ChurchCRM 4.5.3 SQL Injection

Title: ChurchCRM-4.5.3-121fcc1-SQLi Author: nu11secur1ty Date: 02.27.2023 Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears to be vulnerable to...

WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress WoodMart Theme deactivate; $this-notices-addsuccess 'Theme license is successfully deactivated.' ; return; if isset $POST'woodmart-purchase-code' &...

WordPress WoodMart Theme 7.1.0 Shortcodes Injection

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2022 == Report Title: WordPress WoodMart Theme = 7.1.0 - Unauthenticated Arbitrary Shortcodes Injection Google Dork: inurl:/wp-content/themes/woodmart/ Research Date: 2022-11-12 Researcher: FearZzZz https://fearzzzz....

Osprey Pump Controller 1.0.1 Predictable Session Token / Session Hijacking

Osprey Pump Controller 1.0.1 Predictable Session Token / Session Hijack Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release...

Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure

Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirag...

WordPress Real Estate 7 Theme 3.3.4 Cross Site Request Forgery

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Multiple Cross-Site Request Forgery CSRF Vulnerabilities Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZ...

Osprey Pump Controller 1.0.1 pseudonym Command Injection

Osprey Pump Controller 1.0.1 pseudonym Semi-blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0....

Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution

!/usr/bin/env python Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution Exploit Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App:...

Osprey Pump Controller 1.0.1 eventFileSelected Command Injection

Osprey Pump Controller 1.0.1 eventFileSelected Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1...

Osprey Pump Controller 1.0.1 Authentication Bypass

!/usr/bin/env python Osprey Pump Controller 1.0.1 Authentication Bypass Credentials Modification Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App:...

ME-FI DOT 2.2 Default Credentials

==================================================================================================================================== | Title : ME-FI DOT 2.2 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.0.332-bit |...

Osprey Pump Controller 1.0.1 Administrator Backdoor Access

Osprey Pump Controller 1.0.1 Administrator Backdoor Access Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...

Osprey Pump Controller 1.0.1 Cross Site Request Forgery

!-- Osprey Pump Controller 1.0.1 Cross-Site Request Forgery Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...

Osprey Pump Controller 1.0.1 Cross Site Scripting

Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...

WordPress Real Estate 7 Theme 3.3.4 Abuse Of Functionality

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Abuse of Functionality Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz https://fearzzzz.ru Component...

Osprey Pump Controller 1.0.1 userName Command Injection

Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM...

ABUS Security Camera TVIP 20000-21150 LFI / Remote Code Execution

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ABUS Security Camera LFI, RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-001-2023 Vendor Homepage: https://www.abus.com Version/Model: TVIP 20000-21150 probabl...

pfBlockerNG 2.1.4_26 Remote Code Execution

Exploit Title: pfBlockerNG 2.1.426 - Remote Code Execution RCE Shodan Results: https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22 Date: 5th of September 2022 Exploit Author: IHTeam Vendor Homepage:...

Employee Task Management System 1.0 SQL Injection

Employee Task Management System - SQL Injection on task-details.php?taskid=? with low privilege authentication Date: 17 February 2023 CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Author Email: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link: Employe...

Kshitish 2.0 Default Credentials

==================================================================================================================================== | Title : kshitish v2.0 Multipurpose eCommerce Platform Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

Auto Dealer Management System 1.0 Privilege Escalation

Auto Dealer Management System - Broken Access Control leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account Date: 18 February 2023 Author Email: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link: Au...

Music Gallery Site 1.0 SQL Injection

Music Gallery Site - SQL Injection on page musiclist.php and parameter cid is vulnerable, application url is ?page=musiclist&cid=?. Any remote attacker can access this page to exploit the vulnerbility. Date: 21 February 2023 CVE Assigned: CVE-2023-0938 mitre.org nvd.nist.org Author Name: Muhammad...

Auto Dealer Management System 1.0 SQL Injection

Auto Dealer Management System - SQL Injection on page viewtransaction.php and parameter is id, application url is ?page=vehicles/viewtransaction&id=? with low privilege authentication Date: 18 February 2023 CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansa...

Simple Food Ordering System 1.0 Cross Site Scripting

Simple Food Ordering System - Authenticated Reflected Cross Site Scripting Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Author Email: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1.0...

Employee Task Management System 1.0 Privilege Escalation

Employee Task Management System - Broken Authentication leads to compromise of all application accounts by changing the password Date: 17 February 2023 CVE Assigned: CVE-2023-0905 mitre.org, nvd.nist.org Author Email: [email protected] Vendor Homepage: https://www.sourcecodester.com...

Music Gallery Site 1.0 Privilege Escalation / Missing Authentication

Music Gallery Site - Broken Access Control leads to compromise of complete application by adding admin user without log-in into the application. Date: 21 February 2023 CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Author Email: [email protected] Vendor Homepage:...

Yoga Class Registration System 1.0 SQL Injection

Exploit Title: Authenticated POST based SQL Injection when delete user on Yoga Class Registration System Google Dork: NA Date: 23/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.htm...

Froxlor 2.0.6 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Froxlor Log Path RCE', 'Description' = %q Froxlor v2.0.6 and below suffer from a bug that allows authenticated users to change the application lo...

Device Manager Express 7.8.20002.47752 SQL Injection / XSS / Code Execution / Traversal

Product Name: Device Manager Express Vendor Homepage: https://www.audiocodes.com Software Link: https://www.audiocodes.com/solutions-products/products/management-products-solutions/device-manager Version: = 7.8.20002.47752 Tested on: Windows 10 / Server 2019 Default credentials: admin/admin...

pyLoad js2py Python Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'pyLoad js2py Python Execution', 'Description' = %q pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code...

Sales Tracker System 1.0 SQL Injection

Exploit Title: Authenticated SQL Injection on Sales Tracker System Google Dork: NA Date: 21/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software Link: download link if availab...

Zabbix Agent 6.2.7 Insecure Permissions / Privilege Escalation

Exploit Title: Zabbix agents - Insecure Permissions on non-default installation directory location Discovery by: mmg Discovery Date: 2023-01-23 Vendor Homepage: https://www.zabbix.com/downloadagents Software Link Zabbix agent :...

Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution

Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG Tested Version: 5.7.12+0-a203c2a213-master Fixed Version: inline patch - no new version number Vulnerability Type: Improper Control of...

Demanzo Matrimony 1.5 Cross Site Request Forgery

==================================================================================================================================== | Title : Demanzo Matrimony v.1.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.0.132-bit | |...

Best POS Management System 1.0 SQL Injection

Exploit Title: SQL Injection on Best pos Management System Google Dork: NA Date: 14/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

Best POS Management System 1.0 Shell Upload

Exploit Title: Authenticated Remote Code Execution on File Upload Google Dork: NA Date: 17/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

Argon Dashboard 1.1.2 SQL Injection

==================================================================================================================================== | Title : Argon Dashboard - v1.1.2 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.064-b...

Best POS Management System 1.0 Cross Site Scripting

Exploit Title: Stored Cross Site Scripting on Best pos Management System Google Dork: NA Date: 14/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

Atrocore 1.5.25 Shell Upload

Title: atrocore-1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Date: 02.16.2023 Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The Create...

WordPress Quiz And Survey Master 8.0.8 Media Deletion

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Missing Authentication for Critical Function CWE-306 Date found: 2023-01-13 Date published: 2023-02-0...

Korenix JetWave Command Injection / Denial Of Service

CyberDanube Security Research 20230213-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| JetWave4221 HP-E, JetWave 2212G, JetWave 2212X/2212S, | JetWave 2211C, JetWave 2411/2111, JetWave 2411L/2111L, | JetWave 2414/2114,...

Arris Router Firmware 9.1.103 Remote Code Execution

c Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Date: 17/11/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://www.commscope.com/ Version: 9.1.103 Tested on: TG2482A, TG2492, SBG10 CVE : CVE-2022-45701 import requests import base64 routerhost =...

GitLab GitHub Repo Import Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab GitHub Repo Import Deserialization RCE', 'Description' = %q An authenticated user can import a repository from GitHub into GitLab. If a us...

WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Cross-Site Request Forgery CSRF CWE-352 Date found: 2023-01-13 Date published: 2023-02-08 CVSSv3 Scor...

B&R Systems Diagnostics Manager Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple XSS Vulnerabilities product: B&R Systems Diagnostics Manager vulnerable version: =3.00 and =D4.93 CVE number: CVE-2022-4286 impact: medium homepage:...

XWorm Trojan 2.1 NULL Pointer Dereference

Exploit Author: TOUHAMI KASBAOUI Vendor Homepage: https://blog.cyble.com/2022/08/19/evilcoder-project-selling-multiple-dangerous-tools-online/ Software Link: N/A Version: 2.1 Tested on: Windows 10 CVE : N/A ================================================================== THE BUG : NULL pointer...

Cisco RV Series Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV Series Authentication Bypass and Command Injection', 'Description' = %q This module exploits two vulnerabilities, a session ID directory...

Global Infotech CMS 1.0 SQL Injection

==================================================================================================================================== | Title : Global Infotech cms v 1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

Monitorr 1.7.6 Shell Upload

Exploit Title: Monitorr v1.7.6 - Unauthenticated File upload to Remote Code Execution Exploit Author: Achuth V P retrymp3 Date: February 09, 2023 Vendor Homepage: https://github.com/Monitorr/ Software Link: https://github.com/Monitorr/Monitorr Tested on: Ubuntu Version: v1.7.6 Exploit Description...