WordPress WP Visitor Statistics 4.7 SQL Injection

Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Date 22/12/2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CV...

Movie Rating System 1.0 Broken Access Control

Exploit Title: Movie Rating System 1.0 - Broken Access Control Admin Account Creation Unauthenticated Date: 22/12/2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Teste...

Movie Rating System 1.0 SQL Injection / Code Execution

Exploit Title: Movie Rating System 1.0 - SQLi to RCE Unauthenticated Date: 22/12/2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Tested on: Ubuntu This exploit only...

Nettmp NNT 5.1 SQL Injection

Exploit Title: Nettmp NNT 5.1 - SQLi Authentication Bypass Date: 23/12/2021 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://wiki.nettemp.tk Software Link: https://wiki.nettemp.tk Version: nettmp NNT Tested on: Linux Ubuntu 20.04 Payload: username: 1' or 1=1;-- password: \ Proo...

Automox Agent 32 Local Privilege Escalation

Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...

openSIS Student Information System 8.0 SQL Injection

Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...

cWifi Hotspot Wireless CP Code Execution

Document Title: =============== cWifi Hotspot Wireless CP - Code Execution Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2310 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

Safari Montage 8.5 Cross Site Scripting

Exploit Title: SAFARI Montage 8.5 - Reflected Cross Site Scripting XSS Date: 28/12/2021 Exploit Author: Momen Eldawakhly - Cyber Guy - Resecurity Inc Vendor Homepage: https://www.safarimontage.com/ Version: 8.3 and 8.5 Tested on: Ubuntu Linux Firefox CVE: CVE-2021-45425 Proof of Concept: GET...

Dixell XWEB 500 Arbitrary File Write

Exploit Title: Dixell XWEB-500 - Arbitrary File Write Google Dork: inurl:"xweb500.cgi" Date: 03/01/2022 Exploit Author: Roberto Palamaro Vendor Homepage: https://climate.emerson.com/it-it/shop/1/dixell-electronics-sku-xweb500-evo-it-it Version: XWEB-500 Tested on: Dixell XWEB-500 References:...

RiteCMS 3.1.0 Shell Upload / Remote Code Execution

Exploit Title: RiteCMS 3.1.0 - Remote Code Execution RCE Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0...

Library System In PHP 1.0 Cross Site Scripting

Exploit Title: Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting XSS Google Dork: NA Date: 03-OCT-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://www.yahoobaba.net/project/library-system-in-php Software Link:...

Siemens S7 Layer 2 Denial Of Service

Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Date: 21/10/2021 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back...

WordPress The True Ranker 2.2.2 Arbitrary File Read

Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Date: 23/12/2021 Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Versio...

Gerapy 0.9.7 Remote Code Execution

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...

uDoctorAppointment 2.1.1 Cross Site Scripting

Document Title: =============== uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2288 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

Easy Cart Shopping Cart 2021 Cross Site Scripting

Document Title: =============== Easy Cart Shopping Cart - Search Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2298 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

WordPress AAWP 3.16 Cross Site Scripting

Exploit Title: WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting XSS Authenticated Date: 04/01/2022 Exploit Author: Andrea Bocchetti Vendor Homepage: https://getaawp.com/ Software Link: https://getaawp.com/ Version: 3.16 Tested on: Windows 10 - Chrome, WordPress 5.8.2 Proof of...

Online Admission System 1.0 Remote Code Execution

Exploit Title: Online Admission System 1.0 - Remote Code Execution RCE Unauthenticated Date: 23/12/2021 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/rskoolrash/Online-Admission-System Software Link: https://github.com/rskoolrash/Online-Admission-System Tested on: LAMP Stack...

ConnectWise Control 19.2.24707 Username Enumeration

Exploit Title: ConnectWise Control 19.2.24707 - Username Enumeration Date: 17/12/2021 Exploit Author: Luca Cuzzolin aka czz78 Vendor Homepage: https://www.connectwise.com/ Version: vulnerable = 19.2.24707 CVE : CVE-2019-16516 https://github.com/czz/ScreenConnect-UserEnum from multiprocessing impo...

CMSimple 5.4 Cross Site Scripting

Exploit Title: CMSimple 5.4 - Cross Site Scripting XSS Date: 22/10/2021 Exploit Author: heinjame Vendor Homepage: https://www.cmsimple.org/en/ Software Link: https://www.cmsimple.org/en/?Downloads Version: images Upload a file Attack vector '-alert1// need to encode '-alert1// When the victim...

AWebServer GhostBuilding 18 Denial Of Service

Exploit Title: AWebServer GhostBuilding 18 - Denial of Service DoS Date: 28/12/2021 Exploit Author: Andres Ramos Invertebrado Vendor Homepage: http://sylkat-tools.rf.gd/awebserver.htm Software Link: https://play.google.com/store/apps/details?id=com.sylkat.apache&hl=en Version: AWebServer...

Rocket LMS 1.1 Cross Site Scripting

Document Title: =============== Rocket LMS v1.1 - History Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2305 Release Date: ============= 2021-12-29 Vulnerability Laboratory ID VL-ID: ==================================== 23...

Hostel Management System 2.1 Cross Site Scripting

Exploit Title: Hostel Management System 2.1 - Cross Site Scripting XSS Date: 26/12/2021 Exploit Author: Chinmay Vishwas Divekar Vendor Homepage: https://phpgurukul.com/hostel-management-system/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Tested on: PopOS20.10...

Hospitals Patient Records Management System 1.0 Account TakeOver

Exploit Title: Hospitals Patient Records Management System 1.0 - Account TakeOver Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

WordPress Catch Themes Demo Import Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin Catch Themes Demo Import RCE', 'Description' = %q The Wordpress Plugin Catch Themes Demo Import versions MSFLICENSE, 'Author' =...

Hospitals Patient Records Management System 1.0 SQL Injection

Exploit Title: Hospitalss Patient Records Management System 1.0 - 'id' SQL Injection Authenticated Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

Accu-Time Systems MAXIMUS 1.0 Buffer Overflow

Exploit Title: Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow DoS Discovered by: Yehia Elghaly Discovered Date: 22/12/2021 Vendor Homepage: https://www.accu-time.com/ Software Link : https://www.accu-time.com/maximus-employee-time-clock-3/ Tested Version: 1.0 Vulnerability Type:...

WordPress Contact Form Entries 1.1.6 Cross Site Scripting

Exploit Title: WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting XSS Unauthenticated Date: 22/12/2021 Exploit Author: gx1 Vulnerability Discovery: Gaetano Perrone Vendor Homepage: https://www.crmperks.com/ Software Link: https://wordpress.org/plugins/contact-form-entries/ Version...

Projeqtor 9.3.1 Cross Site Scripting

Exploit Title: Projeqtor v9.3.1 Stored XSS / Privilege Escalation Exploit Author: Oscar Gutierrez m4xp0w3r Date: January 4, 2021 Vendor Homepage: https://www.projeqtor.org/en/ Software Link: https://www.projeqtor.org/en/product-en/downloads Tested on: Ubuntu, LAAMP Vendor: Projeqtor Version: v9.3...

Backdoor.Win32.SilentSpy.10 Authentication Bypass / Command Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a7ce38e60cf08f2b234f34043b87e701.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SilentSpy.10 Vulnerability: Authentication Bypass Command Execution Description: The...

Backdoor.Win32.Fantador Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a1d045151c809535a308311931588fd0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Fantador Vulnerability: Divide by Zero DoS Description: The malware allows you to...

Backdoor.Win32.Fantador Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a1d045151c809535a308311931588fd0B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Fantador Vulnerability: Insecure Password Storage Description: The malware has an FT...

Computer And Mobile Repair Shop Management 1.0 SQL Injection

Title: Computer and Mobile Repair Shop Management-1.0 SQL - Injections Author: nu11secur1ty Date: 12.28.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15108/computer-and-mobile-repair-shop-management-system-using-phpoop-free-source-code.html...

BeyondTrust Remote Support 6.0 Cross Site Scripting

Exploit Title: BeyondTrust Remote Support - Reflected Cross-Site Scripting XSS Unauthenticated Google Dork: intext:"BeyondTrust" "Redistribution Prohibited" Date: 30/12/2021 Exploit Author: Malcrove Vendor Homepage: https://www.beyondtrust.com/ Version: v6.0 and earlier versions CVE: CVE-2021-315...

Backdoor.Win32.Wollf.m Authentication Bypass

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b125a9a083447ad7d437e3e7f3ed5325B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.m Vulnerability: Authentication Bypass Description: The malware listens on TCP...

WordPress CRM Form Entries Cross Site Scripting

Hello, today I disclosed the CVE-2021-25080 vulnerability. Here attached technical information: References: https://wpscan.com/vulnerability/acd3d98a-aab8-49be-b77e-e8c6ede171ac https://secsi.io/blog/cve-2021-25080-finding-cross-site-scripting-vulnerabilities-in-headers/ Description: WordPress...

Backdoor.Win32.Jokerdoor Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0fca0250fa3fe8ee7e1cf0cc45a6b2d8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Jokerdoor Vulnerability: Remote Stack Buffer Overflow Description: The malware listen...

Backdoor.Win32.Wollf.m Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b125a9a083447ad7d437e3e7f3ed5325.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.m Vulnerability: Weak Hardcoded Password Description: The malware listens on TC...

TRIGONE Remote System Monitor 3.61 Unquoted Service Path

Exploit Title: TRIGONE Remote System Monitor 3.61 Unquoted Service Path Discovery by: Yehia Elghaly Date: 30-12-2021 Vendor Homepage: https://www.trigonesoft.com/ Software Link: https://www.trigonesoft.com/download/RemoteSystemmonitorServer3.61x86Setup.exe Tested Version: 3.61 Vulnerability Type:...

Backdoor.Win32.SilentSpy.10 Authentication Race Condition

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a7ce38e60cf08f2b234f34043b87e701B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SilentSpy.10 Vulnerability: Authentication Race Condition Description: The malware...

Backdoor.Win32.Skrat Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d724feed69ec7b624e4e178ad6579cfb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Skrat Vulnerability: Cleartext Hardcoded Password Description: SKD RAT malware has...

Windows Explorer Preview Pane HTML File Link Spoofing

Exploit Title: Windows Explorer Preview Pane HTML File Link Spoofing Vulnerability Google Dork: n/a Date: December 25th, 2021 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7, 8.1, 10, 11 x86/x64 Tested on:...

Backdoor.Win32.FTP.Simpel.12 Insecure Crypto Implementation

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d12f9b921b38d7b521f12442bdd52d8B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Simpel.12 Vulnerability: Insecure Crypto Description: The malware listens on TCP...

Microsoft Windows Explorer Preview Pane Security Bypass

Exploit Title: Windows Explorer Preview Pane WMV/WMA media Automatic URI Opening Vulnerability Google Dork: n/a Date: December 25th, 2021 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7, 8.1, 10, 11 x86/x64...

Terramaster F4-210 / F2-210 Remote Code Execution

/bin/env python """ Product: Terramaster F4-210, Terramaster F2-210 Version: TOS 4.2.X 4.2.15-2107141517 Author: n0tme thatsn0tmysite Description: Chain from unauthenticated to root via session crafting. """ import urllib3 import requests import json import argparse import hashlib import time...

Backdoor.Win32.Visiotrol.10 Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f9dc0a462ada737f36efafac56f22b97.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Visiotrol.10 Vulnerability: Insecure Password Storage Description: The malware listen...

Backdoor.Win32.FTP.Simpel.12 Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d12f9b921b38d7b521f12442bdd52d8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.FTP.Simpel.12 Vulnerability: Port Bounce Scan Description: The malware listens on TCP...

ManageEngine ServiceDesk Plus Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ServiceDesk Plus CVE-2021-44077', 'Description' = %q This module exploits CVE-2021-44077, an unauthenticated remote code execution...

Accu-Time Systems MAXIMUS 1.0 Buffer Overflow / Denial Of Service

Exploit Title: Accu-Time Systems MAXIMUS 1.0 Telnet Remote Buffer Overflow Discovered by: Yehia Elghaly Discovered Date: 2021-12-22 Vendor Homepage: https://www.accu-time.com/ Software Link : https://www.accu-time.com/maximus-employee-time-clock-3/ Tested Version: 1.0 Vulnerability Type: Buffer...

Exponent CMS 2.6 Cross Site Scripting / Brute Force

Exploit Title: Exponent CMS 2.6 - Multiple Vulnerabilities Exploit Author: heinjame Date: 22/10/2021 Exploit Author: picaroo Vendor Homepage: https://www.exponentcms.org/ Version: http://127.0.0.1:8082/expcms/text/edit/id/id/src/@footer Title, Text Block Payload = " Database credential are...