50748 matches found
dbus-broker-29 Memory Corruption
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Memory Corruption Vulnerabilities product: dbus-broker vulnerable version: dbus-broker-29 fixed version: dbus-broker-31 CVE number: CVE-2022-31212, CVE-2022-3121...
Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: Poly EagleEye Director II vulnerable version: 2.2.1.1 Jul 1, 2021 fixed version: 2.2.2.1 or higher CVE number: CVE-2022-26479,...
Poly Studio X30 / Studio X50 / Studio X70 / G7500 Command Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated Command Injection product: Poly Studio X30, Studio X50, Studio X70, G7500 vulnerable version: 3.4.0-292042, 3.5.0-344025, 3.6.0 fixed version: 3.7.0 or high...
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published:...
Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published:...
Zyxel USG FLEX 5.21 Command Injection
Exploit Title: Zyxel USG FLEX 5.21 - OS Command Injection Shodan Dork: title:"USG FLEX 100" title:"USG FLEX 100W" title:"USG FLEX 200" title:"USG FLEX 500" title:"USG FLEX 700" title:"USG20-VPN" title:"USG20W-VPN" title:"ATP 100" title:"ATP 200" title:"ATP 500" title:"ATP 700" title:"ATP 800" Dat...
SolarView Compact 6.00 Directory Traversal
Exploit Title: SolarView Compact 6.00 - Directory Traversal Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : Aiactive Author linkedin profile : https://www.linkedin.com/in/ahmedalroky/ Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE :...
Contao 4.13.2 Cross Site Scripting
Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...
IIPImage Remote Memory Corruption
!/usr/bin/python3 -- coding: UTF-8 -- thiel.py IIPImage Multiple Remote Memory Corruption Vulnerabilities Jeremy Brown jbrown3264/gmail IIPImage is distributed with a server that enables advanced, high-performance image manipulation for web-based streaming and viewing of high resolution images. T...
NVIDIA Data Center GPU Manager Remote Memory Corruption
!/usr/bin/python3 -- coding: UTF-8 -- heart.py NVIDIA Data Center GPU Manager Remote Memory Corruption Vulnerability Jeremy Brown jbrown3264/gmail NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopba...
Microweber CMS 1.2.15 Account Takeover
Exploit Title: Microweber CMS 1.2.15 - Account Takeover Date: 2022-05-09 Exploit Author: Manojkumar J Vendor Homepage: https://github.com/microweber/microweber Software Link: https://github.com/microweber/microweber/releases/tag/v1.2.15 Version: =1.2.15 Tested on: Windows10 CVE : CVE-2022-1631...
Telesquare SDT-CW3B1 1.1.0 Command Injection
!/usr/bin/python3 Exploit Title: Telesquare SDT-CW3B1 1.1.0 - OS Command Injection Date: 24th May 2022 Exploit Author: Bryan Leong Vendor Homepage: http://telesquare.co.kr/ CVE : CVE-2021-46422 Authentication Required: No import requests import argparse import sys from xml.etree import ElementTre...
dotCMS Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DotCMS RCE via Arbitrary File Upload.', 'Description' = %q When files are uploaded into dotCMS via the content API, but before they become conten...
Product Show Room Site 1.0 Cross Site Scripting
Product Show Room Site - 'Telephone' Stored Cross-Site ScriptingXSS Exploit Title: Product Show Room Site - 'Telephone' Stored Cross-Site ScriptingXSS Exploit Author: [email protected] inc Vendor Homepage:...
libMeshb Buffer Overflow
===== Intro ===== libMeshb is a library which supports moving between data types for the Gamma Mesh Format. A buffer overflow was found when parsing the MESH format and specially crafted .mesh files could allow for arbitrary code execution. ===== Repro ===== No magic bytes or valid header necessa...
GtkRadiant 1.6.6 Buffer Overflow
===== Intro ===== GtkRadiant is a cross-platform level editor software for idtech game engines such as Quake. It comes with data authoring tools and a BSP map compiler called q3map2 which parses MAP files. The code has been around for a long time and uses unsafe string copy and format functions. ...
