50630 matches found
Solaris SunSSH 11.0 Remote Root
Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root 3 Exploit Author: Nathaniel Singer, Joe Rozner Date: 09/11/2020 CVE: 2020-14871 Vulnerable Versions: Oracle Solaris: 9 some releases, 10 all releases, 11.0 Description: CVE-2020-14871 is a critical pre-authentication via SSH stack-based...
Responsive Tourism Website 3.1 Remote Code Execution
Exploit Title: Responsive Tourism Website 3.1 - Remote Code Execution RCE Unauthenticated Date: 22.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14838/simple-responsive-tourism-website-using-php-free-source-code.html Version: V 3.1 Tested on: MacOS &...
Wise Care 365 5.6.7.568 Unquoted Service Path
Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...
Lexmark Printer Software G2 Installation Package 1.8.0.0 Unquoted Service Path
Exploit Title: Lexmark Printer Software G2 Installation Package 1.8.0.0 - 'LMbdsvc' Unquoted Service Path Date: 2021-06-20 Exploit Author: Julio Aviña Vendor Homepage: https://www.lexmark.com/ Software Link:...
Simple CRM 3.0 Cross Site Scripting
Exploit Title: Simple CRM 3.0 - 'name' Stored Cross site scripting XSS Date: 20/06/2021 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...
Simple CRM 3.0 Cross Site Request Forgery
Exploit Title: Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery CSRF Date: 20/06/2021 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaD...
Backdoor.Win32.Hupigon.aaio Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c38cd09fd5ebd1f0cc378804b2da08c4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aaio Vulnerability: Remote Stack Buffer Overflow Description: The malware...
OpenEMR 5.0.1.7 Path Traversal
Exploit Title: OpenEMR 5.0.1.7 - 'fileName' Path Traversal Authenticated Date 16.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5017.zip Version: All versions prior to 5.0.2 Tested on:...
ICE Hrm 29.0.0.OS Cross Site Request Forgery
Exploit Title: ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Request Forgery CSRF Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description ICE Hrm Version 29.0.0.OS is vulnerable to CSRF which allows...
Node.JS Remote Code Execution
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Date: 17.06.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize =...
Trojan-Dropper.Win32.Googite.b Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4a8d6bc838c09c6701abfa8b283fd0de.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Googite.b Vulnerability: Unauthenticated Remote Command Execution Description:...
ICE Hrm 29.0.0.OS Cross Site Scripting / Session Fixation
Exploit Title: ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Scripting and Session Fixation Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description ICE Hrm Version 29.0.0.OS is vulnerable to session...
iFunbox 4.2 Unquoted Service Path
Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...
ICE Hrm 29.0.0.OS Cross Site Scripting
Exploit Title: ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting XSS Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description The file upload feature in ICE Hrm Version 29.0.0.OS allows remote...
Zoho ManageEngine ServiceDesk Plus 9.4 User Enumeration
Exploit Title: Zoho ManageEngine ServiceDesk Plus MSP - Active Directory User Enumeration CVE-2021-31159 Date: 17/06/2021 Exploit Author: Ricardo Ruiz @ricardojoserf CVE: CVE-2021-31159 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31159 Vendor Homepage: https://www.manageengine.com...
Email-Worm.Win32.Kipis.a Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/aa703bc17e3177d3b24a57c5d2a91a0c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.a Vulnerability: Unauthenticated Remote Code Execution Description: The malwa...
Cisco HyperFlex HX Data Platform File Upload / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE CVE-2021-1499', 'Description' = %q This module exploits an unauthenticated fi...
Unified Office Total Connect Now 1.0 SQL Injection
Exploit Title: Unified Office Total Connect Now 1.0 – 'data' SQL Injection Shodan Filter: http.title:"TCN User Dashboard" Date: 06-16-2021 Exploit Author: Ajaikumar Nadar Vendor Homepage: https://unifiedoffice.com/ Software Link: https://unifiedoffice.com/voip-business-solutions/ Version: 1.0...
Dup Scout 13.5.28 Unquoted Service Path
Exploit Title: Dup Scout 13.5.28 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.dupscout.com Software Links: https://www.dupscout.com/setupsx64/dupscoutsrvsetupv13.5.28x64.exe...
VeryFitPro 3.2.8 Insecure Transit
Trovent Security Advisory 2105-01 Unencrypted cleartext transmission of sensitive information Overview Advisory ID: TRSA-2105-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2105-01 Affected product: VeryFitPro Android mobile application...
VX Search 13.5.28 Unquoted Service Path
Exploit Title: VX Search 13.5.28 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.vxsearch.com Software Links: https://www.vxsearch.com/setupsx64/vxsearchsrvsetupv13.5.28x64.exe...
Sync Breeze 13.6.18 Sync Breeze 13.6.18 Unquoted Service Path
Exploit Title: Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.syncbreeze.com/ Software Links: https://www.syncbreeze.com/setupsx64/syncbreezesrvsetupv13.6.18x64.exe...
Online Shopping Portal 3.1 Shell Upload
Exploit Title: Online Shopping Portal 3.1 - Remote Code Execution Unauthenticated Date: 17.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: V3.1 Tested on: Windows & Ubuntu import requests import random import string url =...
Trojan.Win32.Alien.erf Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Denial of Service Description: The malware deploys a SM...
OpenEMR 5.0.1.3 Authentication Bypass
Exploit Title: OpenEMR 5.0.1.3 - '/portal/account/register.php' Authentication Bypass Date 15.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: All versions prior to 5.0.1...
Trojan.Win32.Alien.erf Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Stack Buffer Overflow Description: The malware deploys...
Workspace ONE Intelligent Hub 20.3.8.0 Unquoted Service Path
Exploit Title: Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 06-16-2021 Vendor Homepage: https://www.vmware.com/mx/products/workspace-one/intelligent-hub.html Software Links : https://getwsone.com/...
Microsoft SharePoint Unsafe Control And ViewState Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'http://microsoft.com/sharepoint/webpartpages', 'soap' = 'http://www.w3.org/2003/05/soap-envelope', 'xsi' =...
Disk Savvy 13.6.14 Unquoted Service Path
Exploit Title: Disk Savvy 13.6.14 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.disksavvy.com Software Links: https://www.disksavvy.com/setupsx64/disksavvysrvsetupv13.6.14x64.exe...
Teachers Record Management System 1.0 SQL Injection
Exploit Title: Teachers Record Management System 1.0 – Multiple SQL Injection Authenticated Date: 05-10-2021 Exploit Author: nhattruong or https://nhattruong.blog Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/...
Cotonti Siena 0.9.19 Cross Site Scripting
Exploit Title: Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting Date: 2021-15-06 Exploit Author: Fatih İLGİN Vendor Homepage: cotonti.com Vulnerable Software: https://www.cotonti.com/download/siena0919 Affected Version: 0.9.19 Tested on: Windows 10 Vulnerable Parameter Type: POST...
Teachers Record Management System 1.0 Cross Site Scripting
Exploit Title: Teachers Record Management System 1.0 – 'email' Stored Cross-site Scripting XSS vulnerability Authenticated Date: 05-10-2021 Exploit Author: nhattruong or https://nhattruong.blog Vendor Homepage: https://phpgurukul.com Software Link:...
Disk Sorter Server 13.6.12 Unquoted Service Path
Exploit Title: Disk Sorter Server 13.6.12 - 'Disk Sorter Server' Unquoted Service Path Discovery by: BRushiran Date: 15-06-2021 Vendor Homepage: https://www.disksorter.com Software Links: https://www.disksorter.com/setupsx64/disksortersrvsetupv13.6.12x64.exe Tested Version: 13.6.12 Vulnerability...
DiskPulse 13.6.14 Unquoted Service Path
Exploit Title: DiskPulse 13.6.14 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://www.diskpulse.com Software Links: https://www.diskpulse.com/setupsx64/diskpulseentsetupv13.6.14x64.exe...
CKEditor 3 Server-Side Request Forgery
Exploit Title: CKEditor 3 - Server-Side Request Forgery SSRF Google Dorks : inurl /editor/filemanager/connectors/uploadtest.html Date: 12-6-2021 Exploit Author: Blackangel Software Link: https://ckeditor.com/ Version:all version under 4 1,2,3 Tested on: windows 7 Steps of Exploit:- 1-using google...
Brother BRAgent 1.38 Unquoted Service Path
Exploit Title: Brother BRAgent 1.38 - 'WBAAgentClient' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://brother.com Software Link: https://support.brother.com/g/b/downloadhowto.aspx?c=us&lang=en&prod=ads1000wus&os=10013&dlid=dlf002778000&flang=4&type3=...
Client Management System 1.1 SQL Injection
Exploit Title: Client Management System 1.1 - 'Search' SQL Injection Date: 14 June 2021 Exploit Author: BHAVESH KAUL Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/client-management-system-using-php-mysql/ Version: 1.1 Tested on: Server: XAMPP Description Client...
Sami HTTP Server 2.0 Denial Of Service
!/usr/bin/perl -w Date: 06/14/2021 14 Jun Version Vulnerable: Sami HTTP 2.0 OS Tested: Windows XP PACK 3 Brazilian use IO::Socket; $sis="$^O"; print $sis; if $sis eq "windows" $cmd="cls"; else $cmd="clear"; system"$cmd"; if !$ARGV0 || !$ARGV1 &apresentacao; exit; sub apresentacao print q Sami HTT...
Client Management System 1.1 Cross Site Scripting
Exploit Title: Client Management System 1.1 - 'username' Stored Cross-Site Scripting XSS Date: 14 June 2021 Exploit Author: BHAVESH KAUL Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/client-management-system-using-php-mysql/ Version: 1.1 Tested on: Server: XAMPP...
Online Library Management System 2.0 Cross Site Request Forgery
Exploit Title: Online Library Management System Date:15/06/2021 Exploit Author : Mohit Dabas Vendor Homepage : https://phpgurukul.com Software Link : https://phpgurukul.com/online-library-management-system/ Version: 2.0 Tested on : LAMPP Description Online Library Management System has got CSRF i...
IPFire 2.25 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE', 'Description' = %q This module exploits an authenticated command injection...
HashiCorp Nomad Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HashiCorp Nomad Remote Command Execution', 'Description' = %q Create a batch job on HashiCorp's Nomad service to spawn a shell. The default optio...
SysGauge 7.9.18 Unquoted Service Path
Exploit Title: SysGauge 7.9.18 - ' SysGauge Server' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://www.sysgauge.com Software Link: https://www.sysgauge.com/setups/sysgaugesrvsetupv7.9.18.exe Tested Version: 7.9.18 Vulnerability Type: Unquoted Service...
SAP Solution Manager 7.2 (ST 720) Open Redirection
Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis Impact on Business Under certain circumstances, an attacker might be able to steal a cookie from the application. It may impact the confidentiality of the service. Advisory Information - Public Release Dat...
SAP Netweaver JAVA 7.50 Missing Authorization
Onapsis Security Advisory 2021-0013: CVE-2020-26829 - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication Impact on Business A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order to connect to the...
Polkit 0.105-26 0.117-2 Privilege Escalation
Exploit Title: Polkit 0.105-26 0.117-2 - Local Privilege Escalation Date: 06/11/2021 Exploit Author: J Smith CadmusofThebes Vendor Homepage: https://www.freedesktop.org/ Software Link: https://www.freedesktop.org/software/polkit/docs/latest/polkitd.8.html Version: polkit 0.105-26 Ubuntu, polkit...
Brother BRPrint Auditor 3.0.7 Unquoted Service Path
Exploit Title: Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://support.brother.com/ Software Links:...
OpenEMR 5.0.1.3 Shell Upload
Exploit Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated Date 12.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: Prior to 5.0.1.4 Tested on...
Secure Notepad Private Notes 3.0.3 Denial Of Service
Exploit Title: Secure Notepad Private Notes 3.0.3 - Denial of Service PoC Date: 06-14-2021 Author: Geovanni Ruiz Download Link: https://apps.apple.com/us/app/secure-notepad-private-notes/id711178888 Version: 3.0.3 Category: DoS iOS Vulnerability Secure Notepad - Private Notes is vulnerable to a D...
Accela Civic Platform 21.1 Insecure Direct Object Reference
Exploit Title: Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References IDOR Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE: CVE-2021-34369...