50748 matches found
VoIPmonitor 27.6 Buffer Overflow
VoIPmonitor is vulnerable to a buffer overflow when using the live sniffer - Fixed versions: 27.6 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-03-voipmonitor-livesniffer-buffer-overflow - VoIPmonitor Security Advisory: none, changelog references fixe...
QNAP QVR Client 5.0.0.13230 Unquoted Service Path
Exploit Title: QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.qnap.com Tested Version: 5.0.0.13230 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover...
Backdoor.Win32.GTbot.c Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8c2acfcc60dda52db9bd9a934284b673.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.GTbot.c Vulnerability: Insecure Permissions Description: GTbot creates an insecure di...
Online Catering Reservation System 1.0 SQL Injection
Exploit Title: Online Catering Reservation System - SQL Injection Authenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11355/online-catering-reservation.html Software Link:...
System Explorer 7.0.0 Unquoted Service Path
Exploit Title: System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path Date: 2020-10-14 Exploit Author: Mohammed Alshehri Vendor Homepage: http://systemexplorer.net/ Software Link: http://systemexplorer.net/download/SystemExplorerSetup.exe Version: Version 7.0.0 Tested on:...
Newsportal 3 SQL Injection
Exploit Title: Newsportal v3 - 'uname' - SQL Injection Date: 2020-07-24 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/news-portal-project-in-php-and-mysql/ Software Link:...
Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs appsuite, dovecot, powerdns at HackerOne. Yours sincerely...
Google Chrome Password Disclosure
--------------------------- Packet Storm Editor's Note: To normally view passwords in Chrome, you have to go to the Properties section, click View Passwords, and you are prompted for a users password. This flaw discloses all passwords for the domain without the required authentication step...
SolarWinds Serv-U FTP 15.1.6 Privilege Escalation
CVE: CVE-2018-15906 Attack type: Remote, authenticated Discovered by: Chris Moberly @ The Missing Link Security Operating Systems: Verified on Win10 and Win2016 Vulnerable version: Tested on 15.1.6 current as of August 2018. Fixed in: Serv-U 15.1.6 Hotfix 2 Description SolarWinds Serv-U FTP Serve...
MiniShare 1.4.1 HEAD / POST Buffer Overflow
Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...
IBM Informix Dynamic Server DLL Injection / Code Execution
Vulnerabilities Summary The following advisory describes six 6 vulnerabilities found in Informix Dynamic Server and Informix Open Admin Tool. IBM Informix Dynamic Server Exceptional, low maintenance online transaction processing OLTP data server for enterprise and workgroup computing. IBM Informi...
📄 Flowise 3.0.4 Code Injection
Flowise versions 3.0.4 and below suffer from a remote command injection vulnerability. ============================================================================================================================================= | Title : Flowise 3.0.4 php code injection | | Author : indoushka | ...
📄 RiteCMS 3.1.0 Remote Code Execution
RiteCMS version 3.1.0 suffers from an authenticated remote code execution vulnerability. Exploit Title: RiteCMS 3.1.0 - Authenticated Remote Code Execution RCE Date: 2025-10-26 Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/handylulu/RiteCMS Software Link:...
📄 Roundcube 1.6.6 Cross Site Scripting
Roundcube mail server versions earlier than 1.5.6 and 1.6 through 1.6.6 suffer from a persistent cross site scripting vulnerability. Exploit Title: Roundcube mail server exploit for CVE-2024-37383 Stored XSS Google Dork: Exploit Author: AmirZargham Vendor Homepage: Roundcube - Free and Open Sourc...
Atlassian JIRA Arbitrary File Read
Atlassian JIRA versions prior to 5.0.1 XML injection proof of concept exploit that lets you read an arbitrary file. ============================================================================================================================================= | Title : Atlassian JIRA before 5.0.1 P...
SEH utnserver Pro 20.1.22 Cross Site Scripting
St. Pölten UAS 20241118-0 ------------------------------------------------------------------------------- title| Multiple Stored Cross-Site Scripting product| SEH utnserver Pro vulnerable version| 20.1.22 fixed version| 20.1.35 CVE number| CVE-2024-11304 impact| High homepage|...
