50773 matches found
WordPress Security Audit 1.0.0 Cross Site Scripting
Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...
QEMU Monitor HMP migrate Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "QEMU Monitor HMP 'migrate' Command Execution", 'Description' = %q This module uses QEMU's Monitor Human Monitor Interface HMP TCP server to execu...
PHP Everywhere 2.0.3 Remote Code Execution
On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution vulnerabilities in PHP Everywhere, a WordPress plugin installed on over 30,000 websites. One of these vulnerabilities allowed any authenticated user of any level,...
WordPress CP Blocks 1.0.14 Cross Site Scripting
Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...
Strapi CMS 3.0.0-beta.17.4 Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Strapi CMS 3.0.0-beta.17.4 - Set Password Unauthenticated Metasploit", 'Description' = %q This exploit module abuses the...
FileBrowser 2.17.2 Code Execution / Cross Site Request Forgery
Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Date: 5/2/2022 Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...
WordPress Simple Job Board 2.9.3 Local File Inclusion
Exploit Title: Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion Date: 2022-02-06 Exploit Author: Ven3xy Vendor Homepage: https://wordpress.org/plugins/simple-job-board/ Software Link: https://downloads.wordpress.org/plugin/simple-job-board.2.9.3.zip Version: 2.9.3 Tested on: Ubuntu...
Wing FTP Server 4.3.8 Remote Code Execution
Exploit Title: Wing FTP Server 4.3.8 - Remote Code Execution RCE Authenticated Date: 02/06/2022 Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link:...
Backdoor.Win32.Small.er Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9f11868c3beaa8e2c1f5c193f5888b85.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.er Vulnerability: Unauthenticated Remote Command Execution Description: The...
WordPress International SMS For Contact Form 7 Integration 1.2 XSS
Exploit Title: WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting XSS Date: 2022-02-04 Author: Milad karimi Software Link: https://wordpress.org/plugins/cf7-international-sms-integration/ Version: 1.2 Tested on: Windows 11 CVE: N/A 1. Description: This...
Hospital Management System 4.0 SQL Injection
Title: Hospital Management System v4.0 Multiple SQL-Injections Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multiple...
Servisnet Tessa Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Add sysAdmin User Unauthenticated Metasploit', 'Description' = %q This module exploits an authentication bypass in Servisnet...
WAGO 750-8xxx PLC Denial Of Service / User Enumeration
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Denial of service & User Enumeration product: WAGO 750-8xxx PLC vulnerable version: Firmware 20 Patch 1 v03.08.08 fixed version: Firmware 20 Patch 1 v03.08.08 CVE number:...
Shopmetrics Mystery Shopping Software Broken Access Control / XSS
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Broken access control & Cross-Site Scripting product: Shopmetrics Mystery Shopping Software vulnerable version: SaaS platform before v21-11 fixed version: SaaS platform...
Servisnet Tessa Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Privilege Escalation Metasploit', 'Description' = %q This module exploits privilege escalation in Servisnet Tessa, triggered by...
WBCE CMS 1.5.2 Remote Code Execution
Exploit Title: WBCE CMS 1.5.2 - Remote Code Execution RCE Authenticated Date: 02/01/2022 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: 1.5.2 Tested on: Linux - PHP Version: 8.0.14 Github repo:...
WordPress IP2Location Country Blocker 2.26.7 Cross Site Scripting
Exploit Title: WordPress Plugin IP2Location Country Blocker 2.26.7 - Stored Cross Site Scripting XSS Authenticated Date: 02-02-2022 Exploit Author: Ahmet Serkan Ari Software Link: https://wordpress.org/plugins/ip2location-country-blocker/ Version: 2.26.7 Tested on: Linux CVE: N/A Thanks: Ceylan...
FLAME II MODEM USB Unquoted Service Path
Exploit Title: FLAME II MODEM USB - Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-02-2022 Vendor Homepage: https://www.telcel.com/personas/equipos/modems-usb/alcatel/x602a Software Links : N/A Is a BAM Tested Version: N/A Vulnerability Type: Unquoted Service Path Tested on OS...
