50748 matches found
Time Slot Booking Calendar 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
elearning-SES 1.0 Sql Injection
Title: elearning-SES by: oretnom23 v1.0 Multiple-SQLi Author: nu11secur1ty Date: 06.14.2023 Vendor: https://github.com/oretnom23 Software: https://github.com/oretnom23/php-elearning-system Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to...
Zenphoto 1.6 Cross Site Scripting
Exploit Title: Zenphoto 1.6 - Multiple stored XSS Application: Zenphoto-1.6 xss poc Version: 1.6 Bugs: XSS Technology: PHP Vendor URL: https://www.zenphoto.org/news/zenphoto-1.6/ Software Link: https://github.com/zenphoto/zenphoto/archive/v1.6.zip Date of found: 01-05-2023 Author: Mirabbas Ağalar...
e107 2.3.2 Cross Site Scripting
Exploit Title: e107 v2.3.2 - Reflected XSS Date: 11/05/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 2.3.2 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64 OpenSSL/1.1.1...
FUXA 1.1.13-1186 Remote Code Execution
Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...
Doctor's Appointment System 1.0 Cross Site Scripting
Exploit Title: Doctor's Appointment System v1.0 - Cross-Site Scripting XSS Google Dork: N/A Date: 7/13/2022 Exploit Author: Abdullah Zaid - @aznull Vendor Homepage: https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html Software Link:...
Laundry Booking Management System 1.0 Remote Code Execution
Exploit Title: Laundry Booking Management System 1.0 - Remote Code Execution RCE Date: 29/11/2021 Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
WordPress Contact Form To Email 1.3.24 Cross Site Scripting
Exploit Title: WordPress Plugin Contact Form to Email 1.3.24 - Stored Cross Site Scripting XSS Authenticated Date: 11/11/2021 Exploit Author: Mohammed Aadhil Ashfaq Vendor Homepage: https://form2email.dwbooster.com/ Version: 1.3.24 Tested on: wordpress POC 1. Click Contact form to Email...
Moodle SpellChecker Path Authenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle SpellChecker Path Authenticated Remote Command Execution', 'Description' = %q Moodle allows an authenticated administrator to define...
Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root
!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...
Online-Food-Ordering-Web-App SQL Injection
CVE-2021-41647 SQL Injection in Online-Food-Ordering-Web-App The Online-Food-Ordering-Web-App is vulnerable to un-authenticated error and time-based blind SQL Injection attacks. The username parameter on the /login.php page does not sanitize the user input, an attacker is able to bypass the login...
VirTool.Win32.Afix Buffer Overflow / Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c971e978198331bb0b56dc8b47f0b4b0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: VirTool.Win32.Afix Vulnerability: Local Stack Buffer Overflow Description: VirTool.Win32.Afix By...
Apache Airflow 1.10.10 Remote Code Execution
Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...
Backdoor.Win32.NetSpy.10 Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e677149c35cbba118655d9b133da8827.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetSpy.10 Vulnerability: Heap Corruption Description: The malware listens on TCP port...
Trojan-Dropper.Win32.Delf.p Missing Authentication
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b02cc578d2e7f24fb67ec0afc42a9e13.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.p Vulnerability: Missing Authentication Description: Delf.p drops an...
Backdoor.Win32.BO2K.ab Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca4e5a6ff033b62fa59de5a5dd24c7f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BO2K.ab Vulnerability: Local File Buffer Overflow Description: PsyConf - Program...
PHP 7.3 disable_functions Bypass
= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...
Tibco JasperSoft Path Traversal
Title: CVE-2018-18809 Path traversal in Tibco JasperSoft Credit: Elar Lang / https://security.elarlang.eu Vendor/Product: Tibco JasperSoft https://www.jaspersoft.com/ Vulnerability: Path traversal CVE: CVE-2018-18809 Path traversal Vulnerability is in reportresource/reportresource/ service and in...
Microsoft Internet Information Services Cross Site Scripting
Cross Site Scripting / HTML injection vulnerability in Microsoft Internet Information Services web server ================================== Versions Affected: MS Internet Information services All platforms and versions ================================== CVE Reference: CVE-2017-0055...
Linux Landlock Disable
A logic bug was discovered in Linux that makes it possible for a process to get rid of all Landlock restrictions applied to it. I found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it: When a process' cred struct is replaced, this almost alwa...
Online Travel Agency System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Online Travel Agency System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
IBM Data Risk Manager Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...
Viessmann Vitogate 300 2.1.3.0 Remote Code Execution
Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...
MSMS-PHP 1.0 Shell Upload
Title: MSMS-PHP by: oretnom23 v1.0 File Upload - RCE browser using Author: nu11secur1ty Date: 03/13/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14924/online-mobile-store-management-system-using-php-free-source-code.html Reference:...
Metabase 0.46.6 Remote Code Execution
Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...
WordPress Phlox-Pro Theme 5.14.0 Cross Site Scripting
Exploit Title: WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSS Date: 3/12/2023 Exploit Author: Haktrak Team Vendor Homepage: https://phlox.pro Software Link: https://www.phlox.pro/go/ Version: 5.14.0 Tested on: Linuxapache/wordrepss 6.3.1 Description: A Cross Site Scripti...
EnBw SENEC Legacy Storage Box Default Credentials
Advisory ID: Ph0s-2023-004 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-1392: Use of Default Credentials Risk Level: CVSS v3.1 Vector:...
Aplikasi Sistem Informasi Kelulusan CMS 1.0.9 Local File Inclusion
==================================================================================================================================== | Title : Aplikasi Sistem Informasi Kelulusan CMS v 1.0.9 ASIK LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozill...
GZ Appointment Scheduling 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Sales Tracker Management System 1.0 HTML Injection
Exploit Title: Sales Tracker Management System v1.0 – Multiple Vulnerabilities Google Dork: NA Date: 09-06-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3184 ============================== CREDENTIAL TO USE...
Millhouse-Project 1.414 Shell Upload
sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...
WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting
==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz...
Buffalo TeraStation Network Attached Storage (NAS) 1.66 Authentication Bypass
Exploit Title: Buffalo TeraStation Network Attached Storage NAS 1.66 - Authentication Bypass Date: 2022-08-11 Exploit Author: JORDAN GLOVER Type: WEBAPPS Platform: HARDWARE Vendor Homepage: https://www.buffalotech.com/ Model: TeraStation Series Firmware Version: 1.66 Tested on: Windows 10 An...
Transposh WordPress Translation 1.0.8.1 Information Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200...
WordPress W-DALIL 2.0 Cross Site Scripting
Exploit Title: WordPress Plugin W-DALIL - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/w-dalil/ Version: 2.0 Tested on: Firefox Contact me: [email protected] Vulnerable Code: " value="" / Steps To...
Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grandstream UCM62xx IP PBX sendPasswordEmail RCE', 'Description' = %q This module exploits an unauthenticated SQL injection vulnerability...
Backdoor.Win32.SVC Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/011961a42700e7385a106d362eb661c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SVC Vulnerability: Remote Stack Buffer Overflow Description: The malware listens on T...
Terramaster F4-210 / F2-210 Remote Code Execution
/bin/env python """ Product: Terramaster F4-210, Terramaster F2-210 Version: TOS 4.2.X 4.2.15-2107141517 Author: n0tme thatsn0tmysite Description: Chain from unauthenticated to root via session crafting. """ import urllib3 import requests import json import argparse import hashlib import time...
Backdoor.Win32.Agent.ad Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d2b933ebadd5c808ca4c68ae173e2d62.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.ad Vulnerability: Insecure Credential Storage Description: The malware listens ...
Virus.Win32.Ipamor.c Unauthenticated Remote System Reboot
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bbf032a3aa288f02403295f0472d1f05.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...
Tapatalk Plugins PHP Object Injection
Advisory: Tapatalk Plugins PHP Object Injection dH team discovered PHP Object Injection vulnerability in all Tapatalk plugins, which is allow to attackers execute PHP code, SQL injection or Denial of Service. No authorization or some extra steps need, so vulnerability considered critical. Details...
Backdoor.Win32.Bifrose.acci Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/611dbff0d68df777c6d6881e00440143.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.acci Vulnerability: Local Stack Buffer Overflow Description: Bifrost doesn't...
HEUR.Trojan.Win32.Bayrob.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/765698ccfb033c86eea6d293235d7ed0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Bayrob.gen Vulnerability: Insecure Permissions Description: The malware creates a...
Adtec Digital Products Hardcoded Credentials / Remote Root
Exploit Title: Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Date: 2020-07-24 Exploit Author: LiquidWorm Software Link: https://www.adtecdigital.com / https://www.adtecdigital.com/support/documents-downloads Version: Multiple Adtec Digital Multiple Products - Default...
IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution
Hi, Here's a fun one I have been working on for some time. tl;dr IBM PA / TM1, dating back to 2014, maybe 2009 is vulnerable to a unauthenticated configuration overwrite; this is abused to "fake authenticate" to it, and finally execute code as root / SYSTEM using TM1 scripting. Advisory below,...
Microsoft Windows AppXsvc Deployment Extension Privilege Escalation
Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Date: 2019-11-22 Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability...
Sar2HTML 3.2.1 Remote Command Execution
Exploit Title: sar2html Remote Code Execution Date: 01/08/2019 Exploit Author: Furkan KAYAPINAR Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Centos 7 In web application you will see index.php?plot url...
ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure
ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
GeoServer 2.25.1 Code Injection
============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...
Simple Music Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Simple Music Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...