50786 matches found
Monitoring System (Dashboard) 1.0 Shell Upload
Exploit Title: Monitoring System Dashboard | Authenticated Arbitrary File Upload to Remote Code Execution Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
ForkCMS PHP Object Injection
ForkCMS PHP Object Injection ========================= | Identifier: | AIT-SA-20210215-04 | | Target: | ForkCMS | | Vendor: | ForkCMS | | Version: | all versions below version 5.8.3 | | CVE: | CVE-2020-24036 | | Accessibility: | Remote | | Severity: | Medium | | Author: | Wolfgang Hotwagner AIT...
QCubed 3.1.1 PHP Object Injection
QCubed PHP Object Injection =========================== | Identifier: | AIT-SA-20210215-01 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagne...
QCubed 3.1.1 Cross Site Scripting
QCube Cross-Site-Scripting ====================== | Identifier: | AIT-SA-20210215-03 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24912 | | Accessibility: | Remote | | Severity: | High | | Author: | Wolfgang Hotwagner AIT...
QCubed 3.1.1 SQL Injection
QCubed SQL Injection ================== | Identifier: | AIT-SA-20210215-02 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24913 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian...
F5 Big IP TMM uri_normalize_host Information Disclosure / Out-Of-Bounds Write
F5 Big IP - TMM urinormalizehost infoleak and out-of-bounds write Big IP's Traffic Management Microkernels TMM URI normalization incorrectly handles invalid IPv6 hostnames: When urinormalizehost is called with a hostname of the form \u"abcdef\u", urinorminet6 is called with the substring abcdef a...
Trojan-Spy.Win32.KeyLogger.qt Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/de613b96174056ef22b42e112d0e61a5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.KeyLogger.qt Vulnerability: Insecure Permissions Description: KeyLogger.qt creates ...
Nsasoft Hardware Software Inventory 1.6.4.0 Denial Of Service
Exploit Title: Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service PoC Exploit Author : Enes Özeser Exploit Date: 2021-02-28 Vendor Homepage : https://www.nsauditor.com/ Link Software : https://www.nsauditor.com/downloads/nhsisetup.exe Version: 1.6.4.0 Tested on: Windows 10...
MyBB OUGC Feedback 1.8.22 Cross Site Scripting
Exploit Title: MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Date: 1/30/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1220 Version: 1.8.22 Tested on: Windows 10 CVE: CVE-2021-28115 1. Description: This plugin...
Trojan-Dropper.Win32.Hamer.10 Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/afe4e5219829a286e0b84025b073c259.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Hamer.10 Vulnerability: Remote Floating-point Exception DoS Description: Trojan...
Microsoft Exchange Proxylogon SSRF Proof Of Concept
Original Author: testanull https://github.com/testanull https://twitter.com/testanull PoC of proxylogon chain SSRFCVE-2021-26855 to write file Original "Archive" https://web.archive.org/web/20210310164403/https://gist.github.com/testanull/fabd8eeb46f120c4b15f8793617ca7d1 import requests from...
WEBIM 10.2.55 Cross Site Scripting
Exploit Title: XSS in WEBIM web application Date: 10.08.2021 Exploit Author: ASCII Vendor Homepage: HTTPS://WEBIM.RU Version: 10.2.55 Tested on: 10.2.55 Webim messanger XSS POC...
NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation
NuCom 11N Wireless Router v5.07.90 Remote Privilege Escalation Vendor: NUEVAS COMUNICACIONES IBERIA, S.A. Product web page: https://www.nucom.es Affected version: 5.07.90multiNCM01 5.07.89multiNCM01 5.07.72multiNCM01 Summary: The NC routers upgrades your network to the next generation of WiFi. Wi...
Microsoft Windows Containers Privilege Escalation
Windows Containers: ContainerUser has Elevated Privileges Windows Containers: ContainerUser has Elevated Privileges Platform: Windows 10 20H2 not tested other versions Class: Elevation of Privilege Security Boundary: User Summary: The standard user ContainerUser in a Windows Container has elevate...
Atlassian JIRA 8.11.1 User Enumeration
Title: Atlassian JIRA 8.11.1 - User Enumeration Author: Dolev Farhi Vulnerable versions: version ' print'e.g. python3 script.py https://jiratarget.com usernames.txt' sys.exit if lensys.argv 3: help server = sys.argv1 usernames = sys.argv2 randomuser = '0x00001' try: os.path.existsusernames except...