WatchGuard XTM Firebox 12.5.x Buffer Overflow
============================================================================================================================================= | Title : WatchGuard XTM Firebox 12.5.x Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
WordPress Bricks Builder Theme 1.9.6 Code Injection
============================================================================================================================================= | Title : WordPress Bricks Builder Theme 1.9.6 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Queuing Simple Chatbot 1.0 Shell Upload
============================================================================================================================================= | Title : Queuing Simple Chatbot 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Breaking Oracle Database VPD Through DDL Permissions In 19c
Title: Breaking Oracle Database VPD Virtual Private Database Through DDL Permissions in 19c Product: Database Manufacturer: Oracle Affected Versions: 19c Tested Versions: 19c Risk Level: Low Author of Advisory: Emad Al-Mousa Vulnerability Details: By design VPD security feature protects against a...
File Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : File Management System 1.0 Arbitrary File upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...
Joomla Solidres 2.13.3 Cross Site Scripting
Exploit Title: Joomla Solidres 2.13.3 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: Solidres Team Vendor Homepage: http://solidres.com/ Software Link: https://extensions.joomla.org/extension/vertical-markets/booking-a-reservations/solidres/ Demo: http://demo.solidres.com/joomla...
PHP Live 3.1 Cross Site Scripting
==================================================================================================================================== | Title : PHP Live 3.1 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.0.332-bit | | Vendor :...
FC Red Bull Salzburg App 5.1.9-R Improper Authorization
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: FC Red Bull Salzburg App Vendor URL: https://play.google.com/store/apps/details?id=laola.redbull Type: Improper Authorization in Handler for Custom URL Scheme CWE-939 Date found: 2023-04-06...
Smart School 1.0 SQL Injection
Exploit Title: Smart School v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/smart-school-school-management-system/19426018 Demo Site: https://demo.smart-school.in Tested on: Kali Linux CVE: N/A Request POST /course/filterRecords/ HTTP/1....
GaanaGawaana 1.0 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Aigital Wireless-N Repeater Mini_Router.0.131229 Remote Command Execution
Exploit Title: Aigital Wireless-N Repeater - Command Injection Exploit Author: Matteo Mandolini Date : 13/04/2023 Vendor Homepage: https://web.archive.org/web/20220625053314/https://www.aigital.com/ Version: MiniRouter.0.131229 Command Injection POST /boafrm/formSysCmd HTTP/1.1 Host: 192.168.10.2...
eXtplorer 2.1.14 Authentication Bypass / Remote Code Execution
Exploit Title: eXtplorer= 2.1.14 - Authentication Bypass & Remote Code Execution RCE Exploit Author: ErPaciocco Author Website: https://erpaciocco.github.io Vendor Homepage: https://extplorer.net/ Vendor: ============== extplorer.net Product: ================== eXtplorer = v2.1.14 eXtplorer is a...
Osprey Pump Controller 1.0.1 userName Command Injection
Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...
H2 Database Console Remote Code Execution
Document Title =============== Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Product Description =============== The H2 Console Application The Console lets you access a SQL database using a browser interface. Homepage: http://www.h2database.com/html/quickstart.html Affecte...
SalonERP 3.0.1 SQL Injection
Exploit Title: SalonERP 3.0.1 - 'sql' SQL Injection Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://salonerp.sourceforge.io/ Software Link: https://sourceforge.net/projects/salonerp/files/latest/download Version: SalonERP v3.0.1 Tested on: Ubuntu Mate 20.04 Vulnerable...
Trojan-Proxy.Win32.Raznew.gen Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/55ce4b6c2ec10838c54dca54d96801d6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Raznew.gen Vulnerability: Unauthenticated Open Proxy Description: The malware...
WordPress Modern Events Calendar 5.16.2 Shell Upload
Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution Authenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link:...
Composr 10.0.36 Shell Upload
Exploit Title: Composr 10.0.36 - Remote Code Execution Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30149 A RCE on Composr CMS has been discovered by BugsBD...
