50637 matches found
iBall-Baton WRA150N File Disclosure
Exploit Title: iBall-Baton WRA150N Rom-0 Backup - File Disclosure Sensitive Information Date: 07/01/2021 Exploit Author: h4cks1n Vendor Homepage: iball.co.in Version: iBall-Baton WRA150N Tested on : Windows 7/8/8.1/10, Parrot Linux OS The iBall-Baton router version WRA150N is vulnerable to the...
ECSIMAGING PACS 6.21.5 Remote Code Execution
Exploit Title: ECSIMAGING PACS 6.21.5 - Remote code execution Date: 06/01/2021 Exploit Author: shoxxdj Vendor Homepage: https://www.medicalexpo.fr/ Version: 6.21.5 and bellow tested on 6.21.5,6.21.3 Tested on: Linux ECSIMAGING PACS Application in 6.21.5 and bellow suffers from a OS Injection...
Gitea 1.7.5 Remote Code Execution
Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...
Sonatype Nexus 3.21.1 Remote Code Execution
Exploit Title: Sonatype Nexus 3.21.1 - Remote Code Execution Authenticated Exploit Author: 1F98D Original Author: Alvaro Muñoz Date: 27 May 2020 Vendor Hompage: https://www.sonatype.com/ CVE: CVE-2020-10199 Tested on: Windows 10 x64 References:...
H2 Database 1.4.199 JNI Code Execution
Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Date: 28 April 2020 Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...
Rocket.Chat 3.7.1 Email Address Enumeration
Trovent Security Advisory 2010-01 Email address enumeration in reset password Overview Advisory ID: TRSA-2010-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2010-01 Affected product: Web application Rocket.Chat Affected version: = 3.7.1 Vendor:...
PaperStream IP (TWAIN) 1.42.0.5685 Local Privilege Escalation
Exploit Title: PaperStream IP TWAIN 1.42.0.5685 - Local Privilege Escalation Exploit Author: 1F98D Original Author: securifera Date: 12 May 2020 Vendor Hompage: https://www.fujitsu.com/global/support/products/computing/peripheral/scanners/fi/software/fi6x30-fi6x40-ps-ip-twain32.html CVE:...
Advanced Webhost Billing System 3.7.0 Cross Site Request Forgery
Exploit Title: Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery CSRF Date: 06/01/2021 Exploit Author: Rahul Ramakant Singh Vendor Homepage: https://www.awbs.com/ Version: 3.7.0 Tested on Windows Steps: 1. Login into the application with the help of email and password. 2. Navigat...
Responsive E-Learning System 1.0 Cross Site Scripting
Exploit Title: Responsive E-Learning System 1.0 – Stored Cross Site Scripting Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...
NTLM BITS SYSTEM Token Impersonation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/reflectivedllinjection' class MetasploitModule 'SYSTEM token impersonation through NTLM bits authentication on missing WinRM Service.',...
IPeakCMS 3.5 SQL Injection
Exploit Title: IPeakCMS 3.5 - Boolean-based blind SQLi Date: 07.12.2020 Exploit Author: MoeAlbarbari Vendor Homepage: https://ipeak.ch/ Software Link: N/A Version: 3.5 Tested on: BackBox Linux CVE : CVE-2021-3018 Check the CMS version :goto www.site.com/cms/ and you will notice that in the login...
WordPress WP24 Domain Check 1.6.2 Cross Site Scripting
Exploit Title: WordPress Plugin WP24 Domain Check 1.6.2 - 'fieldnameDomain' Stored Cross Site Scripting Date: 2021-01-03 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://wordpress.org/plugins/wp24-domain-check/ Software Link:...
dirsearch 0.4.1 CSV Injection
Exploit Title: dirsearch 0.4.1 - CSV Injection Author: Dolev Farhi Date: 2021-01-05 Vendor Homepage: https://github.com/maurosoria/dirsearch Version : 0.4.1 Tested on: Debian 9.13 dirsearch, when used with the --csv-report flag, writes the results of crawled endpoints which redirect, to a csv fil...
Expense Tracker 1.0 Cross Site Scripting
Exploit Title: Expense Tracker 1.0 - 'Expense Name' Stored Cross-Site Scripting Exploit Author: Shivam Vermacyb3rn3rd Date: 2021-01-05 Vendor Homepage: https://code-projects.org/expense-tracker-in-php-with-source-code/ Software Link: https://code-projects.org Version: 1.0 Category: Web Applicatio...
