50786 matches found
Adtran Personal Phone Manager 10.8.1 DNS Exfiltration
Exploit Title: Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25681 CVE-2021-25681 - AdTran Personal Phone...
OpenEMR 5.0.2.1 Remote Code Execution
Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...
Discourse 2.7.0 2FA Bypass
Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Date: 14/01/2021 Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ...
Phone Shop Sales Management System 1.0 Shell Upload
Exploit Title: Phone Shop Sales Management System - Arbitrary File Upload Unauthenticated Date: 20/04/21 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/10882/phone-shop-sales-managements-system.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4...
Cisco RV Authentication Bypass / Code Execution
IoT Inspector Research Lab Security Advisory IOT-20210414-0 title: Cisco RV series Authentication Bypass and Remote Command Execution vendor/product: Cisco https://www.cisco.com/ vulnerable version: RV16X/RV26X: 1.0.01.02 & below. RV34X: 1.0.03.20 & below. fixed version: RV16X/RV26X: 1.0.01.03...
Fibaro Home Center MITM / Missing Authentication / Code Execution
IoT Inspector Research Lab Advisory IOT-20210408-0 title: Multiple vulnerabilities vendor/product: Fibaro Home Center Light / Fibaro Home Center 2 https://www.fibaro.com/ vulnerable version: 4.600 and older fixed version: 4.610 CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,...
WordPress Photo Gallery 1.5.69 Cross Site Scripting
Researcher Name: ThuraMoeMyint Twitter: https://twitter.com/mgthuramoemyint Vendor Url: https://wordpress.org/plugins/photo-gallery/ "Photo Gallery by 10Web / Mobile-Friendly Image Gallery" photo-gallery Multiple RXSS The parameter bwgalbumbreadcrumb0 is able to inject malicious javascript code...
Nagios XI 5.7.3 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection', 'Description' = %q This module exploits CVE-2020-5791, an OS command...
Trojan.Win32.Agentb.iofv Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agentb.iofv Vulnerability: Insecure Permissions Description: Agentb.iofv creates an...
Trojan.Win32.Agent.hsm Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.hsm Vulnerability: Insecure Permissions Description: Agent.hsm creates an insecur...
Trojan.Win32.NanoBot.onh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.NanoBot.onh Vulnerability: Insecure Permissions Description: NanoBot.onh creates an...
Trojan.Win32.Bayrob.dtrg Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2f3f0e9be7edb73e545fc49b5a78b4f0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Bayrob.dtrg Vulnerability: Insecure Permissions Description: Bayrob.dtrg creates an...
Trojan-Dropper.Win32.Agent.bjtzcp Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Agent.bjtzcp Vulnerability: Insecure Permissions Description: Agent.bjtzcp...
Constructor.Win32.Bifrose.ag Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/db45a906a0a3747398b2b8a5faff5e44.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.Bifrose.ag Vulnerability: Local Stack Buffer Overflow Description: Bifrost crypted...
HEUR.Backdoor.Win32.Generic File Download
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Backdoor.Win32.Generic Vulnerability: Unauthenticated Open Proxy Description: The backdoor...
GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution
Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: April 15th, 2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor:...
glFTPd 2.11a Denial Of Service
Exploit Title: glFTPd 2.11a - Remote Denial of Service Date: 15/05/2021 Exploit Author: xynmaps Vendor Homepage: https://glftpd.io/ Software Link: https://glftpd.io/files/glftpd-LNX-2.11a1.1.1kx64.tgz Version: 2.11a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8...
Horde Groupware Webmail 5.2.22 Cross Site Scripting
Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty Date: 04.14.2021 Vendor: https://www.horde.org/apps/webmail Link: https://github.com/horde/webmail/releases CVE: CVE-2021-26929 + Exploit Source:...
Tileserver-gl 3.0.0 Cross Site Scripting
Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting XSS Date: 15/04/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://tileserver.org/ Software Link: https://github.com/maptiler/tileserver-gl Version: versions alertdocument.domain...
Backdoor.Win32.Zombam.h Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.h Vulnerability: Remote Stack Buffer Overflow Description: Zombam.h HTTP RAT...
htmly 2.8.0 Cross Site Scripting
Exploit Title: htmly 2.8.0 allows stored XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor: htmly Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 + Exploit Source: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26929 Exploit Program Code !/usr/bin/python3...
Nagios XI Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection', 'Description' = %q This module exploits a command injection...
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution
Exploit Title: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE Date: 12-4-2021 Exploit Author: Jay Sharma Version: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Tested on: V2.1 CVE : CVE-2021-29003 steps to reproduce Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute...
