Sourcegraph gitserver sshCommand Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sourcegraph gitserver sshCommand RCE', 'Description' = %q A vulnerability exists within Sourcegraph's gitserver component that allows a remote...

JBOSS EAP/AS 6.x Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBOSS EAP/AS Remoting Unified Invoker RCE', 'Description' = %q An unauthenticated attacker with network access to the JBOSS EAP/AS 'Joao Matos ',...

Nginx 1.20.0 Denial Of Service

Exploit Title: Nginx 1.20.0 - Denial of Service DOS Date: 2022-6-29 Exploit Author: Mohammed Alshehri - https://Github.com/M507 Vendor Homepage: https://nginx.org/ Software Link: https://github.com/nginx/nginx/releases/tag/release-1.20.0 Version: 0.6.18 - 1.20.0 Tested on: Ubuntu 18.04.4 LTS bion...

WordPress Visual Slide Box Builder 3.2.9 SQL Injection

Title: WordPress 6.0 - Visual Slide Box Builder 3.2.9 SQLi Author: nu11secur1ty Date: 07.11.2022 Vendor: https://wphive.com/ Software: https://wphive.com/plugins/wp-visual-slidebox-builder/?pluginversion=3.2.9 Reference:...

Mutt mutt_decode_uuencoded() Memory Disclosure

mutt: muttdecodeuuencoded can read the past the of the input line In muttdecodeuuencoded, the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys, for example fragments of other messages, passphrases or keys. Reproduce...

Magnolia CMS 6.2.19 Cross Site Scripting

Exploit Title: Magnolia CMS = 6.2.19 - Stored Cross-Site Scripting XSS Date: 08/05/2022 Exploit Author: Giulio Garzia 'Ozozuz' Vendor Homepage: https://www.magnolia-cms.com/ Software Link:...

EQS Integrity Line Cross Site Scripting / Information Disclosure

EQS Integrity Line: Multiple Vulnerabilities Name Multiple Vulnerabilities in EQS Integrity Line Systems Affected EQS Integrity Line through 2022-07-01 Severity High Impact CVSSv2 High 8.8/10, score: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Vendor EQS Group AG https://www.eqs.com/ Advisory...

Xen PV Guest Non-SELFSNOOP CPU Memory Corruption

Xen: PV guest on non-SELFSNOOP CPUs can validate non-coherent L2 pagetable I'm not sure whether there are any major users of unshimmed Xen PV left, but https://xenbits.xen.org/docs/unstable/support-matrix.html says it's still a security-supported usecase for 64-bit guests. Tested on Debian's Xen...

Ransom Lockbit 3.0 MVID-2022-0621 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/38745539b71cf201bb502437f891d799B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom Lockbit 3.0 Vulnerability: Code Execution Description: The ransomware apparently n...

Advanced Testimonials Manager 5.6 SQL Injection

==================================================================================================================================== | Title : Advanced Testimonials Manager v5.6 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

DouPHP 1.2 Release 20141027 SQL Injection

==================================================================================================================================== | Title : DouPHP v1.2 Release 20141027 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

Stock Management System 2020 SQL Injection

Title: Stock-Management-System-2020 SQLi Author: nu11secur1ty Date: 07.02.2022 Vendor: https://github.com/Dav-ee Software: https://github.com/Dav-ee/Stock-Management-System Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Kiprono-Davies/2022/Stock-Management-System-20...

Paymoney 3.3 Cross Site Scripting

Title: paymoney-3.3 XSS-Reflected Author: nu11secur1ty Date: 07.02.2022 Vendor: https://paymoney.techvill.org/ Software: paymoney-3.3 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3 Description: The parameters firstname and lastname in User...

Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/38745539b71cf201bb502437f891d799.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom Lockbit 3.0 Vulnerability: Local Unicode Buffer Overflow SEH Description: The...

BigBlueButton 2.3 / 2.4.7 Cross Site Scripting

CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References -----------------...

Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal

Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal Vendor: CAREL INDUSTRIES S.p.A. Product web page: https://www.carel.com Affected version: Firmware: A2.1.0 - B2.1.0 Application Software: 2.15.4A Software version: v16 13020200 Summary: pCO sistema is the solution CAREL...