WinAVR 20100110 Insecure Folder Permissions
Exploit Title: WinAVR Version 20100110 - Insecure Folder Permissions Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: https://sourceforge.net/projects/winavr/ Software Link: https://sourceforge.net/projects/winavr/files/WinAVR/20100110/WinAVR-20100110-install.exe Version: Versi...
Newgen Correspondence Management System eGov 12.0 Insecure Direct Object Reference
Exploit Title: Newgen Correspondence Management System corms eGov 12.0 - IDOR Date: 29 Dec 2020 Exploit Author: ALI AL SINAN Vendor Homepage: https://newgensoft.com Software Link: https://newgensoft.com/solutions/industries/government/e-gov-office/ Version: eGov 12.0 Tested on: JBoss EAP 7 CVE :...
WordPress Litespeed Cache 3.6 Cross Site Scripting
Exploit Title: WordPress Plugin litespeed-cache 3.6 - 'serverip' Cross-Site Scripting Date: 20-12-2020 Software Link: https://downloads.wordpress.org/plugin/litespeed-cache.3.6.zip Version: litespeed-cache Tested on: Windows 10 x64 Description: A Stored Cross-site scripting XSS was discovered in...
IObit Uninstaller 10 Pro Unquoted Service Path
Exploit Title: IObit Uninstaller 10 Pro - Unquoted Service Path Date: 2020–12–24 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version: 10 Tested on Windows 10 Unquoted Service Path: When a service is...
Responsive E-Learning System 1.0 Shell Upload
Exploit Title: Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE Date: 2020-12-24 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...
IPS Community Suite 4.5.4 SQL Injection
----------------------------------------------------------------------------- IPS Community Suite sortBy == 'popular' 56. 57. \IPS\Request::i-sortDir = \IPS\Request::i-sortDir ?: 'ASC'; 58. $sortBy = 'filerating ' . \IPS\Request::i-sortDir . ', filereviews'; 59. $where = array array 'filerating?'...
Baby Care System 1.0 Cross Site Scripting
Exploit Title: Baby Care System 1.0 - 'Post title' Stored XSS Exploit Author: Hardik Solanki Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...
PLANEX CS-QP50F-ING2 Remote Configuration Disclosure
!/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer...
EgavilanMedia User Registration And Login System With Admin Panel 1.0 XSS
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Multiple Stored Cross-Site Scripting Date: 30-12-2020 Exploit Author: Mesut Cetin Vendor Homepage: http://egavilanmedia.com Version: 1.0 Tested on Windows 10, Firefox 83.0, Burp Suite Professional v1.7.34...
Klog Server 2.4.1 Command Injection
Exploit Title: Klog Server 2.4.1 - Command Injection Unauthenticated Date: 22.12.2020 Exploit Author: b3kc4t Mustafa GUNDOGDU Vendor Homepage: https://www.klogserver.com/ Version: 2.4.1 Tested On: Ubuntu 18.04 CVE: 2020-35729 Description:...
Responsive ELearning System 1.0 SQL Injection
Exploit Title: Responsive E-Learning System 1.0 – 'id' Sql Injection Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...
Online Learning Management System 1.0 Remote Command Execution
Exploit Title: Online Learning Management System 1.0 - RCE Authenticated Date: 01.01.2021 Exploit Author: Bedri Sertkaya Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...
Responsive FileManager 9.13.4 Path Traversal
Exploit Title: Responsive FileManager 9.13.4 - 'path' Path Traversal Date: 12/12/2018 PoC Date: 04/01/2020 Auto Exploit Exploit Author: SunCSR Sun Cyber Security Research Google Dork: intitle:"Responsive FileManager 9.x.x" Vendor Homepage: http://responsivefilemanager.com/ Software Link:...
Subrion CMS 4.2.1 Cross Site Scripting
Exploit Title: Subrion CMS 4.2.1 - 'avatarpath' XSS Date: 2020-12-15 Exploit Author: icekam Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: Subrion CMS 4.2.1 CVE : CVE-2020-35437 stored xss vulnerability in /core/profile/. Reproduce through the...
CSZ CMS 1.2.9 Cross Site Scripting
Exploit Title: CSZ CMS 1.2.9 - Multiple Cross-Site Scripting Date: 2020/12/28 Exploit Author: SunCSR Vendor Homepage: https://www.cszcms.com/ Software Link: https://github.com/cskaza/cszcms Version: 1.2.9 Tested on: CSZ CMS 1.2.9 1. Reflected XSS Go to url...
House Rental And Property Listing 1.0 Cross Site Scripting
Exploit Title: House Rental and Property Listing 1.0 - Multiple Stored XSS Tested on: Windows 10 Exploit Author: Mohamed habib Smidi Craniums Date: 2020-12-28 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html...
