50738 matches found
Bazaar Social Listing Shopping Web PHP Template 2.3.2 Cross Site Scripting
==================================================================================================================================== | Title : Bazaar Social Listing Shopping Web PHP Template v2.3.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Blogator 0.93 Cross Site Scripting
==================================================================================================================================== | Title : Blogator script v 0.93 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...
BloodBank 1.0 Cross Site Scripting
====================================================================================================================================== | Title : BloodBank v1.0 - Blood Donor Directory CMS with PayPal Integration XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...
Bigware Shop 2.3 Cross Site Scripting
==================================================================================================================================== | Title : Bigware Shop v2.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...
BloodBank 1.0 Insecure Direct Object Reference
====================================================================================================================================== | Title : BloodBank v1.0 - Blood Donor Directory CMS with PayPal Integration unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on...
BD-Schools LMS 1.0.2 Cross Site Scripting
==================================================================================================================================== | Title : BD-Schools LMS v1.0.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vend...
Vaidya-Mitra 1.0 SQL Injection
Title: Vaidya-Mitra 1.0 Multiple - SQLi Author: nu11secur1ty Date: 07.12.2023 Vendor: https://mayurik.com/ Software: free: https://www.sourcecodester.com/php/16720/free-hospital-management-system-small-practices.html, https://mayurik.com/source-code/P5890/best-hospital-management-system-in-php...
Blogator Script 0.93 Insecure Settings
==================================================================================================================================== | Title : Blogator script v 0.93 Reinstall default Password Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...
BBAM 1.1 Insecure Direct Object Reference
==================================================================================================================================== | Title : bbam CMS v1.1 unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...
BBook 5.7 Shell Upload
==================================================================================================================================== | Title : BBook - BookStore Script System with website v5.7 Unrestricted File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro ...
Bayfront CMS 1.0 SQL Injection
==================================================================================================================================== | Title : Bayfront-CMS v1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | |...
ARTISTRY LIMITED LMS 0.5 SQL Injection
==================================================================================================================================== | Title : ARTISTRY LIMITED LMS v 0.5 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...
BKMobile CMS 1.5.0 SQL Injection
==================================================================================================================================== | Title : BKMobile-CMS V1.5.0 Blind SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Blackboard 2.0.2 Database Disclosure
==================================================================================================================================== | Title : blackboard v 2.0.2 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | ...
Bloly 1.3 Add Administrator
==================================================================================================================================== | Title : Bloly v1.3 Add admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...
pfSense Restore RRD Data Command Injection
class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of pfSense prior to version 2.7.0 which allows an authenticated attacker with the "WebCfg - Diagnostics:...
Bazaar Social Listing Shopping Web PHP Template 2.3.2 Privilege Escalation
==================================================================================================================================== | Title : Bazaar | Social Listing Shopping Web PHP Template v2.3.2 Privilege Escalation Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.P...
Bigware-Shop CMS 2.1 Insecure Direct Object Reference
==================================================================================================================================== | Title : Bigware-Shop CMS v2.1 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...
Spring Cloud 3.2.2 Remote Command Execution
Exploit Title: Spring Cloud 3.2.2 - Remote Command Execution RCE Date: 07/07/2023 Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://spring.io/projects/spring-cloud-function/ Description: Exploit to execute commands exploiting CVE-2022-22963 Software Link:...
Avidi Media 2.0 Insecure Settings
==================================================================================================================================== | Title : Avidi Media v2.0 - Ultimate Video, Music, Photo and Gif Sharing Script - nulled Insecure Settings Vulnerability | | Author : indoushka | | Tested on :...
Asanhamayesh CMS 3.4.6 Directory Traversal
================================================================================================= | Title : Asanhamayesh CMS 3.4.6 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Dork : طراح و پشتیبان...
Banner RotatorCMS 1.0 Database Disclosure
==================================================================================================================================== | Title : Banner RotatorCMS v1.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bi...
ARTISTRY LIMITED LMS 0.5 Insecure Settings
==================================================================================================================================== | Title : ARTISTRY LIMITED LMS v 0.5 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...
