50784 matches found
Git git-lfs Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Git Remote Code Execution via git-lfs CVE-2020-27955', 'Description' = %q A critical vulnerability CVE-2020-27955 in Git Large File Storage Git...
Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload
Exploit Title: AlphaWeb XE - Authenticated Insecure File Upload leading to RCE CVE-2021-40845 Date: 09/09/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor website: https://www.zenitel.com/ Product website: https://wiki.zenitel.com/wiki/AlphaWeb CVE: CVE-2021-40845...
elFinder Archive Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'elFinder Archive Command Injection', 'Description' = %q elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via it...
AHSS-PHP 1.0 Cross Site Scripting / SQL Injection
Exploit Title: AHSS-PHP by: oretnom23 v1.0 is vulnerable in the application /scheduler/classes/Login.php to remote SQL-Injection-Bypass-Authentication + XSS-Stored Hijacking PHPSESSID Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 09.15.2021 Vendor:...
Evolution CMS 3.1.6 Remote Code Execution
Exploit Title: Evolution CMS 3.1.6 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://evo.im/ Software Link: https://github.com/evolution-cms/evolution/releases Version: 3.1.6 Category: Webapps Tested on: Linux/Windows Exampl...
Support Board 3.3.3 SQL Injection
Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Date: 29.08.2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LT...
Active WebCam 11.5 Unquoted Service Path
Exploit Title: Active WebCam 11.5 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411, [email protected] Date: 09.09.2021 Software Link: https://www.techspot.com/downloads/175-active-webcam.html Vendor Homepage: https://www.pysoft.com/ Version: 11.5 Tested on: Windows 10 Note: "Sta...
Ulfius Web Framework Remote Memory Corruption
!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...
Purchase Order Management System 1.0 Shell Upload
Exploit Title: Purchase Order Management System 1.0 - Remote File Upload Date: 2021-09-14 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html...
DMA Softlab Radius Manager 4.4.0 Session Management / Cross Site Scripting
package main import "github.com/gorilla/mux" "fmt" "net/http" "net/url" "flag" "strings" "io/ioutil" "log" / should be able to: 1. Inject javascript into vulnerable fields. This will capture session cookies ofusers with higher privileges. 2. Send the captured session cookie to a server we control...
Facebook ParlAI 1.0.0 Code Execution / Deserialization
Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Date: 2021-09-11 Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...
Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload
I. VULNERABILITY ------------------------- AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE ------------------------- CVE-2021-40845 III. VENDOR ------------------------- https://www.zenitel.com/ IV. DESCRIPTION ------------------------- The web part of Zenitel...
Apartment Visitor Management System 1.0 Shell Upload / SQL Injection
Exploit Title: Apartment Visitor Management System AVMS 1.0 - SQLi to RCE Date: 2021-08-13 Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10395 Versio...
WordPress Download From Files 1.48 Shell Upload
Exploit Title: Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/download-from-files Date: 10/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/download-from-files/ Version: spacehen www.github.com/spacehen" def...
Men Salon Management System 1.0 Cross Site Scripting / SQL Injection
Exploit Title: Men Salon Management System 1.0 - Multiple Vulnerabilities Date: 2021-09-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql Version: 1.0 Tested on: Windows 10 - XAMPP...
Backdoor.Win32.Wollf.h Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d0fd60516d53b2ad602c460351dbaa85.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.h Vulnerability: Unauthenticated Remote Command Execution Description: The...
HEUR.Trojan.Win32.Generic Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a6916fb9b824e3d2edfe46be69ca2501.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Generic Vulnerability: Insecure Permissions Description: The malware creates an di...
Backdoor.Win32.WinterLove.i Hardcoded Credential
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6c81e8ba0a7b9da6216a78dfeccec8d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinterLove.i Vulnerability: Hardcoded Weak Password Description: The WinterLove malwa...
Backdoor.Win32.VB.awm Authentication Bypass / Information Disclosure
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2271d942a23a89d7adea524d4ac3c13f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.awm Vulnerability: Authentication Bypass - Information Leakage Description: The...
ECOA Building Automation System Path Traversal / Arbitrary File Upload
ECOA Building Automation System Path Traversal Arbitrary File Upload Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRAN...
ECOA Building Automation System Cross Site Request Forgery
ECOA Building Automation System Cross-Site Request Forgery Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE 1.0 ECOA...
ECOA Building Automation System Cookie Poisoning / Authentication Bypass
ECOA Building Automation System Cookie Poisoning Authentication Bypass Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System -...
ECOA Building Automation System Authorization Bypass / Insecure Direct Object Reference
ECOA Building Automation System Authorization Bypass / IDOR Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE 1.0 ECO...
ECOA Building Automation System Arbitrary File Deletion
ECOA Building Automation System Arbitrary File Deletion Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE 1.0 ECOA...
ECOA Building Automation System Configuration Download Information Disclosure
ECOA Building Automation System Configuration Download Information Disclosure Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster Syst...
ECOA Building Automation System Remote Privilege Escalation
ECOA Building Automation System Remote Privilege Escalation Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE 1.0 ECO...
ECOA Building Automation System Weak Default Credentials
ECOA Building Automation System Weak Default Credentials Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE 1.0 ECOA...
ECOA Building Automation System Local File Disclosure
ECOA Building Automation System Local File Disclosure Vulnerability Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE...
ECOA Building Automation System Hardcoded SSH Credentials
ECOA Building Automation System Hard-coded Credentials SSH Access Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System - TRANE 1...
ECOA Building Automation System Directory Traversal
ECOA Building Automation System Directory Traversal Content Disclosure Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System -...
ECOA Building Automation System Missing Encryption
ECOA Building Automation System Missing Encryption Of Sensitive Information Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster System...
Atlassian Confluence WebWork OGNL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence WebWork OGNL Injection', 'Description' = %q This module exploits an OGNL injection in Atlassian Confluence's WebWork compone...
ECOA Building Automation System Hidden Backdoor Accounts
ECOA Building Automation System Hidden Backdoor Accounts and backdoor Function Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster...
POMS-PHP 1.0 SQL Injection
Exploit Title: POMS-PHP by: oretnom23 v1.0 is vulnerable to remote SQL-Injection-Bypass-Authentication. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 09.09.2021 Vendor: https://www.sourcecodester.com/user/257130/activity Link:...
WordPress TablePress 1.14 CSV Injection
Exploit Title: WordPress Plugin TablePress 1.14 - CSV Injection Date: 07/09/2021 Exploit Author: Nikhil Kapoor Vendor Homepage: Software Link: https://wordpress.org/plugins/tablepress/ Version: 1.14 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1. Install...
Bus Pass Management System 1.0 Cross Site Scripting
Exploit Title: Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting XSS Date: 2021-09-08 Exploit Author: Emre Aslan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/wp-content/uploads/2021/07/Bus-Pass-Management-System-Using-PHP-MySQL.zip Version:...
Ionic Identity Vault 4.7 Android Biometric Authentication Bypass
COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Identity Vault Vendor: Ionic CSNC ID: CSNC-2021-001 CVE ID: CVE-2021-3145 Subject: Biometric Authentication Bypass on Android Severity: Medium Effect: Authentication Bypass Author: Emanuel Duss Date: 2021-09-...
Rencode Denial Of Service
1 About Rencode Rencode is a "Python module for fast basic object serialization similar to bencode". https://github.com/aresch/rencode This library is used as a faster and more efficient data encoder than bencode. There are implementations in other languages: Golang, Javascript, Java, Ruby, dart,...
SmartFTP Client 10.0.2909.0 Denial Of Service
Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service Date: 9/5/2021 Exploit Author: Eric Salario Vendor Homepage: https://www.smartftp.com/en-us/ Software Link: https://www.smartftp.com/en-us/download Version: 10.0.2909.0 32 and 64 bit Tested on: Microsoft Windows 10 32 bit a...
Backdoor.Win32.Nyara.aq Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/dec17541412bbc744b9f458862349e34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Nyara.aq Vulnerability: Insecure Permissions Description: The malware creates a dir...
WordPress WP Sitemap Page 1.6.4 Cross Site Scripting
Exploit Title: WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting XSS Date: 07/09/2021 Exploit Author: Nikhil Kapoor Software Link: https://wordpress.org/plugins/wp-sitemap-page/ Version: 1.6.4 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1...
WordPress Survey And Poll 1.5.7.3 SQL Injection
Exploit Title: WordPress Plugin Survey & Poll 1.5.7.3 - 'sssparams' SQL Injection 2 Date: 2021-09-07 Exploit Author: Mohin Paramasivam Shad0wQu35t Vendor Homepage: http://modalsurvey.pantherius.com/ Software Link: https://downloads.wordpress.org/plugin/wp-survey-and-poll.zip Version: 1.5.7.3 Test...
Patient Appointment Scheduler System 1.0 Shell Upload
Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...
Backdoor.Win32.Small.vjt Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/92ea873a2bbdaf0799d572bc4f30dc79.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.vjt Vulnerability: Unauthenticated Remote Command Execution Description: The...
Patient Appointment Scheduler System 1.0 Cross Site Scripting
Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...
Backdoor.Win32.Small.gs Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/551674fec6add7117c4be7f6b357e7cb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.gs Vulnerability: Unauthenticated Remote Command Execution Description: The...
Antminer Monitor 0.5.0 Authentication Bypass
Exploit Title: Antminer Monitor 0.5.0 - Authentication Bypass Date: 09/06/2021 Dork:https://www.zoomeye.org/searchResult?q=%22antminer%20monitor%22 Exploit Author: CQR.company / Vulnz. Vendor Homepage: https://github.com/anselal/antminer-monitor,...
Bus Pass Management System 1.0 Insecure Direct Object Reference
Exploit Title: Bus Pass Management System 1.0 - 'viewid' Insecure direct object references IDOR Date: 2021-09-05 Exploit Author: sudoninja Vendor Homepage: https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql Software Link:...
Online Learning System 2 SQL Injection
Exploit Title0: eLearning V2by: oretnom23 is vulnerable from remote SQL-Injection-Bypass-Authentication in three accounts. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 09.06.2021 Vendor: https://www.sourcecodester.com/user/257130/activity Link:...
FlatCore CMS 2.0.7 Remote Code Execution
Exploit Title: FlatCore CMS 2.0.7 - Remote Code Execution RCE Authenticated Date: 04/10/2021 Exploit Author: Mason Soroka-Gill @sgizoid Vendor Homepage: https://flatcore.org/ Software Link: https://github.com/flatCore/flatCore-CMS/archive/refs/tags/v2.0.7.tar.gz Version: 2.0.7 Tested on: Ubuntu...