50748 matches found
WiFiMouse 1.8.3.4 Remote Code Execution
Exploit Title: WiFiMouse 1.8.3.4 - Remote Code Execution RCE Date: 15-08-2022 Author: Febin Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.4 Tested on: Windows 10 !/bin/bash printf " WiFiMouse / MouseServer 1.8.3.4 Exploit by FEBIN " printf "...
Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Corty.10 Vulnerability: Insecure Credential Storage Description: The...
Backdoor.Win32.Hellza.120 MVID-2022-0642 Authentication Bypass
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hellza.120 Vulnerability: Authentication Bypass Description: The malware...
ProcessMaker Privilege Escalation
Exploit Title: ProcessMaker - User Profile Privilege Escalation Description: ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators. Date: 20220822 Exploit Author: Sornram...
Bookwyrm 0.4.3 Authentication Bypass
Exploit Title: Bookwyrm v0.4.3 - Authentication Bypass Date: 2022-08-4 Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/bookwyrm-social/bookwyrm Software Link: https://github.com/bookwyrm-social/bookwyrm/releases/tag/v0.4.3 Version: = 4.0.3 Tested on: MacOS Monterey CVE:...
Buffalo TeraStation Network Attached Storage (NAS) 1.66 Authentication Bypass
Exploit Title: Buffalo TeraStation Network Attached Storage NAS 1.66 - Authentication Bypass Date: 2022-08-11 Exploit Author: JORDAN GLOVER Type: WEBAPPS Platform: HARDWARE Vendor Homepage: https://www.buffalotech.com/ Model: TeraStation Series Firmware Version: 1.66 Tested on: Windows 10 An...
Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Ransom.Ryuk.A Vulnerability: Arbitrary Code Execution Description: The ransomware...
Blink1Control2 2.2.7 Weak Password Encryption
// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Date: 2022-08-12 // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const...
Backdoor.Win32.Hellza.120 MVID-2022-0641 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hellza.120 Vulnerability: Unauthorized Remote Command Execution Description...
Genesys PureConnect Cross Site Scripting
Product: Genesys PureConnect - Interaction Web Tools Chat Service Description: Interaction Web Tools Chat Service allows XSS within the Printable Chat History via the participant - name JSON POST parameter. Vulnerability Type: XSS Vendor of Product: Genesys PureConnect Affected Product Code Base:...
VIAVIWEB Wallpaper Admin SQL Injection / Shell Upload
Exploit Title: VIAVIWEB Wallpaper Admin - Multiple vulnrabilities Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username" Date: 18/09/2022 Exploit Author: Edd13Mora Vendor Homepage: www.viaviweb.com Version: N/A Tested on: Windows 11 - Kali Linux ------------------ SQLI on the Login...
PhotoSync 4.7 Local File Inclusion
Exploit Title: PhotoSync 4.7 IOS APP Local file inclusion Date: Sep 19, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.photosync-app.com/home.html Software Link: https://apps.apple.com/us/app/photosync-transfer-photos/id415850124 Version: 4.7 Tested on: iPhone IOS 16.0 GET...
OpenCart 3.x Newsletter Custom Popup 4.0 SQL Injection
Exploit Title: OpenCart v3.x So Newsletter Custom Popup Module - Blind SQL Injection Date: 18/09/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link:...
Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion
Exploit Title: Owlfiles File Manager 12.0.1 - multi vulnerabilities Date: Sep 19, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/owlfiles-file-manager/id510282524 Version: 12.0.1 Tested on: Ios 16.0 path traversal on HTTP...
WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting
Exploit Title: WordPress Plugin ‘GetYourGuide Ticketing’ - Stored Cross-Site Scripting Date: 18-09-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/search/GetYourGuide+Ticketing/ Version: 1.0.1 Tested on: Firefox Contact me: [email protected]...
SAP SAPControl Web Service Interface Local Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local privilege escalation product: SAP® SAPControl Web Service Interface sapuxuserchk vulnerable version: see section "Vulnerable / tested versions" fixed version: see S...
Rocket LMS 1.6 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
SAP SAProuter Improper Access Control
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Improper Access Control product: SAP® SAProuter vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security note 3158375 CVE number:...
