50773 matches found
Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization
Advisory ID: SYSS-2019-039 Product: Protection Licensing Toolkit, SoapUI/LoadUI/ServiceV Pro Manufacturer: jProductivity LLC, SmartBear Software Affected Versions: - ReadyAPI 3.2.5 Tested Versions: ReadyAPI 3.2.5 Vulnerability Type: Unsafe deserialization/remote code execution CWE-502 Risk Level:...
📄 libxml2 2.9.14 Remote Code Execution
libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. This version from the author is in the form of a Metasploit module...
ABB Cylon FLXeon 9.3.4 cert.js System Logs Information Disclosure
ABB Cylon FLXeon version 9.3.4 has an issue where an authenticated attacker can access sensitive information via the system logs page of ABB Cylon FLXeon controllers. The logs expose critical data, including the OpenSSL password for stored certificates. This information can be leveraged for furth...
fronsetia 1.1 Cross Site Scripting
Exploit Title: Reflected XSS - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-14-reflected.html Reflected XSS 1 - "showoperations.jsp" Steps to Reproduce: 1. Visit main page of th...
Bookstore Management System 1.0 SQL Injection
============================================================================================================================================= | Title : Bookstore Management System v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Microsoft Exchange Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Exchange Privilege Escalation Exploit', 'Description' = %q This module exploits a privilege escalation vulnerability found in Microsoft...
Bagisto 2.1.2 Client-Side Template Injection
Exploit Title: Bagisto 2.1.2 Client-Side Template InjectionCSTI VueJS Date: 06/18/2024 Exploit Author: tmrswrr Vendor Homepage: https://forums.bagisto.com/ Version: 2.1.2 Tested on: https://demo.bagisto.com/ https://demo.bagisto.com/bagisto-common/search?query=77 49...
WordPress XStore Theme 9.3.8 SQL Injection
Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent:...
WordPress File Upload Cross Site Scripting
Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...
GliNet 4.x Authentication Bypass
DZONERZY Security Research GLiNet: Router Authentication Bypass ======================================================================== Contents ======================================================================== 1. Overview 2. Detailed Description 3. Exploit 4. Timeline...
PHPJabbers Cleaning Business Software 1.0 CSV Injection
Exploit Title: PHPJabbers Cleaning Business Software v1.0 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0 Tested...
OpenPLC Webserver 3 Denial Of Service / Buffer Overflow
import requests import sys import time import optparse import re parser = optparse.OptionParser parser.addoption'-u', '--url', action="store", dest="url", help="Base target uri ex. http://target-uri:8080" parser.addoption'-l', '--user', action="store", dest="user", help="User credential to login"...
Discussion On Kontackt 1.18 Cross Site Scripting
==================================================================================================================================== | Title : Discussion on Kontackt - The Exclusive PHP Social Network Platform v1.18 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pr...
Courier Deprixa Pro Integrated Web System 3.2.5 Cross Site Request Forgery
==================================================================================================================================== | Title : Courier Deprixa Pro - Integrated Web System v3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Codoforum 3.4 Arbitrary File Upload
==================================================================================================================================== | Title : Codoforum v3.4 Arbitrary file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
WordPress SEO Alert 1.59 Cross Site Scripting
Tittle: WordPress Plugin SEO ALert 3. Save to get the XSS trigger. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/0af475ba-5c02-4f62-876d-6235a745bbd6...
Listplace Directory Listing Platform 3.0 File Upload / Cross Site Scripting
Exploit Title: Listplace Directory Listing Platform 3.0 - Arbitrary File Upload Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/listplace-a-complete-directory-listing-platform/22 Tested on: Windows 10...
pfSense pfBlockerNG 2.1.4_26 Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense plugin pfBlockerNG unauthenticated RCE as root', 'Description' = %q pfBlockerNG is a popular pfSense plugin that is not installed by...
Gitea 1.16.6 Remote Code Execution
Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...
Backdoor.Win32.MotivFTP.12 Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/91b2d216c5d26d9db4289acf68fa1743.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.MotivFTP.12 Vulnerability: Authentication Bypass Description: The malware listens on...
Backdoor.Win32.Fantador Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a1d045151c809535a308311931588fd0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Fantador Vulnerability: Divide by Zero DoS Description: The malware allows you to...
Windows Explorer Preview Pane HTML File Link Spoofing
Exploit Title: Windows Explorer Preview Pane HTML File Link Spoofing Vulnerability Google Dork: n/a Date: December 25th, 2021 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7, 8.1, 10, 11 x86/x64 Tested on:...
Employee And Visitor Gate Pass Logging System 1.0 Cross Site Scripting
Exploit Title: Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting XSS Date: 10.11.2021 Exploit Author: İlhami Selamet Vendor Homepage: https://www.sourcecodester.com/php/15026/employee-and-visitor-gate-pass-logging-system-php-source-code.html Software Link:...
WordPress wpDiscuz 7.0.4 Remote Code Execution
!/bin/python3 Exploit Title: WordPress Plugin wpDiscuz 7.0.4 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2021/06/08 Exploit Author: Fellipe Oliveira Vendor Homepage: https://gvectors.com/ Software Link: https://downloads.wordpress.org/plugin/wpdiscuz.7.0.4.zip Version: wpDiscuz...
MacPaw Encrypto 1.0.1 Unquoted Service Path
Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...
Online Learning Management System 1.0 Remote Command Execution
Exploit Title: Online Learning Management System 1.0 - RCE Authenticated Date: 01.01.2021 Exploit Author: Bedri Sertkaya Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...
