Home Assistant Community Store 1.10.0 Path Traversal

Exploit Title: Home Assistant Community Store HACS 1.10.0 - Path Traversal to Account Takeover Date: 2021-01-28 Exploit Author: Lyghtnox Vendor Homepage: https://www.home-assistant.io/ Software Link: https://github.com/hacs/integration Version: 1.10.0 Tested on: Raspbian + Home Assistant 2021.1.0...

Quick.CMS 6.7 Remote Code Execution

Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...

MyBB Hide Thread Content 1.0 Information Disclosure

Exploit Title: MyBB Hide Thread Content Plugin 1.0 - Information Disclosure Date: 1/27/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1430 Version: 1.0 Tested on: Windows 10 CVE: CVE-2021-3337 1. Description: This plugin...

Micro Focus UCMDB Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus UCMDB Java Deserialization Unauthenticated Remote Code Execution', 'Description' = %q This module exploits two vulnerabilities, that...

EgavilanMedia PHPCRUD 1.0 Cross Site Scripting

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting Exploit Author: Mahendra Purbia Vendor Homepage: http://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Windows 10 Vulnerable...

Chamilo LMS 1.11.14 Cross Site Scripting

Hello, We are informing you about a Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in Chamilo LMS Affected Software: Chamilo LMS Affected Versions: 1.11.14 Homepage: https://chamilo.org/en...

PRTG Network Monitor Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule "PRTG Network Monitor Authenticated RCE", 'Description' = %q Notifications can be created by an authenticate...

CMSUno 1.6.2 Remote Code Execution

!/usr/bin/env ruby Exploit Title: CMSUno 1.6.1 = 1.6.2 - Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr Author website: https://pwn.by/noraj/ Date:...

jQuery UI 1.12.1 Denial Of Service

Exploit Title: jQuery UI 1.12.1 - Denial of Service DoS Date: 20 Jan, 2021 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://jqueryui.com/ Software Link: https://jqueryui.com/download/ Version: DoS - jQuery UI 1.12.1 DoS - jQuery UI 1.12.1 Exploit PoC by Rafael Cintra Lopes function...

WordPress SuperForms 4.9 Shell Upload

Exploit Title: WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution Exploit Author: ABDO10 Date : Jan - 28 - 2021 Google Dork : inurl:"/wp-content/plugins/super-forms/" Vendor Homepage : https://renstillmann.github.io/super-forms// Version : All = 4.9.X data in http...

Constructor.Win32.SpyNet.a Remote Password Leak

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1717731c32830a31e84b74641a4fdec7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Constructor.Win32.SpyNet.a Vulnerability: Remote Password Leak Description: Spy-Net RAT v0.7,...

STVS ProVision 5.9.10 File Disclosure

STVS ProVision 5.9.10 archive.rb Authenticated File Disclosure Vulnerability Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby Affected version: 5.9.10 build 2885-3a8219a 5.9.9 build 2882-7c3b787 5.9.7 build 2871-a450938 5.9.1 build 2771-1bbed11 5.9.0 build 2701-6123026 5.8.6...

STVS ProVision 5.9.10 Cross Site Scripting

STVS ProVision 5.9.10 Authenticated Reflected Cross-Site Scripting Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby Affected version: 5.9.10 build 2885-3a8219a 5.9.9 build 2882-7c3b787 5.9.7 build 2871-a450938 5.9.1 build 2771-1bbed11 5.9.0 build 2701-6123026 5.8.6 build...

Openlitespeed Web Server 1.7.8 Command Injection

Exploit Title: Openlitespeed WebServer 1.7.8 - Command Injection Authenticated Date: 26/1/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.8 Tested on Windows 10 Step 1: Log in to the...

Backdoor.Win32.Wollf.14 Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ccd3e54eb76b3349db57481a0fe68b35.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.14 Vulnerability: Missing Authentication Description: Wollf.14 listens on TCP...

