50784 matches found
Apache Spark Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Apache Spark Unauthenticated Command Injection RCE', 'Description' = %q This module exploits an unauthenticated command...
Backdoor.Win32.Bushtrommel.122 MVID-2022-0630 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bushtrommel.122 Vulnerability: Unauthenticated Remote Command Execution...
NVIDIA Data Center GPU Manager Remote Memory Corruption
!/usr/bin/python3 -- coding: UTF-8 -- heart.py NVIDIA Data Center GPU Manager Remote Memory Corruption Vulnerability Jeremy Brown jbrown3264/gmail NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopba...
SAP BusinessObjects Intelligence 4.3 XML Injection
Exploit Title: SAP BusinessObjects Intelligence 4.3 - XML External Entity XXE Google Dork: N/A Date: 4/21/2022 Exploit Author: West Shepherd Vendor Homepage: https://www.sap.com/ Software Link: https://www.sap.com/ Version: 4.2 and 4.3 Tested on: Windows Server 2019 x64 CVE : CVE-2022-28213...
McAfee Safe Connect VPN Unquoted Service Path
Exploit Title: McAfee® Safe Connect VPN - Unquoted Service Path Elevation Of Privilege Date: 09/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.mcafee.com/ Software Link: https://www.mcafee.com/en-us/vpn/mcafee-safe-connect.html Version: 2.13 Tested: Windows 10 x64 Contact:...
Xerte 3.9 Remote Code Execution
Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...
Accounting Journal Management System 1.0 SQL Injection
Exploit Title: Accounting Journal Management System 1.0 - 'id' SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15155/accounting-journal-management-system-trial-balance-php-free-source-code.html Version : 1.0 Tested on...
Hospital Management Startup 1.0 SQL Injection
Title: Hospital Management Startup v1.0 remote SQL-Injections Author: nu11secur1ty Date: 02.10.2022 Vendor: https://github.com/kabirkhyrul Software: https://github.com/kabirkhyrul/HMS CVE-2022-23366 Description: The loginid and password parameters from Hospital Management Startup 1.0 appear to be...
Backdoor.Win32.Hanuman.b Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/4087cffab90fa22c2882e2f97a467e8e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hanuman.b Vulnerability: Unauthenticated Remote Command Execution Description: The...
CollectorStealerBuilder Panel 2.0.0 Man-In-The-Middle
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/54530f88c8e4f4371c9418f00c256b1dB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: CollectorStealerBuilder v2.0.0 Panel Vulnerability: Man-in-the-Middle MITM Description: MITM vector...
Online DJ Booking Management System 1.0 Cross Site Scripting
Exploit Title: Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting Date: 2021-10-06 Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-dj-booking-management-system-using-php-and-mysql/ Version: V 1.0...
Amica Prodigy 1.7 Privilege Escalation
Exploit Title: Amica Prodigy 1.7 - Privilege Escalation Date: 2021-08-06 Exploit Author: Andrea Intilangelo Vendor Homepage: https://gestionaleamica.com - https://www.bisanziosoftware.com Software Link: https://gestionaleamica.com/Download/AmicaProdigySetup.exe Version: 1.7 Tested on: Windows 10...
Ext2Fsd 0.68 Unquoted Service Path
Exploit Title: Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Software Link: https://sourceforge.net/projects/ext2fsd/files/latest/download Version: 0.68 Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763 Service info:...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...
Asterisk 17.6.0 / 17.5.1 Denial Of Service
Asterisk crash due to INVITE flood over TCP - Fixed versions: 13.37.1, 16.14.1, 17.8.1, 18.0.1 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2020-02-asterisk-tcp-invite-crash - Asterisk Security Advisory:...
SMBv3 Compression Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMBv3 Compression Buffer Overflow', 'Description' = %q A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that...
Infosysta Jira 1.6.13_J8 User Name Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-043 Product: In-App & Desktop Notification for Jira Manufacturer: Infosysta Affected Versions: 1.6.13J8 Tested Versions: 1.6.13J8 Vulnerability Type: Authentication/Authorization Bypass Risk Level: Medium Solution Status: Clos...