TypeORM SQL Injection

typeorm CVE-2022-33171 findOneid, findOneOrFailid The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to S...

PHP Library Remote Code Execution

JAHx221 - RCE in copy/pasted PHP compat libraries, jsondecode function =============================================================================== Several PHP compatability libraries contain a potential remote code execution flaw in their jsondecode function based on having copy pasted existi...

Classified Listing 2.2.9 Cross Site Scripting

Exploit Title: Classified Listing – Classified ads & Business Directory Plugin - Cross site scripting Date: 29.06.2022 Exploit Author: ASCII Vendor Homepage: https://www.radiustheme.com/ Version: 2.2.9 Tested on: 2.2.9 Classified Listing – Classified ads & Business Directory Plugin - Cross site...

Backdoor.Win32.EvilGoat.b MVID-2022-0619 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/20daf01e941f966b21a7ae431faefc65.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.EvilGoat.b Vulnerability: Weak Hardcoded Credentials Description: The malwa...

Backdoor.Win32.Cafeini.b MVID-2022-0617 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/a8fc1b3f7a605dc06a319bf0e14ca68b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.b Vulnerability: Weak Hardcoded Credentials Description: The malwar...

Backdoor.Win32.Coredoor.10.a MVID-2022-0618 Authentication Bypass

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/49da40a2ac819103da9dc5ed10d08ddb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Coredoor.10.a Vulnerability: Authentication Bypass Description: The malware...

Fruits-Bazar 2021 1.0 SQL Injection

Title: Fruits-Bazar 2021 v1.0 SQLi Author: nu11secur1ty Date: 06.29.2022 Vendor: https://github.com/creativesaiful Software: https://github.com/creativesaiful/Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- Reference:...

Laundry Management System 1.0 SQL Injection

Exploit Title: Laundry Management System 1.0 - Authenticated SQL Injection Date: 29-06-2022 Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-cilaundry.zip Version: 1.0 Tested on: Windows 1...

OpenCart 3.x So Filter Shop By SQL Injection

Exploit Title: OpenCart v3.x So Filter Shop By - Blind SQL Injection Date: 28/06/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://codecanyon.net/item/so-filter-shop-by-responsive-opencart-module/13945633 Version: V3.X Tested on: XAMPP, Linux...

Zoo Management System 1.0 Cross Site Scripting

Exploit Title: Zoo Management System 1.0 - Stored Cross-Site-Scripting XSS Date: 05/26/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15344/zoo-management-system-phpoop-free-source-code.html Version: 1.0...

AnyDesk 7.0.9 Arbitrary File Write / Denial Of Service

Exploit Title: AnyDesk allow arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine Google Dork: if applicable Date: 24/5/2022 Exploit Author: Erwin Chan Vendor Homepage: https://anydesk.com/en Software Link: https://anydesk.com/en Version: 7.0.9 Tested on:...

Library Management System With QR Code 1.0 SQL Injection

Title: Library Management System with QR code Attendance 1.0 SQL Injection Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

WSO2 Management Console Cross Site Scripting

Exploit Title: WSO2 Management Console Multiple Products - Unauthenticated Reflected Cross-Site Scripting XSS Date: 21 Apr 2022 Exploit Author: cxosmo Vendor Homepage: https://wso2.com Software Link: API Manager https://wso2.com/api-manager/, Identity Server https://wso2.com/identity-server/,...

Library Management System With QR Code 1.0 Cross Site Scripting

Title: Library Management System with QR code Attendance 1.0 Stored Cross-Site Scripting Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

Mailhog 1.0.1 Cross Site Scripting

Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Date: 06.18.2022 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on:...

Coffee Shop Cashiering System 1.0 SQL Injection

Exploit Title: Coffee Shop Cashiering System - Authenticated Time Based Sql injection Date: 27-06-2022 Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/cscs.zip Version: 1.0 Tested on: Windows...