Email-Worm.Win32.Zhelatin.ago Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/0418e7f95a8b94c035e10749234f8378.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Zhelatin.ago Vulnerability: Remote Stack Buffer Overflow Description: Buffer overflo...
CipherMail Community Virtual Appliance 4.6.2 Code Execution
CipherMail Multiple Vulnerabilities 1. Advisory Information Title: CipherMail Email Encryption Gateway Community Virtual Appliance Multiple Vulnerabilities Advisory ID: CORE-2020-0008 Advisory URL: https://www.coresecurity.com/core-labs/advisories/ciphermail-multiple-vulnerabilities Date publishe...
Liferay Portal Java Unmarshalling Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Liferay Portal Java Unmarshalling via JSONWS RCE', 'Description' = %q This module exploits a Java unmarshalling vulnerability via JSONWS in Lifer...
Bash 5.0 Patch 11 Privilege Escalation
Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat E...
Cisco C170 Email Security Appliance 10.0.3-003 IronPort Header Injection
!/usr/bin/perl -w Cisco C170 Email Security Appliance v10.0.3-003 IronPort Remote Header 'Host' Injection Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that...
ChaosPro 2.0 SEH Buffer Overflow
!C:\Python27\python.exe Title : ChaosPro 2.0 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html this needs to be a backwards jump to give us room to call stack jump code jmpback80 = "\x40\x75\x80\x75" jmpforward06 =...
Ksenia Security Lares 4.0 Default Credentials
Ksenia Security Lares version 4.0 uses a weak set of default administrative credentials that can be found and used to gain full control of the system. Exploit Title: Ksenia Security Lares 4.0 Home Automation Default Credentials Google Dork: N/A Date: 31 March 2025 Exploit Author: Mencha 'ShadeLoc...
SmartAgent 1.1.0 Server-Side Request Forgery
Exploit Title: SmartAgent v1.1.0 - Server-Side Request Forgery SSRF Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can trigger the web server to perform web reques...
Microsoft Windows IPv6 CVE-2024-38063 Checker / Denial Of Service
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Windows IPv6 CVE-2024-38063 Checker and Denial-Of-Service Date: 2024-08-07 Exploit Author: Photubias Vendor Homepage: https://microsoft.com Vendor Advisory: 1 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 Version:...
PHPJabbers Shared Asset Booking System 1.0 CSV Injection
Exploit Title: PHPJabbers Shared Asset Booking System v1.0 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/shared-asset-booking-system/sectionDemo Version: v1.0 Test...
osCommerce 4 SQL Injection
Exploit Title: osCommerce 4 - SQL Injection Exploit Author: CraCkEr Date: 22/11/2023 Vendor: osCommerce ltd. Vendor Homepage: https://www.oscommerce.com/ Software Link: https://demo.oscommerce.com/ Demo Link: https://demo.oscommerce.com/b2b-supermarket/ Tested on: Windows 11 Home Impact: Database...
Blood Bank And Donor Management System 2.2 Cross Site Scripting
Exploit Title: Blood Bank & Donor Management System using v2.2 - Stored XSS Application: Blood Donor Management System Version: v2.2 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-bank-donor-management-system-free-download/...
Ciuis CRM 1.0.7 Local File Inclusion
==================================================================================================================================== | Title : Ciuis™ CRM v1.0.7 LFI Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...
VMWare Aria Operations For Networks Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight pre-authenticated RCE', 'Description' = %q VMWare Aria Operations for Networks...
Yank Note 3.52.1 Arbitrary Code Execution
Exploit Title: Yank Note v3.52.1 Electron - Arbitrary Code Execution Date: 2023-04-27 Exploit Author: 8bitsec CVE: CVE-2023-31874 Vendor Homepage: yank-note.com Software Link: https://github.com/purocean/yn Version: 3.52.1 Tested on: Ubuntu 22.04 | Mac OS 13 Release Date: 2023-04-27 Product &...
Jedox 2022.4.2 RPC Interface Remote Code Execution
Exploit Title: Jedox 2022.4.2 - Code Execution via RPC Interfaces Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47879 Introduction...
WordPress WP Data Access 5.3.7 Privilege Escalation
The Wordfence team responsibly disclosed an authenticated Privilege Escalation vulnerability in the WP Data Access plugin. On April 5, 2023 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in WP Data Access, a WordPress plugin...
BoxBilling 4.22.1.5 Remote Code Execution
Exploit Title: BoxBilling POC Video : https://drive.google.com/file/d/1m2glCeJ9QXc8epuY2QfvbWwjLTJ8Hjx/view?usp=sharing...
10-Strike Network Inventory Explorer 9.3 Buffer Overflow
I. VULNERABILITY ------------------------- 10-Strike Network Inventory Explorer Version 9.3 - Privilege Escalation through SEH based Buffer Overflow II. VENDOR ------------------------- 10-Strike Network https://www.10-strike.com/ III. DESCRIPTION ------------------------- 10-Strike Network...
iTop Remote Command Execution
!/usr/bin/env ruby Exploit Title: iTop 2.7.6 - Authenticated Remote command execution Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2022-24780 Date: 2022-05-20 Vendor Homepage:...
REvil.Ransom Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/979635229dfcfae1aae74ae296ec78c8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: REvil.Ransom Vulnerability: Code Execution Description: REvil looks for and executes DLLs in its...
Microsoft Windows Defender / Detection Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERDETECTIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender Microsoft Defender Antivirus is a...
Backdoor.Win32.FTP.Simpel.12 Man-In-The-Middle
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d12f9b921b38d7b521f12442bdd52d8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Simpel.12 Vulnerability: Port Bounce Scan Description: The malware listens on TCP...
Engineers Online Portal 1.0 SQL Injection
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Authentication Bypass Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...