Voltage SecureMail Server Business Logic Bypass
Security Advisory ======================================================================= title: Business Logic Bypass - Mail Relay Post-authenticated product: Voltage SecureMail Server vulnerable version: Voltage SecureMail Server v7.3.0.1 fixed version: Voltage SecureMail Server v7.3.0.1 CVE...
Korenix Technology JetWave CSRF / Command Injection / Missing Authentication
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: Korenix Technology JetWave products: JetWave 2212X, JetWave 2212S, JetWave 2212G, JetWave 2311, JetWave 3220 vulnerable version...
Servisnet Tessa MQTT Credential Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/mqtt' class MetasploitModule 'Servisnet Tessa - MQTT Credentials Dump...
Feberr 12.7 Shell Upload
Exploit Title: Feberr - Multivendor Digital Products Marketplace arbitrary file upload Version 12.7 Google Dork: N/A Date: 24/01/2022 Exploit Author: Sohel Yousef - [email protected] Software Link: https://www.codester.com/items/14224/feberr-multivendor-digital-products-marketplace Software...
Vivellio 1.2.1 User Account Enumeration
Trovent Security Advisory 2108-01 User account enumeration in password reset function Overview Advisory ID: TRSA-2108-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2108-01 Affected product: Vivellio Android mobile application...
WordPress Learnpress 4.1.4.1 Arbitrary Image Renaming
Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...
Backdoor.Win32.Zxman Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/e369bbd8acbe8322834e3adbad30ff5c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zxman Vulnerability: Unauthenticated Remote Code Execution Description: The malware b...
Backdoor.Win32.Wollf.m Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/f375f6569e146e432e23589b8f112165.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.m Vulnerability: Weak Hardcoded Password Description: The malware runs with...
WordPress Post Grid 2.1.1 Cross Site Scripting
Exploit Title: WordPress Plugin Post Grid 2.1.1 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/post-grid/ Version: 2.1.1 Tested on: Windows 10 CVE: CVE-2021-24488 1. Description: This plugin creates a post grid from any post types. The slider...
WordPress Contact Form Check Tester 1.0.2 XSS / Access Control
Exploit Title: WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control Date: 2/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/contact-fo...ck-tester/ Version: 1.0.2 Tested on: Windows 10 CVE: CVE-2021-24247 1. Description: The plugin settings are visible to all...
Backdoor.Win32.Small.bu Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/36ca28db068b6f6634d633fe61d34a7d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.bu KGB- RAT server v0.1 Vulnerability: Unauthenticated Remote Command Execution...
WordPress Product Slider For WooCommerce 1.13.21 Cross Site Scripting
Exploit Title: WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woocommerc...ts-slider/ Version: 1.13.21 Tested on: Windows 10 CVE: CVE-2021-24300 1. Description: This plugin is a easy...
WordPress 404 To 301 2.0.2 SQL Injection
Exploit Title: Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection Authenticated Date 30.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://de.wordpress.org/plugins/404-to-301/ Software Link: https://downloads.wordpress.org/plugin/404-to-301.2.0.2.zip Version: = 2.0.2 Tested on:...
WordPress Domain Check 1.0.16 Cross Site Scripting
Exploit Title: WordPress Plugin Domain Check 1.0.16 - Reflected Cross-Site Scripting XSS Authenticated Date: 30-10-2021 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://domaincheckplugin.com/ Software Link:...
PHP Restaurants 1.0 SQL Injection
Exploit Title: PHP Restaurants 1.0 - SQLi Unauthenticated Google Dork: None Date: 01/29/2022 Exploit Author: Nefrit ID Vendor Homepage: https://github.com/jcwebhole Software Link: https://github.com/jcwebhole/phprestaurants Version: 1.0 Tested on: Kali Linux & Windows 10 SQL injection is a code...
Mozilla Firefox 67 Array.pop JIT Type Confusion
Exploit Title: Mozilla Firefox 67 - Array.pop JIT Type Confusion Date: 2021-12-07 Type: RCE Platform: Windows Exploit Author: deadlock Forrest Orr Author Homepage: https://forrest-orr.net Vendor Homepage: https://www.mozilla.org/en-US/ Software Link:...
CONTPAQi AdminPAQ 14.0.0 Unquoted Service Path
Exploit Title: CONTPAQi® AdminPAQ 14.0.0 - Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2022-01-16 Software Link: https://www.contpaqi.com/descargas Tested Version: 14.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 pro x64 english Step to discover...
WordPress Download Monitor WordPress 4.4.4 SQL Injection
Exploit Title: Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection Authenticated Date 28.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.download-monitor.com/ Software Link: https://downloads.wordpress.org/plugin/download-monitor.4.4.4.zip Version: 4.4.5...
PHP Unit 4.8.28 Remote Code Execution
Exploit Title: PHP Unit 4.8.28 - Remote Code Execution RCE Unauthenticated Date: 2022/01/30 Exploit Author: souzo Vendor Homepage: phpunit.de Version: 4.8.28 Tested on: Unit CVE : CVE-2017-9841 import requests from sys import argv phpfiles = "/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php",...
Moodle 3.11.4 SQL Injection
Exploit Title: Moodle 3.11.4 - SQL Injection Date: 30/01/2022 Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...
Huawei DG8045 Router 1.0 Credential Disclosure
Title: Huawei DG8045 Router 1.0 - Credential Disclosure Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 HardwareVersion: VER.A CVE: N/A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the bac...
Chamilo LMS 1.11.14 Cross Site Scripting / Account Takeover
Exploit Title: Chamilo LMS 1.11.14 - Account Takeover Date: July 21 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://chamilo.org Software Link: https://chamilo.org Version: Chamilo-lms-1.11.x Tested on: Chamilo-lms-1.11.x CVE: CVE-2021-37391 Publication:...
Cisco Small Business RV Series Authentication Bypass / Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Small Business RV Series Authentication Bypass and Command Injection', 'Description' = %q This module exploits an authentication bypass...
Backdoor.Win32.Tiny.c Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c61733c6bcbbb11cee634e0a3fd672e9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Tiny.c Vulnerability: Unauthenticated Remote Command Execution Description: The malwa...
Moxa TN-5900 Post Authentication Command Injection
KL-001-2022-002: Moxa TN-5900 Post Authentication Command Injection Vulnerability Title: Moxa TN-5900 Post Authentication Command Injection Vulnerability Advisory ID: KL-001-2022-002 Publication Date: 2022.01.28 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2022-002.txt 1...
HackTool.Win32.Muzzer.a Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c9291c93fce757a665352567ca13ec3f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.Muzzer.a Vulnerability: Heap Based Buffer Overflow Description: Processing a speciall...
Moxa TN-5900 Firmware Upgrade Checksum Validation
KL-001-2022-001: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability Title: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability Advisory ID: KL-001-2022-001 Publication Date: 2022.01.28 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2022-001.txt 1...
Fetch Softworks Fetch FTP Client 5.8 Denial Of Service
!/usr/bin/env python Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption Denial of Service Vendor: Fetch Softworks Product web page: https://www.fetchsoftworks.com Affected version: 5.8.2 5K1354 Summary: Fetch is a reliable, full-featured file transfer client for the Apple Macintosh whose...
WordPress Mortgage Calculators WP 1.52 Cross Site Scripting
Exploit Title: WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting XSS Authenticated Date: 25-10-2021 Exploit Author: Ceylan Bozogullarindan Vendor Homepage: https://lenderd.com/ Software Link: https://mortgagecalculatorsplugin.com/ Version: 1.52 Tested on: Linux CVE :...
PolicyKit-1 0.105-31 Privilege Escalation
Exploit Title: PolicyKit-1 0.105-31 - Privilege Escalation Exploit Author: Lance Biggerstaff Original Author: ryaagard https://github.com/ryaagard Date: 27-01-2022 Github Repo: https://github.com/ryaagard/CVE-2021-4034 References: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt...
WordPress RegistrationMagic V 5.0.1.5 SQL Injection
Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...
Oracle WebLogic Server 14.1.1.0.0 Local File Inclusion
Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Date: 25/1/2022 Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0,...