50637 matches found
AnyDesk 5.5.2 Remote Code Execution
Exploit Title: AnyDesk 5.5.2 - Remote Code Execution Date: 09/06/20 Exploit Author: scryh Vendor Homepage: https://anydesk.com/en Version: 5.5.2 Tested on: Linux Walkthrough: https://devel0pment.de/?p=1881 !/usr/bin/env python import struct import socket import sys ip = '192.168.x.x' port = 50001...
Backdoor.Win32.BO2K.ab Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca4e5a6ff033b62fa59de5a5dd24c7f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BO2K.ab Vulnerability: Local File Buffer Overflow Description: PsyConf - Program...
Local Services Search Engine Management System 1.0 Cross Site Scripting
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - 'name' Persistent Cross-Site Scripting XSS Date: 2021-03-03 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...
Backdoor.Win32.BO2K.09.b Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/90894ac48059687ea80e565f7529e53f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BO2K.09.b Vulnerability: Unauthenticated Remote Command Execution Description: Backdo...
Backdoor.Win32.DarkKomet.irv Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/341b2c3222122bd25c8509fc09534dec.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.irv Vulnerability: Insecure Permissions Description: DarkKomet.irv creates ...
Doctor Appointment System 1.0 SQL Injection
Exploit Title: Doctor Appointment System 1.0 Blind SQL injection in comment parameter Date: 02-03-2021 CVE: CVE-2021-27315 Exploit Author: Soham Bakore Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...
Doctor Appointment System 1.0 Blind SQL Injection
Exploit Title: Doctor Appointment System 1.0 Blind SQL injection in email parameter Date: 03-03-2021 CVE: CVE-2021-27319 Exploit Author: Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...
Web Based Quiz System 1.0 Cross Site Scripting
Exploit Title: Web Based Quiz System 1.0 - 'name' Persistent/Stored Cross-Site Scripting Date: 2021-03-02 Exploit Author: P.Naveen Kumar Vendor Homepage: https://www.sourcecodester.com Software Download Link :...
TinyTinyRSS Remote Code Execution
!/usr/bin/env python3 Exploit Title: TinyTinyRSS remote code execution Date: 21 September 2020 made public Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit...
CASAP Automated Enrollment System 1.1 SQL Injection
Exploit Title: CASAP Automated Enrollment System 1.1 - Authentication Bypass cookie session Exploit Author: @nu11secur1ty Date: 03.02.2021 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...
Web Based Quiz System 1.0 Cross Site Scripting
Exploit Title: Web Based Quiz System 1.0 - 'MCQ options' Persistent/Stored Cross-Site Scripting Date: 2021-03-02 Exploit Author: Praharsh Kumar Singh Vendor Homepage: https://www.sourcecodester.com Software Download Link:...
Profiling System For Human Resource Management 1.0 Cross Site Scripting
Exploit Title: Profiling System For Human Resource Management | Stored XSS Exploit Author: Richard Jones Date: 2021-03 Vendor Homepage: https://www.sourcecodester.com/php/11222/profiling-system-human-resource-management.html Software...
Zen Cart 1.5.7b Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit write payload in database and trig to command a bug in an zencart v1.5.7b web application class MetasploitModule 'zencart authenticated remote code executio...
Trojan-Spy.Win32.Stealer.osh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d58b1c2f540268bd9dd920455568d45f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Stealer.osh Vulnerability: Insecure Permissions Description: The malware creates an...
Covid-19 Contact Tracing System 1.0 Code Execution
Exploit Title: Covid-19 Contact Tracing System 1.0 - Remote Code Execution Unauthenticated Date: 28-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...
Concrete5 8.5.4 Cross Site Scripting
Exploit Title: Cross site scriptingXSS Author: nu11secur1ty Date: 02.27.2021 Vendor: https://www.concrete5.org/download Link: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-3111 CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3111 Exploit Place - Navigate to entries...
Backdoor.Win32.RemoteManipulator.fdo Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/66ef21e8d1cf30dce6e084a9e306c18f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.RemoteManipulator.fdo Vulnerability: Insecure Permissions Description: The backdoor...
Online Catering Reservation System 1.0 Code Execution
Exploit Title: Online Catering Reservation System 1.0 - Unauthenticated Remote Code Execution Date: 28-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11355/online-catering-reservation.html Version:...