STVS ProVision 5.9.10 Cross Site Request Forgery

STVS ProVision 5.9.10 Cross-Site Request Forgery Add Admin Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby Affected version: 5.9.10 build 2885-3a8219a 5.9.9 build 2882-7c3b787 5.9.7 build 2871-a450938 5.9.1 build 2771-1bbed11 5.9.0 build 2701-6123026 5.8.6 build 2557-84726f7 5...

Sudo Heap-Based Buffer Overflow

Qualys Security Advisory Baron Samedit: Heap-based buffer overflow in Sudo CVE-2021-3156 ======================================================================== Contents ======================================================================== Summary Analysis Exploitation Acknowledgments Timelin...

Revive Adserver 5.1.0 Cross Site Scripting

======================================================================== Revive Adserver Security Advisory REVIVE-SA-2021-002 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2021-002...

Backdoor.Win32.DarkKomet.apbb Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/d6c930e0ac1df934151d1890f6441fe2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.apbb Vulnerability: Insecure Permissions Description: DarkKomet creates an...

Simple College Website 1.0 SQL Injection

Exploit Title: Simple College Website 1.0 - 'name' Sql Injection Authentication Bypass Exploit Author: Marco Catalano @stunn4 Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/7772/simple-college-website-using-php-and-mysql.html Software Link:...

Klog Server 2.4.1 Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server Unauthenticated Command Injection Vulnerability', 'Description' = %q This module exploits an unauthenticated command injection...

Daily Expense Tracker System 1.0 Cross Site Scripting

Exploit Title: Daily Expense Tracker System Stored Cross-Site Scripting Vulnerability Date: 2021-01-26 Exploit Author: Priyanka Samak Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/daily-expense-tracker-using-php-and-mysql/ Software: : Daily Expense Tracker System...

Tenda AC5 AC1200 Wireless Cross Site Scripting

Exploit Title: Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting Exploit Author: Chiragh Arora Hardware Model: Tenda AC5 AC1200 Firmware version: V15.03.06.47multi Tested on: Kali Linux CVE ID: CVE-2021-3186 Date: 25.01.2021 Steps to Reproduce - - Navigate to the Tend...

Simple College Website 1.0 Cross Site Scripting

Exploit Title: Simple College Website 1.0 - 'full' Stored Cross Site Scripting Exploit Author: Marco Catalano @stunn4 Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/7772/simple-college-website-using-php-and-mysql.html Software Link:...

Backdoor.Win32.Wollf.c Hardcoded Backdoor Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/91c02a95839a76a5d2e335cded7112a9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.c Vulnerability: Hardcoded Backdoor Password Description: The backdoor creates ...

Simple Public Chat Room 1.0 Cross Site Scripting

Exploit Title: Simple Public Chat Room | Authenticated Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html Software Link:...

Simple Public Chat Room 1.0 SQL Injection

Exploit Title: Simple Public Chat Room | Authentication Bypass Sqli Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html Software Link:...

Cemetery Mapping And Information System 1.0 SQL Injection

Exploit Title: Cemetry Mapping and Information System 1.0 - 'useremail' Sql Injection Authentication Bypass Exploit Author: Marco Catalano Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...

Oracle WebLogic Server 12.2.1.0 Remote Code Execution

Exploit Title: Oracle WebLogic Server 12.2.1.0 - RCE Unauthenticated Google Dork: inurl:\"/console/login/LoginForm.jsp\" Date: 25/1/2021 Exploit Author: CHackA0101 Vendor Homepage: https://www.oracle.com/security-alerts/cpuoct2020.html Version: Oracle WebLogic Server, version 12.2.1.0 Tested...

Backdoor.Win32.Kraimer.11 Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2a4fda4a6687981d32c2da7bdc1efcf1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kraimer.11 Vulnerability: Missing Authentication Description: Kraimer listens for...

MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MobileIron MDM Hessian-Based Java Deserialization RCE', 'Description' = %q This module exploits an ACL bypass in MobileIron MDM products to execu...

