50748 matches found
OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple post-authentication vulnerabilities including RCE product: OpenText™ Content Server component of OpenText™ Extended ECM vulnerable version: 16.2.2 - 22.3 fixed...
WordPress Slider Revolution 4.1.2 Directory Traversal
==================================================================================================================================== | Title : WordPress - Slider Revolution 4.1.2 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
WordPress 3dady Real-Time Web Stats 1.0 Cross Site Scripting
Exploit Title: Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/3dady-real-time-web-stats/ Date: 2022-08-24 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://profiles.wordpress.org/3dady/ Software Link:...
SAP Knowledge Warehouse 7.50 / 7.40 / 7.31 / 7.30 Cross Site Scripting
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SAP Knowledge Warehouse Vendor URL: https://help.sap.com/viewer/816f1f952d244bbf9dd5063e2a0e66b0/7.5.21/en-US/4dc9605e4a9d6522e10000000a15822b.html Type: Cross-Site Scripting CWE-79 Date...
Dahua ToolBox 1.010.0000000.0 DLL Hijacking
Hi all, I have actually contacted Dahua PSIRT team and they confirmed the vulnerability exists few days ago but then since this product is not in that scope on requesting CVE and therefore I am going to disclose the details here: Vulnerable Software and Version: ToolBox-V1.010.0000000.0 versions...
osCommerce 2.3.4.1 Remote Code Execution
Exploit Title: osCommerce 2.3.4.1 - Remote Code Execution 2 Vulnerability: Remote Command Execution when /install directory wasn't removed by the admin Exploit: Exploiting the install.php finish process by injecting php payload into the dbdatabase parameter & read the system command output from...
Intelbras Router RF 301K Cross Site Request Forgery
Exploit Title: Intelbras Router RF 301K - 'DNS Hijacking' Cross-Site Request Forgery CSRF Date: 01/05/2021 Exploit Author: Rodolfo Mariano Version: Firmware 1.1.2-1.1.5 CVE: 2021-32403 Exploit Code: document.forms0.submit;...
Id Card Generator 1.0 Cross Site Scripting
Exploit Title: Id Card Generator | Cross Site Scripting 'download.php' Exploit Author: Richard Jones Date: 2021-03-28 Vendor Homepage: https://www.sourcecodester.com/php/12040/id-generator-php.html Software Link:...
Trojan-Dropper.Win32.Delf.p Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b02cc578d2e7f24fb67ec0afc42a9e13B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.p Vulnerability: Remote Buffer Overflow Description: Delf.p accepts...
Covid-19 Contact Tracing System 1.0 Code Execution
Exploit Title: Covid-19 Contact Tracing System 1.0 - Remote Code Execution Unauthenticated Date: 28-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...
Backdoor.Win32.Indexer.a Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2b576e7551afe1c7575dc680396f1b5bB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Indexer.a Vulnerability: Remote Denial Of Service Description: Indexer.a runs an FTP...
Backdoor.Win32.Cabrotor.21 Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/af7001c2d6284a1295638576bc138cb2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cabrotor.21 Vulnerability: Insecure Permissions Description: Cabrotor.21 backdoor...
AnyTXT Searcher 1.2.394 Unquoted Service Path
Exploit Title: AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: Anytxt.net Software Link: https://sourceforge.net/projects/anytxt/files/AnyTXT.Searcher.1.2.394.exe Version: Version 1.2.394 Tested on: Microsoft Windows ...
WordPress Supsystic Pricing Table 1.8.7 SQL Injection / Cross Site Scripting
Exploit Title: WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/pricing-table-by-supsystic.1.8.7.zip Version: 1.8.7 and 1.8.6...
Gitlab 11.4.7 Remote Code Execution
Exploit Title: Gitlab 11.4.7 - Remote Code Execution Date: 14-12-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net, foxlox Vendor Homepage: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested On: Debian 10 +...
iServiceOnline 1.0 SQL Injection
Exploit Title: iServiceOnline 1.0 - 'r' SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/iserviceonline/ Software Link: https://netcologne.dl.sourceforge.net/project/iserviceonline/iServiceEng.zip Version: 1.0 Category: Webapp...