VMware vCenter Server 7.0 Arbitrary File Upload
Exploit Title: VMware vCenter Server 7.0 - Unauthenticated File Upload Date: 2021-02-27 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2021-0002.html Version: vCenter Server 6.5 7515524. File name CVE-2021-21972.py written by tijldotdeneutathowestdotb...
FortiLogger 4.4.2.2 Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
WiFi Mouse 1.7.8.5 Remote Code Execution
Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Date: 25-02-2021 Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option whic...
Trojan.Win32.Hotkeychick.am Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5ea9840970e78188f73eb1763363eeac.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Hotkeychick.am Vulnerability: Insecure Permissions Description: The trojan creates an...
Yeastar TG400 GSM Gateway 91.3.0.3 Path Traversal
Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3 This is a Proof of Concept for CVE-2021-27328 Example to get firmware decrypting password http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmwaredetect to get /etc/paswd...
Trojan-Spy.Win32.SpyEyes.elr Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/025d07f4610605031e501e6745d663aa.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.elr Vulnerability: Insecure Permissions Description: The malware creates an...
Trojan-Dropper.Win32.Daws.etlm Unauthenticated Reboot
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a0479e18283ed46e8908767dd0b40f8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Daws.etlm Vulnerability: Remote Unauthenticated System Reboot Description:...
Zenphoto CMS 1.5.7 Shell Upload
Authenticated arbitrary file upload to RCE Product : Zenphoto Affected : Zenphoto CMS - = 1.5.7 Attack Type : Remote login then go to plugins then go to uploader and press on the check box elFinder then press apply , after that you go to upload then FileselFinder drag and drop any malicious php...
Backdoor.Win32.Azbreg.amw Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5eb58198721d4ded363e41e243e685cc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Azbreg.amw Vulnerability: Insecure Permissions Description: The backdoor creates an...
Trojan-Proxy.Win32.Delf.ai Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1dd6eb39a388f4c8a3eaf248d86aaabc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Delf.ai Vulnerability: Remote SEH Buffer Overflow Description: The malware listen...
Simple Employee Records System 1.0 Shell Upload
Exploit Title: Simple Employee Records System - File Upload RCE Unauthenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11393/employee-records-system.html Software Link:...
Nagios XI 5.7.5 Remote Code Execution
nagios-xi-5.7.5-bugs Bugs reported to Nagios XI CVE-2021-25296 Code Location /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php Code snippet php if !empty$pluginoutputlen $diskwmicommand .= " --forcetruncateoutput " . $pluginoutputlen; $servicewmicommand .= "...
LightCMS 1.3.4 Cross Site Scripting
Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Date: 25/02/2021 Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux...
Remote Desktop Web Access Authentication Timing Attack
!/usr/bin/env python3 -- coding: utf-8 -- standard modules from metasploit import module extra modules DEPENDENCIESMISSING = False try: import base64 import itertools import os import requests except ImportError: DEPENDENCIESMISSING = True Metasploit Metadata metadata = 'name': 'Microsoft RDP Web...
Squid 4.14 / 5.0.5 Code Execution / Double Free
A Double-Free bug was found in Squid versions 4.14 and 5.0.5 when processing the "acl" directive on configuration files, more specifically the first and second addresses. This may allow arbitrary code execution on a Squid deployment on where the configuration files may be processed from untrusted...
VisualWare MyConnection Server 11.x Remote Code Execution
Document Title: =============== VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability References Source: ==================== https://www.securifera.com/advisories/cve-2021-27198/ https://myconnectionserver.visualware.com/download.html Release Date: ============= 2020-02-25...
Triconsole 3.75 Cross Site Scripting
Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...
Trojan-Dropper.Win32.Daws.etlm Unauthenticated Reboot
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a0479e18283ed46e8908767dd0b40f8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Daws.etlm Vulnerability: Remote Unauthenticated System Reboot Description:...
WordPress Under Construction, Coming Soon, And Maintenance Mode 1.1.1 SSRF / XSS
There are SSRF and RXSS vulnerabilities in the WordPress plugin Under Construction, Coming Soon & Maintenance Mode version 1.1.1. Both vulnerabilities are fixed in version 1.1.2: https://wordpress.org/plugins/under-construction-maintenance-mode/developers 1 SSRF Here is the relevant code from fil...