AtTestimonials CMS 1.2 Missing Authentication
==================================================================================================================================== | Title : AtTestimonials CMS v1.2 Missing Authentication Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Architect HTML And Site Builder 2.2.3 File Upload
==================================================================================================================================== | Title : Architect - HTML and Site Builder V 2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Atom CMS 2.0 Directory Traversal
==================================================================================================================================== | Title : AtomCMS 2.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit |...
XAMPP 8.2.4 Unquoted Service Path
Exploit Title: XAMPP 8.2.4 - Unquoted Path Date: 07/2023 Exploit Author: Andrey Stoykov Version: 8.2.4 Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.2.4/xampp-windows-x64-8.2.4-0-VS16-installer.exe Tested on: Windows Server 2022 Blog: http://msecureltd.blogspot.com...
ArabInfotech L.L.C CMS 2.0 Cross Site Scripting
==================================================================================================================================== | Title : ArabInfotech L.L.C CMS v2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | ...
WordPress User Registration 3.0.2 Arbitrary File Upload
Description: User Registration = 3.0.2 – Authenticated Subscriber+ Arbitrary File Upload Affected Plugin: User Registration – Custom Registration Form, Login Form And User Profile For WordPress Plugin Slug: user-registration Affected Versions: = 3.0.2 CVE ID: CVE-2023-3342 CVSS Score: 9.9 Critica...
Frappe Framework 13.4.0 Remote Code Execution
Exploit Title: Frappe Framework ERPNext 13.4.0 - Remote Code Execution Authenticated Exploit Author: Sander Ferdinand Date: 2023-06-07 Version: 13.4.0 Vendor Homepage: http://erpnext.org Software Link: https://github.com/frappe/frappe/ Tested on: Ubuntu 22.04 CVE : none Silly sandbox escape. Frap...
Nedal CMS 1.2 SQL Injection
==================================================================================================================================== | Title : Nedal CMS 1.2 Sql injection vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...
Netlify CMS 2.10.192 Cross Site Scripting
Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...
QuickJob 6.1 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
QuickOrder 6.3.7 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
QuickQR 6.3.7 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
QuickVCard 2.1 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
QuickAI OpenAI 3.8.1 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
CANDOO Strategic CMS 2.0 SQL Injection
==================================================================================================================================== | Title : CANDOO Strategic CMS V2.0 Auth By pass vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Kyocera TASKalfa 4053ci 2VG_S000.002.561 Path Traversal / Denial Of Service
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Path traversal bypass & Denial of service product: Kyocera TASKalfa 4053ci printer vulnerable version: TASKalfa 4053ci Version = 2VGS000.002.561 fixed version:...
Virtual Freer 1.57 Cross Site Scripting
==================================================================================================================================== | Title : virtual freer v1.57 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor...
Inout Blockchain FiatExchanger 3.0 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
BuildaGate5 Cross Site Scripting
Exploit Title: BuildaGate5library - Reflected Cross-Site Scripting XSS Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: None Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36163 PoC: An attacker just needs to find the vulnerable parameter mc= and inject the JS code lik...
Articart 2.0.1 Cross Site Scripting / Open Redirection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Atlas Business Directory Listing 2.13 Cross Site Scripting
Exploit Title: Atlas Business Directory Listing 2.13 - Reflected XSS Exploit Author: CraCkEr Date: 09/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/atlas/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site...
Ateme TITAN File 3.9 Job Callbacks Server-Side Request Forgery
Ateme TITAN File 3.9 Job Callbacks SSRF File Enumeration Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD, PostProduction, Playout and...
Inout Blockchain EasyPayments 1.0.1 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
MiniTool Partition Wizard ShadowMaker 12.7 Unquoted Service Path
Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.7 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-361...
Ekushey Project Manager CRM 5.0 Cross Site Scripting
Exploit Title: Ekushey Project Manager CRM 5.0 - Stored XSS Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/ekushey/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow Attacker...
AVG Anti Spyware 7.5 Unquoted Service Path
Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...
Mastery LMS 1.2 Cross Site Scripting
Exploit Title: Mastery LMS 1.2 - Reflected XSS Exploit Author: CraCkEr Date: 09/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/mastery/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow...