50637 matches found
Linux TIOCSPGRP Broken Locking
Linux: Broken locking in TIOCSPGRP leads to corrupted tty-pgrp refcount tiocspgrp, the handler for the TIOCSPGRP ioctl, has the following signature: static int tiocspgrpstruct ttystruct tty, struct ttystruct realtty, pidt user p It receives two ttystruct pointers because, for PTY pairs, userspace...
Library Management System 3.0 Cross Site Scripting
Exploit Title: Library Management System 3.0 - "Add Category" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-22 Google Dork: N/A Vendor Homepage: https://otsglobal.org/ Software Link: https://codecanyon.net/item/library-management-system-22/16965307 Affected Version: 3.0 Patched Version:...
Artworks Gallery Management System 1.0 SQL Injection
Exploit Title: Artworks Gallery Management System 1.0 - 'id' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14634/artworks-gallery-management-system-php-full-source-code.html Software Link:...
WordPress W3 Total Cache 0.9.3 File Read / Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress W3 Total Cache File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability i...
Android Studio Privilege Escalation
Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio, if gradle-wrapper.properties set distributionUrl=https:// services.gradle.org/distributions/gradle-2.6-all.zip , then android studio will download and extract gradle-2.6-all.zip, jar file i...
Multi Branch School Management System 3.5 Cross Site Scripting
Exploit Title: Multi Branch School Management System 3.5 - "Create Branch" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-21 Google Dork: N/A Vendor Homepage: https://www.ramomcoder.com/ Software Link: https://codecanyon.net/item/ramom-multi-branch-school-management-system/25182324 Affecte...
Faculty Evaluation System 1.0 Cross Site Scripting
Exploit Title: Faculty Evaluation System 1.0 - Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...
Online Marriage Registration System 1.0 SQL Injection
Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 I DESCRIPTION...
SCO Openserver 5.0.7 Command Injection
Exploit Title: SCO Openserver 5.0.7 - 'outputform' Command Injection Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 04/09/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products/ Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Test...
Point Of Sale System 1.0 Cross Site Scripting
Exploit Title: Point of Sale System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-18 Vendor Homepage: https://www.sourcecodester.com/php/9620/point-sale-system-pos.html Software Link:...
Queue Management System 4.0.0 Cross Site Scripting
Exploit Title: Queue Management System 4.0.0 - "Add User" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-21 Google Dork: N/A Vendor Homepage: http://codekernel.net/ Software Link: https://codecanyon.net/item/queue-management-system/22029961 Affected Version: Version 4.0.0 Patched Version:...
Sony Playstation 4 ValidationMessage::buildBubbleTree() Use-After-Free
const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...
SCO Openserver 5.0.7 Cross Site Scripting
Exploit Title: SCO Openserver 5.0.7 - 'section' Reflected XSS Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 14/06/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Tested on...
Sony Playstation 4 ValidationMessage::buildBubbleTree() Use-After-Free
const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...
Stratodesk NoTouch Center Privilege Escalation
Stratodesk NoTouch Center Virtual Appliance is a portal for managing NoTouch clients. It appears that Stratodesk has a partnership with ViewSonic and produced these appliances to support some of their hardware devices as well. - https://www.stratodesk.com/products/notouch-desktop/virtual-applianc...
Spotweb 1.4.9 SQL Injection
Exploit Title: Spotweb 1.4.9 - 'search' SQL Injection Google Dork: N/A Date: 20 December 2020 Exploit Author: BouSalman Vendor Homepage: https://github.com/spotweb/spotweb Software Link: N/A Version: 1.4.9 Tested on: Ubuntu 18.04 CVE: CVE-2020-35545 GET...
WordPress Contact Form 7 5.3.1 Shell Upload
Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 - Unrestricted File Upload Date: 12/20/2020 Exploit Author: Ramón Vila Ferreres @ramonvfer Vendor Homepage: https://contactform7.com Software Link: https://wordpress.org/plugins/contact-form-7/ Version: 5.3.1 and below Tested on: Windows 10 190...
Spiceworks 7.5 HTTP Header Injection
Exploit Title: Spiceworks 7.5 - HTTP Header Injection Google Dork: inurl:/prousers/login Discovered Date: 15/09/2020 Exploit Author: Ramikan Vendor Homepage: https://www.spiceworks.com Affected Version: 7.5.7.0 may be others. Tested On Version: 7.5.7.0 CVE : CVE-2020-25901 Vulnerability: Host...
Academy LMS 4.3 Cross Site Scripting
Exploit Title: Academy-LMS 4.3 - Stored XSS Date: 19/12/2020 Vendor page: https://academy-lms.com/ Version: 4.3 Tested on Win10 and Google Chrome Exploit Author: Vinicius Alves XSS Payload: "STORED XSS Scripts tag blocked 1 Access LMS and log in to admin panel 2 Access courses page 3 Open course...
Point Of Sale System 1.0 SQL Injection
Exploit Title: Point of Sale System 1.0 - Authentication Bypass Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-17 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/9620/point-sale-system-pos.html Software Link:...
Alumni Management System 1.0 Shell Upload
Exploit Title: Alumni Management System 1.0 - Unrestricted File Upload To RCE Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
Alumni Management System 1.0 SQL Injection
Exploit Title: Alumni Management System 1.0 - 'id' SQL Injection Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
WordPress Yet Another Stars Rating PHP Object Injection
class MetasploitModule 'WordPress PHP Object Injection in Yet Another Stars Rating plugin %q This module exploits Wordpress PHP Object Injection in Yet Another Stars Rating plugin = 5.5.2, so the exploit only works for Wordpress versions 'Paul Dannewitz', Vulnerability Discovery 'gx1 ', Exploit...
Alumni Management System 1.0 Cross Site Scripting
Exploit Title: Alumni Management System 1.0 - "Course Form" Stored XSS Exploit Author: Aakash Madaan Date: 2020-12-10 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
Smart Hospital 3.1 Cross Site Scripting
Exploit Title: Smart Hospital 3.1 - "Add Patient" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-18 Vendor Homepage: https://smart-hospital.in/index.html Software Link: https://codecanyon.net/item/smart-hospital-hospital-management-system/23205038 Affected Version: Version 3.1 Tested on:...
Xeroneit Library Management System 3.1 Cross Site Scripting
Exploit Title: Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-18 Vendor Homepage: https://xeroneit.net/ Software Link: https://xeroneit.net/portfolio/library-management-system-lms Affected Version: Version 3.1 Tested on: Kali...
Pulse Secure VPN Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN gzip RCE', 'Description' = %q The Pulse Connect Secure appliance before 9.1R9 suffers from an uncontrolled gzip extraction...
SyncBreeze 10.0.28 Denial Of Service
Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service Poc Data: 18-Dec-2020 Exploit Author: Ahmed Elkhressy Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7, Windows 10...
WordPress Duplicator 1.3.26 Directory Traversal / File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...
Jenkins 2.251 / LTS 2.235.3 Cross Site Scripting
Exploit Title: Jenkins Stored XSS vulnerability in 'Trigger builds remotely' Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: '. To understand how remote build trigger works, have a look at this post...
Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting
Exploit Title: CVE-2020-20140 : Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17 Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: n/a Software Link: n/a Version:Flexmonster Pivot Table & Charts 2.7.17...
Online Tours And Travels Management System 1.0 SQL Injection
Exploit Title: Online Tours & Travels Management System 1.0 - "id" SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Software...
Library Management System 1.0 SQL Injection
Exploit Title: Authentication Bypass via SQL injection on Library Management System Date: 23/10/2020 Exploit Author: Valerio Alessandroni Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14545/online-library-management-system-phpmysqli-f...
Employee Record System 1.0 Cross Site Scripting
Exploit Title: Employee Record System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-09 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14588/employee-record-system-phpmysqli-full-source-code.html Software Link:...
Dolibarr ERP-CRM 12.0.3 Remote Code Execution
Exploit Title: Dolibarr ERP-CRM 12.0.3 - Remote Code Execution Authenticated Date: 2020.12.17 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://github.com/Dolibarr/dolibarr Software Link: https://sourceforge.net/projects/dolibarr/ Version: 12.0.3 Tested on: Kali Linux 2020.2 Vulnerabilit...
Content Management System 1.0 SQL Injection
Exploit Title: Content Management System 1.0 - 'email' SQL Injection Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...
Linksys RE6500 1.0.11.001 Remote Code Execution
Exploit Title: Linksys RE6500 1.0.11.001 - Unauthenticated RCE Date: 31/07/2020 Exploit Author: RE-Solver Public disclosure: https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html4 Vendor Homepage: www.linksys.com Version: FW V1.05 up to FW v1.0.11.001 Tested on: F...
Interview Management System 1.0 SQL Injection
Exploit Title: Interview Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...
Customer Support System 1.0 Cross Site Scripting
Exploit Title: Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Oracle Solaris SunSSH PAM parse_user_name() Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Solaris SunSSH PAM parseusername Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow in the Solaris PA...
Alumni Management System 1.0 Cross Site Scripting
Exploit Title: Stored XSS on Alumni Management System Date: 23/10/2020 Exploit Author: Valerio Alessandroni Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-s ource-code.html Version: 1.0 Tested on:...
Online Health Card System 1.0 SQL Injection
Exploit Title: Authentication Bypass via SQL injection on Online Health Care System 1.0 Date: 23/10/2020 Exploit Author: Valerio Alessandroni Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14526/online-health-care-system-php-full-source-code-...
PHPJabbers Appointment Scheduler 2.3 Cross Site Scripting
Exploit Title: PHPJabbers Appointment Scheduler 2.3 - Reflected XSS Cross-Site Scripting Date: 2020-12-14 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.phpjabbers.com Software Link: https://www.phpjabbers.com/appointment-scheduler Version: 2.3 Tested on: Latest Version of Deskto...
Medical Center Portal Management System 1.0 SQL Injection
Exploit Title: Medical Center Portal Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...
Alumni Management System 1.0 Blind SQL Injection
Exploit Title: Blind SQL injection on Alumni Management System Date: 23/10/2020 Exploit Author: Valerio Alessandroni Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-s ource-code.html Version: 1.0 Teste...
Content Management System 1.0 Cross Site Scripting
Exploit Title:Content Management System 1.0 - 'First Name' Stored XSS Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...
Trend Micro IWSVA CSRF / XSS / Bypass / SSRF / Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Trend Micro InterScan Web Security Virtual Appliance IWSVA vulnerable version: IWSVA 6.5 SP2 EN Patch 4 Build 1919 fixed versio...
Interview Management System 1.0 Cross Site Scripting
Exploit Title: Interview Management System 1.0 - Stored XSS in Add New Question Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-09 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...
Nxlog Community Edition 2.10.2150 Denial Of Service
Exploit Title: Nxlog Community Edition 2.10.2150 - DoS Poc Date: 15/12/2020 Exploit Author: Guillaume PETIT Vendor Homepage: https://nxlog.co Software Link: https://nxlog.co/products/nxlog-community-edition/download Version: 2.10.2150 Tested on: Linux Debian 10 && Windows Server 2019...
Customer Support System 1.0 SQL Injection
Exploit Title: Customer Support System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...