Cisco M1070 Content Security Management Appliance IronPort Header Injection
!/usr/bin/perl -w Cisco M1070 Content Security Management Appliance IronPort Remote Header 'Host' Injection Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that...
Android su Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Android 'su' Privilege Escalation", 'Description' = %q This module uses the su binary present on rooted devices to run a payload as root. A roote...
Joomla JoomGallery 3.2.2 / PonyGallery 2.5.1 Database Disclosure / SQL Injection
Exploit Title : Joomla JoomGallery 3.2.2 PonyGallery 2.5.1 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 12/02/2019 Vendor Homepage : joomlander.net - joomlacode.org Software Download Link :...
Nvidia GeForce 11.0.1.163 Unquoted Service Path
Exploit Title: Nvidia GeForce v11.0.1.163 - Unquoted Service Path Date: 2024-11-25 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] t.me/Ci3c0 Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...
ABB Cylon Aspect 3.07.00 Remote Code Execution
ABB Cylon Aspect 3.07.00 networkDiagAjax.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.00 Summary: ASPECT is an award-winning scalable building energy management...
Furniture Master 2 SQL Injection
==================================================================================================================================== | Title : Furniture master v2 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | |...
C-MOR Video Surveillance 5.2401 Cross Site Scripting
Advisory ID: SYSS-2024-020 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Reflected Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2024-04-05 Solution Date:...
IntelliNet 2.0 Remote Root
!/usr/local/bin/node const execSync = require'childprocess'; const readline = require'readline'; let TARGET = ''; let COMMAND = ''; let SESSION = ''; const ESCALATE = '/usr/aes/bin/execsuid'; console.log ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⣿⣧⣶⣶⣶⣦⣤⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀...
SysAid Help Desk Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SysAid Help Desk Arbitrary File Download', 'Description' = %q This module exploits two vulnerabilities in SysAid Help Desk that allows an...
Notemark 0.13.0 Cross Site Scripting
Exploit Title: Stored XSS in NoteMark Date: 07/29/2024 Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...
AMPLE BILLS 1.0 Cross Site Scripting
============================================================================================================================================= | Title : AMPLE BILLS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | | Vendor...
WordPress Augmented-Reality Remote Code Execution
Exploit Title: Wordpress Augmented-Reality - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import requests as req import json import sys import random import uuid import urllib.parse import urllib3 from...
PHPJabbers Car Park Booking System 3.0 Missing Rate Limiting
Exploit Title: PHPJabbers Car Park Booking System v3.0 - Missing Rate Limiting Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-park-booking/sectionDemo Version: v3.0 Tested on:...
Joomla VirtueMart Shopping-Cart 4.0.12 Cross Site Scripting
Exploit Title: Joomla VirtueMart Shopping-Cart 4.0.12 - Reflected XSS Exploit Author: CraCkEr Date: 24/07/2023 Vendor: VirtueMart Team Vendor Homepage: https://www.virtuemart.net/ Software Link: https://demo.virtuemart.net/ Joomla Extension Link:...
RaidenFTPD 2.4.4005 Buffer Overflow
Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow SEH Date: 18/07/2023 Exploit Author: Andre Nogueira Vendor Homepage: https://www.raidenftpd.com/en/ Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe Version: RaidenFTPD 2.4.4005 Tested on: Microsoft Windows 10 Build 19045 1.-...
CMS TSS-EST 1.0.0 SQL Injection
==================================================================================================================================== | Title : CMS TSS-EST V1.0.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | ...
Wekan 6.74 Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored XSS vulnerability in rename functionality product: Wekan Open-Source kanban vulnerable version: =6.74 fixed version: 6.75 or higher CVE number: CVE-2023-28485...
Screen SFT DAB 600/C Authentication Bypass / Account Creation
!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Account Creation Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...
