50748 matches found
VMware Workspace ONE Access Template Injection / Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access CVE-2022-22954', 'Description' = %q This module exploits CVE-2022-22954, an unauthenticated server-side template...
Maian-Cart 3.8 Remote Code Execution
Exploit title: Maian-Cart 3.8 - Remote Code Execution RCE Unauthenticated Date: 27.11.2020 19:35 Tested on: Ubuntu 20.04 LTS Exploit Authors: DreyAnd, purpl3 Software Link: https://www.maiancart.com/download.html Vendor homepage: https://www.maianscriptworld.co.uk/ Version: Maian Cart 3.8 CVE:...
Atlassian Confluence Server 7.5.1 Arbitrary File Read
Exploit Title: Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability Date: 2021-10-05 Exploit Author: Mayank Deshmukh Author email: [email protected] Vendor Homepage: https://www.atlassian.com/ Software Link:...
Windows Defender Application Guard Denial Of Service
Windows Defender Application Guard also known as "WDAG", Microsoft Defender Application Guard, and "MDAG" can be closed by any script or website loaded in WDAG by redirecting the browser to a URL with a long hostname e.g, 10,000 characters long. This can cause a denial-of-service condition. Impac...
Aruba Instant (IAP) Remote Code Execution
import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def racepapimessageip: global CONTINUERACE payload =...
WordPress Backup Guard 1.5.8 Shell Upload
Exploit Title: Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution Authenticated Date 02.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://backup-guard.com/products/backup-wordpress Software Link: https://downloads.wordpress.org/plugin/backup.1.5.8.zip Version: Before...
CITSmart ITSM 9.1.2.27 SQL Injection
Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...
Online Faculty Clearance System 1.0 Shell Upload
Exploit Title: Online Faculty Clearance System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/onlineclearance0.zip Version: 1.0 Tested on Windows 10 @Vulnerable Source Code...
Trojan-Dropper.Win32.Dycler.vrp Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/06cbbff745c60c46e0996928c00ef28f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Dycler.vrp Vulnerability: Insecure Permissions Description: Dycler.vrp creates ...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Insecure Direct Object Reference
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Improper Access Control IDOR Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...
Backdoor.Win32.Zetronic Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/caf26a74ca39662e2c3d37e55a242daf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zetronic Vulnerability: Remote DoS Description: Zetronic listens on UDP port 2090,...
Online Student's Management System SQL Injection
Title: Online Student's Management System - Unauthenticated Multiple SQL Injections Exploit Author: George Tsimpidas Date: 2020-10-09 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/studentrecord0.zip Tested on: Ubuntu...
ElkarBackup 1.3.3 Cross Site Scripting
Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...
Submitty 20.04.01 Cross Site Scripting
Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE : CVE-2020-12882 Description: Submitty...
R 3.4.4 (Windows 10 x64) Buffer Overflow
!/usr/bin/python Exploit Title: R 3.4.4 Windows 10 x64 - Buffer Overflow SEHDEP/ASLR Bypass Date: 2019-07-15 Exploit Author: blackleitus Vendor Homepage: https://www.r-project.org/ Tested on: Windows 10 Home Single Language 64-bit Social: https://twitter.com/blackleitus Website:...
Adobe Flash Player DeleteRangeTimelineOperation Type Confusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion', 'Description' = %q This module exploits a type confusion on Adobe Flash Player,...
CUJO Firewall User Enumeration / Authorization Bypass
TL;DR: Despite CUJO Firewall is a cute device and quite challenging to break from hardware hacking point of view... the APIs which are just a click away, once bypassed pinning and apk's obfuscation suffer of authorization bypass issues. An attacker could easily enumerate all existing users, and f...
vBulletin 5.2.2 / 4.2.3 / 3.8.9 Server Side Request Forgery
============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-6483 - Release date: 05.08.2016 - Severity: High ============================================= I. VULNERABILITY ------------------------- vBulletin = 5.2....
Calibre 7.15.0 Code Injection
Calibre version 7.15.0 remote code injection proof of concept exploit. ============================================================================================================================================= | Title : Calibre 7.15.0 PHP Code Injection Vulnerability | | Author : indoushka | |...
SolarView Compact 6.00 Code Injection
============================================================================================================================================= | Title : SolarView Compact 6.00 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...
dizqueTV 1.5.3 Remote Code Execution
Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...
Native DNS Spoofer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Native DNS Spoofer Example', 'Description' = %q This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin...
Bhojon Restaurant Management System 3.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Bhojon restaurant management system v3.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...
Human Resource Management System 2024 1.0 SQL Injection
Title: hrm2024.1.0-Multiple-SQLi Author: nu11secur1ty Date: 04/02/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...
MiniWeb HTTP Server 0.8.19 Denial Of Service
!/usr/bin/perl use IO::Socket; Exploit Title: MiniWeb HTTP Server 0.8.19 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 24 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1935vpOZJPFJqnwTMPdkXTvoblA1SzBEK/view?usp=sharing Notification...
Gom Player 2.3.92.5362 DLL Hijacking
Exploit Title: Gom Player 2.3.92.5362 - nvcuda.dll DLL Hijacking Date: 2023-01-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.mrvar0x.com/ Version: 2.3.92.5362 Tested on: Windows 7, Windows 10 A DLL hijacking vulnerability has been discovered Gom Player 2.3.92.5362. When a...
GEN Security+ 4.0 Cross Site Scripting
==================================================================================================================================== | Title : GEN Security+ v4.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor...
FlightPath LMS 4.8.2 Cross Site Scripting
==================================================================================================================================== | Title : FlightPath LMS v4.8.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vendor...
Online Examination System Project 1.0 Cross Site Request Forgery
Exploit Title: Online Examination System Project 1.0 - Cross-site request forgery CSRF Google Dork: n/a Date: 09/06/2023 Exploit Author: Ramil Mustafayev kryptohaker Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...
Apple Zeed ALL YOUR STYLE CMS 1.00 SQL Injection
======================================================================================== | Title : Apple Zeed ALL YOUR STYLE CMS 1.00 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.064-bit | | Vendor :...
Jedox 2020.2.5 Configurable Storage Path Remote Code Execution
Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878...
Multi-Vendor Online Groceries Management System 1.0 Remote Code Execution
Exploit Title: Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution RCE Date: 4/23/2023 Author: Or4nG.M4n Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Microsoft Excel 365 MSO 2302 Build 16.0.16130.20186 Remote Code Execution
Title: Microsoft Excel RCE Vulnerability / Microsoft®365 MSO Version 2302 Build 16.0.16130.20186 64-bit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...
WordPress Sabai Discuss 1.4.13 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
ETAP Safety Manager 1.0.0.32 Cross Site Scripting
ETAP Safety Manager 1.0.0.32 Remote Unauthenticated Reflected XSS Vendor: ETAP Lighting International NV Product web page: https://www.etaplighting.com Affected version: 1.0.0.32 Summary: The ETAP Safety Manager ESM is a central managing and control system that helps you to monitor, adjust and...
Backdoor.Win32.Delf.ps Information Disclosure
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/cf3c08afa6c2d49ba36ed0f895893d71.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.ps Vulnerability: Information Disclosure Description: The malware listens on TCP...
Apache APISIX 2.12.1 Remote Code Execution
Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Date: 2022-03-16 Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT =...
WordPress Catch Themes Demo Import Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin Catch Themes Demo Import RCE', 'Description' = %q The Wordpress Plugin Catch Themes Demo Import versions MSFLICENSE, 'Author' =...
Arunna 1.0.0 Cross Site Request Forgery
Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Date: November 29, 2021 Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...
Chikitsa Patient Management System 2.0.2 Plugin Remote Code Execution
Exploit Title: Chikitsa Patient Management System 2.0.2 - Remote Code Execution RCE Authenticated Date: 03/12/2021 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
Backdoor.Win32.Bifrose.ahyg Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d6aff119c03ff378d386b30b36b07a69.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.ahyg Vulnerability: Insecure Permissions Description: The malware creates an...
Backdoor.Win32.Surila.j Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b1cec4b806c71c82bbd9002bdaf21d1fB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Surila.j Vulnerability: Authentication Bypass Description: The malware listens on...
Trojan.Win32.Alien.erf Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Denial of Service Description: The malware deploys a SM...
CHIYU TCP/IP Converter CRLF Injection
Exploit Title: CHIYU TCP/IP Converter devices - CRLF injection Date: May 31 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, and BF-450M TCP/IP Converter device...
WebSSH For iOS 14.16.10 Denial Of Service
Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Discovery Date: 2021-05-18 Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of...
Gadget Works Online Ordering System 1.0 SQL Injection / Code Execution
Exploit Title: Gadget works online ordering system - Authentication Bypass SQLi Date: 03/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/13093/gadget-works-online-ordering-system-phpmysqli.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4...
Apartment Visitors Management System 1.0 SQL Injection
Exploit Title: Apartment Visitors Management System 1.0 - 'email' SQL Injection Date: 20.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...
Backdoor.Win32.Agent.dcbh Insecure Permissions / Privilege Escalation
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/bba63df41adcf2cf80c74e4a62539d44.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.dcbh Vulnerability: Insecure Permissions EoP Description: Drops an executable...
Gitea 1.7.5 Remote Code Execution
Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...
Canon Inkjet Extended Survey Program 5.1.0.8 Unquoted Service Path
Exploit Title: Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path Discovery by: Carlos Roa Discovery Date: 2020-11-07 Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home Tested Version: 5.1.0.8 Vulnerability Type: Unquoted Service Path Tested on O...