Node.js TLSWrap Use-After-Free
Node.js: use-after-free in TLSWrap Node v14.11.0 Current is vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method...
Backdoor.Win32.Zombam.k Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.k Vulnerability: Remote String Dereference Stack Buffer Overflow Description:...
Fluentd TD-agent 4.0.1 Insecure Folder Permission
Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Date: 21.12.2020 Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...
Resumes Management And Job Application Website 1.0 SQL Injection
Exploit Title: Resumes Management and Job Application Website 1.0 - Authentication Bypass Sql Injection Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: http://egavilanmedia.com Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/...
SpamTitan 7.07 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SpamTitan Unauthenticated RCE', 'Description' = %q TitanHQ SpamTitan Gateway is an anti-spam appliance that protects against unwanted emails and...
sar2html 3.2.1 Remote Code Execution
Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...
Incom CMS 2.0 File Upload
Exploit Title: IncomCMS 2.0 - Insecure File Upload Google Dork: intext:"Incom CMS 2.0" Date: 07.12.2020 Exploit Author: MoeAlBarbari Vendor Homepage: https://www.incomcms.com/ Version: 2.0 Tested on: BackBox linux CVE: CVE-2020-29597 Upload your files Upload your file...
Online Movie Streaming 1.0 SQL Injection
Exploit Title: Online Movie Streaming 1.0 - Authentication Bypass Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...
Click2Magic 1.1.5 Cross Site Scripting
Exploit Title: Click2Magic 1.1.5 - Stored Cross-Site Scripting Exploit Author: Shivam Vermacyb3rn3rd Date: 2020-12-25 Google Dork: N/A Vendor Homepage: https://www.click2magic.com/user/agent/index Software Link: https://www.click2magic.com Version: 1.1.5 Category: Web Application Tested on: Kali...
Intel Matrix Storage Event Monitor 8.0.0.1039 Unquoted Service Path
Exploit Title: IntelR Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path Date: 2021-01-04 Exploit Author: Geovanni Ruiz Vendor Homepage: https://www.intel.com Software Version: 8.0.0.1039 File Version: 8.0.0.1039 Tested on: Microsoft® Windows Vista Business 6.0.6001...
WordPress WP-Paginate 2.1.3 Cross Site Scripting
Exploit Title: WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/wp-paginate/ Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version: WP-PaginateVer-2.1.3 CVE : N/A Tested on: Windows 10 x64...
WordPress Stripe Payments 2.0.39 Cross Site Scripting
Exploit Title: WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settingscurrencycode' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/stripe-payments/developers Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version:...
CMS Made Simple 2.2.15 Remote Command Execution
Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...
Trojan.Win32.Barjac Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/62ad686f97faaa68f580d32d25333f51.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Barjac Vulnerability: Remote Stack Buffer Overflow. Description: Trojan.Win32.Barjac mak...
Resumes Management And Job Application Website 1.0 Cross Site Scripting
Exploit Title: Multiple Stored XSS in Resumes-management-and-job-application-website Date: 2/1/2021 Exploit Author: Saswat Subhajyoti Mallick Vendor Homepage: https://egavilanmedia.com/ Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/ Version: 1.0 Tested on...
Trojan.Win32.Antavka.bz Insecure Permissions / Privilege Escalation
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/2e4573d8925be404a9a1ff49ee2f5bc3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Antavka.bz Vulnerability: Insecure Permissions EoP Description: Change permissions are...
Gotenberg 6.2.0 Traversal / Code Execution / Insecure Permissions
1 Multiple vulnerabilities in Gotenberg │ │ │ │ My PDF │ │ │ │ Path: │ .DirPath │ PASSWD: │ toHTML .DirPath "../../../../etc/passwd" │ IP: │ toHTML .DirPath "../../../...
Win32 Backdoor 2019-02-ARTRADOWNLOADER SEH Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/8d42c01180be7588a2a68ad96dd0cf85.txt Contact: [email protected] Media: twitter.com/malvuln Threat: WIN32 BACKDOOR - 2019-02-ARTRADOWNLOADER Vulnerabilities: Remote SEH Buffer Overflow and Insecure...
Backdoor.Win32.Zombam.j Remote Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/a4212f23e1cc3bb34b0dfe15b2ad323e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.j Vulnerability: Remote Stack Buffer Overflow Description: Listens on TCP port...
BACKDOOR.WIN32.REMOTEMANIPULATOR Insecure Permissions
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/82183b3d85311a39fb80ae07357594e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BACKDOOR.WIN32.REMOTEMANIPULATOR Vulnerability: Insecure Permissions Description: Creates a dir...