50738 matches found
📄 Sony XAV-AX5500 1.13 Code Execution
Sony XAV-AX5500 version 1.13 suffers from a firmware update validation vulnerability that allows for code execution. Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage:...
Backdrop CMS 1.27.1 Remote Command Execution
Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Date: 04/27/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os impor...
POMS PHP 1.0 SQL Injection / Shell Upload
Titles: POMS-PHP-by oretnom23 -v1.0-FU-SQLi-RCE-HAT.TRICK 1. SQLi Bypass Authentication 2. File Upload 3. RCE Latest update from the vendor: 5 hours 32 minutes ago Author: nu11secur1ty Date: 05/07/2024 Vendor: https://github.com/oretnom23 Software:...
Online Hotel Booking In PHP 1.0 SQL Injection
Exploit Title: Online Hotel Booking In PHP 1.0 - Blind SQL Injection Unauthenticated Google Dork: n/a Date: 04/02/2024 Exploit Author: Gian Paris C. Agsam Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://projectworlds.in/wp-content/uploads/2019/06/hotel-booking.zip...
GZ Hotel Booking Script 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Corty.10 Vulnerability: Insecure Credential Storage Description: The...
Nortek Linear eMerge E3-Series Credential Disclosure
Exploit Title: Nortek Linear eMerge E3-Series - Information Disclosure lead to access admin dashboard Exploit Author: Omar Hashim Version: 0.32-07p,0.32-07e,0.32-07p,0.32-08f,0.32-09c Vendor home page : https://www.nortekcontrol.com/access-control/ Vendor home page : https://linear-solutions.com/...
SAM SUNNY TRIPOWER 5.0 Insecure Direct Object Reference
Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...
Emerson PAC Machine Edition 9.80 Build 8695 Unquoted Service Path
Exploit Title: Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-13 Vendor Homepage: https://www.emerson.com/en-us Software Link : https://www.opertek.com/descargar-software/?prc=326 Tested Version: 9.80 Build 869...
Mitsubishi Electric / INEA SmartRTU Cross Site Scripting
Exploit Title: Mitsubishi Electric & INEA SmartRTU - Reflected Cross-Site Scripting XSS Date: 2021-17-10 Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16061 Po...
Trojan-Spy.Win32.SpyEyes.abdb Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9185538b01ad700603f38fb0eb8b6e3b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.abdb Vulnerability: Insecure Permissions Description: The malware creates a...
TextPattern CMS 4.8.7 Cross Site Scripting
Exploit Title: TextPattern CMS 4.8.7 - Stored Cross-Site Scripting XSS Date: 2021/09/06 Exploit Author: Mert Daş [email protected] Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp TextPattern is pron...
macOS Gatekeeper Check Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Gatekeeper check bypass', 'Description' = %q This module serves an OSX app as a zip that contains no Info.plist, which bypasses gatekeeper ...
Trojan.Win32.Siscos.bqe Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b4a35ae6dcceea6390769829b4e1506f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Siscos.bqe Vulnerability: Insecure Permissions Description: The malware creates a...
Eibiz i-Media Server Digital Signage 3.8.0 Authentication Bypass
!/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0 createUser Authentication Bypass Add Admin Vendor: EIBIZ Co.,Ltd. Product web page: http://www.eibiz.co.th Affected version: =3.8.0 Summary: EIBIZ develop advertising platform for out of home media in that time t...
ChaosPro 3.1 SEH Buffer Overflow
!C:\Python27\python.exe Title : ChaosPro 3.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" adjust the stack from 00F2FFA6 to 00F2FFA8 payload += "\x83\xC4\x02" the payload payload +=...
Cambium EPMP 1000 SNMP Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 SNMP Enumeration', 'Description' = % Cambium devices ePMP, PMP, Force, & others can be administered using SNMP. The device...
ReadyMade Unilevel Ecommerce MLM Blind SQL Injection / Cross Site Scripting
x========================================================================================================================================x | Title : Readymade Unilevel Ecommerce MLM Blind SQL & XSS Vulnerabilities | Software : Readymade Unilevel Ecommerce | Last Update : 15/03/24 TESTED VERSION...
Membership Management System 1.0 SQL Injection / Shell Upload
from requeststoolbelt.multipart.encoder import MultipartEncoder import requests import string import random import os ======================================================================================================== Application: Membership Management System Bugs: SQL injection + Insecure...
GitLab CE/EE Password Reset
Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...
Jorani 1.0.3 Cross Site Scripting
Title: Jorani -v1.0.3-©2014-2023-Benjamin-BALET-XSS-Reflected-Information-Disclosure Author: nu11secur1ty Date: 08/27/2023 Vendor: https://jorani.org/ Software: https://demo.jorani.org/session/login Reference: https://portswigger.net/web-security/cross-site-scripting Reference:...
GZ Forum Script 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Titan FTP Path Traversal
Titan FTP Server Path Traversal Vulnerability in move-file Function Version: 2.0.1.2102 CVE-2023-22629 CWE-24: Path Traversal TitanFTP Server is vulnerable to a path traversal attack in the move-file function. An attacker can exploit this vulnerability by providing a specially crafted newPath...
macOS Dirty Cow Arbitrary File Write Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...