Avantune Genialcloud ProJ 10 Cross Site Scripting
Exploit Title: Avantune Genialcloud ProJ 10 - Reflected XSS Cross-Site Scripting Date: 2022-06-01 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.avantune.com Software Link: https://www.genialcloud.com - https://www.genialcloud.com/discover-genialcloud-proj -...
libxml2 xmlBufAdd Heap Buffer Overflow
libxml2: heap-buffer-overflow in xmlBufAdd libxml2 is vulnerable to a heap-buffer-overflow when xmlBufAdd is called on a very large buffer: int xmlBufAddxmlBufPtr buf, const xmlChar str, int len unsigned int needSize; .. needSize = buf-use + len + 2; A if needSize buf-size .. if !xmlBufResizebuf,...
Fast Food Ordering System 1.0 Cross Site Scripting
Title: Fast Food Ordering System 1.0 Stored Cross-Site Scripting Author: Ashish Kumar Date: 05.31.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15366/fast-food-ordering-system-phpoop-free-source-code.html Reference:...
Microsoft Office MSDT Follina Proof Of Concept
POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina Info : New Microsoft Office zero-day used in attacks to execute PowerShell Summary On the 29th of May 2022, the NaoSec team, an independent Cyber Security Research Team, discovered a malicious Office document shared on Virustotal. This...
MyBB Admin Control Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MyBB Admin Control Code Injection RCE', 'Description' = %q This exploit module leverages an improper input validation vulnerability in MyBB prior...
WordPress User Meta Lite / Pro 2.4.3 Path Traversal
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: User Meta Vendor URL: https://wordpress.org/plugins/user-meta Type: Relative Path Traversal CWE-23 Date found: 2022-02-28 Date published: 2022-05-24 CVSSv3 Score: 4.3...
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root
!/usr/bin/env python3 -- coding: utf-8 -- Schneider Electric C-Bus Automation Controller 5500SHAC 1.10 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com | https://www.clipsal.com Product details: -...
Ingredient Stock Management System 1.0 Account Takeover
Exploit Title: Ingredient Stock Management System v1.0 - Account Takeover Unauthenticated Date: 28/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Ingredient Stock Management System 1.0 SQL Injection
Exploit Title: Ingredient Stock Management System v1.0 - 'id' Blind SQL Injection Date: 28/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html...
Fast Food Ordering System 1.0 SQL Injection
Title: Fast Food Ordering System 1.0 SQLi Author: nu11secur1ty Date: 05.30.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15366/fast-food-ordering-system-phpoop-free-source-code.html Reference:...
ChromeOS usbguard Bypass
ChromeOS' usage of usbguard is bypassable VULNERABILITY DETAILS ChromeOS uses https://usbguard.github.io/ when the screen is locked but not on the login screen, perhaps because it is expected that code execution is much less helpful when the disk is still encrypted?. When the screen is locked, a...
Tigase XMPP Server Stanza Smuggling
Tigase XMPP server: XMPP stanza smuggling via unescaped qutes Tigase XMPP server suffers from a security vulnerability due to not escaping double quote character when serializing parsed XML. This can be used to "smuggle" or, if you prefer, inject arbitrary attacker-controlled stanza in the XMPP...
qdPM 9.1 Remote Code Execution
Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright Ā© 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 https://www.exploit-db.com/exploits/47954 Exploit Author: Leon Trappett...
Print Spooler Remote DLL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' require 'rubysmb' require 'rubysmb/error' class MetasploitModule 'Print Spooler Remote DLL Injection', 'Description' = %q The print spooler servic...
CLink Office 2.0 SQL Injection
Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console Date: 30 Mar 2022 Exploit Author: Erwin Chan, Stephen Tsoi Vendor Homepage: https://www.communilink.net/ Softwar: CLink Office Version: 2.0 Tested on: CLink Office 2.0 Anti-Spam...
Online Fire Reporting System 1.0 SQL Injection
Title: Online Fire Reporting System 1.0 SQLi Author: nu11secur1ty Date: 05.24.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15346/online-fire-reporting-system-phpoop-free-source-code.html Reference:...
m1k1o's Blog 1.3 Remote Code Execution
Exploit Title: m1k1o's Blog v.10 - Remote Code Execution RCE Authenticated Date: 2022-01-06 Exploit Author: Malte V Vendor Homepage: https://github.com/m1k1o/blog Software Link: https://github.com/m1k1o/blog/archive/refs/tags/v1.3.zip Version: 1.3 and below Tested on: Linux CVE : CVE-2022-23626...
iTop Remote Command Execution
!/usr/bin/env ruby Exploit Title: iTop 2.7.6 - Authenticated Remote command execution Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2022-24780 Date: 2022-05-20 Vendor Homepage:...