Library Management System With QR Code 1.0 Shell Upload

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

WordPress Weblizar 8.9 Code Execution

Exploit Title: WordPress Plugin Weblizar 8.9 - Backdoor Google Dork: 'wp-json/am-member/license' Exploit Author: Sobhan Mahmoodi Vendor Homepage: https://weblizar.com/plugins/school-management/ Version: 8.9 Tested on: windows/linux Vulnerable code: addaction 'restapiinit', function...

WordPress W-DALIL 2.0 Cross Site Scripting

Exploit Title: WordPress Plugin W-DALIL - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/w-dalil/ Version: 2.0 Tested on: Firefox Contact me: [email protected] Vulnerable Code: " value="" / Steps To...

WordPress Simple Page Transition 1.4.1 Cross Site Scripting

Exploit Title: WordPress Plugin ‘Simple Page Transition’ - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/simple-page-transition/ Version: 1.4.1 Tested on: Firefox Contact me: [email protected]...

Trojan-Mailfinder.Win32.VB.p MVID-2022-0616 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Mailfinder.Win32.VB.p Vulnerability: Insecure Permissions Description: The malware...

Yashma Ransomware Builder 1.2 MVID-2022-0613 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/13e878ed7e547523cffc5728f6ba4190.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Yashma Ransomware Builder v1.2 Vulnerability: Insecure Permissions Description: The malwar...

Backdoor.Win32.Shark.btu MVID-2022-0615 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5a83f8b8c8a8b7a85b3ff632aa60e793.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Shark.btu Vulnerability: Insecure Permissions Description: The malware writ...

Backdoor.Win32.InfecDoor.17.c MVID-2022-0614 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.InfecDoor.17.c Vulnerability: Insecure Permissions Description: The malware...

WordPress Download Manager 3.2.43 Cross Site Scripting

Exploit Title: Download Manager Cross-Site Scripting Date: 2022-06-16 Exploit Author : Andrea Bocchetti Vendor Homepage : https://wordpress.org/plugins/download-manager/ Version : = 3.2.43 Tested on: windows CVE : CVE-2022-2101 Description 1- Login in the plugin page 2- add the xss payload in the...

Zoo Management System 1.0 Cross Site Scripting

Exploit Title: Zoo Management System 1.0 - Reflected Cross-Site-Scripting XSS Date: 06/22/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15344/zoo-management-system-phpoop-free-source-code.html Version: 1...

SAP FRUN Simple Diagnostics Agent 1.0 Directory Traversal

Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Exposing the contents of a directory can lead to a disclosure of useful information for the attacker to devise exploits, such as creation times of files or any...

SAP FRUN Simple Diagnostics Agent 1.0 Missing Authentication

Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run Simple Diagnostics Agent 1.0 Impact on Business Because the Simple Diagnostic Agent SDA handles several important configuration and critical credential information, a successful attack could lead to the control o...

SAP Fiori Launchpad Cross Site Scripting

Onapsis Security Advisory 2022-0005: Cross-Site Scripting XSS vulnerability in SAP Fiori launchpad Impact on Business Impact depends on the victim's privileges. In most cases, a successful attack allows an attacker to hijack a session, or force the victim to perform undesired requests in the SAP...

SAP FRUN 2.00 / 3.00 Cross Site Scripting

Onapsis Security Advisory 2022-0003: Cross-Site Scripting XSS vulnerability in SAP Focused Run Real User Monitoring Impact on Business Impact depends on the victim's privileges. In most cases, a successful attack allows an attacker to hijack a session, or force the victim to perform undesired...

Old Age Home Management System 1.0 SQL Injection

Exploit Title: Old Age Home Management System 1.0 - SQLi Authentication Bypass Date: 12/06/2022 Exploit Author: twseptian Vendor Homepage: https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/Old-Age-Home-MS-using-PHP.zip Versio...

Gentics CMS 5.36.29 Cross Site Scripting / Deserialization

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable version: 5.36.29, see section below fixed version: 5.40.27, 5.41.15, 5.42.7,...

Algo 8028 Control Panel Remote Code Execution

Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...

SoftGuard SNMP Network Management Extension HTML Injection / File Download

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: SoftGuard SNMP Network Management Extension vulnerable version: SoftGuard Web SGW 5.1.5 fixed version: SoftGuard version 5.1.5 from...