50738 matches found
Ticket Booking Script 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
WordPress BackUpWordPress 3.8 Backup Disclosure
==================================================================================================================================== | Title : WordPress BackUpWordPress 3.8 Plugins Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
eScan Management Console 14.0.1400.2281 Cross Site Scripting
Exploit Title: eScan Management Console 14.0.1400.2281 - Cross Site Scripting Date: 2023-05-16 Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31703 Step of...
SEO Friendly Blog CMS 1.0 Cross Site Scripting
Title: SEO-friendly-blog-CMS-system-in-PHP-with-MYSQL-database-1.0-2023 XSS-Reflected Vulnerability Author: nu11secur1ty Date: 05.17.2023 Vendor: https://technosmarter.com/ Software: https://github.com/technosmarter/SEO-friendly-blog-CMS-system-in-PHP-with-MYSQL-database Reference XSS:...
Jedox 2022.4.2 Database Credential Disclosure
Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880...
Monitorr 1.7.6 Shell Upload
Exploit Title: Monitorr v1.7.6 - Unauthenticated File upload to Remote Code Execution Exploit Author: Achuth V P retrymp3 Date: February 09, 2023 Vendor Homepage: https://github.com/Monitorr/ Software Link: https://github.com/Monitorr/Monitorr Tested on: Ubuntu Version: v1.7.6 Exploit Description...
Online Shopping System Advanced 1.0 SQL Injection
The online-shopping-system-advanced-1.0 suffers from multiple SQLi The attacker can steal all information from the database of this system. Status: CRITICAL + Exploit: MYSQL Parameter: cid POST Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause NOT Payload:...
Transposh WordPress Translation 1.0.8.1 Remote Code Execution
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Reliance on File Name or Extension of Externally-Supplied File...
Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root
SpaceLogic.ps1 Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com https://www.se.com/ww/en/product/5200WHC2/home-controller-spacelogic-cbus-cbus-ip-free-standing-24v-dc/...
AeroCMS 0.0.1 Shell Upload
AeroCMS-Unrestricted-File-Upload-POC Author: D4rkP0w4r Description = Upload web shell at Post Image in admin panel Step to Reproduct Login to admin panel - Posts - Add Posts - Post Image - upload malicious file shell.php - access /images/shell.php on url - shell.php page Exploit When upload succe...
Automatic Question Paper Generator System 1.0 Insecure Direct Object Reference
Exploit Title: Automatic Question Paper Generator System 1.0 - Authentication Bypass Date: 2022-04-03 Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15190/automatic-question-paper-generator-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux !/usr/bin/env...
Backdoor.Win32.XRat.k Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/3d4350282ae043177063de2ad4827b97.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.XRat.k Vulnerability: Unauthenticated Remote Command Execution Description: XRat...
Employees Daily Task Management System 1.0 SQL Injection
Exploit Title: Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...
Employee Management System 1.0 SQL Injection
Exploit Title: Employee Management System 1.0 - Authentication Bypass Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...
Alumni Management System 1.0 SQL Injection
Exploit Title: Alumni Management System 1.0 - Authentication Bypass Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
Zoo Management System 1.0 SQL Injection
Exploit Title: Zoo Management System 1.0 - Authentication Bypass Date: 02/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://phpgurukul.com/zoo-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=12723 Version: 1.0 Tested On:...
Frigate 2.02 Denial Of Service
Exploit Title: Frigate 2.02 - Denial Of Service PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/Frigate2.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-22 Vulnerable Software: Frigate Version: 2.02 Vulnerability Type: Denial of...
Frigate 3.36.0.9 Local Buffer Overflow
Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-07 Vulnerable Software: Frigate Version: "Command...
WinGate 9.4.1.5998 Insecure Permissions / Privilege Escalation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor wingate.com Product WinGate v9.4.1.5998 WinGate is a...
Mitel 6869i Voip Deskphone 4.2.2032 Command Injection
BlueBox Security http://www.bluebox-security.de/ securityatbluebox-security.de bbs-2019.001.txt 08-August-2019 Vendor: Mitel Affected Products: Mitel 6869i Voip Deskphone Version 4.2.2032 - SIP Not Affected: unknown Vulnerability: Mitel 6869i SIP Deskphone 4.2.2032: Unauthenticated Bash Command...
elFinder 2.1.47 Command Injection
!/usr/bin/python ''' Exploit Title: elFinder SecSignal.php;echo SecSignal.jpg' def usage: if lensys.argv != 2: print "Usage: python exploit.py URL" sys.exit0 def uploadurl, payload: files = 'upload': payload, open'SecSignal.jpg', 'rb' data = "reqid" : "1693222c439f4", "cmd" : "upload", "target" :...
📄 Coolify 4.0.0-beta.420.6 Command Injection
Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a critical remote code execution flaw in the project deployment workflow. The platform allows authenticated users, with low-level privileges, to inject arbitrary shell commands via the Git Repository URL field during...
📄 Tatsu 3.3.11 Remote Code Execution
Tatsu versions 3.3.11 and below pre-authentication proof of concept remote code execution exploit. !/usr/bin/python3 coding: utf-8 Exploit Title:Tatsu = 3.3.11 pre-auth RCE exploit Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...
GE Proficy Cimplicity 7.5 Directory Traversal
GE Proficy Cimplicity version 7.5 proof of concept directory traversal vulnerability that takes advantage of a flaw discovered in 2013. ============================================================================================================================================= | Title : GE Profic...
