50773 matches found
VMware Workspace ONE Access Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access CVE-2022-22960', 'Description' = %q This module exploits CVE-2022-22960 which allows the user to overwrite the...
WordPress Limit Login Attempts 1.7.1 Cross Site Scripting
On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed...
Human Resource Management System 1.0 SQL Injection
Exploit Title: Human Resource Management System - SQL Injection unauthenticated Date: 08-11-2022 Exploit Author: Matthijs van der Vaart eMVee Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...
Inout Music 5.1.1 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
WAGO 750-8xxx PLC Denial Of Service / User Enumeration
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Denial of service & User Enumeration product: WAGO 750-8xxx PLC vulnerable version: Firmware 20 Patch 1 v03.08.08 fixed version: Firmware 20 Patch 1 v03.08.08 CVE number:...
Booked Scheduler 2.7.5 Shell Upload
Exploit Title: Booked Scheduler 2.7.5 - Remote Command Execution RCE Authenticated Vulnerability founder: AkkuS Date: 13/12/2021 Exploit Author: 0sunday Vendor Homepage: https://www.bookedscheduler.com/ Software Link: N/A Version: Booked Scheduler 2.7.5 Tester on: Kali 2021.2 CVE: CVE-2019-9581...
Yellowfin Cross Site Scripting / Insecure Direct Object Reference
YELLOWFIN 9.6.1 MULTIPLE VULNERABILITIES ---------------------------------------------------- Vulnerability: ============== Stored Cross-Site Scripting Affected Products and Versions: =============================== Yellowfin 9.6.1 CVEID: ====== CVE-2021-36387 CVSSv3.1 Score: =============== 5.4...
SAP Netweaver JAVA 7.50 Missing Authorization
Onapsis Security Advisory 2021-0013: CVE-2020-26829 - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication Impact on Business A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order to connect to the...
NetSetManPro 4.7.2 Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Affected Products NetSetManPro 4.7.2 other/older releases have not been tested References https://www.secuvera.de/advisories/secuvera-SA-2021-01.txt used for updates CVE-2021-34546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34546 Summar...
Backdoor.Win32.Androm.df Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bf60f5b5c901bab08484838447f1b85e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Androm.df Vulnerability: Unauthenticated Remote Command Execution Description: The...
Selenium 3.141.59 Remote Code Execution
Exploit Title: Selenium 3.141.59 - Remote Code Execution Firefox/geckodriver Date: 2021-05-27 Exploit Author: Jon Stratton Vendor Homepage: https://www.selenium.dev/ Software Link: https://selenium-release.storage.googleapis.com/3.141/selenium-server-standalone-3.141.59.jar Version: 3.141.59 Test...
SOYAL Biometric Access Control System 5.0 Cross Site Request Forgery
SOYAL Biometric Access Control System 5.0 CSRF Change Admin Password Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: AR-727 i/CM - F/W: 5.0 AR837E/EF - F/W: 4.3 AR725Ev2 - F/W: 4.3 191231 AR331/725E - F/W: 4.2 AR837E/EF - F/W:...
Trojan-Dropper.Win32.Delf.xk Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/869c813722be90cf1b3708051103ce14.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.xk Vulnerability: Remote Invalid Pointer Write DOS Description:...
Employee Record System 1.0 Shell Upload
Exploit Title: Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2021-01-05 Vendor Homepage: https://www.sourcecodester.com/php/14588/employee-record-system-phpmysqli-full-source-code.html Software Link:...
BACKDOOR.WIN32.REMOTEMANIPULATOR Insecure Permissions
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/82183b3d85311a39fb80ae07357594e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BACKDOOR.WIN32.REMOTEMANIPULATOR Vulnerability: Insecure Permissions Description: Creates a dir...
Rumble Mail Server 0.51.3135 Cross Site Scripting
Exploit Title: Rumble Mail Server 0.51.3135 - 'servername' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested...
MailDepot 2032 SP2 Session Expiration
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2019-049 Product: MailDepot Manufacturer: REDDOXX GmbH Affected Versions: 2032 SP2 2.2.1242 Tested Versions: 2032 SP2 2.2.1242 Vulnerability Type: Insufficient Session Expiration CWE-613 Risk Level: Low Solution Status: Fixed...
Citrix ADC (NetScaler) Directory Traversal / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal in Citrix Application Delivery...
Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAPC-XINET-ELEGANT-6-ASSET-LIBRARY-WEB-INTERFACE-PRE-AUTH-SQL-INJECTION.txt + ISR: ApparitionSec Vendor www.napc.com Product Xinet Elegant 6 Asset Library Web Interface v6.1.655 Web based...
Nuuo Central Management Server 2.4 Authenticated Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Nuuo Central Management Server Authenticated Arbitrary File Upload", 'Description' = %q The COMMITCONFIG verb is used by a CMS client to upload a...
Linux RNG Flaws
Linux RNG flaws CVE-2018-1108 There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and shortly after boot. I'm sending this to [email protected] and Theodore Ts'o for now; it might make sense to also add Jason Donenfeld, since...
📄 Microsoft Windows 11 Search Path Privilege Escalation
Microsoft Windows 11 suffers from an untrusted search path local privilege escalation vulnerability. Proof of concept Metasploit module included. ============================================================================================================================================= | Title :...
Nipah Virus Testing Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : Nipah virus NiV – Testing Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...
TAIF LMS 5.8.0 Shell Upload
==================================================================================================================================== | Title : TAIF LMS v5.8.0 shell upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor ...
Relate Learning And Teaching System SSTI / Remote Code Execution
Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIBatch-Issue Exam Tickets function lead to RCE Date: 24/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...