CITSmart ITSM 9.1.2.27 SQL Injection
Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...
Digital Crime Report Management System 1.0 SQL Injection
Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...
HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Hoax.Win32.FrauDrop.gen Vulnerability: Insecure Permissions Description: FrauDrop.gen creates a...
Nagios XI getprofile.sh Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.6.6 getprofile.sh Authenticated Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the...
Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected cross-site scripting product: Microsoft Azure DevOps Server vulnerable version: 2020.0.1 fixed version: 2020.0.1 Patch 2 CVE number: CVE-2021-28459 impact: medi...
jQuery 1.2 Cross Site Scripting
Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1:...
CITSmart ITSM 9.1.2.22 LDAP Injection
Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...
Trojan.Win32.Agent.zfgh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Agent.zfgh Vulnerability: Insecure Permissions Description: Agent.zfgh creates an hidde...
Trojan.Win32.Jorik.qje Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Jorik.qje Vulnerability: Insecure Permissions Description: Jorik.qje creates an insecur...
Webmail Edition 5.2.22 XSS / Remote Code Execution
Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav Varbanovski @nu11secur1ty System Administrator - Infrastructure Engineer Date: 04.14.2021 Vendor: webmail Link:...
MariaDB 10.2 Command Execution
Exploit Title: MariaDB 10.2 /MySQL - 'wsrepprovider' OS Command Execution Date: 03/18/2021 Exploit Author: Central InfoSec Version: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through...
jQuery 1.0.3 Cross Site Scripting
Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: "...
Native Church Website 1.0 Shell Upload
Exploit Title: Native Church Website - Arbitrary File Upload Authenticated Date: 04/21 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11764/native-church-website-phpmysql.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4 /usr/bin/python3 import...
Blitar Tourism 1.0 SQL Injection
Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Date: 13 April 2021 Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1....
ExpressVPN VPN Router 1.0 Integer Overflow
Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow Date: 09-04-2021 Exploit Author: Jai Kumar Sharma Vendor Homepage: https://www.expressvpn.com/ Software Link: https://www.expressvpn.com/vpn-software/vpn-router Version: version 1 Tested on: Windows/Ubuntu/MacOS CVE ...
Chrome V8 JavaScript Engine Remote Code Execution
/ BSD 2-Clause License Copyright c 2021, rajvardhan agarwal All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice,...
Simple Student Information System 1.0 SQL Injection
Exploit Title: Simple Student Information System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://www.sourcecodester.com/php/11400/simple-student-information-system-ajax-live-search.html Software Link:...
vsftpd 2.3.4 Backdoor Command Execution
Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution Date: 9-04-2021 Exploit Author: HerculesRD Software Link: http://www.linuxfromscratch.org/thomasp/blfs-book-xsl/server/vsftpd.html Version: vsftpd 2.3.4 Tested on: debian CVE : CVE-2011-2523 !/usr/bin/python3 from telnetlib import Telnet...
PrestaShop 1.7.6.7 SQL Injection
Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection Date: 2021-04-08 Exploit Author: Vanshal Gaur Vendor Homepage: https://www.prestashop.com/ Version: 1.7.5.x 1.7.6.8 Tested on: Debian 10 buster CVE : CVE-2020-15160 !/usr/bin/python3 ''' Setup Vulnerable Docker on "localhost:8080"...
Google Chrome SimplfiedLowering Integer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome versions before 87.0.4280.88 integer overflow during SimplfiedLowering phase', 'Description' = %q This module exploits an issue in...
Trojan-Downloader.Win32.Genome.qiw Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5cddc4647fb1c59f5dc7f414ada7fad4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Genome.qiw Vulnerability: Insecure Permissions Description: Genome.qiw creat...
Backdoor.Win32.Small.n Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fb24c3509180f463c9deaf2ee6705062.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Small.n Vulnerability: Unauthenticated Remote Command Execution SYSTEM Description: T...
D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem ======== ========================================= 0. Overview 1. Details 2. Solution 3. Disclosure Timeline 4. Thanks & Acknowledgements 5. References 6. Credits 7. Legal...
Trojan.Win32.Hosts2.yqf Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/274a6e846c5a4a2b3281198556e5568b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hosts2.yqf Vulnerability: Insecure Permissions Description: Hosts2.yqf creates an...
Backdoor.Win32.Hupigon.das Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.das Vulnerability: Unauthenticated Open Proxy Description: The malware drops ...
Check Point Identity Agent Arbitrary File Write
Advisory: Privileged File Write Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Version: R81.018.0000 Vulnerability...
DMA Radius Manager 4.4.0 Cross Site Request Forgery
Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147...