MotoCMS 3.4.3 SQL Injection

Title: MotoCMS Version 3.4.3 - SQL Injection Author: tmrswrr Date: 01/06/2023 Vendor: https://www.motocms.com Link: https://www.motocms.com/website-templates/demo/189526.html Vulnerable Versions: MotoCMS 3.4.3 Description MotoCMS Version 3.4.3 SQL Injection via the keyword parameter. Steps to...

Barebones CMS 2.0.2 Cross Site Scripting

Exploit Title: Barebones CMS v2.0.2 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-03 Exploit Author: tmrswrr Vendor Homepage: https://barebonescms.com/ Software Link: https://github.com/cubiclesoft/barebones-cms/archive/master.zip Version: v2.0.2 Tested :...

Enrollment System Project 1.0 Authentication Bypass / SQL Injection

Exploit Title: Enrollment System Project v1.0 - SQL Injection Authentication Bypass SQLI Date of found: 18/05/2023 Exploit Author: VIVEK CHOUDHARY @sudovivek Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://www.sourcecodester.com Software Link:...

File Manager Advanced Shortcode 2.3.2 Remote Code Execution

Exploit Title: File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution RCE Date: 05/31/2023 Exploit Author: Mateus Machado Tesser Vendor Homepage: https://advancedfilemanager.com/ Version: File Manager Advanced Shortcode 2.3.2 Tested on: Wordpress 6.1 / Linux Ubuntu 5.15 CVE...

Biig Order CMS 2 SQL Injection

================================================================================ | Title : E-commerce Biig Order CMS V2 Auth by Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : firefox 113.0.164 bits | | Vendor : https://www.vaskar.in/ | | Dork :...

Inlislite 3.1 Insecure Settings

==================================================================================================================================== | Title : Inlislite V3.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | ...

Total CMS 1.7.4 Shell Upload

Exploit Title: Total CMS 1.7.4 - Remote Code Execution RCE on File Upload Authenticated Date: 03/06/2023 Exploit Author: tmrswrr Version: 1.7.4 Vendor home page : https://www.totalcms.co/ Tested Url : https://www.totalcms.co/demo/soccer/ PLatform : MACOSX 1 Go to this page and click edit page...

KesionCMS ASP 9.5 Add Administrator

==================================================================================================================================== | Title : KesionCMS ASP v9.5 Reinstall Add Admin Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 105.0.32-bit |...

Rukovoditel 3.3.1 CSV Injection

Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

Menorah Restaurant 1.0.0 Insecure Settings

==================================================================================================================================== | Title : Menorah Restaurant - Restaurant Food Ordering System Reinstall script Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

STARFACE 7.3.0.10 Broken Authentication

Advisory: STARFACE: Authentication with Password Hash Possible RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext...

Faculty Evaluation System 1.0 Shell Upload

Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Date: 5/29/2023 Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

Bumsys Business Management System 1.0.3-beta Shell Upload

Exploit Title: - unilogies/bumsys v1.0.3-beta - Unrestricted File Upload Google Dork : NA Date: 19-01-2023 Exploit Author: AFFAN AHMED Vendor Homepage: https://github.com/unilogies/bumsys Software Link: https://github.com/unilogies/bumsys/archive/refs/tags/v1.0.3-beta.zip Version: 1.0.3-beta Test...

Online Security Guards Hiring System 1.0 Cross Site Scripting

Exploit Title: Online Security Guards Hiring System 1.0 – REFLECTED XSS Google Dork : NA Date: 23-01-2023 Exploit Author : AFFAN AHMED Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/projects/Online-Security-Guard-Hiring-SystemPHP.zip Version: 1.0 Tested on: Windows ...

Acelle Email Marketing 3.0.15 Arbitrary File Upload

==================================================================================================================================== | Title : Acelle Email Marketing v3.0.15 unrestricted file uploads Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozill...

Flexense HTTP Server 10.6.24 Buffer Overflow / Denial Of Service

Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow DoS Metasploit Date: 2018-03-09 Exploit Author: Ege Balci Vendor Homepage: https://www.flexense.com/downloads.html Version: 'Flexense HTTP Server Denial Of Service', 'Description' = %q This module triggers a Denial of Service...

Lost And Found Information System 1.0 Broken Access Control / Privilege Escalation

Vulnerability: Broken Access Control Author: Akash Pandey CVE: CVE-2023-3018 Source: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Steps to re-produce: 1. Go to https://site.com/admin/?page=user/list as staff user...