EnBw SENEC Legacy Storage Box Information Disclosure
Advisory ID: Ph0s-2023-002 Product: EnBw - SENEC legacy storage box: V1-V3 Manufacturer: SENEC - a part of EnBw Affected Versions: Firmware: all as of 2023-06-19 Tested Versions: current Vulnerability Type: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Risk Level: CVSS v3.1...
Zoo Management System 1.0 Shell Upload
Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Date: 16.10.2023 Exploit Author: Çağatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...
VMware vRealize Log Insight Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/thrift' require 'rex/stopwatch' class MetasploitModule 'VMware vRealize Log Insight Unauthenticated RCE', 'Description' = %q VMware vRealize Log...
Digisha CMS 1.2.7 SQL Injection
==================================================================================================================================== | Title : Digisha CMS V1.2.7 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | ...
GNOME Files 43.4 Privilege Escalation
Affected: GNOME Files 43.4 nautilus on fedora 37 Description: If an user A opens in GNOME files zip archive containing setuid file F, then F will be silently extracted to a subdirectory of CWD. If F is accessible by hostile local user B and B executes F, then F will be executed as from user A. ta...
GreenShot 1.2.10 Arbitrary Code Execution
Exploit Title: GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution Date: 26/07/2023 Exploit Author: p4r4bellum Vendor Homepage: https://getgreenshot.org Software Link: https://getgreenshot.org/downloads/ Version: 1.2.6.10 Tested on: windows 10.0.19045 N/A build 19045 CVE :...
Zstore 6.5.4 Database Disclosure
==================================================================================================================================== | Title : Zstore version 6.5.4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit ...
Expert Restaurant eCommerce 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking
Exploit Title: Stored-XSS in FICO Origination Manager Decision Module 4.8.1 Leads to Session Hijacking Date: 2023-05-07 Exploit Author: Matei Josephs Vendor Homepage: https://www.fico.com/ Version: FICO Origination Manager Decision Module 4.8.1 CVE : CVE-2023-30056, CVE-2023-30057 Introduction...
Ivanti Endpoint Manager CSA 4.5 / 4.6 Remote Code Execution
Exploit Title: Ivanti Endpoint Manager - Cloud Service Appliance Unauthenticated Remote Code Execution Date: 20/03/2022 Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 ...
Nokia Transport Module Authentication Bypass
title: Nokia Transport Module Authentication Bypass case id: CM-2020-02 product: BTS TRS web console FTMW20FP22019.08.160010 vulnerability type: Authentication Bypass severity: Critical found: 2020-09-28 CVE: CVE-2021-31932 by: Cristiano Maruti @cmaruti EXECUTIVE SUMMARY The TRS web console allow...
Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle Teacher Enrollment Privilege Escalation to RCE', 'Description' = %q Moodle version 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12 and...
CyberPanel 2.1 Remote Code Execution
Title: CyberPanel 2.1 - Remote Code Execution RCE Authenticated Date: 27.08.2021 Author: Numan Türle Vendor Homepage: https://cyberpanel.net/ Software Link: https://github.com/usmannasir/cyberpanel Version: =2.1 https://www.youtube.com/watch?v=J8iLELVgkE !/usr/bin/python3 -- coding: utf-8 --...
MyBB 1.8.25 SQL Injection
Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...
Backdoor.Win32.Agent.aak Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582aC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Remote Buffer Overflow Description: The HTTP backdoor serve...
CASAP Automated Enrollment System 1.0 Cross Site Scripting
Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS Author: nu11secur1ty Date: 02.15.2021 Vendor: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Athor: https://www.sourcecodester.com/users/yna-ecole Link:...
Backdoor.Win32.Xtreme.yvp Insecure Permissions / Privilege Escalation
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/7bd93c10c9373cfc2bcc8eff712631f1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xtreme.yvp Vulnerability: Insecure Permissions EoP Description: Change permissions ar...
MonoCMS Blog 1.0 File Deletion / CSRF / Hardcoded Credentials
Exploit Title: MonoCMS Blog 1.0 - Arbitrary File Deletion Authenticated Date: 2020-09-20 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: https://monocms.com/download Software Link: https://monocms.com/download Version: 1.0 Tested On: Windows 10 XAMPP CVE: N/A Proof of...
vCloud Director 9.7.0.15498291 Remote Code Execution
!/usr/bin/python Exploit Title: vCloud Director - Remote Code Execution Exploit Author: Tomas Melicher Technical Details: https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/ Date: 2020-05-24 Vendor Homepage: https://www.vmware.com/ Software Link:...
WordPress Google Review Slider 6.1 SQL Injection
Exploit Title: Wordpress Plugin Google Review Slider 6.1 - 'tid' SQL Injection Google Dork: inurl:"/wp-content/plugins/wp-google-places-review-slider/" Date: 2019-07-02 Exploit Author: Princy Edward Exploit Author Blog : https://prinyedward.blogspot.com/ Vendor Homepage:...
Microsoft SRV2.SYS SMB 2 Remote Code Execution
Microsoft SRV2.SYS SMB version 2 remote code execution exploit that leverages a flaw from 2009. ============================================================================================================================================= | Title : Microsoft SRV2.SYS SMB v2 RCE Vulnerability | |...
AutoLib Software Systems OPAC 20.10 Secret Disclosure
AutoLib Software Systems OPAC version 20.10 discloses multiple API keys within the source code. Attackers may use these keys to access the backend API or other sensitive information. + Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC + twitter.com/striv3r Vendor Autolib-ind...
SpagoBI 3.5.1 Cross Site Scripting
SpagoBI versions 3.5.1 and below suffer from persistent cross site scripting vulnerabilities. CVE-2024-54795 Severity : Medium 5.4 CVSS score : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by multiple stored XSS inside...
ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Configuration Download
ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Config Download Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
PHP-Nuke Top Module SQL Injection
Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...