50738 matches found
GLPI Cartography Shell Upload
Exploit Title: GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution RCE Date of found: 11 Jun 2022 Application: GLPI Cartography...
Linear eMerge E3-Series Access Controller Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Linear eMerge E3-Series Access Controller Command Injection', 'Description' = %q This module exploits a command injection...
Intel Data Center Manager 5.1 Local Privilege Escalation
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html Type: Incorrect Use of Privileged APIs CWE-648 Date...
WiFi Mouse 1.8.3.4 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wifi Mouse RCE', 'Description' = %q The WiFi Mouse Mouse Server from Necta LLC contains an auth bypass as the authentication is completely...
Transposh WordPress Translation 1.0.8.1 Information Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200...
WordPress WP Downgrade Cross Site Scripting
Tittle: WordPress Plugin WP Downgrade alert/XSS/ Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba TracWordpress: https://plugins.trac.wordpress.org/changeset/2696091...
LimeSurvey 5.2.4 Remote Code Execution
Exploit Title: LimeSurvey 5.2.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:limesurvey/index.php/admin/authentication/sa/login Date: 05/12/2021 Exploit Author: Y1LD1R1M Vendor Homepage: https://www.limesurvey.org/ Software Link:...
Tapatalk Plugins PHP Object Injection
Advisory: Tapatalk Plugins PHP Object Injection dH team discovered PHP Object Injection vulnerability in all Tapatalk plugins, which is allow to attackers execute PHP code, SQL injection or Denial of Service. No authorization or some extra steps need, so vulnerability considered critical. Details...
HEUR.Trojan.Win32.Bayrob.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/765698ccfb033c86eea6d293235d7ed0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Bayrob.gen Vulnerability: Insecure Permissions Description: The malware creates a...
Adtec Digital Products Hardcoded Credentials / Remote Root
Exploit Title: Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Date: 2020-07-24 Exploit Author: LiquidWorm Software Link: https://www.adtecdigital.com / https://www.adtecdigital.com/support/documents-downloads Version: Multiple Adtec Digital Multiple Products - Default...
Cisco ASA Crash Proof Of Concept
Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect VPN Agent...
Litespeed Cache 6.5.0.1 Authentication Bypass
Litespeed Cache version 6.5.0.1 suffers from an authentication bypass vulnerability. Exploit Title: Litespeed unauthorized account takeover Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link:...
Beauty Parlour And Saloon Management System 1.1 Insecure Settings
==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
AEGON LIFE 1.0 SQL Injection
Exploit Title: Life Insurance Management System- SQL injection vulnerability. Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEGON...
SpyCamLizard 1.230 Denial Of Service
!/usr/bin/perl use IO::Socket::INET; Exploit Title: SpyCamLizard 1.230 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 18 january 2024 Vendor Homepage: http://www.spycamlizard.com Download to demo:...
EnBw SENEC Legacy Storage Box Default Credentials
Advisory ID: Ph0s-2023-004 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-1392: Use of Default Credentials Risk Level: CVSS v3.1 Vector:...
Easy Member Pro 3.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Easy Member pro v3.0 Unauthorised Administrative Access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Webutler 3.2 Shell Upload
Exploit Title: Webutler v3.2 - Remote Code Execution RCE Application: webutler Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://webutler.de/en Software Link: http://webutler.de/download/webutlerv3.2.zip Date of found: 03.08.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technic...
Western Digital MyCloud Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Western Digital MyCloud unauthenticated command injection', 'Description' = %q This module exploits authentication bypass CVE-2018-17153 and...
Wifi Soft Unibox Administration 3.0 / 3.1 SQL Injection
Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Date: 07/2023 Exploit Author: Ansh Jain @sudoark Author Contact : [email protected] Vendor Homepage: https://www.wifi-soft.com/ Software Link:...
Backdrop CMS 1.25.1 Cross Site Scripting
Exploit Title: Backdrop Cms v1.25.1 - Stored Cross-Site Scripting XSS Application: Backdrop Cms Version: v1.25.1 Bugs: Stored Xss Technology: PHP Vendor URL: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.25.1/backdrop.zip Date of found: 12-07-202...
Architect HTML And Site Builder 2.2.3 File Upload
==================================================================================================================================== | Title : Architect - HTML and Site Builder V 2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Korenix JetWave Command Injection / Denial Of Service
CyberDanube Security Research 20230213-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| JetWave4221 HP-E, JetWave 2212G, JetWave 2212X/2212S, | JetWave 2211C, JetWave 2411/2111, JetWave 2411L/2111L, | JetWave 2414/2114,...
WordPress WP-UserOnline 2.88.0 Cross Site Scripting
Exploit Title: Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/wp-useronline/ Date: 2022-08-24 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
Backdoor.Win32.HoneyPot.a MVID-2022-0622 Weak Hardcoded Password
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/e3bb503f9b02cf57341695f30e31128f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.HoneyPot.a Vulnerability: Weak Hardcoded Password Description: The malware...
