50630 matches found
SAP SAProuter Improper Access Control
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Improper Access Control product: SAP® SAProuter vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security note 3158375 CVE number:...
Rocket LMS 1.6 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Gitea 1.16.6 Remote Code Execution
Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...
News247 News Magazine 1.0 Cross Site Scripting
Exploit Title: News247 - News Magazine CMS v1.0 – Stored Cross Site Scripting XSS Exploit Author: Ravinder Verma Date: Septmeber 14, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14952/news247-news-magazine-php-script.html Software Link:...
WordPress WPGateway 3.5 Privilege Escalation
Description: Unauthenticated Privilege Escalation Affected Plugin: WPGateway Plugin Slug: wpgateway Plugin Developer: Jack Hopman/WPGateway Affected Versions: = 3.5 CVE ID: CVE-2022-3180 CVSS Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Fully Patched Version: N/A...
Academy Learning Management System 5.7 Shell Upload
Exploit Title: Academy Learning Management System 5.7 Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/academy-course-based-learning-management-system/22703468 Version: 5.7 Tested on Ubuntu 18.04 Totally wrong architecture f...
Rocket LMS 1.6 Cross Site Scripting
Exploit Title: Rocket LMS - Learning Management System Reflected Cross Site Scripting Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Version: Version 1.6 Tested on Ubuntu 18.04...
TIBCO JasperReports Server 8.0.2 Community Edition Code Execution
Advisory ID: SYSS-2022-041 Product: JasperReports Server Manufacturer: TIBCO Software Inc. Tested Versions: 8.0.2 Community Edition Vulnerability Type: CWE-502: Deserialization of Untrusted Data Risk Level: High Solution Status: Fixed Manufacturer Notification: 2022-06-10 Solution Date: 2022-08-1...
Rocket LMS 1.6 Shell Upload
Exploit Title: Rocket LMS - Learning Management System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Version: Version 1.6 Tested on Ubuntu 18.04 base64 encode your...
ETAP Safety Manager 1.0.0.32 Cross Site Scripting
ETAP Safety Manager 1.0.0.32 Remote Unauthenticated Reflected XSS Vendor: ETAP Lighting International NV Product web page: https://www.etaplighting.com Affected version: 1.0.0.32 Summary: The ETAP Safety Manager ESM is a central managing and control system that helps you to monitor, adjust and...
Infix LMS 4.3.0 Shell Upload
Exploit Title: Infix LMS - Learning Management System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/infixlms-learning-management-system/30626608 Version: 4.3.0 Tested on Ubuntu 18.04 sign up as teacher go profile page and...
SmartRG Router 2.6.13 Remote Code Execution
Exploit Title: SmartRG Router - Remote Code Execution Date: 13/06/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import Popen, PIPE routerhos...
Infix LMS 4.3.0 IFRAME Injection
Exploit Title: Infix LMS - Learning Management System IFRAME Injection Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/infixlms-learning-management-system/30626608 Version: 4.3.0 Tested on Ubuntu 18.04 sign up as teacher go course page...
AirDisk 7.5.5 Cross Site Scripting
Exploit Title: AirDisk 7.5.5 File Manager Stored XSS Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://apps.apple.com/us/developer/felix-yew/id505904424 Software Link: https://apps.apple.com/us/app/airdisk-file-manager/id566530748 Version: 7.5.5 Tested on: iPhone ios 15.6 ...
mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting
Exploit Title: mbDrive Lite - WiFi flash disk 1.4.0 Reflected XSS Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://apps.apple.com/us/developer/haw-yuan-yang/id291212805 Software Link: https://apps.apple.com/us/app/mbdrive-lite-wifi-flash-disk/id343254033 Version: 1.4.0...
InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal
Title: ====== AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Author: ======= Jens Regel, CRISEC IT-Security CVE: ==== CVE-2022-23854 Advisory: ========= https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal/ Timeline: ========= 25.06.2021...
@Drive 2.8 Local File Inclusion
Exploit Title: @Drive 2.8 Local File inclusion Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://evolutive.co/ Software Link: https://apps.apple.com/us/app/drive/id578982909 Version: 2.8 Tested on: iPhone ios 15.6 GET...
Online Notice Board 2022 SQL Injection
Title: ONLINE-NOTICE-BOARD-2022 SQLi Author: nu11secur1ty Date: 09.09.2022 Vendor: https://www.sourcecodester.com/users/razormist Software: https://www.sourcecodester.com/php/14317/online-notice-board-system.html Reference:...