Library System 1.0 SQL Injection

Exploit Title: Library System 1.0 - 'category' SQL Injection Exploit Author: Aitor Herrero Date: 2021-01-22 Vendor Homepage: https://www.sourcecodester.com/php/12275/library-system-using-php.html Software Link: https://www.sourcecodester.com/php/12275/library-system-using-php.html Version: 1.0...

Backdoor.Win32.Noknok.50 Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ca80897ee064ab9af5907344b316a247.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Noknok.50 Vulnerability: Insecure Permissions Description: This trojan creates a dir...

Backdoor.Win32.Noknok.60 Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ecaf6a123fdf1f5660692dfc4c67a933.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Noknok.60 Vulnerability: Insecure Permissions Description: When generating an...

Backdoor.Win32.Jokerdoor Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/6c7b364dafe0560dfb15c9b03f1b44bd.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Jokerdoor TDC Mail Spy 1.0 Vulnerability: Insecure Permissions Description: This...

Backdoor.Win32.DarkKomet.bhfh Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/66fa06a4e3e799b059910dc17de295ae.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh create...

Backdoor.Win32.Wollf.16 Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5f79b779acd4c9c75211835a2783bccb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.16 Vulnerability: Weak Hardcoded Password Description: Wollf.16 creates and run...

CASAP Automated Enrollment System 1.0 Cross Site Scripting

Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS Exploit Author: Anita Gaud Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...

CASAP Automated Enrollment System 1.0 Cross Site Scripting

Exploit Title: CASAP ENROLLMENT SYSTEM 1.0 | CROSS SITE SCRIPTING Exploit Author: Richard Jones Date: 2021-01/23 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...

Trojan.Win32.Xocry.ff Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8f13116d46a7097e14ef971d48d6a203.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Xocry.ff Vulnerability: Insecure Permissions Description: Trojan Xocry.ff creates its...

Collabtive 3.1 Cross Site Scripting

Exploit Title: Collabtive 3.1 - 'address' Persistent Cross-Site Scripting Date: 2021-01-23 Exploit Author: Deha Berkin Bir Vendor Homepage: https://collabtive.o-dyn.de/ Version: 3.1 Tested on: Windows & XAMPP == Tutorial Executed Payloads " onfocus="alert1" autofocus=" HTML Payload == DehaBerkinB...

PEAR Archive_Tar Arbitrary File Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/tar' class MetasploitModule 'PEAR ArchiveTar %q This module takes advantages of ArchiveTar MSFLICENSE, 'Author' = 'gwillcox-r7', Metasploit module...

Revive Adserver 5.0.5 Cross Site Scripting / Open Redirect

======================================================================== Revive Adserver Security Advisory REVIVE-SA-2021-001 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2021-001...

MyBB Timeline 1.0 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF Date: 1/21/2021 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1428 Version: 1.0 Tested on: Windows 10 1. Description: MyBB Timeline replaces the default MyBB user profile. This introduces...

Selea Targa IP OCR-ANPR Camera Cross Site Scripting

Selea Targa IP OCR-ANPR Camera Remote Stored XSS Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD201106163745 BLD200304170901...

Selea CarPlateServer 4.0.1.6 Local Privilege Escalation

Selea CarPlateServer CPS v4.0.1.6 Local Privilege Escalation Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...

Oracle WebLogic Server 14.1.1.0 Remote Code Execution

Exploit Title: Oracle WebLogic Server 14.1.1.0 - RCE Authenticated Date: 2021-01-21 Exploit Author: Photubias Vendor Advisory: 1 https://www.oracle.com/security-alerts/cpujan2021.html Vendor Homepage: https://www.oracle.com Version: WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.3, 12.2.1.4, 14.1.1.0 fixed ...

Selea Targa IP OCR-ANPR Camera Cross Site Request Forgery

Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD201106163745...

Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite

Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD20110616374...

Selea Targa IP OCR-ANPR Camera Directory Traversal

Selea Targa IP OCR-ANPR Camera Unauthenticated Directory Traversal File Disclosure Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD20111300521...