📄 Windows Server Update Service Deserialization Remote Code Execution
This Metasploit module exploits a deserialization vulnerability in the legacy serialization mechanism in Windows Server Update Services WSUS. The vulnerability allows an unauthenticated attacker to create a specially crafted event, which triggers an unsafe deserialization upon server...
📄 Adapt Authoring Tool 0.11.3 Remote Command Execution
Adapt Authoring Tool version 0.11.3 suffers from a remote command execution vulnerability. Exploit Title: Adapt Authoring Tool 0.11.3 - Remote Command Execution RCE Date: 2024-11-24 Exploit Author: Eui Chul Chung Vendor Homepage: https://www.adaptlearning.org/ Software Link:...
Simple College Website 1.0 Shell Upload
============================================================================================================================================= | Title : Simple College Website 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0...
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference
Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...
DerbyNet 9.0 inc/kisosks.inc Cross Site Scripting
CVE ID: CVE-2024-30926 Description: A Cross-Site Scripting XSS vulnerability has been identified in DerbyNet version 9.0, affecting the ./inc/kiosks.inc component. This vulnerability permits remote attackers to execute arbitrary code by exploiting the addressforcurrentkiosk function. The issue...
VIMESA VHF/FM Transmitter Blue Plus 9.7.1 Denial Of Service
VIMESA VHF/FM Transmitter Blue Plus 9.7.1 doreboot Remote Denial Of Service Vendor: Video Medios, S.A. VIMESA Product web page: https://www.vimesa.es Affected version: img:v9.7.1 Html:v2.4 RS485:v2.5 Summary: The transmitter Blue Plus is designed with all the latest technologies, such as high...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W, 1kW...
Grawlix 1.5.1 Cross Site Scripting
Title: grawlix-1.5.1 XSS-Reflected Author: nu11secur1ty Date: 08/29/2023 Vendor: https://getgrawlix.com/ Software: Reference: https://portswigger.net/web-security/cross-site-scripting Description: The value of the ref request parameter is copied into the value of an HTML tag attribute which is...
E-partenaire LMS 1.0.0 Cross Site Scripting
==================================================================================================================================== | Title : E-partenaire LMS v1.0.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vend...
WordPress User Registration 3.0.2 Arbitrary File Upload
Description: User Registration = 3.0.2 – Authenticated Subscriber+ Arbitrary File Upload Affected Plugin: User Registration – Custom Registration Form, Login Form And User Profile For WordPress Plugin Slug: user-registration Affected Versions: = 3.0.2 CVE ID: CVE-2023-3342 CVSS Score: 9.9 Critica...
WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF
On April 6, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities in Getwid – Gutenberg Blocks, a plugin installed on over 50,000 WordPress sites. The plugin’s developers responded immediately, and we sent over the full disclosure the sa...
Screen SFT DAB 600/C Authentication Bypass / Erase Account
!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...
GLPI 9.5.7 Username Enumeration
Exploit Title: GLPI 9.5.7 - Username Enumeration Date: 04/29/2023 Author: Rafael B. Vendor Homepage: https://glpi-project.org/pt-br/ Affected Versions: GLPI version 9.1 = 9.5.7 Software: https://github.com/glpi-project/glpi/releases/download/9.5.7/glpi-9.5.7.tgz import requests from bs4 import...
NVFLARE Unsafe Deserialization
Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1...
IOTransfer 4 Unquoted Service Path
Exploit Title: IOTransfer V4 - Unquoted Service Path Exploit Author: BLAY ABU SAFIAN Inveteck Global Discovery Date: 2022-28-07 Vendor Homepage: http://www.iobit.com/en/index.php Software Link: https://iotransfer.itopvpn.com/download/ Tested Version: V4 Vulnerability Type: Unquoted Service Path...
Library Management System With QR Code 1.0 Cross Site Scripting
Title: Library Management System with QR code Attendance 1.0 Stored Cross-Site Scripting Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
Pharmacy Management System 1.0 Shell Upload
Exploit Title: Pharmacy management system - Remote Code Execution RCE Date: 19/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Version:...