Qualcomm Adreno/KGSL Unchecked Cast / Type Confusion

Qualcomm Adreno/KGSL: unchecked cast of vma-vmfile-privatedata in kgslsetupdmabufuseraddr Tested on a Pixel 4 flame, on the latest update from 2023-02, which self-reports as SPL 2022-10-05, since I don't yet have any newer device with KGSL here - but as far as I can tell from the sources, it shou...

Qualcomm Adreno/KGSL Data Leakage

Qualcomm Adreno/KGSL: pages can be freed to page pool while having GPU references on !CONFIGQCOMKGSLUSESHMEM Tested on a Pixel 4 again with a slightly outdated version of KGSL. I ordered a Pixel 5a but don't have it yet... On KGSL builds where CONFIGQCOMKGSLUSESHMEM is not set or on older KGSL...

WordPress ReviewX 1.6.13 Privilege Escalation

Description: ReviewX = 1.6.13 – Arbitrary Usermeta Update to Authenticated Subscriber+ Privilege Escalation Affected Plugin: ReviewX – Multi-criteria Rating & Reviews for WooCommerce Plugin Slug: reviewx Affected Versions: = 1.6.13 CVE ID: CVE-2023-2833 CVSS Score: 8.8 High CVSS Vector:...

Microsoft GamingServicesNet 12.77.3001.0 Unquoted Service Path

Exploit Title: Microsoft GamingServicesNet 12.77.3001.0 - 'GamingServicesNet' Unquoted Service Path Exploit Author: tmrswrr Exploit Date: 2023-05.17 Vendor : https://www.microsoft.com/store/productId/9MWPM2CQNLHN Version : 12.77.3001.0 Tested on OS: Windows 10 Enterprise Step to discover Unquoted...

Apple Zeed ALL YOUR STYLE CMS 2.0 SQL Injection

======================================================================================== | Title : Apple Zeed ALL YOUR STYLE CMS 2.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.064-bit | | Vendor :...

Vaskar Courier 3.2.0 Insecure Settings

================================================================================ | Title : Vaskar Courier Version 3.2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : firefox 113.0.164 bits | | Vendor : https://www.vaskar.in/ | | Dork : "Design...

Wekan 6.74 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored XSS vulnerability in rename functionality product: Wekan Open-Source kanban vulnerable version: =6.74 fixed version: 6.75 or higher CVE number: CVE-2023-28485...

Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Serenity and StartSharp Software vulnerable version: 6.7.1 fixed version: 6.7.1 or higher CVE number: CVE-2023-31285, CVE-2023-31286,...

Code-Bakers 1.0 Missing Authentication

==================================================================================================================================== | Title : Code-Bakers v1.0 Unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

Papaya Medical Viewer 1.0 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Title ===== SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-33255 Link ==== https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-001/ Text-onl...

Argon Dashboard 2 SQL Injection

==================================================================================================================================== | Title : Argon Dashboard 2 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.064-bit | |...

Thai Auto Web 1.2 Missing Authentication

==================================================================================================================================== | Title : Thai Auto Web 1.2 Unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

Pydio Cells 4.1.2 Privilege Escalation

Advisory: Pydio Cells: Unauthorised Role Assignments Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assignin...

PrinterLogic Build 1.0.757 XSS / SQL Injection / Authentication Bypass

PrinterLogic SaaS, multiple vulnerabilities =========================================================== PrinterLogic's Enterprise Print Management software allows IT professionals to simplify printer driver management and empower end users. -- https://www.printerlogic.com/ Background...

Pydio Cells 4.1.2 Server-Side Request Forgery

For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a...

Pydio Cells 4.1.2 Cross Site Scripting

Advisory: Pydio Cells: Cross-Site Scripting via File Download Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript 1. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web...

Simple Customer Relationship Management CRM 2023 1.0 SQL Injection

Title: SCRMS-2023-05-27-1.0-Multiple-SQLi Author: nu11secur1ty Date: 05.27.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15895/simple-customer-relationship-management-crm-system-using-php-free-source-coude.html Reference:...

e-Biz Technocrats Pvt.Ltd SQL Injection

Exploit Title: Sql Injection on one site credentials can be use on other sites - Google Dork:" Designed and Developed by e-Biz Technocrats Pvt.Ltd " - Date: 05/11/2023 - Exploit Author: K1LL3rB4LL - Tested on: Mac, Windows, Linux Description: The vulnerability found is an SQL injection. You may r...