VMware vCenter Server 8.0.2 Privilege Escalation
VMware vCenter Server version 8.0.2 proof of concept privilege escalation exploit that leverages a vulnerability from 2024. ============================================================================================================================================= | Title : VMware vCenter Server...
BIND TSIG Query Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TSIG Query Denial of Service', 'Description' = %q A defect in the rendering of messages into packets can cause named to exit with an asserti...
Ewon Cosy+ Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-032 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-32...
CrushFTP Directory Traversal
Exploit Title: CrushFTP Directory Traversal Google Dork: N/A Date: 2024-04-30 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Vendor Homepage: https://www.crushftp.com/ Software Link: https://www.crushftp.com/download/ Version: below 10.7.1 and 11.1.0 as well as legacy 9.x Tested...
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio...
CHAOS RAT 5.0.1 Remote Command Execution
Exploit Title: CHAOS RAT v5.0.1 RCE Date: 2024-04-05 Exploit Author: @chebuya Software Link: https://github.com/tiagorlampert/CHAOS Version: v5.0.1 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-30850, CVE-2024-31839 Description: The CHAOS RAT web panel is vulnerable to command injection, which can be...
FleetCart Laravel Ecommerce System 1.1.2 Insecure Settings
==================================================================================================================================== | Title : FleetCart - Laravel Ecommerce System v1.1.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Citrix ADC (NetScaler) Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Forms SSO Target RCE', 'Description' = %q A vulnerability exists within Citrix ADC that allows an unauthenticated attacker t...
Symantec SiteMinder WebAgent 12.52 Cross Site Scripting
Exploit Title: Symantec SiteMinder WebAgent v12.52 - Cross-site scripting XSS Google Dork: N/A Date: 18-06-2023 Exploit Author: Harshit Joshi Vendor Homepage: https://community.broadcom.com/home Software Link: https://www.broadcom.com/products/identity/siteminder Version: 12.52 Tested on: Linux,...
PaperCut PaperCutNG Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'cgi' class MetasploitModule 'PaperCut PaperCutNG Authentication Bypass', 'Description' = %q This module leverages an authentication bypass in PaperCut NG. If...
Old Age Home Management System 1.0 Cross Site Scripting / Missing Authentication
Exploit Title: Old Age Home Management System 1.0 - Multi Date: 4/26/2023 Exploit Author: OR4NG.M4N Vendor Homepage: https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/Old-Age-Home-MS-using-PHP.zip Version: v1.0 you can delete...
Telesquare TLR-2855KS6 Arbitrary File Creation
Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Creation Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46418 Proof of Concept PUT /cgi-bin/testingcve.txt HTTP/1.1 Host:...
Adobe ColdFusion 11 Remote Code Execution
Exploit Title: Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution RCE Google Dork: intext:"adobe coldfusion 11" Date: 2022-22-02 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html...
COMMAX Smart Home IoT Control System CDP-1020n SQL Injection
COMMAX Smart Home IoT Control System CDP-1020n SQL Injection Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected version: CDP-1020n 481 System Summary: COMMAX Smart Home System is a smart IoT home solution for a large apartment complex that provides...
Trojan-Dropper.Win32.Daws.etlm Unauthenticated Reboot
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a0479e18283ed46e8908767dd0b40f8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Daws.etlm Vulnerability: Remote Unauthenticated System Reboot Description:...
IDT PC Audio 1.0.6433.0 Unquoted Service Path
Exploit Title: IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path Discovery by: Manuel Alvarez Software link: https://www.pconlife.com/download/otherfile/20566/e82994866a370a480607637f28b82835/ Discovery Date: 2020-11-27 Tested Version: 1.0.6433.0 Vulnerability Type: Unquoted Service Path...
Point Of Sales 1.0 SQL Injection
Exploit Title: Point of Sales 1.0 - 'username' SQL Injection Date: 22/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link:...
Virtual Airlines Manager 2.6.2 SQL Injection
Exploit Title: Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection Google Dork: N/A Date: 2020-06-08 Exploit Author: Kostadin Tonev Vendor Homepage: http://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net/index.php/vam-releases/ Version: 2.6.2 Tested on: Linux Min...
FreeCommander XE 2020 Pathname Buffer Overflow
!/usr/bin/python Exploit Title: FreeCommander XE 2020 - Pathname Buffer Overflow SEH Version: Build 810a 32-bit Software Link: https://freecommander.com/downloads/FreeCommanderXE-32-publicsetup.zip Date: 2020-03-28 Exploit Author: Hodorsec [email protected] / [email protected] Vendor...
qdPM 9.1 Remote Code Execution
Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...
Microsoft Excel 2016 1901 Import Error XML Injection
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-EXCEL-2016-v1901-IMPORT-ERROR-EXTERNAL-ENTITY-INJECTION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Excel 2016 v1901 Microsoft Excel is a spreadsheet...
ABRT sosreport Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...
Microsoft Skype 2015 / 2016 Denial Of Service
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Denial of Service product: Microsoft Skype for Business 2016 / Lync 2013 vulnerable version: Microsoft Skype for Business 2015 Lync 2013 before v15.0.5075.1000 Skype for...
📄 Node.js 25.x Permission Model Sandbox Bypass / Path Traversal
This Metasploit module validates a sandbox escape weakness in the Node.js permission model that allows restricted file access bypass through symlink-based path traversal. When Node.js is executed with the --permission flag and limited filesystem read/write paths, the permission checks rely on...
Online Security Guard Hiring System 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Security Gauard Hiring System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...
Intersil (Boa) HTTPd Basic Authentication Password Reset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intersil Boa HTTPd Basic Authentication Password Reset', 'Description' = %q The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows...