YouPHPTube 7.8 Local File Inclusion / Directory Traversal

Exploit Title: YouPHPTube getLanguage; if !empty$GET'lang' $GET'lang' = striptags$GET'lang'; $SESSION'language' = $GET'lang'; @includeonce "$global'systemRootPath'locale/$SESSION'language'.php"; The parameter "lang" can...

Tunnel Interface Driver Denial Of Service

// Exploit Title: Tunnel Interface Driver - Denial of Service // Date: 07/15/2022 // Exploit Author: ExAllocatePool2 // Vendor Homepage: https://www.microsoft.com/ // Software Link: https://www.microsoft.com/en-us/software-download/windows10 // Version: Windows 10 Pro Version 21H2 OS Build...

WordPress Jetpack 11.4 Cross Site Scripting

Exploit Title: Jetpack 11.4 - Cross Site Scripting XSS Date: 2022-10-19 Author: Behrouz Mansoori Software Link: https://wordpress.org/plugins/jetpack Version: 11.4 Tested on: Mac m1 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search feature and ta...

Hashicorp Consul 1.0 Remote Command Execution

Exploit Title: Hashicorp Consul v1.0 - Remote Command Execution RCE Date: 26/10/2022 Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://www.consul.io/ Description: Exploit for gain reverse shell on Remote Command Execution via API References:...

iBooking 1.0.8 Remote Shell Upload

Exploit Title: iBooking v1.0.8 - Arbitrary File Upload Exploit Author: d1z1n370/oPty Date: 01/11/2022 Vendor Homepage: https://codecanyon.net/item/ibooking-laravel-booking-system/30362088 Tested on: Linux Version: 1.0.8 Exploit Description: The application is prone to an arbitrary file-upload...

Online Shopping System Advanced 1.0 XSS / SQL Injection / Code Execution

Exploit Title: Online shopping system advanced 1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2020-09-24 Vendor Homepage: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software Link :...

HDD Health 4.2.0.112 Unquoted Service Path

Exploit Title: HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Date: 2022-10-19 Vendor Homepage: https://www.panterasoft.com Software Link: https://hdd-health.softonic.com Version : 4.2.0.112 Tested on: Windows 11 64bit CVE : N/A About Unquoted...

OPSWAT Metadefender Core 4.21.1 Privilege Escalation

Exploit Title: OPSWAT Metadefender Core - Privilege Escalation Date: 24 October 2022 Exploit Author: Ulascan Yildirim Vendor Homepage: https://www.opswat.com/ Version: Metadefender Core 4.21.1 Tested on: Windows / Linux CVE : CVE-2022-32272...

Moodle LMS 4.0 Cross Site Scripting

Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting XSS Date: 26/10/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://moodle.org/ Software Link: https://git.in.moodle.com/moodle Version: 4.0 Tested on: XAMPP, Windows 10 Contact: https://twitter.com/dmaral3noz Description: A Cross Site...

Mediconta 3.7.27 Unquoted Service Path

Exploit Title: Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path Exploit Author: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.infonetsoftware.com Software Link : https://www.infonetsoftware.com/soft/instalarMedicontx.exe Tested Version: 3.7.27 Vulnerability...

WebTareas 2.4 Remote Shell Upload

Exploit Title: WebTareas 2.4 - RCE Authorized Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10...

WebTareas 2.4 SQL Injection

Exploit Title: WebTareas 2.4 - SQL Injection Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on:...

SimpleMachinesForum 2.1.1 Remote Code Execution

Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...

MODX Revolution 2.8.3-pl Remote Code Execution

Exploit Title: MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 26th Feb'2022 CVE ID: CVE-2022-26149 Confirmed on release 2.8.3-pl Reference: https://github.com/sartlabs/0days/blob/main/Modx/Exploit.txt Vendor...

Webgrind 1.1 Cross Site Scripting / Remote Code Execution

Exploit Title: Webgrind 1.1 - Reflected Cross-Site Scripting XSS & Remote Command Execution RCE Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://github.com/jokkedk/webgrind/ Software Link : http://github.com/jokkedk/webgrind/ Tested Version: 1.1 Tested on: Windows 1...

Sysax Multi Server 6.95 Denial Of Service

Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS...

D-Link DIR 819 A1 Denial Of Service

Exploit Title: DLink DIR 819 A1 - Denial of Service Date: 30th September, 2022 Exploit Author: @whokilleddb https://twitter.com/whokilleddb Vendor Homepage: https://www.dlink.com/en/products/dir-819-wireless-ac750-dual-band-router Version: DIR-819 Firmware Version : 1.06 Hardware Version : A1...

Grafana 6.2.4 HTML Injection

Exploit Title: Grafana Hello Best Regards, SimranJeet...

Google Chrome 109.0.5414.74 Unsafe Library Load

Vulnerability: Google Chrome code execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description Google chrome...

Suprema BioStar 2 2.8.16 SQL Injection

Exploit Title: CVE-2023-27167 - Suprema BioStar 2 v2.8.16 - SQL Injection Date: 26/03/2023 Exploit Author: Yuriy Vander Tsarenko https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/ Vendor Homepage: https://www.supremainc.com/ Software Link:...

Lavalite 9.0.0 Path Traversal

Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Date: 09.29.2022 Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite...

Explorer32++ 1.3.5.531 Buffer Overflow

Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

WiFi Mouse 1.8.3.2 Remote Code Execution

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

WordPress Translatepress Multilingual SQL Injection

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...

Scdbg 1.0 Denial Of Service

Exploit Title: Scdbg 1.0 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2021-06-13 Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152 Software Link : https://github.com/dzzie/VSLIBEMU Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45 Tested on: Windows ...

NVFLARE Unsafe Deserialization

Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...

Composr-CMS 10.0.39 Remote Code Execution

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

FlatCore CMS 2.1.1 Cross Site Scripting

Exploit Title: FlatCore CMS 2.1.1 -Stored Cross Site Scripting Date: 2020-09-24 Exploit Author: Sinem Şahin Vendor Homepage: https://flatcore.org/ Version: 2.1.1 Tested on: Windows & XAMPP == Tutorial http://HOST/install/index.php 2- Write XSS Payload into the username of the user account. 3- Pre...

ImpressCMS 1.4.3 SQL Injection

Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor:...

Frhed 1.6.0 Buffer Overflow

Exploit Title: Frhed Free hex editor v1.6.0 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://frhed.sourceforge.net/ Software Link : http://frhed.sourceforge.net/ Tested Version: 1.6.0 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

Aero CMS 0.0.1 SQL Injection

Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

WPN-XM Serverstack For Windows 0.8.6 XSS / LFI / Traversal

Exploit Title: WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://wpn-xm.org/ Software Link : https://github.com/WPN-XM/WPN-XM/ Tested Version: 0.8.6 Tested on: Windows 10 using XAMPP Vulnerability Type:...

Gestionale Open 12.00.00 Unquoted Service Path

Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Pat...

Abantecart 1.3.2 Remote Code Execution

Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...

Aero CMS 0.0.1 Remote Shell Upload

Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

Desktop Central 9.1.0 CRLF Injection / Server-Side Request Forgery

Exploit Title: Desktop Central 9.1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-02-14 Software Link : http://www.desktopcentral.com Tested Version: 9.1.0 Build No: 91084 Tested on: Windows 10 Vulnerability Type: CRLF injection CRLF - 1 CVSS v3: 6.1 CVSS vector:...

Fortinet 7.2.1 Authentication Bypass

Exploit Title: Fortinet Authentication Bypass v7.2.1 - FortiOS, FortiProxy, FortiSwitchManager Date: 13/10/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.fortinet.com/ Version: FortiOS from 7.2.0 to 7.2.1 FortiOS from 7.0.0 to 7.0.6 FortiProxy 7.2.0 FortiProxy from...

Tftpd32_SE 4.60 Unquoted Service Path

Exploit Title: Tftpd32SE 4.60 - 'Tftpd32svc' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 10-13-2022 Vendor Homepage: https://pjo2.github.io/tftpd64/ Software Links : https://bitbucket.org/phjounin/tftpd64/downloads/Tftpd32SE-4.60-setup.exe Tested Version: 4.60 Vulnerability...

Zoneminder Log Injection / XSS / Cross Site Request Forgery

Exploit Title: Zoneminder v1.36.26 - Log Injection - CSRF Bypass - Stored Cross-Site Scripting XSS Date: 10/01/2022 Exploit Author: Trenches of IT Vendor Homepage: https://github.com/ZoneMinder/zoneminder Version: v1.36.26 Tested on: Linux/Windows CVE: CVE-2022-39285, CVE-2022-39290, CVE-2022-392...

Clansphere CMS 2011.4 Cross Site Scripting

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...

Resource Hacker 3.6.0.92 Buffer Overflow

Exploit Title: Resource Hacker 3.6.0.92 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.angusj.com/resourcehacker/ Software Link : http://www.angusj.com/resourcehacker/ Tested Version: 3.6.0.92 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

Hex Workshop 6.7 Buffer Overflow / Denial Of Service

Exploit Title: Hex Workshop v6.7 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.bpsoft.com, http://www.hexworkshop.com Software Link : http://www.bpsoft.com, http://www.hexworkshop.com Tested Version: v6.7 Tested on: Windows 10 CVSS v3: 7...

Atom CMS 2.0 SQL Injection

Exploit Title: Atom CMS v2.0 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Windows 10...

WebTareas 2.4 Cross Site Scripting

Exploit Title: WebTareas 2.4 - Reflected XSS Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Tested on:...

Rental House Management System 1.0 Cross Site Scripting

Exploit Title: Rental House Management System - Reflected Cross-Site Scripting XSS Date: 25/03/2023 Exploit Author: İsmail Can Durna Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/admin/rentalhousemanagementsystem.zip...

D-Link DNR-322L 2.60B15 Remote Code Execution

Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...

eXtplorer 2.1.14 Authentication Bypass / Remote Code Execution

Exploit Title: eXtplorer= 2.1.14 - Authentication Bypass & Remote Code Execution RCE Exploit Author: ErPaciocco Author Website: https://erpaciocco.github.io Vendor Homepage: https://extplorer.net/ Vendor: ============== extplorer.net Product: ================== eXtplorer = v2.1.14 eXtplorer is a...

Raspberry Pi Camera Server 1.0 Authentication Bypass

Exploit Title: "camp" Raspberry Pi camera server 1.0 - Authentication Bypass Date: 2022-07-25 Exploit Author: Elias Hohl Vendor Homepage: https://github.com/patrickfuller Software Link: https://github.com/patrickfuller/camp Version: bf6af5c2e5cf713e4050c11c52dd4c55e89880b1 Tested on: Ubuntu 20.04...

WordPress NEX-Forms SQL Injection

Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...

Online Graduate Tracer System 1.0 SQL Injection

Exploit Title: Online Graduate Tracer System - Multiple SQLi Date: 24/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html Software Download:...