Online Examination System Project 1.0 SQL Injection
Title: Online Examination System Project 1.0 SQL - Injections Author: nu11secur1ty Date: 01.10.2022 Vendor: https://projectworlds.in/free-projects/php-projects/ Software: https://projectworlds.in/free-projects/php-projects/online-examination/ Description: The eid parameter in account.php from...
Trojan.Win32.Agent.hsm Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.hsm Vulnerability: Insecure Permissions Description: Agent.hsm creates an insecur...
Trojan.Win32.Pincav.cmfl Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9d296ebd6b4f79457fcc61e38dcce61e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Pincav.cmfl Vulnerability: Insecure Permissions Description: The trojan creates an...
Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation
Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Date: 2021-02-02 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE :...
Backdoor.Win32.Ketch.i Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/ee314e1b913a09ec86c63d7186d8f0b8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.i Vulnerability: SEH Remote Stack Buffer Overflow Description: Ketch makes HTTP...
aptdaemon File Existence Disclosure
Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusi...
SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure
SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure Vendor: SpinetiX AG Product web page: https://www.spinetix.com Affected version: = 3.4.8 1.0.36274 Summary: At SpinetiX we inspire businesses to unlock the potential of their story. We believe in the power of digital signage as a...
fronsetia 1.1 Cross Site Scripting
Exploit Title: Reflected XSS - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-14-reflected.html Reflected XSS 1 - "showoperations.jsp" Steps to Reproduce: 1. Visit main page of th...
Intel AMT Digest Authentication Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intel AMT Digest Authentication Bypass Scanner', 'Description' = %q This module scans for Intel Active Management Technology endpoints and attemp...
Postfixadmin Protected Alias Deletion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Postfixadmin Protected Alias Deletion Vulnerability', 'Description' = %q Postfixadmin installations between 2.91 and 3.0.1 do not check if an adm...
Online Discussion Forum Site 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Discussion Forum Site v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Bagisto 2.1.2 Client-Side Template Injection
Exploit Title: Bagisto 2.1.2 Client-Side Template InjectionCSTI VueJS Date: 06/18/2024 Exploit Author: tmrswrr Vendor Homepage: https://forums.bagisto.com/ Version: 2.1.2 Tested on: https://demo.bagisto.com/ https://demo.bagisto.com/bagisto-common/search?query=77 49...
WordPress File Upload Cross Site Scripting
Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...
MSMS-PHP 1.0 Shell Upload
Title: MSMS-PHP by: oretnom23 v1.0 File Upload - RCE browser using Author: nu11secur1ty Date: 03/13/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14924/online-mobile-store-management-system-using-php-free-source-code.html Reference:...
GliNet 4.x Authentication Bypass
DZONERZY Security Research GLiNet: Router Authentication Bypass ======================================================================== Contents ======================================================================== 1. Overview 2. Detailed Description 3. Exploit 4. Timeline...
Firefox 121 / Chrome 120 Denial Of Service
Minor firefox DoS - semi silently polluting /Downloads with files part 2 Tested on: firefox 121 and chrome 120 on GNU/linux Date: Thu Jan 18 08:38:28 AM UTC 2024 This is barely a DoS, but since it might affect Chrome too we decided to disclose it. If firefox user visits a specially crafted page,...
PHPJabbers Cleaning Business Software 1.0 CSV Injection
Exploit Title: PHPJabbers Cleaning Business Software v1.0 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0 Tested...
Hyip Rio 2.1 Cross Site Scripting / File Upload
Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 30/07/2023 Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE: CVE-2023-4382...
Discussion On Kontackt 1.18 Cross Site Scripting
==================================================================================================================================== | Title : Discussion on Kontackt - The Exclusive PHP Social Network Platform v1.18 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pr...
Courier Deprixa Pro Integrated Web System 3.2.5 Cross Site Request Forgery
==================================================================================================================================== | Title : Courier Deprixa Pro - Integrated Web System v3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Codoforum 3.4 Arbitrary File Upload
==================================================================================================================================== | Title : Codoforum v3.4 Arbitrary file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
WordPress SEO Alert 1.59 Cross Site Scripting
Tittle: WordPress Plugin SEO ALert 3. Save to get the XSS trigger. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/0af475ba-5c02-4f62-876d-6235a745bbd6...
Listplace Directory Listing Platform 3.0 File Upload / Cross Site Scripting
Exploit Title: Listplace Directory Listing Platform 3.0 - Arbitrary File Upload Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/listplace-a-complete-directory-listing-platform/22 Tested on: Windows 10...
PHPJabbers Forum Script 3.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Bitbucket Git Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bitbucket Git Command Injection', 'Description' = %q Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated...