Description'...
Acronis Cyber Protect/Backup Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Acronis Cyber Protect/Backup remote code execution', 'Description' = %q Acronis Cyber Protect or Backup is an enterprise backup/recovery solution...
Flowmon Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in Progres...
Doctor Appointment Management System 1.0 Cross Site Scripting
Application Name: Doctor Appointment Management System Software Link: Download Link Vendor Homepage: Vendor Homepage BuG: XsS BUGAuthor: SoSPiro Version: 1.0 CVE: CVE-2024-4293 Vulnerable code section: - http://localhost/Doctor-Appointment-SystemPHP/dams/doctor/appointment-bwdates.php - Lines 57-...
Jasmin Ransomware 1.1 Arbitrary File Read
Exploit Title: Jasmin Ransomware arbitrary file read Date: 2024-04-04 Exploit Author: @chebuya Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: v1.1 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-30851 Description: Jasmin Ransomware panel contains multiple SQL injections and...
Backdoor.Win32.Agent.amt MVID-2024-0673 Authentication Bypass / Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/2a442d3da88f721a786ff33179c664b7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.amt Vulnerability: Authentication Bypass Description: The malware can...
WordPress Newsletter 7.8.9 Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: Newsletter = 7.8.9 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: Newsletter – Send awesome emails from WordPress Plugin Slug: newsletter Affected Versions: = 7.8.9 CVE ID: CVE-2023-4772 CVSS...
Microsoft Azure Subdomain Scanner / Enumerator
Background: Microsoft makes use of a number of different domains and subdomains for each of their Azure services. From SQL databases to SharePoint drives, each service maps to its respective domain/subdomain, and with the proper toolset, these can be identified through DNS enumeration to yield...
e2 Distr CMS 2.8.5.3 Backup Disclosure
==================================================================================================================================== | Title : e2 distr CMS v2.8.5.3 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
ZAMAN CMS 1.0 Cross Site Scripting
==================================================================================================================================== | Title : ZAMAN CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...
Kesion CMS X 2.0 Add Administrator
==================================================================================================================================== | Title : KesionCMS X2.0 Reinstall Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 105.0.32-bit...
SAP FRUN Simple Diagnostics Agent 1.0 Directory Traversal
Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Exposing the contents of a directory can lead to a disclosure of useful information for the attacker to devise exploits, such as creation times of files or any...
Algo 8028 Control Panel Remote Code Execution
Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...
Razer Sila 2.0.418 Command Injection
Exploit Title: Razer Sila - Command Injection Google Dork: N/A Date: 4/9/2022 Exploit Author: Kevin Randall Vendor Homepage: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Software Link: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Version:...
Servisnet Tessa Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Privilege Escalation Metasploit', 'Description' = %q This module exploits privilege escalation in Servisnet Tessa, triggered by...
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number:...
Backdoor.Win32.Agent.kte Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7c92e59e776355734781bbf05571d0f0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.kte Vulnerability: Remote Stack Buffer Overflow UDP Datagram Description: The...
Moodle 3.6.1 Cross Site Scripting
Exploit Title: Moodle 3.6.1 - Persistent Cross-Site Scripting XSS Date: 04/2021 Exploit Author: farisv Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org https://github.com/moodle/moodle/archive/refs/tags/v3.6.1.zip Version: Moodle 3.6.2, 3.5.4, 3.4.7, 3.1.16 CVE:...
Simple Employee Records System 1.0 Shell Upload
Exploit Title: Simple Employee Records System - File Upload RCE Unauthenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11393/employee-records-system.html Software Link:...
WordPress WP Forms 1.5.8.2 Cross Site Scripting
Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...
Shutter 0.1.1 SQL Injection
------------------------------------------------------------- MULTIPLE SQL INJECTION VULNERABILITIES --Shutter v-0.1.1-- ------------------------------------------------------------- CMS INFORMATION: --WEB: http://shutter.tenfourzero.net/ --DOWNLOAD: http://shutter.tenfourzero.net/ --DEMO:...
ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure
ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.02 Summary: ASPECT is an award-winning scalable building energy...
Pulse Secure VPN Arbitrary File Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary File Disclosure', 'Description' = %q This module exploits a pre-auth directory traversal in the Pulse Secure VPN serve...
IBM i Access Client Solutions Remote Credential Theft
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...
Cacti 1.2.24 Command Injection
Exploit Title: Cacti 1.2.24 - Authenticated command injection when using SNMP options Date: 2023-07-03 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/info/downloads Version: Cacti 1.2.24 Tested on: Cacti 1.2.24 installed on...
Uvdesk 1.1.4 Cross Site Scripting
Exploit Title: Uvdesk 1.1.4 - Stored XSS Authenticated Date: 14/08/2023 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.uvdesk.com/ Software Link: https://github.com/MegaTKC/AeroCMS Version: 1.1.4 Testeted on: Windows 10 using XAMPP,...
PhotoSwipe 5.3.7 Arbitrary File Download
=========================================================================================== | Title : PhotoSwipe 5.3.7 Arbitrary File Download Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | | Vendor : https://photoswipe.com...
PnPSCADA 2.x SQL Injection
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Date: 15/5/2023 Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
Screen SFT DAB 600/C Authentication Bypass / Password Change
!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Password Change Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...
vmwgfx Driver File Descriptor Handling Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vmwgfx Driver File Descriptor Handling Priv Esc', 'Description' = %q If the vmwgfx driver fails to copy the 'fencerep' object to userland, it tri...
Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Replay attacks & Displaying arbitrary contents product: Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol electronic shelf labels vulnerable version: All fixed version:...
Backdoor.Win32.Hellza.120 MVID-2022-0642 Authentication Bypass
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hellza.120 Vulnerability: Authentication Bypass Description: The malware...
WordPress SeatReg 1.23.0 Open Redirect
Exploit Title: WordPress Plugin ‘SeatReg’ - Unauthenticated Open Redirect Date: 01-08-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/seatreg/ Version: 1.23.0 Tested on: Firefox Contact me: [email protected] Description: An Open Redirection...
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross Site Scripting product: SIEMENS-SINEMA Remote Connect vulnerable version: =V3.0.1.0-01.01.00.02 fixed version: V3.1.0 CVE number: CVE-2022-29034 impact:...
Polkit pkexec Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Local Privilege Escalation in polkits pkexec', 'Description' = %q A bug exists in the polkit pkexec binary in how it processes arguments. If the...
Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version: 2020.2 build 128076 or higher CVE number: CVE-2021-41557...
Employees Daily Task Management System 1.0 Cross Site Scripting
Exploit Title: Employees Daily Task Management System 1.0 - 'multiple' Cross Site Scripting XSS Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...