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Exploit Title: Sticky Note Apps using JavaScript | Stored Cross Site Scripting Exploit Author: Richard Jones Date: 2021-03-09 Vendor Homepage: https://www.sourcecodester.com/javascript/14742/sticky-note-apps-using-javascript-source-code.html Software Link:...
OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection
OpenCMS v11.0.2 -------------------------------------------------------------------------------------------------------------------------------------------------- CSRF - Login page vulnerable https://vulnerablehost.com/system/login - CSRF needs valid JSESSIONID to work, maybe logged Admin user...
Golden FTP Server 4.70 Buffer Overflow
Golden FTP Server 4.70 - 'PASS' Buffer Overflow 2 Author: 1F98D Original Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on Windows 10 x64 A buffer overflow exists in GoldenFTP during the authentication process. Note that the source ip address of the user performing the...
HPE Systems Insight Manager AMF Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE Systems Insight Manager AMF Deserialization RCE', 'Description' = %q A remotely exploitable vulnerability exists within HPE System Insight...
Sandboxie Plus 0.7.2 Unquoted Service Path
Exploit Title: Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: sandboxie-plus.com Software Link: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.2/Sandboxie-Plus-x64-v0.7.2.exe Version: Version 0.7.2 Test...
Emerson Smart Wireless Gateway 1420 4.6.59 Missing Authentication
Title: Missing access controls Product: Emerson Smart Wireless Gateway Vendor Homepage: http://emerson.com Vulnerable Version: 1420 4.6.59 CVE Number: CVE-2020-19419 Authors: Harsha Bhat, Anish Mitra and Unmesh Guragol Timeline: 2019-08-02 Disclosed to the vendor 2019-08-22 Vendor confirmed that...
Emerson Smart Wireless Gateway 1420 4.6.59 Privilege Escalation
Title: Privilege Escalation Product: Emerson Smart Wireless Gateway Vendor Homepage: http://emerson.com Vulnerable Version: 1420 4.6.59 CVE Number: CVE-2020-19417 Authors: Harsha Bhat Anish Mitra and Unmesh Guragol Timeline: 2019-08-02 Disclosed to the vendor 2019-08-22 Vendor confirmed that the...
Froala 3.2.6-1 Cross Site Scripting
Exploit Title: Stored XSS and Html Code Injection Editor Froala Version 3.2.6-1 Date:06.03.2021 Author: Vincent666 ibn Winnie Software Link: https://froala.com/wysiwyg-editor/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel:...
bVPN 2.5.1 Unquoted Service Path
Exploit Title: bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Vendor Homepage: https://carolcoral.github.io/no-freevpn/ Software Link: https://github.com/carolcoral/no-freevpn/releases/download/BVPN%4020190225/bVPN251setup.exe Version: Version...
FreeLAN 2.2 Unquoted Service Path
Exploit Title: FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: www.freelan.org Software Link: https://github.com/freelan-developers/freelan/releases/download/2.2/freelan-2.2.0-x86-install.exe Version: Version 2.2 Tested on:...
Print Job Accounting 4.4.10 Unquoted Service Path
Exploit Title: Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://www.oki.com Software Links:...
Joomla JCK Editor 6.4.4 SQL Injection
Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...
Backdoor.Win32.Antilam.14.o Code Execution
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3f3ee9dce39e816b4001bd6ae66e8f1a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.o Vulnerability: Unauthenticated Remote Command Execution Description: The...
WordPress SuperStoreFinder / SuperInteractiveMaps 6.3 SQL Injection
?php Title : SuperStoreFinder & SuperInteractiveMaps Wordpress Plugin SQL Injection Researcher : Eagle Eye Exploit Name : SSF & SIM SQL Injection Request type : POST Plugin Author : Joe lz Plugin Website : https://superstorefinder.net/ Version Affected : All version include latest 6.3 Date :...
Backdoor.Win32.GTbot.c Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8c2acfcc60dda52db9bd9a934284b673.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.GTbot.c Vulnerability: Insecure Permissions Description: GTbot creates an insecure di...
Hotel And Lodge Management System 1.0 Shell Upload
Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Date: 07-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html...