Palo Alto Networks Authenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Palo Alto Networks Authenticated Remote Code Execution', 'Description' = %q An OS Command Injection vulnerability in the PAN-OS management...
Social Share Button 2.2.3 SQL Injection
Title: Social Share Buttons-2.2.3 SQLi Author: nu11secur1ty Date: 09.16.2022 Vendor: https://wordpress.org/ Software: https://downloads.wordpress.org/plugin/social-share-buttons-by-supsystic.2.2.3.zip Reference:...
News247 News Magazine 1.0 Cross Site Scripting
Exploit Title: News247 - News Magazine CMS v1.0 – Stored Cross Site Scripting XSS Exploit Author: Ravinder Verma Date: Septmeber 14, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14952/news247-news-magazine-php-script.html Software Link:...
Gitea 1.16.6 Remote Code Execution
Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...
WordPress WPGateway 3.5 Privilege Escalation
Description: Unauthenticated Privilege Escalation Affected Plugin: WPGateway Plugin Slug: wpgateway Plugin Developer: Jack Hopman/WPGateway Affected Versions: = 3.5 CVE ID: CVE-2022-3180 CVSS Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Fully Patched Version: N/A...
TIBCO JasperReports Server 8.0.2 Community Edition Code Execution
Advisory ID: SYSS-2022-041 Product: JasperReports Server Manufacturer: TIBCO Software Inc. Tested Versions: 8.0.2 Community Edition Vulnerability Type: CWE-502: Deserialization of Untrusted Data Risk Level: High Solution Status: Fixed Manufacturer Notification: 2022-06-10 Solution Date: 2022-08-1...
Rocket LMS 1.6 Cross Site Scripting
Exploit Title: Rocket LMS - Learning Management System Reflected Cross Site Scripting Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Version: Version 1.6 Tested on Ubuntu 18.04...
Academy Learning Management System 5.7 Shell Upload
Exploit Title: Academy Learning Management System 5.7 Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/academy-course-based-learning-management-system/22703468 Version: 5.7 Tested on Ubuntu 18.04 Totally wrong architecture f...
Rocket LMS 1.6 Shell Upload
Exploit Title: Rocket LMS - Learning Management System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Version: Version 1.6 Tested on Ubuntu 18.04 base64 encode your...
Infix LMS 4.3.0 Shell Upload
Exploit Title: Infix LMS - Learning Management System Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/infixlms-learning-management-system/30626608 Version: 4.3.0 Tested on Ubuntu 18.04 sign up as teacher go profile page and...
Infix LMS 4.3.0 IFRAME Injection
Exploit Title: Infix LMS - Learning Management System IFRAME Injection Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/infixlms-learning-management-system/30626608 Version: 4.3.0 Tested on Ubuntu 18.04 sign up as teacher go course page...
ETAP Safety Manager 1.0.0.32 Cross Site Scripting
ETAP Safety Manager 1.0.0.32 Remote Unauthenticated Reflected XSS Vendor: ETAP Lighting International NV Product web page: https://www.etaplighting.com Affected version: 1.0.0.32 Summary: The ETAP Safety Manager ESM is a central managing and control system that helps you to monitor, adjust and...
SmartRG Router 2.6.13 Remote Code Execution
Exploit Title: SmartRG Router - Remote Code Execution Date: 13/06/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import Popen, PIPE routerhos...
Sagemath 9.0 Overflow / Denial Of Service
sagemath 9.0 and reportedly later on ubuntu 20. sagemath gives access to the python interpreter, so code execution is trivial. We give DoS attacks, which terminates the sagemath process with abort, when raising symbolic expression to large integer power. We get abort with stack: gmp: overflow in...
@Drive 2.8 Local File Inclusion
Exploit Title: @Drive 2.8 Local File inclusion Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://evolutive.co/ Software Link: https://apps.apple.com/us/app/drive/id578982909 Version: 2.8 Tested on: iPhone ios 15.6 GET...
InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal
Title: ====== AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Author: ======= Jens Regel, CRISEC IT-Security CVE: ==== CVE-2022-23854 Advisory: ========= https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal/ Timeline: ========= 25.06.2021...
mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting
Exploit Title: mbDrive Lite - WiFi flash disk 1.4.0 Reflected XSS Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://apps.apple.com/us/developer/haw-yuan-yang/id291212805 Software Link: https://apps.apple.com/us/app/mbdrive-lite-wifi-flash-disk/id343254033 Version: 1.4.0...
AirDisk 7.5.5 Cross Site Scripting
Exploit Title: AirDisk 7.5.5 File Manager Stored XSS Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://apps.apple.com/us/developer/felix-yew/id505904424 Software Link: https://apps.apple.com/us/app/airdisk-file-manager/id566530748 Version: 7.5.5 Tested on: iPhone ios 15.6 ...
Online Notice Board 2022 SQL Injection
Title: ONLINE-NOTICE-BOARD-2022 SQLi Author: nu11secur1ty Date: 09.09.2022 Vendor: https://www.sourcecodester.com/users/razormist Software: https://www.sourcecodester.com/php/14317/online-notice-board-system.html Reference:...
SACCO-2022 SQL Injection
Title: SACCO-2022 SQLi Author: nu11secur1ty Date: 08.27.2022 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15372/open-source-sacco-management-system-free-download.html Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayurik/2022/SACCO...
Apache Spark Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Apache Spark Unauthenticated Command Injection RCE', 'Description' = %q This module exploits an unauthenticated command...
Trojan-Ransom.Win32.Hive.bv MVID-2022-0636 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/44aba241dd3f0d156c6ed82a0ab3a9e1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.Win32.Hive.bv Vulnerability: Arbitrary Code Execution Description: Hive...
Backdoor.Win32.Winshell.5_0 MVID-2022-0633 Hardcoded Credential
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5bc5f72d19019a2fa3b75896e82ae1e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Winshell.50 Vulnerability: Weak Hardcoded Credentials Description: The...
Trojan.Win32.Autoit.fhj MVID-2022-0638 NULL DACL
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Autoit.fhj Vulnerability: Named Pipe Null DACL Family: Autoit Type: PE32 MD5...
Trojan.Win32.Autoit.fhj MVID-2022-0637 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Autoit.fhj Vulnerability: Insecure Permissions Description: The malware write...
Trojan-Spy.Win32.Pophot.bsl MVID-2022-0635 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8c0e6ec6b8ac9eb1169e63df71f24456.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Pophot.bsl Vulnerability: Insecure Permissions Description: The malware...
FE File Explorer 11.0.4 Local File Inclusion
Exploit Title: FE File Explorer 11.0.4 Local File inclusion Date: Sep 6, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/fe-file-explorer-file-manager/id510282524 Version: 11.0.4 Tested on: iPhone ios 15.6 from ftplib impor...
FTPManager 8.2 Local File Inclusion / Directory Traversal
Exploit Title: FTPManager 8.2 Local File inclusion Date: Sep 6, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/ftpmanager-ftp-sftp-client/id525959186 Version: 8.2 Tested on: Ios 15.6 GET...
Backdoor.Win32.Hupigon.aspg MVID-2022-0634 Unquoted Service Path
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/121bf601275e2aed0c3a6fe7910f9826.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aspg Vulnerability: Insecure Service Path Description: The malware...
Online Employee Leave Management System 1.0 Cross Site Request Forgery
Exploit Title: Online Employee Leave Management System 1.0 - Cross-Site Request Forgery addemployee.php Date: 05/09/2022 Exploit Author: Amolo Hunters Software Link: https://www.sourcecodester.com/php/15374/online-employee-leave-management-system-php-free-source-code.html Version: 1.0 Tested on:...
Wifi HD Wireless Disk Drive 11 Local File Inclusion
Exploit Title: Wifi HD Wireless Disk Drive Local File Inclusion Date: Aug 13, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: http://www.savysoda.com Software Link: https://apps.apple.com/us/app/wifi-hd-wireless-disk-drive/ id311170976 Version: 11 Tested on: iPhone OS 155 GET...
Mobile Mouse 3.6.0.4 Remote Code Execution
Exploit Title: Mobile Mouse 3.6.0.4 Remote Code Execution Date: Aug 09, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://mobilemouse.com/ Software Link: https://www.mobilemouse.com/downloads/setup.exe Version: 3.6.0.4 Tested on: Windows 10 Enterprise LTSC Build 17763 !/usr/bin/env...