Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

Exploit Title: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion LFI Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.franklinfueling.com/ Version: 1.8.19.8580 Tested on: Linux Firefox CVE : CVE-2021-46417 Proof of Concept...

SAM SUNNY TRIPOWER 5.0 Insecure Direct Object Reference

Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...

WordPress Anti-Malware Security And Brute-Force Firewall Cross Site Scripting

Tittle: WordPress Plugin Anti-Malware Security and Brute-Force Firewall HTTP/1.1 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzi...

Razer Sila 2.0.418 Command Injection

Exploit Title: Razer Sila - Command Injection Google Dork: N/A Date: 4/9/2022 Exploit Author: Kevin Randall Vendor Homepage: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Software Link: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Version:...

WordPress LayerSlider Cross Site Scripting

Tittle: WordPress Plugin LayerSlider 5. Exit 6. Save Project 7. XSS will trigger when accessing the project again for example there seem to be other place when its triggered as well, like in the Project's settings POC2 via file,json 1. Add new post & Create Blank Project 2. Import Projects 3. Loa...

Telesquare TLR-2855KS6 Arbitrary File Creation

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Creation Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46418 Proof of Concept PUT /cgi-bin/testingcve.txt HTTP/1.1 Host:...

Telesquare TLR-2855KS6 Arbitrary File Deletion

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Deletion Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46419 Proof of Concept DELETE /cgi-bin/test.cgi HTTP/1.1 Host:...

MiniTool Partition Wizard 12.0 Unquoted Service Path

Exploit Title: MiniTool Partition Wizard - Unquoted Service Path Date: 08/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.0 Tested: Windows 10 PoC : C:\Users\saudhsc qc MTSchedulerService SC...

Online Sports Complex Booking System 1.0 Cross Site Scripting

Title: Online Sports Complex Booking System 1.0 XSS Author: Zllggggg Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...

E-Commerce Website 1.0 Shell Upload

Ecommerce Website Unrestricted File Upload + RCE Author: D4rkP0w4r Note = Create account, don't need login client or admin Description = Create account upload web shell at Customer Image Step to Reproduct Register - upload web shell at Customer Image - clicked Register button Exploit Upload web...

Social Codia SMS 1 Shell Upload

sms-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Description - Upload web shell at avartar teacher in admin panel Step to Reproduct Login to admin - Teacher - Add Teacher - upload web shell at avartar teacher - Add Teacher Exploit Upload web shell at avartar teacher When upload success acce...

Musical World 1 Shell Upload

Musical-World-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Note Login to client. don't need login to admin Description Upload web shell at UploadedSongs Step to Reproduct Login to user - TRACK - UploadedSongs - Choose File - UPLOAD - access /songs/uploadedsongs/shell.php Exploit When upload...

Movie Seat Reservation System 1.0 File Disclosure / SQL Injection

Movie Seat Reservation System Sql Injection Author: D4rkP0w4r Note = exploit don't need login account Exploit Use Burp Suite capture request with payload GET...

AeroCMS 0.0.1 Shell Upload

AeroCMS-Unrestricted-File-Upload-POC Author: D4rkP0w4r Description = Upload web shell at Post Image in admin panel Step to Reproduct Login to admin panel - Posts - Add Posts - Post Image - upload malicious file shell.php - access /images/shell.php on url - shell.php page Exploit When upload succe...

Car Rental System 1.0 SQL Injection

Car Rental System SQL Injection Author: D4rkP0w4r Note = Login to customer Injection Point = http://192.168.1.101:8080/CarRental/booking.php?id=1 Exploit Exploit with Sqlmap + Burp Suite Use Burp Suite capture request Then save as sqlicar.txt GET /CarRental/booking.php?id=1 HTTP/1.1 Host:...

WordPress SiteGround Security 1.2.5 Authentication Bypass

Description: Authentication Bypass via 2-Factor Authentication Setup Affected Plugin: SiteGround Security Plugin Slug: sg-security Plugin Developer: SiteGround Affected Versions: = 1.2.5 CVE ID: CVE-2022-0992 CVSS Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...

School Club Application System 1.0 Local File Inclusion

Title: School Club Application System 1.0 LFI To RCE Author: Hejap Zairy Date: 08.04.2022 Vendor: https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scas0.zip Referenc...

Reprise License Manager 14.2 Cross Site Scripting / Information Disclosure

Multiple Vulnerabilities in Reprise License Manager 14.2 Credit: Giulia Melotti Garibaldi ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Product:...

