50784 matches found
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Insecure Direct Object Reference
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Improper Access Control IDOR Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...
Trojan-Proxy.Win32.Wimain Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8936c97e99799809812fa740076a2d7f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Wimain Vulnerability: Remote Stack Buffer Overflow Description: Win32.Wimain troj...
Gitea 1.7.5 Remote Code Execution
Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...
Druva inSync Windows Client 6.6.3 Privilege Escalation
Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Date: 2020-12-03 Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....
HiSilicon Video Encoder Buffer Overflow / Denial Of Service
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...
ElkarBackup 1.3.3 Cross Site Scripting
Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes รzeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...
Submitty 20.04.01 Cross Site Scripting
Exploit Title: Submitty 20.04.01 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: humblelad Vendor Homepage: http://submitty.org/ Software Link: https://github.com/Submitty/Submitty/releases Version: 20.04.01 Tested on: Mac Os Catalina CVE : CVE-2020-12882 Description: Submitty...
Adobe Flash Player DeleteRangeTimelineOperation Type Confusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion', 'Description' = %q This module exploits a type confusion on Adobe Flash Player,...
IBM Flashsystem / Storwize CSRF / Arbitrary File Read / Information Disclosure
Vulnerabilities in IBMs Flashsystems and Storwize Products ------------------------------------------------------------------------- Introduction ============ Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem 900 and IBM Storwize V7000. These were discovered during a bla...
vBulletin 5.2.2 / 4.2.3 / 3.8.9 Server Side Request Forgery
============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-6483 - Release date: 05.08.2016 - Severity: High ============================================= I. VULNERABILITY ------------------------- vBulletin = 5.2....
asteval 1.06 Arbitrary Code Execution / Sandbox Escape
An attacker who can pass input to the asteval library, when this is used with numpy functions in the symbol table the default setting, can bypass restrictions and execute arbitrary code as the user who ran the python process. Versions 1.06 and below are affected. CVE pending Sandboxing Python is...
Calibre 7.15.0 Code Injection
Calibre version 7.15.0 remote code injection proof of concept exploit. ============================================================================================================================================= | Title : Calibre 7.15.0 PHP Code Injection Vulnerability | | Author : indoushka | |...
Simple Chat System 1.0 Cross Site Scripting
Exploit Title:Simple Chat System 1.0 Reflected XSS Date:05/12/2024 Exploit Author:Merve Hatice Arslan Vendor Homepage:https://code-projects.org/simple-chat-system/ Sofware Link:https://download.code-projects.org/details/ec6340ea-ef68-48d9-b9b2-da397f52b2dc Version:1.0 Tested on:Linux / XAMPP...
WordPress WPS Hide Login Login Page Revealer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WPS Hide Login Login Page Revealer', 'Description' = %q This module exploits a bypass issue with WPS Hide Login version 'WPVDB',...
Bhojon Restaurant Management System 3.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Bhojon restaurant management system v3.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...
Apache OFBiz 18.12.12 Directory Traversal
Exploit Title: Apache OFBiz 18.12.12 - Directory Traversal Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://ofbiz.apache.org/download.html Version: below example.createBlogPost...
Human Resource Management System 2024 1.0 SQL Injection
Title: hrm2024.1.0-Multiple-SQLi Author: nu11secur1ty Date: 04/02/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...
WordPress WP Fastest Cache 1.2.2 SQL Injection
Exploit Title: Unauthenticated SQL Injection in WP Fastest Cache 1.2.2 Date: 14.11.2023 Exploit Author: Meryem Taลkฤฑn Vendor Homepage: https://www.wpfastestcache.com/ Software Link: https://wordpress.org/plugins/wp-fastest-cache/ Version: WP Fastest Cache 1.2.2 Tested on: WP Fastest Cache 1.2.2...