Sagemath 9.0 Overflow / Denial Of Service
sagemath 9.0 and reportedly later on ubuntu 20. sagemath gives access to the python interpreter, so code execution is trivial. We give DoS attacks, which terminates the sagemath process with abort, when raising symbolic expression to large integer power. We get abort with stack: gmp: overflow in...
SACCO-2022 SQL Injection
Title: SACCO-2022 SQLi Author: nu11secur1ty Date: 08.27.2022 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15372/open-source-sacco-management-system-free-download.html Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayurik/2022/SACCO...
Apache Spark Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Apache Spark Unauthenticated Command Injection RCE', 'Description' = %q This module exploits an unauthenticated command...
Trojan-Ransom.Win32.Hive.bv MVID-2022-0636 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/44aba241dd3f0d156c6ed82a0ab3a9e1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.Win32.Hive.bv Vulnerability: Arbitrary Code Execution Description: Hive...
FE File Explorer 11.0.4 Local File Inclusion
Exploit Title: FE File Explorer 11.0.4 Local File inclusion Date: Sep 6, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/fe-file-explorer-file-manager/id510282524 Version: 11.0.4 Tested on: iPhone ios 15.6 from ftplib impor...
FTPManager 8.2 Local File Inclusion / Directory Traversal
Exploit Title: FTPManager 8.2 Local File inclusion Date: Sep 6, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/ftpmanager-ftp-sftp-client/id525959186 Version: 8.2 Tested on: Ios 15.6 GET...
Backdoor.Win32.Hupigon.aspg MVID-2022-0634 Unquoted Service Path
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/121bf601275e2aed0c3a6fe7910f9826.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aspg Vulnerability: Insecure Service Path Description: The malware...
Trojan.Win32.Autoit.fhj MVID-2022-0638 NULL DACL
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Autoit.fhj Vulnerability: Named Pipe Null DACL Family: Autoit Type: PE32 MD5...
Trojan.Win32.Autoit.fhj MVID-2022-0637 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Autoit.fhj Vulnerability: Insecure Permissions Description: The malware write...
Trojan-Spy.Win32.Pophot.bsl MVID-2022-0635 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8c0e6ec6b8ac9eb1169e63df71f24456.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Pophot.bsl Vulnerability: Insecure Permissions Description: The malware...
Backdoor.Win32.Winshell.5_0 MVID-2022-0633 Hardcoded Credential
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5bc5f72d19019a2fa3b75896e82ae1e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Winshell.50 Vulnerability: Weak Hardcoded Credentials Description: The...
Wifi HD Wireless Disk Drive 11 Local File Inclusion
Exploit Title: Wifi HD Wireless Disk Drive Local File Inclusion Date: Aug 13, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: http://www.savysoda.com Software Link: https://apps.apple.com/us/app/wifi-hd-wireless-disk-drive/ id311170976 Version: 11 Tested on: iPhone OS 155 GET...
Online Employee Leave Management System 1.0 Cross Site Request Forgery
Exploit Title: Online Employee Leave Management System 1.0 - Cross-Site Request Forgery addemployee.php Date: 05/09/2022 Exploit Author: Amolo Hunters Software Link: https://www.sourcecodester.com/php/15374/online-employee-leave-management-system-php-free-source-code.html Version: 1.0 Tested on:...
Cisco ASA-X With FirePOWER Services Authenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA-X with FirePOWER Services Authenticated Command Injection', 'Description' = %q This module exploits an authenticated command injection...
Mobile Mouse 3.6.0.4 Remote Code Execution
Exploit Title: Mobile Mouse 3.6.0.4 Remote Code Execution Date: Aug 09, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://mobilemouse.com/ Software Link: https://www.mobilemouse.com/downloads/setup.exe Version: 3.6.0.4 Tested on: Windows 10 Enterprise LTSC Build 17763 !/usr/bin/env...
Online Market Place Site 1.0 SQL Injection
Exploit Title: Online Market Place Site v1.0 - Unauthenticated Blind Time-Based SQL Injection Exploit Author: Joe Pollock Date: September 03, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html Software Link:...
Online Market Place Site 1.0 Cross Site Scripting
Exploit Title: Online Market Place Site v1.0 - Stored Cross-Site Scripting XSS Exploit Author: Joe Pollock Date: September 03, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html Software Link:...
Apple macOS Remote Events Memory Corruption
!/usr/bin/env python -- coding: UTF-8 -- naval.py Apple macOS Remote Events Remote Memory Corruption Vulnerability Jeremy Brown jbrown3264/gmail ===== Intro ===== eppc Hello from AEServer Remote Apple Events is a core service and remote system administration and automation tool for Macs. It can b...
WordPress Netroics Blog Posts Grid 1.0 Cross Site Scripting
Exploit Title: Stored XSS in posttitle parameter in WordPress Plugin "Netroics Blog Posts Grid" v1.0 Date: 08/08/2022 Exploit Author: saitamang, syad, yunaranyancat Vendor Homepage: wordpress.org Software Link: https://downloads.wordpress.org/plugin/netroics-blog-posts-grid.zip Version: 1.0 Teste...
Doctor's Appointment System 1.0 SQL Injection
Exploit Title: SQLi - Doctor's Appointment System v1.0 Google Dork: N/A Date: 7/13/2022 Exploit Author: Abdullah Zaid - @aznull Vendor Homepage: https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html Software Link:...
Doctor's Appointment System 1.0 Cross Site Scripting
Exploit Title: Doctor's Appointment System v1.0 - Cross-Site Scripting XSS Google Dork: N/A Date: 7/13/2022 Exploit Author: Abdullah Zaid - @aznull Vendor Homepage: https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html Software Link:...
Zyxel Firewall SUID Binary Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall SUID Binary Privilege Escalation', 'Description' = %q This module exploits CVE-2022-30526, a local privilege escalation...
WordPress Core Cross Site Scripting / SQL Injection
Description: SQL Injection via Links LIMIT clause Affected Versions: WordPress Core 6.0.2 Researcher: FVD CVE ID: Pending CVSS Score: 8.0 High CVSS Vector:CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Fully Patched Version: 6.0.2 The WordPress Link functionality, previously known as “Bookmarks”, i...
AeroCMS 0.0.1 SQL Injection
Title: AeroCMS-v0.0.1 SQLi Author: nu11secur1ty Date: 08.27.2022 Vendor: https://github.com/MegaTKC Software: https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi Description: The auth...
Centreon 22.04.0 Cross Site Scripting
Exploit Title: Stored XSS in name parameter in Centreon version 22.04.0 Date: Exploit Author: syad, yunaranyancat, saitamang Vendor Homepage: Centreon Software Link: https://download.centreon.com/ Version: 22.04.0 CVE ID : CVE-2022-36194 Tested on: Centos 7 Centreon 22.04.0 is vulnerable to Cross...
PrestaShop Ap Pagebuilder 2.4.4 SQL Injection
Exploit Title: AP PAGEBUILDER Prestashop module = 2.4.4 'productalloneimg' , 'imageproduct' Blind SQL Injection Date: 24-08-2022 Exploit Author: Mohamed Ali Hammami Vendor Homepage: https://apollotheme.com/ Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module Version:...
Zimbra Zip Path Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Zip Path Traversal in Zimbra mboximport CVE-2022-27925', 'Description' = %q This module POSTs a ZIP file containing path...
10-Strike Network Inventory Explorer 9.3 Buffer Overflow
I. VULNERABILITY ------------------------- 10-Strike Network Inventory Explorer Version 9.3 - Privilege Escalation through SEH based Buffer Overflow II. VENDOR ------------------------- 10-Strike Network https://www.10-strike.com/ III. DESCRIPTION ------------------------- 10-Strike Network...
WordPress Duplicator 1.4.7.2 Backup Disclosure
Title: WordPress Plugin Duplicator 1.4.7.2 - Unauthenticated Backup Download Author: nu11secur1ty Date: 08.23.2022 Vendor: https://wordpress.org/ Software: https://wordpress.org/plugins/duplicator/ Reference:...
Teleport 9.3.6 Command Injection
Description:Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user i...
Personnel Property Equipment 2015-2022 SQL Injection
Title: Personnel Property Equipment-2015-2022 SQLi, Unauthenticated-File-Upload Author: nu11secur1ty Date: 08.22.2022 Vendor Homepage: https://www.trickcode.in/ Video vendor: https://www.youtube.com/watch?v=ltSwom8sQAQ Software...
Microsoft Exchange Server ChainedSerializationBinder Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' class MetasploitModule 'Microsoft Exchange Server ChainedSerializationBinder RCE', 'Description' = %q This module exploits vulnerabilities within the...