Joomla Matukio Events 7.0.5 Cross Site Scripting
Exploit Title:Joomla Matukio Events 7.0.5 Stored XSS Date:08.03.2021 Author: Vincent666 ibn Winnie Software Link: https://matukio.compojoom.com/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel : https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ Google Dorks:...
Backdoor.Win32.Agent.bjev Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/35cf54a19efcdeaa41899647075c7ef9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.bjev Vulnerability: Insecure Permissions Description: Agent.bjev creates an...
GLPI 9.5.3 Unsafe Reflection
Exploit Title: GLPI 9.5.3 - 'fromtype' Unsafe Reflection Date: 2021-02-13 Exploit Author: Vadym Soroka @Iterasec https://iterasec.com Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: =9.5.3 Tested on:v9.5.3, 2021-02-13 Technical...
VMware vCenter Server File Upload / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server Unauthenticated OVA File Upload RCE', 'Description' = %q This module exploits an unauthenticated OVA file upload and path...
Pingzapper 2.3.1 Unquoted Service Path
Exploit Title: Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://pingzapper.com Software Links: https://pingzapper.com/download Tested Version: 2.3.1 Vulnerability Type: Unquoted Service Path Tested on: Windows 8.1 Pro...
Configuration Tool 1.6.53 Unquoted Service Path
Exploit Title: Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://www.oki.com Software Links:...
Microsoft Windows RRAS Service MIBEntryGet Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows RRAS Service MIBEntryGet Overflow', 'Description' = %q This module exploits an overflow in the Windows Routing and Remote Acces...
Fluig 1.7.0 Path Traversal
Exploit Title: Fluig 1.7.0 - Path Traversal Date: 26/11/2020 Exploit Author: Lucas Souza Vendor Homepage: https://www.totvs.com/fluig/ Version: payload.txt curl -s https://raw.githubusercontent.com/lucxssouza/banners/main/xFluig/banner banner -- FUNCTIONS -- function create-payload wordlist.txt...
CatDV 9.2 Authentication Bypass
Exploit Title: CatDV 9.2 - RMI Authentication Bypass Date: 3/1/2021 Exploit Author: Christopher Ellis, Nick Gonella, Workday Inc. Vendor Homepage: https://catdv.com/ Software Link: https://www.squarebox.com/download/CatDVServer9.2.0.exe Version: 9.2 and lower Tested on: Windows, Mac import...
Doctor Appointment System 1.0 Cross Site Scripting
Exploit Title: Doctor Appointment System 1.0 - Reflected POST based Cross Site Scripting XSS in email parameter Date: 03-03-2021 CVE: CVE-2021-27321 Exploit Author: Soham Bakore Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...
Web Based Quiz System 1.0 SQL Injection
Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection Authenticated Date: 04-03-2021 Exploit Author: Deepak Kumar Bharti Vendor Homepage: https://www.sourcecodester.com Software Download Link:...
Online Ordering System 1.0 Shell Upload
Exploit Title: Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Date: 04/03/2021 Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: 1.0...
Textpattern CMS 4.9.0-dev Cross Site Scripting
Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...
Textpattern CMS 4.8.4 Cross Site Scripting
Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...
Online Ordering System 1.0 SQL Injection
Exploit Title: Online Ordering System 1.0 - Blind SQL Injection Unauthenticated Date: 2021-03-04 Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: v1.0 Vulnerable...
e107 CMS 2.3.0 Cross Site Request Forgery
Exploit Title: e107 CMS 2.3.0 - CSRF Date: 04/03/2021 Exploit Author: Tadjmen Vendor Homepage: https://e107.org Software Link: https://e107.org/download Version: 2.3.0 Tested on: Windows 10 CVE : CVE-2021-27885 CSRF vulnerability on e107 CMS Bug Description Hi. I found a CSRF on the e107 CMS...
Textpattern CMS 4.8.3 Remote Code Execution
Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Date: 03/03/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0...
Local Services Search Engine Management System 1.0 SQL Injection
Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - Blind & Error based SQL injection Authenticated Date: 2021-03-02 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...
Backdoor.Win32.BO2K.ab Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca4e5a6ff033b62fa59de5a5dd24c7f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BO2K.ab Vulnerability: Local File Buffer Overflow Description: PsyConf - Program...