Online Library Management System 3 Password Reset
Exploit Title: Online Library Management System v3 - Password Reset and Email Matching Vulnerability Date: 12.09.2023 Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-library-management-system/ Version: v3 Tested on: Windows 10 Pro 64 B...
GEN Security+ 4.0 Cross Site Scripting
==================================================================================================================================== | Title : GEN Security+ v4.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Franรงais V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor...
WordPress Kero jQuery/HTML Dashboard PRO 2.3.86 SQL Injection
==================================================================================================================================== | Title : WordPress - Kero jQuery/HTML Dashboard PRO Auth BY pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Franรงais V.Pro / browser : Mozilla...
Apple Zeed ALL YOUR STYLE CMS 1.00 SQL Injection
======================================================================================== | Title : Apple Zeed ALL YOUR STYLE CMS 1.00 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Franรงais V.Pro / browser : Mozilla firefox 109.064-bit | | Vendor :...
rconfig 3.9.7 SQL Injection
Exploit Title: rconfig 3.9.7 - Sql Injection Authenticated Exploit Author: azhen Date: 10/12/2022 Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: " sys.exit1 host=sys.argv1 Enter the hostname def getdatahost: print"+ Get db data..." vulur...
Planet eStream Code Execution / SQL Injection / XSS / Broken Control
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Planet Enterprises Ltd - Planet eStream vulnerable version: 6.72.10.07 fixed version: 6.72.10.07 CVE number: CVE-2022-45896,...
Backdoor.Win32.Delf.ps Information Disclosure
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/cf3c08afa6c2d49ba36ed0f895893d71.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.ps Vulnerability: Information Disclosure Description: The malware listens on TCP...
Apache APISIX 2.12.1 Remote Code Execution
Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Date: 2022-03-16 Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 โ 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT =...
WordPress Catch Themes Demo Import Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin Catch Themes Demo Import RCE', 'Description' = %q The Wordpress Plugin Catch Themes Demo Import versions MSFLICENSE, 'Author' =...
Arunna 1.0.0 Cross Site Request Forgery
Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Date: November 29, 2021 Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...
Maian-Cart 3.8 Remote Code Execution
Exploit title: Maian-Cart 3.8 - Remote Code Execution RCE Unauthenticated Date: 27.11.2020 19:35 Tested on: Ubuntu 20.04 LTS Exploit Authors: DreyAnd, purpl3 Software Link: https://www.maiancart.com/download.html Vendor homepage: https://www.maianscriptworld.co.uk/ Version: Maian Cart 3.8 CVE:...
Backdoor.Win32.Bifrose.ahyg Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d6aff119c03ff378d386b30b36b07a69.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.ahyg Vulnerability: Insecure Permissions Description: The malware creates an...
Atlassian Confluence Server 7.5.1 Arbitrary File Read
Exploit Title: Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability Date: 2021-10-05 Exploit Author: Mayank Deshmukh Author email: [email protected] Vendor Homepage: https://www.atlassian.com/ Software Link:...
WordPress Backup Guard 1.5.8 Shell Upload
Exploit Title: Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution Authenticated Date 02.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://backup-guard.com/products/backup-wordpress Software Link: https://downloads.wordpress.org/plugin/backup.1.5.8.zip Version: Before...
WebSSH For iOS 14.16.10 Denial Of Service
Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Discovery Date: 2021-05-18 Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of...
Gadget Works Online Ordering System 1.0 SQL Injection / Code Execution
Exploit Title: Gadget works online ordering system - Authentication Bypass SQLi Date: 03/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/13093/gadget-works-online-ordering-system-phpmysqli.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4...
CITSmart ITSM 9.1.2.27 SQL Injection
Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...
Backdoor.Win32.Zetronic Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/caf26a74ca39662e2c3d37e55a242daf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zetronic Vulnerability: Remote DoS Description: Zetronic listens on UDP port 2090,...
Online Student's Management System SQL Injection
Title: Online Student's Management System - Unauthenticated Multiple SQL Injections Exploit Author: George Tsimpidas Date: 2020-10-09 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/studentrecord0.zip Tested on: Ubuntu...
