Online Clinic Management System 2.2 Cross Site Scripting

Exploit Title: Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting XSS Date: 27-06-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Version : 2.2...

RockMongo 1.1.7 Cross Site Scripting

Exploit Title: RockMongo 1.1.7 - Stored Cross-Site Scripting XSS Discovery by: Rafael Pedrero Discovery Date: 2020-09-19 Vendor Homepage: https://github.com/iwind/rockmongo/ Software Link : https://github.com/iwind/rockmongo/ Tested Version: 1.1.7 Tested on: Windows 7 and 10 Vulnerability Type:...

Epson Stylus SX510W Denial Of Service

Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2020-05-16 Vendor Homepage: https://www.epson.es/ Software Link : https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w Tested Version:...

Siemens SIMATIC S7-1200 Cross Site Request Forgery

Exploit Title: Siemens SIMATIC S7-1200 CPU Start/Stop Command- Cross-Site Request Forgery Google Dork: inurl:/Portal/Portal.mwsl Date: 2022-03-24 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: SIMATIC S7-1200 CPU family: All versions prior to V4.1.3...

Screen SFT DAB 600/C Unauthenticated Information Disclosure

Screen SFT DAB 600/C Unauthenticated Information Disclosure userManager.cgx Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version: Firmware: 1.9.3...

Screen SFT DAB 600/C Authentication Bypass / Erase Account

!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...

FLEX Denial Of Service

Exploit Title: FLEX 1080 1085 Web 1.6.0 - Denial of Service Date: 2023-05-06 Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested on: Android CVE ID: CVE-2022-2591 !/usr/bin/env python3 import request...

Screen SFT DAB 600/C Authentication Bypass / Admin Password Change

!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Admin Password Change Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version...

Screen SFT DAB 600/C Authentication Bypass / Reset Board Config

!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Reset Board Config Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...

TinyWebGallery 2.5 Cross Site Scripting

Exploit Title: TinyWebGallery v2.5 - Stored Cross-Site Scripting XSS Application: TinyWebGallery Version: v2.5 Bugs: Stored Xss Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023...

Screen SFT DAB 600/C Authentication Bypass / Account Creation

!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Account Creation Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...

Millhouse-Project 1.414 Shell Upload

sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...

Advantech EKI-15XX Series Command Injection / Buffer Overflow

CyberDanube Security Research 20230511-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| EKI-1524-CE series, EKI-1522 series, EKI-1521 series vulnerable version| 1.21 fixed version| 1.24 CVE number| CVE-2023-2573,...

Millhouse-Project 1.414 Cross Site Scripting

POC: http://target/views/register.php?error=%3Cscript%3Ealert%27rose1337%27%3C/script%3E...

Pentaho Business Server Authentication Bypass / SSTI / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pentaho Business Server Auth Bypass and Server Side Template Injection RCE', 'Description' = %q Hitachi Vantara Pentaho Business Analytics Server...

HouseKit 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

HouseKit 1.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

GaanaGawaana 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Textpattern 4.8.8 Session Token Disclosure

Title: textpattern-4.8.8 Session token in URL Vulnerability Author: nu11secur1ty Date: 05.10.2023 Vendor: https://textpattern.com/ Software: https://github.com/textpattern/textpattern/releases/tag/4.8.8 Reference: https://portswigger.net/kb/issues/00500700session-token-in-url,...

GaanaGawaana 1.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Zyxel Chained Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'socket' require 'digest/md5' class MetasploitModule 'Zyxel chained RCE using LFI and weak password derivation algorithm', 'Description' = %q This module exploit...

VOTAB Voting Quiz PHP Script 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Optoma 1080PSTX Firmware C02 Authentication Bypass

Exploit Title: Optoma 1080PSTX Firmware C02 - Auth Bypass Date: 2023/05/09 Exploit Author: Anthony Cole Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Vendor Homepage: http://optoma.com Version: Optoma 1080PSTX Firmware C02 Tested on: N/A CVE : CVE-2023-27823 Details By...

Soft-o Free Password Manager 1.1.20 DLL Hijacking

Title: Soft-o Free Password Manager 1.1.20 DLL hijacking Credit: Christian Bortone CVE: CVE-2023-25428 Date: 08/05/2023 dd/mm/yyyy Details: PMHook.dll is vulnerable to DLL hijacking attacks. An attacker can launch a DLL hijacking attack by placing a malicious DLL named PMHook.dll in the target...

VOTAB Voting Quiz PHP Script 1.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass

Affected Product: HammerSpace Global Data Environment / Global File System - https://hammerspace.com/product Affected Versions: v4.6.6-324 and below with default installation/configuration. Vendor Notified: Yes, sometime between: 08/2022 and 10/2022, confirmed 2023-03-21 there is a fix in an...

ManageEngine ADAudit Plus Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus Authenticated File Write RCE', 'Description' = %q This module exploits security issues in ManageEngine ADAudit Plus pri...

Spryker Commerce OS 1.0 SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Title ===== SCHUTZWERK-SA-2023-001: SQL Injection in Spryker Commerce OS Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-27568 Link ==== https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-001/ Text-only version...