Health Center Patient Record Management System 1.0 Cross Site Scripting
Exploit Title: Health Center Patient Record Management System | 'address' param Stored Cross Site Scripting Exploit Author: Richard Jones Date: 2021-03-29 Vendor Homepage: https://www.sourcecodester.com/php/11058/health-center-patient-record-management-system.html Software Link:...
Softros LAN Messenger 9.6.4 Unquoted Service Path
Exploit Title: Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path Discovery by: Victor Mondragón Discovery Date: 23-02-2021 Vendor Homepage: https://www.softros.com/ Software Links : https://download.softros.com/SoftrosLANMessengerSetup.exe Tested Version: 9.6.4 Vulnerabili...
Online Voting System 1.0 Authorization Bypass
Exploit Title:Online Voting System | Authentication Bypass Password Change Exploit Author: Richard Jones Date: 2021-01-29 Vendor Homepage: https://www.sourcecodester.com/php/14690/online-voting-system-phpmysqli-full-source-code.html Software...
FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD ip6setpktopt Use-After-Free Privilege Escalation', 'Description' = %q This module exploits a race and use-after-free vulnerability in the...
ownCloud 10.3.0 Stable Cross Site Request Forgery
Exploit Title: ownCloud 10.3.0 stable - Cross-Site Request Forgery Date: 2019-10-31 Exploit Author: Ozer Goker Vendor Homepage: https://owncloud.org Software Link: https://owncloud.org/download/ Version: 10.3 CVE: N/A Introduction Your personal cloud collaboration platform With over 50 million...
Telus Actiontec T2200H WiFi Credential Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Device Details Discovered By: Andrew Klaus [email protected] Vendor: Actiontec Telus Branded, but may work on others Model: T2200H but very likely affecting other models of theirs Affected Firmware: T2200H-31.128L.08 Device Manual:...
📄 glFusion 1.3.0 Blind SQL Injection
A critical blind SQL injection vulnerability exists in glFusion CMS version 1.3.0, affecting the Media Gallery search functionality. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands and potentially compromise the entire database. This issue is older...
VICIdial 2.14-917 Remote Command Execution
VICIdial version 2.14-917 proof of concept remote command execution exploit that takes advantage of a flaw originally found in 2024. ============================================================================================================================================= | Title : VICIdial v...
Magento Adobe Commerce 2.4.4-p8 Arbitrary File Read
Magento Adobe Commerce version 2.4.4-p8 suffers from an arbitrary file read vulnerability. ============================================================================================================================================= | Title : Magento Adobe Commerce 2.4.4-p8 arbitrary file read...
dhtmlxFileExplorer 8.4.6 Local File Inclusion / Traversal
dhtmlxFileExplorer version 8.4.6 suffers from a local file inclusion vulnerability in the Download Function of File Explorer. Exploit Title: dhtmlxFileExplorer 8.4.6 - Local File Inclusion in the Download Function of File Explorer Date: Feb 6, 2025 Exploit Author: Nutchaya Augkanavitayakul,...
WebFileSys 2.31.0 Directory Traversal
An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers can manipulate file paths and gain unauthorized access to sensitive files, potentially exposing...
Cisco ASA SSL VPN Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA SSL VPN Privilege Escalation Vulnerability', 'Description' = %q This module exploits a privilege escalation vulnerability for Cisco ASA...
ManageEngine ADAudit Plus Xnode Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus Xnode Enumeration', 'Description' = %q This module exploits default admin credentials for the DataEngine Xnode server i...
Bhojon Restaurant Management System 2.9 Insecure Settings
==================================================================================================================================== | Title : Bhojon restaurant management system v2.9 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...
Trojan.Win32.DarkGateLoader MVID-2024-0685 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/afe012ed0d96abfe869b9e26ea375824.txt Contact: [email protected] Media: x.com/malvuln Threat: Trojan.Win32.DarkGateLoader multi variants Vulnerability: Arbitrary Code Execution Description:...
Ray OS 2.6.3 Command Injection
Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...