Online Catering Reservation System 1.0 SQL Injection
Exploit Title: Online Catering Reservation System - SQL Injection Authenticated Date: 2021-02-25 Exploit Author: [email protected] Vendor Homepage: https://www.sourcecodester.com/php/11355/online-catering-reservation.html Software Link:...
Doctor Appointment System 1.0 Cross Site Scripting
Exploit Title: Doctor Appointment System 1.0 - Reflected POST based Cross Site Scripting XSS in comment parameter Date: 26-02-2021 CVE: CVE-2021-27317 Exploit Author: Soham Bakore Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...
Vehicle Parking Management System 1.0 Cross Site Scripting
Exploit Title: Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting XSS Date: 2021-02-25 Exploit Author: Tushar Vaidya Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...
ASUS Remote Link 1.1.2.13 Remote Code Execution
Exploit: ASUS Remote Link 1.1.2.13 - Remote Code Execution Date: 24-02-2021 Exploit Author: H4rk3nz0 Vendor Homepage: http://asus.com/ Software Link: http://remotelink.asus.com/ Version: 1.1.2.13 Tested on: Windows 10 Enterprise Build 17763 CVE: N/A !/usr/bin/python import socket from time import...
Trojan.Win32.Gofot.htx Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ae062bfe4abd59ac1b9be693fbc45f60.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Gofot.htx Vulnerability: Local File Buffer Overflow Description: HackerJLY PE Parser to...
Backdoor.Win32.Wollf.h Missing Authentication
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4932471df98b0e94db076f2b1c0339bd.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.h Vulnerability: Missing Authentication Description: Wollf backdoor creates a...
Python jsonpickle 2.0.0 Remote Code Execution
Exploit Title: python jsonpickle 2.0.0 - Remote Code Execution Date: 24-2-2021 Vendor Homepage: https://jsonpickle.github.io Exploit Author: Adi Malyanker, Shay Reuven Software Link: https://github.com/jsonpickle/jsonpickle Version: 2.0.0 Tested on: windows, linux Python is an open source languag...
LayerBB 1.1.4 SQL Injection
Exploit Title: LayerBB 1.1.4 - 'searchquery' SQL Injection Date: 2021-02-19 Exploit Author: Görkem Haşin Version: 1.1.4 Tested on: Linux/Windows POST /search.php HTTP/1.1 Host: Target Payload: searchquery=Lffd' AND 8460=SELECT CASE WHEN 8460=8460 THEN 8460 ELSE SELECT 1560 UNION SELECT 2122 END--...
Unified Remote 3.9.0.2463 Remote Code Execution
Exploit Title: Unified Remote 3.9.0.2463 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: https://www.unifiedremote.com/ Software Link: https://www.unifiedremote.com/download Tested on: Windows 10, 10.0.19042 Build 19042 !/usr/bin/python import socket import sys import os from time impor...
SLMail 5.1.0.4420 Remote Code Execution
-- coding: utf-8 -- import socket from time import sleep from os import system system"clear" print 'Shell-code-foi-informada?\r\n' print '1 sim' print '2 nao\n' quest = intinput' ' def main: system"clear" ============================ --ensira-sua-shell-code-aqui buf = "" buf +=...
Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation
!/usr/bin/env python3 """ Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability CVE: CVE-2021-24085 Summary This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft Exchange Server. Authentication and...
VMware vCenter 6.5 / 7.0 Remote Code Execution Proof Of Concept
-- coding:utf-8 -- banner = """ 888888ba dP 88 8b 88 a88aaaa8P' .d8888b. d8888P .d8888b. dP dP 88 8b. 88' 88 88 Y8ooooo. 88 88 88 .88 88. .88 88 88 88. .88 88888888P 88888P8 dP 88888P' 88888P' ooooooooooooooooooooooooooooooooooooooooooooooooooooo @time:2021/02/24 CVE-2021-21972.py C0de by...
Backdoor.Win32.Delf.adag Hardcoded Credentials / Traversal
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0e997ab441cd8c35010dd8db98aae2c2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.adag Vulnerability: Weak Hardcoded Credentials Description: The backdoor runs an...