Simple House Rental System 1 Shell Upload

Simple House Rental System Unrestricted File Upload + RCE Author: D4rkP0w4r Note = login to client, don't need login to admin Description = Login to client = Upload web shell at Image Step to Reproduct Login to client - Register - Apartment Registration - Image - Submit Exploit Upload web shell a...

PHPGurukul Zoo Management System 1.0 Shell Upload

Zoo Management System Unrestricted File Upload + RCE Author: D4rkP0w4r Note = don't need register or login account Description= Upload web shell at Upload CV Step to Reproduct Access Vacancies - upload web shell at - Upload CV - APPLY Exploit Upload web shell at Upload CV When upload success acce...

PHPGurukul Zoo Management System 1.0 SQL Injection

Zoo Management System SQL Injection Author: D4rkP0w4r Description = sql injection at /animals?classid=1 Injection Point http://192.168.1.101:8080/ZooManagementSystem/publichtml/animals?classid=1 Exploit Exploit with Sqlmap python3 sqlmap.py -u...

E-Commerce Website 1.1.0 Shell Upload

Full-Ecommece-Website-Slides-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Description = Upload web shell at Slides in admin panel Step to Reproduct Login to admin - Slides - upload web shell - Submit Exploit Upload web shell at Slides When upload success access...

Social Codia SMS 1 Cross Site Scripting

sms-AddStudent-StoredXSS-POC Author: D4rkP0w4r Description = StoredXSS at Add Student Step to Reproduct Login to admin - Students - Add Student - input payload at Enter Name Exploit Input payload at Enter Name - clicked Add Students - access All Student - The XSS will trigger Log out admin and...

AeroCMS 0.0.1 Cross Site Scripting

AeroCMS-Comment-StoredXSS-POC Author: D4rkP0w4r Note = Don't need register or login account Description = StoredXSS at comment box Step to Reproduct Click Read More - input payload at Author - click Submit button Exploit Input payload at Author - click Submit button When admin login to admin pane...

School Club Application System 1.0 SQL Injection

Title: School Club Application System v1.0 SQLi Author: nu11secur1ty Date: 04.07.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html Reference:...

Backdoor.Win32.FTP.Lana.01.d Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/ea9ab5983a6fa71e31907e74d4ddbab6B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Lana.01.d Vulnerability: Port Bounce Scan Description: The malware listens on TC...

Backdoor.Win32.Tiny.a Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9fa664bc52e1aa46a09ac51aaa6c7384.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Tiny.a Vulnerability: Unauthenticated Remote Command Execution Description: The malwa...

Backdoor.Win32.Wisell Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/837ec70bfb305b5c862ff9b04e70a318B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wisell Vulnerability: Stack Buffer Overflow SEH Description: The malware listens on...

Backdoor.Win32.Ptakks.XP.a Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/e087725b01dded75d85a20db58335fa8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ptakks.XP.a Vulnerability: Insecure Credential Storage Description: The default...

WordPress WP Downgrade Cross Site Scripting

Tittle: WordPress Plugin WP Downgrade alert/XSS/ Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba TracWordpress: https://plugins.trac.wordpress.org/changeset/2696091...

Backdoor.Win32.Easyserv.11.c Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/3b5564e88a0b8a41e4fd730891e635cc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Easyserv.11.c Vulnerability: Insecure Transit Description: The malware makes outbound...

SAP Information System 1.0.0 Missing Authorization

Exploit Title: SAP Information System 1.0.0 - Improper Authentication Date: 06/04/2022 CVE: CVE-2022-1248 Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15262/sap-information-system-using-phppdo-oop.html Version: 1.0.0 Tested on: Linux Title: ================ SAP...

Small HTTP Server 3.06 Remote Buffer Overflow

Exploit Title: Small HTTP Server Remote Buffer Overflow Discovered by: Yehia Elghaly Discovered Date: 2022-04-07 Vendor Homepage: http://smallsrv.com/ Software Link : http://smallsrv.com/shttpsmgi.exe Tested Version: 3.06 Vulnerability Type: Buffer Overflow Remote Tested on OS: Windows XP SP3 -...

ICEHRM 31.0.0.0S Cross Site Request Forgery

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Deletion Date: 29/03/2022 Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 CVE:...

binutils 2.37 Objdump Segmentation Fault

Exploit Title: binutils 2.37 - Objdump Segmentation Fault Date: 2021-11-03 Exploit Author: p3tryx Vendor Homepage: https://www.gnu.org/software/binutils/ Version: binutils 2.37 Tested on: Ubuntu 18.04 CVE : CVE-2021-43149 Payload file %223"\972\00\0083=Q333A11111111411111333333A $$$\FF$\80 1114...

Backdoor.Win32.XLog.21 Authentication Bypass / Race Condition

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/2906b5dc5132dd1319827415e837168f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.XLog.21 Vulnerability: Authentication Bypass Race Condition Description: The malware...

Backdoor.Win32.Bifrose.uw Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9e4f942c60044feef0fb48538ffac383.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.uw Vulnerability: Insecure Permissions Description: The malware writes a ".EX...

Backdoor.Win32.Verify.h Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/82641dabbb1f73dd775e200466a07ec1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Verify.h Vulnerability: Unauthenticated Remote Command Execution Description: The...

qdPM 9.2 Cross Site Request Forgery

Exploit Title: qdPM 9.2 - Cross-site Request Forgery CSRF Google Dork: NA Date: 03/27/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: KALI OS CVE :...

Backdoor.Win32.FTP.Lana.01.d Hardcoded Credential

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/ea9ab5983a6fa71e31907e74d4ddbab6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Lana.01.d Vulnerability: Weak Hardcoded Credentials Family: Lana Type: PE32 MD5:...

CSZCMS 1.3.0 SSRF / LFI / Remote Code Execution

Title: CSZCMS V1.3.0 - SSRF To LFI To Rce Author: Hejap Zairy Date: 07.04.2022 Vendor: https://sourceforge.net/projects/cszcms/files/install/ Software: https://liquidtelecom.dl.sourceforge.net/project/cszcms/install/CSZCMS-V1.3.0.zip Reference: https://github.com/Matrix07ksa Tested on: Windows,...

WordPress UpdraftPlus Cross Site Scripting

Tittle: WordPress Plugin UpdraftPlus confirm1 Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872...

Zenario CMS 9.0.54156 Remote Code Execution

Exploit Title: Zenario CMS 9.0.54156 - Remote Code Execution RCE Authenticated Date: 04/02/2022 Exploit Author: minhnq22 Vendor Homepage: https://zenar.io/ Software Link: https://zenar.io/download-page Version: 9.0.54156 Tested on: Ubuntu 21.04 CVE : CVE-2021–42171 Python3 import os import sys...

Opmon 9.11 Cross Site Scripting

Exploit Title: Opmon 9.11 - Cross-site Scripting Date: 2021-06-01 Exploit Author: p3tryx Vendor Homepage: https://www.opservices.com.br/monitoramento-real-time Version: 9.11 Tested on: Chrome, IE and Firefox CVE : CVE-2021-43009 URL POC: alertdocument.cookie; var i=new Image;...

WordPress Ad Inserter Cross Site Scripting

Tittle: WordPress Plugin Ad Inserter Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba...

WordPress Loco Translate Cross Site Scripting

Tittle: WordPress Plugin Loco Translate ' 7. Save 8. Replicated POC2 via example.po 1. Got to Plugin Loco Translate 2. Enter Plugins Options Any Plugin 3. Upload PO options 3. Load example.po Example.po msgid "" msgstr "" "Project-Id-Version: xss-tester\n" "Report-Msgid-Bugs-To: \n"...

Backdoor.Win32.Wisell Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/837ec70bfb305b5c862ff9b04e70a318.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wisell Vulnerability: Unauthenticated Remote Command Execution Description: The malwa...

WordPress Hummingbird Cross Site Scripting

Tittle: WordPress Plugin Hummingbird Configs edit the "Name and Description" and put the following payload in the Name field: Save and Click 'Apply' to trigger the XSS Go to Hummingbird's Settings Configs and Upload the following config "id": 1, "name": "", "description": "Xss", "config":...

KLiK Social Media Website 1.0 SQL Injection

Exploit Title: KLiK Social Media Website 1.0 - 'Multiple' SQLi Date: April 1st, 2022 Exploit Author: corpse Vendor Homepage: https://github.com/msaad1999/KLiK-SocialMediaWebsite Software Link: https://github.com/msaad1999/KLiK-SocialMediaWebsite Version: 1.0 Tested on: Debian 11 Parameter: poll G...

Backdoor.Win32.Xingdoor Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/89000e259ffbd107b7cc9bac66dcdcf5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xingdoor Vulnerability: Denial of Service Description: The malware "SystemXingCheng"...