Bludit 3-14-1 Shell Upload
Exploit Title: Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.bludit.com/ Version : 3-14-1 Tested on: windows 11 wampserver | Kali linux Category: WebApp Google Dork: intext:'2022...
Micro Focus GroupWise Session ID Disclosure
Trovent Security Advisory 2203-01 Micro Focus GroupWise transmits session ID in URL Overview Advisory ID: TRSA-2203-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2203-01 Affected product: Micro Focus GroupWise Affected version: prior to 18.4.2...
WordPress WPtouch 3.7.5 Open Redirection
==================================================================================================================================== | Title : WordPress - WPtouch 3.7.5 Open Redirect Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
SAP@ Host Agent Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege Escalation Vulnerabilities UNIX Insecure File Handling product: SAP® Host Agent saposcol vulnerable version: see section "Vulnerable / tested versions" fixed...
Backdoor.Win32.DarkSky.23 MVID-2022-0648 Buffer Overflow
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/1164ef21ef2af97e0339359c0dce5e7d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkSky.23 Vulnerability: Remote Stack Buffer Overflow SEH Description: The...
Ruijie Reyee Mesh Router Remote Code Execution
Exploit Title: Ruijie Reyee Mesh Router - Remote Code Execution RCE Authenticated Google Dork: None Date: November 1, 2021 Exploit Author: Minh Khoa of VSEC Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/resources/products/1896-1900 Version: ReyeeOS...
minewebcms 1.15.2 Cross Site Scripting
Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...
Siemens S7-1200 4.5 Unauthenticated Access
Exploit Title: Unauthenticated Siemens S7-1200 CPU Start/Stop Command Date: 09/03/2022 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: V4.5 and below Tested on: Siemens S7-1200 CPU: 1215C IP == PLC IP address Start Command curl -i -s -k -X $'POST' \ -...
Archeevo 5.0 Local File Inclusion
Exploit Title: Archeevo 5.0 - Local File Inclusion Google Dork: intitle:"archeevo" Date: 01/15/2021 Exploit Author: Miguel Santareno Vendor Homepage: https://www.keep.pt/ Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/ Version: 5.0 Tested on: windows 1...
meterN 1.2.3 Remote Command Execution
!-- meterN v1.2.3 Authenticated Remote Command Execution Vulnerability Vendor: Jean-Marc Louviaux Product web page: https://www.metern.org Affected version: 1.2.3 and 0.8.3.2 Summary: meterN is a set of PHP/JS files that make a -Home energy metering & monitoring- solution. It accept any meters li...
perfexcrm 1.10 Cross Site Scripting
Exploit Title: perfexcrm 1.10 - 'State' Stored Cross-site scripting XSS Date: 05/07/2021 Exploit Author: Alhasan Abbas exploit.msf Vendor Homepage: https://www.perfexcrm.com/ Version: 1.10 Tested on: windows 10 Vunlerable page: /clients/profile POC: ---- POST /clients/profile HTTP/1.1 Host:...
Online Voting System 1.0 SQL Injection / Remote Code Execution
Exploit Title: Online Voting System 1.0 - SQLi Authentication Bypass + Remote Code Execution RCE Exploit Author: Geiseric Original Exploit Author: deathflash1411 - https://www.exploit-db.com/exploits/50076 - https://www.exploit-db.com/exploits/50075 Date 02.07.2021 Vendor Homepage:...
Email-Worm.Win32.Kipis.a Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/aa703bc17e3177d3b24a57c5d2a91a0c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.a Vulnerability: Unauthenticated Remote Code Execution Description: The malwa...
Profiling System For Human Resource Management 1.0 Remote Code Execution
Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution Unauthenticated Date: 19-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...
Bio Star 2.8.2 Local File Inclusion
Exploit Title: Bio Star 2.8.2 - Local File Inclusion Authors: SITE Team Rian Saaty, Bashaer AlHarthy, Safeyah Alhazmi Google Dork: N/A Date of Exploit Release: 2020-07-13 Exploit Author: SITE Team Vendor Homepage: https://www.supremainc.com/en/main.asp Software Link:...