Online Food Ordering System 1.0 Remote Code Execution
Exploit Title: Online Food Ordering System 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-09-22 Exploit Author: Eren ลimลek Vendor Homepage: https://www.sourcecodester.com/php/14460/simple-online-food-ordering-system-using-phpmysql.html Software Link:...
Joomla Adagency 6.1.2 Cross Site Scripting
Exploit Title: Joomla! Adagency V 6.1.2 Cross Site Scripting Date: 24.07.2020 Author: Vincent666 ibn Winnie Software Link: https://adagency.ijoomla.com/ Tested on: Windows 10 Web Browser: Mozilla Firefox Blog : https://pentest-vincent.blogspot.com/...
Fortinet FortiRecorder 2.7.3 Hardcoded Password
Original posting: https://xor.cat/2019/08/05/fortinet-fortirecorder-hardcoded-password/ Text archive available here: https://xor.cat/archive/2019/08/05/fortinet-fortirecorder-hardcoded-password.txt Background In June of 2019 I discovered a vulnerability in Fortinet's FortiRecorder1 product which...
WordPress WP Fastest Cache 0.8.9.5 Directory Traversal
WP Fastest Cache is a Wordpress plugin that creates static html files from the dynamic WordPress blog in order to speed up operation. Version 0.8.9.5 and below of the plugin was identified being vulnerable to directory traversal attacks. The first two are Windows only, the 3rd one is generic. The...
R 3.4.4 (Windows 10 x64) Buffer Overflow
!/usr/bin/python Exploit Title: R 3.4.4 Windows 10 x64 - Buffer Overflow SEHDEP/ASLR Bypass Date: 2019-07-15 Exploit Author: blackleitus Vendor Homepage: https://www.r-project.org/ Tested on: Windows 10 Home Single Language 64-bit Social: https://twitter.com/blackleitus Website:...
Wampserver 3.1.8 Cross Site Request Forgery
Affected product: WampServer 3.1.4-3.1.8 Offiical description: "WampServer is a Windows web development environment. It allows you to create web applications with Apache2, PHP and a MySQL database. Alongside, PhpMyAdmin allows you to manage easily your databases." Official website:...
CUJO Firewall User Enumeration / Authorization Bypass
TL;DR: Despite CUJO Firewall is a cute device and quite challenging to break from hardware hacking point of view... the APIs which are just a click away, once bypassed pinning and apk's obfuscation suffer of authorization bypass issues. An attacker could easily enumerate all existing users, and f...
๐ Online Exam Mastering System 1.0 Cross Site Scripting
Online Exam Mastering System version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/exam/feedback.php Date: 2025-04-19 Exploit Author: Pruthu Raut Vendor Homepage:...
๐ Spring Boot common-user-management 0.1 Shell Upload
Spring Boot common-user-management version 0.1 suffers from a remote shell upload vulnerability. Exploit Title: Unrestricted File Upload Google Dork: Date: 14/Nov/2024 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...
ABB Cylon FLXeon 9.3.4 cmds.js Authenticated Root Remote Code Execution
ABB Cylon FLXeon version 9.3.4 is vulnerable to authenticated root command execution via the cmds API. An authenticated attacker can execute arbitrary system commands with root privileges. !/usr/bin/env python3 ABB Cylon FLXeon 9.3.4 cmds.js Authenticated Root Remote Code Execution Vendor: ABB Lt...
SolarView Compact 6.00 Code Injection
============================================================================================================================================= | Title : SolarView Compact 6.00 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...
dizqueTV 1.5.3 Remote Code Execution
Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...
Emergency Ambulance Hiring Portal 1.0 WYSIWYG Code Injection
============================================================================================================================================= | Title : Emergency Ambulance Hiring Portal 1.0 WYSIWYG code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...