OpenCart Newsletter 3.0.2.0 SQL Injection
Exploit Title: OpenCart v3.x Newsletter Module - Blind SQLi Date: 19/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=marketplace/extension/info&extensionid=32750&filtermember=Zemez Version: v.3.0.2.0 Tested on...
Blockchain FiatExchanger 2.2.1 SQL Injection
Information Vulnerability Name : Remote Blind SQL Injections in Inout Blockchain FiatExchanger Product : Inout Blockchain FiatExchanger version : 2.2.1 Date : 2022-05-21 Vendor Site : https://www.inoutscripts.com/products/inout-blockchain-fiatexchanger/ Exploit Detail :...
Blockchain AltExchanger 1.2.1 SQL Injection
Information Vulnerability Name : Multiple Remote SQL Injections in Inout Blockchain AltExchanger Product : Inout Blockchain AltExchanger version : 1.2.1 Date : 2022-05-21 Vendor Site : https://www.inoutscripts.com/products/inout-blockchain-altexchanger/ Exploit Detail :...
LiquidFiles 3.4.15 Cross Site Scripting
===== Tempest Security Intelligence - ADV-12/2021 ========================== LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeline of...
SAP Application Server ABAP / ABAP Platform Code Injection / SQL Injection / Missing Authorization
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SAPĀ® Application Server ABAP and ABAPĀ® Platform Different Software Components vulnerable version: see section "Vulnerable /...
PHPIPAM 1.4.4 Cross Site Request Forgery / Cross Site Scripting
===== Tempest Security Intelligence - ADV-03/2022 ========================== PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents ================================================== Overview Detailed description Timelin...
Emby Media Server 4.7.0.60 Cross Site Scripting
Exploit Title: Emby Media Server 4.7.0.60 Cross Site Scripting Google Dork: NA Date: 18/05/2022 Exploit Author: Yehia Elghaly Vendor Homepage: https://emby.media/ Software Link: https://emby.media/windows-server.html Version: 4.7.0.60 Tested on: Windows 7 / 10 Summary: Emby formerly Media Browser...
Showdoc 2.10.3 Cross Site Scripting
Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...
Survey Sparrow Enterprise Survey Software 2022 Cross Site Scripting
Exploit Title: Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting XSS Date: May 11 2022 Exploit Author: Pankaj Kumar Thakur Vendor Homepage: https://surveysparrow.com/ Software Link: https://surveysparrow.com/enterprise-survey-software/ Version: 2022 Tested on: Windows C...
SDT-CW3B1 1.1.0 Command Injection
Exploit Title: SDT-CW3B1 1.1.0 - OS command injection Date: 2022-05-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: 1.0.0 Vendor home page : http://telesquare.co.kr/ Authentication Required: No CVE : CVE-2021-46422 Tested on: Windows HTTP Request GET...
T-Soft E-Commerce 4 SQL Injection
Exploit Title: T-Soft E-Commerce 4 - SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux Category: WebApp Google Dork: N/A CVE: 2022-28132 Date: 18.02.2022 Description Step-1: Login as Admin or...
OpenCart So Listing Tabs 2.2.0 Unsafe Deserialization
Affected Versions: Version 2.2.0 is affected, and prior versions are likely affected too. - Vulnerabilities Description: Vulnerable component is switching to another tab. To exploit vulnerability, an attacker may send a POST request with application/x-www-form-urlencoded content-type to AJAX...
Online Discussion Forum Site 1.0 SQL Injection
Exploit Title: Online Discussion Forum Site 1.0 - 'id' Blind SQL Injection Date: 15/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15337/online-discussion-forum-site-phpoop-free-source-code.html Version: 1.0...
Trojan-Ransom.Thanos MVID-2022-0607 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/be60e389a0108b2871dff12dfbb542ac.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.Thanos Vulnerability: Code Execution Description: Thanos looks for and...
SolarView Compact 6.0 Command Injection
Exploit Title: SolarView Compact 6.0 - OS Command Injection Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29303 Tested on: Windows Exploit HTTP Request : POST...
T-Soft E-Commerce 4 Cross Site Scripting
Exploit Title: T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting XSS Exploit Author: Alperen Ergel alpernae IG/TW Web Site: https://alperenae.gitbook.io/ Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux Category: WebApp Google Dork: N/A Date: 2022-05-10 CV...