LimeSurvey 5.2.4 Remote Code Execution
Exploit Title: LimeSurvey 5.2.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:limesurvey/index.php/admin/authentication/sa/login Date: 05/12/2021 Exploit Author: Y1LD1R1M Vendor Homepage: https://www.limesurvey.org/ Software Link:...
Trojan.Win32.Mucc.ivk Unquoted Service Path
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d622f8c72b010b8d7213c032db122e4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Mucc.ivk Vulnerability: Insecure Service Path Description: The malware creates a servic...
Zoo Management System 1.0 Cross Site Scripting
Exploit Title: Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting XSS Date: 08/07/2021 Exploit Author: Subhadip Nag Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/zoo-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Server: XAMPP...
Basic Shopping Cart 1.0 SQL Injection
Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html Software Link:...
Simple Food Website 1.0 SQL Injection
Exploit Title: Simple Food Website CMS | Admin Bypass SQLi Exploit Author: Richard Jones Date: 02-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Version: 1.0 Tested On: Windows 10 Home 19041 x6486 + XAM...
FastStone Image Viewer 7.5 Buffer Overflow
Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Date: 15/03/2020 Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...
Backdoor.Win32.Zombam.a Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6c5081e9b65a52963b0b1ae612ef7eb4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.a Vulnerability: Remote Stack Buffer Overflow Description: The malware listens...
iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation
iDS6 DSSPro Digital Signage System 6.2 Improper Access Control Privilege Escalation Vendor: Guangzhou Yeroo Tech Co., Ltd. Product web page: http://www.yerootech.com Affected version: V6.2 B2014.12.12.1220 V5.6 B2017.07.12.1757 V4.3 Summary: iDS6 Software's DSSPro network digital signage manageme...
Program Access Controller 1.2.0.0 Unquoted Service Path
Exploit Title: Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path Date: 2020-8-25 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.gearboxcomputers.com/ Software Link: https://www.gearboxcomputers.com/files/ProgramAccessController.exe Version: 1.2.0.0 Tested...
Online Book Store 1.0 SQL Injection
Title: Online Book Store 1.0 - 'id' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14383/online-book-store.html Software Link: https://www.sourcecodester.com/download-code?nid=14383&title=Online+Book+Store Version: 1.0 Tested...
WordPress Drag And Drop File Upload Contact Form 1.3.3.2 Shell Upload
Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/...
Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs appsuite, dovecot, powerdns at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH Product: OX...
Zimbra Collaboration Cross Site Scripting
CVE-2018-14013 Reflected Cross-Site Scripting XSS vulnerabilities in Zimbra Collaboration Description Two XSS vulnerabilities have been discovered in Zimbra Collaboration initially in version 8.8.8. Zimbra Collaboration is an open source messaging and collaboration solution. Vulnerability records...
Malicious Git HTTP Server
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Git HTTP Server For CVE-2018-17456', 'Description' = %q This module exploits CVE-2018-17456, which affects Git versions 2.14.5, 2.15.3,...
Hacking Printers Advisory 2
TL;DR: In the scope of academic research on printer security, various vulnerabilities in network printers and MFPs have been discovered. This is advisory 2 of 6 of the Hacking Printers' series. Each advisory discusses multiple issues of the same category. This post is about accessing a printers...
Tripp Lite SU750XL UPS Privilege Escalation / Missing Authentication
Tripp Lite SU750XL UPS suffers from multiple privilege escalation issues due to missing authentication. Although these issues were previously found on PDUs back in 2019, it appears the UPSes are also affected. Author: Lucas Lalumiere Contact: [email protected] Date: 2025-3-17 Vendor: Tripp Li...
ATutor 2.2.4 Host Header Injection
ATutor version 2.2.4 suffers from a host header injection vulnerability. Exploit Title: Host Header Injection - atutorv2.2.4 Date: 01/2025 Exploit Author: Andrey Stoykov Version: 2.2.4 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2025/01/friday-fun-pentest-series-18-host.html...
Hikvision IP Camera Cross Site Request Forgery
============================================================================================================================================= | Title : Hikvision IP Camera CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64...
SPIP 4.2.2 Code Execution
============================================================================================================================================= | Title : SPIP 4.2.2 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...
CMSsite 1.0 Shell Upload
============================================================================================================================================= | Title : CMSsite 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...
LumisXP 16.1.x Cross Site Scripting
===== Tempest Security Intelligence - ADV-6/2024 ========================== LumisXP v15.0.x to v16.1.x Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeli...
Chrome Read-Only Property Overwrite
Chrome: Read-only property overwrite in TurboFan VULNERABILITY DETAILS While collecting information for a property store, TurboFan bails out if the property isn't writable2. Unfortunately, the branch condition1 does not include one of the store modes, namely kDefine. This allows an attacker to...
Copyparty 1.8.2 Directory Traversal
Exploit Title: copyparty 1.8.2 - Directory Traversal Date: 14/07/2023 Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE :...
CRM Platform 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Time Slot Booking Calendar 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
elearning-SES 1.0 Sql Injection
Title: elearning-SES by: oretnom23 v1.0 Multiple-SQLi Author: nu11secur1ty Date: 06.14.2023 Vendor: https://github.com/oretnom23 Software: https://github.com/oretnom23/php-elearning-system Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to...