Jobs Portal 3.6 Insecure Settings

==================================================================================================================================== | Title : Jobs Portal V 3.6 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit...

New MVC Shop 1.0 SQL Injection / Missing Attributes

Title: new-mvc-shop-1.0 - SQLi + SameSite attribute weak security PHPSESSID Hijacking Author: nu11secur1ty Date: 05.29.2023 Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://portswigger.net/web-security/sql-injection...

Camaleon CMS 2.7.0 Server-Side Template Injection

Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection SSTI Exploit Author: PARAG BAGUL CVE: CVE-2023-30145 Description Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the formats parameter. Affected Component All versions below...

Seagate Central Storage 2015.0916 User Creation / Command Execution

Exploit Title: Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution Metasploit Date: Dec 9 2019 Exploit Author: Ege Balci Vendor Homepage: https://www.seagate.com/de/de/support/external-hard-drives/network-storage/seagate-central/ Version: 2015.0916 CVE : 2020-6627 This...

Laravel 10.11 Database Disclosure / Information Disclosure

==================================================================================================================================== | Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser ...

SCM Manager 1.60 Cross Site Scripting

!/usr/bin/python3 Exploit Title: SCM Manager 1.60 - Cross-Site Scripting Stored Authenticated Google Dork: intitle:"SCM Manager" intext:1.60 Date: 05-25-2023 Exploit Author: neg0x https://github.com/n3gox/CVE-2023-33829 Vendor Homepage: https://scm-manager.org/ Software Link:...

WBCE CMS 1.6.1 Cross Site Scripting

Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting XSS Version: 1.6.1 Bugs: XSS Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical...

Zenphoto 1.6 Cross Site Scripting

Exploit Title: Zenphoto 1.6 - Multiple stored XSS Application: Zenphoto-1.6 xss poc Version: 1.6 Bugs: XSS Technology: PHP Vendor URL: https://www.zenphoto.org/news/zenphoto-1.6/ Software Link: https://github.com/zenphoto/zenphoto/archive/v1.6.zip Date of found: 01-05-2023 Author: Mirabbas Ağalar...

Ulicms 2023.1 Create Administrator

Exploit Title: Ulicms 2023.1 - create admin user via mass assignment Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: create admin user via mass assignment Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

WFTPD 3.25 Credential Disclosure

Exploit Title: WFTPD 3.25 - Unprotected Credential Storage Date: 04/01/2023 Exploit Author: golem445 Vendor Homepage: https://www.texis.com/ Tested on: Windows 10 CVE: CVE-2023-33263 Description: Usernames and hashes are stored in an openly viewable wftpd.ini configuration file within the host...

2023 Online Course Registration 1.0 SQL Injection

Title: 2023-Online-Course-Registration-1.0-Bypass-login-SQLi-RCE-password-changing Author: nu11secur1ty Date: 05.25.2023 Vendor: https://github.com/nikhilkeshava Software: https://github.com/nikhilkeshava/online-course-registration- Reference: https://portswigger.net/web-security/sql-injection,...

Service Provider Management System 1.0 SQL Injection

Exploit Title: Service Provider Management System v1.0 - SQL Injection Date: 2023-05-23 Exploit Author: Ashik Kunjumon Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link:...

WordPress Beautiful Cookie Consent Banner 2.10.1 Cross Site Scripting

Description: Beautiful Cookie Consent Banner = 2.10.1 - Unauthenticated Stored Cross-Site Scripting Affected Plugin:Beautiful Cookie Consent Banner Plugin Slug: beautiful-and-responsive-cookie-consent Affected Versions: = 2.10.1 CVE ID: Not Assigned CVSS Score: 7.2 High CVSS Vector:...

Prestashop 8.0.4 CSV Injection

Exploit Title: Prestashop 8.0.4 - CSV injection Application: prestashop Version: 8.0.4 Bugs: CSV Injection Technology: PHP Vendor URL: https://prestashop.com/ Software Link: https://prestashop.com/prestashop-edition-basic/ Date of found: 14.05.2023 Author: Mirabbas Ağalarov Tested on: Windows 2...

Webkul Qloapps 1.5.2 Cross Site Scripting

Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting XSS Date: 15 May 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://qloapps.com/ Software Link: https://github.com/webkul/hotelcommerce Version: 1.5.2 Tested on: Kali Linux 2022.4 CVE : CVE-2023-30256 Description: A Cross...