Rollout::UI 0.5 Cross Site Scripting

ADVISORY INFORMATION ======================= Exploit Title: Rollout::UI v0.5 Cross-site scripting Date: 2023-05-05 Exploit Author: Eduardo José de Borba Vendor Homepage: https://github.com/fetlife Software Link: https://github.com/fetlife/rollout-ui Type: Cross-Site Scripting CWE-79 Tested on:...

BlogMagz CMS 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking

Exploit Title: Stored-XSS in FICO Origination Manager Decision Module 4.8.1 Leads to Session Hijacking Date: 2023-05-07 Exploit Author: Matei Josephs Vendor Homepage: https://www.fico.com/ Version: FICO Origination Manager Decision Module 4.8.1 CVE : CVE-2023-30056, CVE-2023-30057 Introduction...

Found Information System 1.0 SQL Injection

Title: Found Information System 1.0 Multiple-SQLi Author: nu11secur1ty Date: 05.07.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Reference:...

Jedox 2020.2.5 Cross Site Scripting

Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...

EasyPHP Webserver 14.1 Path Traversal / Remote Code Execution

Exploit Title: EasyPHP Webserver 14.1 - Multiple Vulnerabilities RCE and Path Traversal Discovery by: Rafael Pedrero Discovery Date: 2022-02-06 Vendor Homepage: https://www.easyphp.org/ Software Link : https://www.easyphp.org/ Tested Version: 14.1 Tested on: Windows 7 and 10 Vulnerability Type:...

Jedox 2022.4.2 Database Credential Disclosure

Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880...

Jedox 2020.2.5 Groovy-Scripts Remote Code Execution

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts Date: 28/04/2023 Exploit Author: Syslifters - Christoph Mahrl, Aron Molnar, Patrick Pirker and Michael Wedl Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47876 Introducti...

File Thingie 2.5.7 Shell Upload

!/usr/bin/python Exploit Title: File Thingie 2.5.7 - Remote Code Execution RCE Google Dork: N/A Date: 27th of April, 2023 Exploit Author: Maurice Fielenbach grimlockx - Hexastrike Cybersecurity UG haftungsbeschränkt Software Link: https://github.com/leefish/filethingie Version: 2.5.7 Tested on: N...

Pluck CMS 4.7.18 Cross Site Scripting

Exploit Title: pluck v4.7.18 - Stored Cross-Site Scripting XSS Application: pluck Version: 4.7.18 Bugs: XSS Technology: PHP Vendor URL: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Date of found: 01-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

Oracle RMAN Missing Auditing

Title: CVE-2020-2978 - Oracle RMAN Audit table point in time recovery not recorded Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 19c Risk Level: Medium Score: 4.1 Solution Status: Fixed CVE Reference: CVE-2020-2978 Author of Advisory: Emad...

Online Pizza Ordering System 1.0 Shell Upload

Exploit Title: Online Pizza Ordering System 1.0 - Unauthenticated File Upload Date: 03/05/2023 Exploit Author: URGAN Vendor Homepage: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Link:...

Jedox 2022.4.2 Directory Traversal / Remote Code Execution

Exploit Title: Jedox 2022.4.2 - Remote Code Execution via Directory Traversal Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47875 Introductio...

Codigo Markdown Editor 1.0.1 Code Execution

Exploit Title: Codigo Markdown Editor v1.0.1 Electron - Arbitrary Code Execution Date: 2023-05-03 Exploit Author: 8bitsec Vendor Homepage: https://alfonzm.github.io/codigo/ Software Link: https://github.com/alfonzm/codigo-app Version: 1.0.1 Tested on: Mac OS 13 Release Date:...

Jedox 2020.2.5 Database Credential Disclosure

Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...

UliCMS 2023-1 Sniffing-Vicuna Cross Site Scripting

Exploit Title: Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting XSS Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: Stored Xss Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

UliCMS 2023-1 Sniffing-Vicuna Shell Upload

Exploit Title: Ulicms-2023.1 sniffing-vicuna - Remote Code Execution RCE Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: RCE Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link: https://www.ulicms.de/content/files/Releases/2023.1/ulicms-2023.1-sniffing-vicuna-full.zip Date o...

Jedox 2020.2.5 Configurable Storage Path Remote Code Execution

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878...

Jedox 2022.4.2 RPC Interface Remote Code Execution

Exploit Title: Jedox 2022.4.2 - Code Execution via RPC Interfaces Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47879 Introduction...

Wolf CMS 0.8.3.1 Shell Upload

Exploit Title: Wolf CMS 0.8.3.1 - Remote Code Execution RCE Date: 2023-05-02 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wolf-cms.readthedocs.io Software Link: https://github.com/wolfcms/wolfcms Version: 0.8.3.1 Tested on: Kali Linux Steps to Reproduce Firstly, go to the "Files" ta...

Companymaps 8.0 SQL Injection

Exploit Title: Unauthenticated SQL injection - Google Dork: - Date: 27.04.2023 - Exploit Author: Lucas Noki 0xPrototype - Vendor Homepage: https://github.com/vogtmh - Software Link: https://github.com/vogtmh/cmaps - Version: 8.0 - Tested on: Mac, Windows, Linux - CVE : CVE-2023-29809 Description:...

Shannon Baseband fmtp SDP Attribute Memory Corruption

Shannon Baseband: Memory corruption when processing fmtp SDP attribute There is a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffe...