50784 matches found
Scratch Desktop 3.17 Code Execution / Cross Site Scripting
Exploit Title: Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution XSS/RCE Google Dork: 'inurl:"/projects/editor/?tutorial=getStarted" -mit.edu' not foolproof on versioning Date: 2021-06-18 Exploit Author: Stig Magnus Baugstø Vendor Homepage: https://scratch.mit.edu/ Software Link:...
Online Voting System 1.0 SQL Injection
Exploit Title: Online Voting System 1.0 - Authentication Bypass SQLi Exploit Author: deathflash1411 Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on: Ubuntu 20.04 Proof of Concept...
Vianeos OctoPUS 5 SQL Injection
Exploit Title: Vianeos OctoPUS 5 - 'loginuser' SQLi Date: 01/07/2021 Exploit Author: Audencia Business SCHOOL Vendor Homepage: http://www.vianeos.com/en/home-vianeos/ Software Link: http://www.vianeos.com/en/octopus/ Version: V5 Tested on: Fedora / Apache2 / MariaDB Octopus V5 SQLi The "loginuser...
Online Voting System 1.0 Remote Code Execution
Exploit Title: Online Voting System 1.0 - Remote Code Execution Authenticated Exploit Author: deathflash1411 Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on: Ubuntu 20.04 Proof of...
WordPress XCloner 4.2.12 Remote Code Execution
Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Date 30.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12...
Docker Container Escape
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Container Escape Via runC Overwrite', 'Description' = %q This module leverages a flaw in runc to escape a Docker container and get command...
WinWaste.NET 1.0.6183.16475 Local Privilege Escalation
Exploit Title: WinWaste.NET - Privilege Escalation due Incorrect Access Control Date: 2021-07-01 Author: Andrea Intilangelo Vendor Homepage: http://nica.it - http://winwastenet.com Version: 1.0.6183.16475 Tested on: Windows 10 Pro x64 - 20H2 and 21H1 CVE: CVE-2021-34110 WinWaste.NET version...
Apache Superset 1.1.0 Account Enumeration
Exploit Title: Apache Superset 1.1.0 - Time-Based Account Enumeration Author: Dolev Farhi Date: 2021-05-13 Vendor Homepage: https://superset.apache.org/ Version: 1.1.0 Tested on: Ubuntu import sys import requests import time scheme = 'http' host = '192.168.1.1' port = 8080 change with your wordli...
phpAbook 0.9i SQL Injection
Exploit Title: phpAbook 0.9i - SQL Injection Date: 2021-06-29 Vendor Homepage: http://sourceforge.net/projects/phpabook/ Exploit Author: Said Cortes, Alejandro Perez Version: v0.9i This was written for educational purpose. Use it at your own risk. Author will be not responsible for any damage...
Doctors Patients Management System 1.0 SQL Injection
Exploit Title: Doctors Patients Management System 1.0 - SQL Injection Authentication Bypass Date: 06/30/2021 Exploit Author: Murat DEMIRCI butterflyhunt3r Vendor Homepage: https://www.codester.com/ Software Link: https://www.codester.com/items/31349/medisol-doctors-patients-managment-system...
Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation
Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 Metadata =================================================== Release Date: 29-Jun-2021 Author: Florian Bogner @ https://bee-itsecurity.at Affected product: Securepoint SSL VPN Client Fixed in: version 2.0.32 Tested on: Windows 10 x64...
ES File Explorer 4.1.9.7.4 Arbitrary File Read
Exploit Title: ES File Explorer 4.1.9.7.4 - Arbitrary File Read Date: 29/06/2021 Exploit Author: Nehal Zaman Version: ES File Explorer v4.1.9.7.4 Tested on: Android CVE : CVE-2019-6447 import requests import json import ast import sys if lensys.argv file to download" sys.exit1 url = 'http://' +...
Constructor.Win32.Bifrose.asc Buffer Overflow / Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9e1ef166901534c276b5eeeee511fe22.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.Bifrose.asc Vulnerability: Local Stack Buffer Overflow Heap Corruption Description...
Personnel Record Management System 1.0 SQL Injection
Exploit Title: Personnel Record Management System | Admin Bypass sqli Exploit Author: Richard Jones Date: 28/06/2021 Vendor Homepage: https://www.sourcecodester.com/php/5107/record-management-system.html Software Link:...
WordPress YOP Polls 6.2.7 Cross Site Scripting
Exploit Title: WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting XSS Date: 09/06/2021 Exploit Author: inspired - Toby Jackson Vendor Homepage: https://yop-poll.com/ Blog Post: https://www.in-spired.xyz/discovering-wordpress-plugin-yop-polls-v6-2-7-stored-xss/ Software Link:...
Android 2.0 FreeCIV Arbitrary Code Execution
""" Android Debug Bridge ADB freeciv exploit Author : Raed-Ahsan https://linkedin.com/in/raed-ahsan Android 2.0 Banana Studio """ """ import socket socket import subprocess Subprocess import pyautogui PyAutoGui import time Time def connectionfunctionhost, port: s = socket.socketsocket.AFINET,...
Personnel Record Management System 1.0 Authentication Bypass / XSS
Exploit Title: Personnel Record Management System | Unauthenticated Add Admin Account plus Stored XSS Exploit Author: Richard Jones Date: 28/06/2021 Vendor Homepage: https://www.sourcecodester.com/php/5107/record-management-system.html Software Link:...
Email-Worm.Win32.Trance.a Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca18a07560efa0308827dc972351301f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Trance.a Vulnerability: Insecure Permissions Description: The malware creates a dir...
Netgear WNAP320 2.0.3 Remote Code Execution
Exploit Title: Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution RCE Unauthenticated Vulnerability: Remote Command Execution on /boardDataWW.php macAddress parameter Notes: The RCE doesn't need to be authenticated Date: 26/06/2021 Exploit Author: Bryan Leong IoT Device: Netgear WNAP320...
SAS Environment Manager 2.5 Cross Site Scripting
Exploit Title: SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting XSS Date: 24/06/2021 Exploit Author: Luqman Hakim Zahari @ Saitamang Vendor Homepage: https://support.sas.com/en/software/environment-manager-support.html Version: 2.5 Tested on: CentOS 7 CVE : CVE-2021-35475...
WordPress wpDiscuz 7.0.4 Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress wpDiscuz Unauthenticated File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in the WordPress...
Trojan-Dropper.Win32.Scrop.dyi Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/af207a19fbe313e3f7e123b6b2acffd4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Scrop.dyi Vulnerability: Insecure Permissions Description: The malware creates ...
Atlassian Jira Server/Data Center 8.16.0 Cross Site Scripting
Exploit Title: Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting XSS Date: 06/05/2021 Exploit Author: CAPTAINHOOK Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤ versi...
Lightweight Facebook-Styled Blog Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Lightweight facebook-styled blog authenticated remote code execution", 'Description' = %q This module exploits the file upload vulnerability of...
Seeddms 5.1.10 Remote Command Execution
Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...
SAPSprint 7.60 Unquoted Service Path
Exploit Title: SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path Discovery by: Brian Rodriguez Date: 21-06-2021 Vendor Homepage: https://brother.com/ Tested Version: 7.60 Vulnerability Type: Unquoted Service Path Tested on: Windows 10 Enterprise 64 bits Step to discover Unquoted Service Path:...
Simple Client Management System 1.0 SQL Injection
Exploit Title: Simple Client Management System 1.0 - 'uemail' SQL Injection Unauthenticated Date: 24-06-2021 Exploit Author: Barış Yıldızoğlu Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/client-details.zip...
Trojan.Win32.SecondThought.ak Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/21cd8bab6b3569f7b375a69a37e36c50.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.SecondThought.ak Vulnerability: Insecure Permissions Description: The malware creates a...
TP-Link TL-WR841N Command Injection
Exploit Title: TP-Link TL-WR841N - Command Injection Date: 2020-12-13 Exploit Author: Koh You Liang Vendor Homepage: https://www.tp-link.com/ Software Link: https://static.tp-link.com/TL-WR841NJPV13161028.zip Version: TL-WR841N 0.9.1 4.0 Tested on: Windows 10 CVE : CVE-2020-35575 import requests...
Adobe ColdFusion 8 Remote Command Execution
Exploit Title: Adobe ColdFusion 8 - Remote Command Execution RCE Google Dork: intext:"adobe coldfusion 8" Date: 24/06/2021 Exploit Author: Pergyz Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html Version: 8 Tested on: Microsoft Windows Server 2008 R2 Standard CVE :...
Backdoor.Win32.ReverseTrojan.200 Authentication Bypass
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3fbec7c0623f5f80e4d9c096a50b0d59.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.ReverseTrojan.200 Vulnerability: Authentication Bypass Empty Password Description:...
Trojan-Dropper.Win32.Krepper.a Remote Command Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ee699b4055c6199f9826681797d64f0b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Krepper.a Vulnerability: Unauthenticated Remote Command Execution Description:...
Huawei DG8045 Authentication Bypass
Title: Huawei dg8045 - Authentication Bypass Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 Hardware Version: VER.A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. An...
VMware vCenter 6.5 / 6.7 / 7.0 Remote Code Execution
Exploit Title: VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution RCE Unauthenticated Date: 06/21/2021 Exploit Author: CHackA0101 Vendor Homepage: https://kb.vmware.com/s/article/82374 Software Link: https://www.vmware.com/products/vcenter-server.html Version: This affects VMware...
Trojan-Dropper.Win32.Juntador.a Weak Hardcoded Password
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f28e866ce2f99013a66b015f6a7f31a8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Juntador.a Vulnerability: Weak Hardcoded Password Description: The malware...
Trojan.Win32.Banpak.kh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/304fb160949dcaec3e718481464f9ce6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Banpak.kh Vulnerability: Insecure Permissions Description: The malware creates a dir wi...
rConfig Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'rConfig Vendors Auth File Upload RCE', 'Description' = %q This module allows an attacker with a privileged rConfig account to start a reverse she...
WordPress WP Google Maps 8.1.11 Cross Site Scripting
Exploit Title: WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting XSS Date: 22/6/2021 Exploit Author: Mohammed Adam Vendor Homepage: https://www.wpgmaps.com/ Software Link: https://wordpress.org/plugins/wp-google-maps/ Version: 5.7.2 Tested on: Windows 10 CVE: CVE-2021-24383...
WordPress Poll, Survey, Questionnaire And Voting System 1.5.2 SQL Injection
Exploit Title: WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 - 'dateanswers' Blind SQL Injection Date: 09/06/2021 Exploit Author: inspired - Toby Jackson Blog Post: https://in-spired.xyz/wpdevart-polls-blind-sql-injection/ Vendor Homepage:...
HPE RDA-CAS 1.23.826 Denial Of Service
!/usr/bin/python -- coding: UTF-8 -- hpfreeze.py HPE Remote Device Access Unauthenticated Denial of Service Jeremy Brown jbrown3264/gmail June 2021 "Designed for the enterprise, HPE RDA Remote Device Access provides integrated remote connectivity for support automation, device telemetry and remot...
Online Library Management System 1.0 Shell Upload
Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution Unauthenticated Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Cisco Modeling Labs 2.1.1-b19 Remote Command Execution
Cisco Modeling Labs 2.1.1-b19 Post-Auth RCE Vulnerability CVE-2021-1531 ======= Details ======= Authenticated command injection in the web portal via the X-Original-File-Name header. Tested with portal 'admin' user who does not have a system login or SSH access, but likely works for any user who...
Simple CRM 3.0 SQL Injection
Exploit Title: Simple CRM 3.0 - 'email' SQL injection Authentication Bypass Date: 22/06/2021 Exploit Author: Rinku Kumar rinku191 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...
Online Library Management System 1.0 SQL Injection
Exploit Title: Online Library Management System 1.0 - 'Search' SQL Injection Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/ols.zip Version: 1.0 Tested on: Windows...
F5 BIG-IQ VE 8.0.0-2923215 Remote Root
F5 BIG-IQ VE v8.0.0-2923215 Post-auth Remote Root RCE CVE-2021-23024 ======= Details ======= It was possible to execute commands with root privileges as an authenticated privileged user via command injection in easy-setup-test-connection. There are two blind command injection bugs in Test DNS...
Monitorr 1.7.6m Bypass / Information Disclosure / Shell Upload
!/usr/bin/env ruby Exploit Title: Monitorr exploit toolkit Google Dorks: inurl:/assets/config/installation/register.php?action=register Author: noraj Alexandre ZANNI for SEC-IT http://secit.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/sec-it/monitorr-exploit-toolkit...
ASUS DisplayWidget Software 3.4.0.036 Unquoted Service Path
Exploit Title: ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted Service Path Date: 2021-06-21 Exploit Author: Julio Aviña Vendor Homepage: https://www.asus.com/ Software Link: https://dlcdnets.asus.com/pub/ASUS/LCD%20Monitors/MB16ACE/ASUSDisplayWidget3.4.0.036.exe.zip...
Wise Care 365 5.6.7.568 Unquoted Service Path
Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...
Remote Mouse GUI 3.008 Privilege Escalation
Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411, [email protected] Date: 17.06.2021 Version: Remote Mouse 3.008 Tested on: Windows 10 Pro Version 21H1 Reference: https://deathflash.ml/blog/remote-mouse-lpe Steps to reproduce: 1. Open...
Dlink DSL2750U Command Injection
Exploit Title: Dlink DSL2750U - 'Reboot' Command Injection Date: 17-06-2021 Exploit Author: Mohammed Hadi HadiMed Vendor Homepage: https://me.dlink.com/consumer Software Link: https://dlinkmea.com/index.php/product/details?det=c0lvN0JoeVVhSXh4TVhjTnd1OUpUUT09 Version: ME1.16 Tested on: firmware...