Simple Subscription Website 1.0 SQL Injection
Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass Exploit Author: Daniel Haro Dirox Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html Software Link:...
Online Traffic Offense Management System 1.0 SQL Injection
Exploit Title: Online Traffic Offense Management System 1.0 - 'id' SQL Injection Authenticated Date: 19/08/2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link:...
NetModule Router Software Password Handling / Session Fixation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities in NetModule Router Software product: NetModule Router Software NRSW vulnerable version: Before 4.3.0.113, 4.4.0.111, 4.5.0.105 fixed version:...
ProjeQtOr Project Management 9.1.4 Shell Upload
Exploit Title: ProjeQtOr Project Management 9.1.4 - Remote Code Execution Date: 29.05.2021 Exploit Author: Temel Demir Vendor Homepage: https://www.projeqtor.org Software Link: https://sourceforge.net/projects/projectorria/files/projeqtorV9.1.4.zip Version: v9.1.4 Tested on: Laragon @WIN10...
Windows 10 Wi-Fi Drivers For Intel Wireless Adapters 22.30.0 Privilege Escalation
Hi @ll, the executable installers version 22.30.0 Latest, published 2/23/2021, for the "Windows® 10 Wi-Fi Drivers for Intel® Wireless Adapters", and , available from are SURPRISE! vulnerable: they allow arbitrary code execution WITH local escalation of privilege. CVSS 3.0 score: 8.2 High CVSS 3.0...
Online Faculty Clearance System 1.0 Cross Site Scripting
Exploit Title: Online Faculty Clearance System Persistent Cross Site Scripting Exploit Author: th3d1gger Vendor Homepage: https://sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/onlineclearance0.zip Version: 1.0 Tested on Windows 10 @attack...
Trojan.Win32.Siscos.bqe Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a41431099989b44359273216072f8295.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Siscos.bqe Vulnerability: Insecure Permissions Description: creates an insecure dir nam...
Backdoor.Win32.Antilam.14.o Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3f3ee9dce39e816b4001bd6ae66e8f1a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.o Vulnerability: Unauthenticated Remote Command Execution Description: The...
Backdoor.Win32.Agent.bjev Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/35cf54a19efcdeaa41899647075c7ef9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.bjev Vulnerability: Insecure Permissions Description: Agent.bjev creates an...
SmartFoxServer 2X 2.17.0 Remote Code Execution
SmartFoxServer 2X 2.17.0 God Mode Console Remote Code Execution Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6 SmartFoxServer 2X, Pro, Basic Summary: SmartFoxServer SFS is a comprehensive SDK for rapidly developing...
IP Watcher 3.0.0.30 Unquoted Service Path
Exploit Title: IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path Date: 2020-8-25 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.gearboxcomputers.com/ Software Link: https://www.gearboxcomputers.com/files/IPWatcherSetup.exe Version: 3.0.0.30 Tested on: Microsoft Windows...
Online Student's Management System 1.0 Shell Upload
Exploit Title: Online Student's Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020/10/18 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14490/online-students-management-system-php-full-source-code-2020.html Software Link:...
Online Bike Rental 1.0 Shell Upload
Exploit Title: Online Bike Rental v1.0 – Authenticated Arbitrary File Upload / Remote Code Execution Date: July 31, 2020 Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https:/www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html...
Podman / Varlink Remote Code Execution
!/usr/bin/python -- coding: UTF-8 -- pickletime.py Podman + Varlink Insecure Config Remote Exploit Jeremy Brown jbrown3264/gmail @ Oct 2019 ------- Details ------- Podman is container engine / platform similar to Docker supported by RedHat and Fedora with Varlink being a protocol to exchange...
PHP 7.x disable_functions Bypass
= 8; public function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8; return $out; unable to leak ro segments public function leak1$addr global $spl1; $this-write$this-abc, 8, $addr - 0x10; return strlengetclass$spl1; the real deal public function leak2$addr, $p...
WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Spryng payments woocommerce 1.6.7 Spryng payments woocommerce is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...