50637 matches found
Zerologon Netlogon Privilege Escalation
Exploit Title: ZeroLogon - Netlogon Elevation of Privilege Date: 2020-10-04 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: Microsoft Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 Tested on: Microsof...
Complaint Management System 1.0 Shell Upload
Title: Complaint Management System v1.0- unrestricted file upload leading to RCE Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...
WordPress Fancy Product Designer For WooCommerce Cross Site Scripting
About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce is a WordPress plugin which allows users to design custom products in a vendor's WooCommerce store. It is sold through the third-party marketplace "Envato Market" and boasts over 15,000 sales. Stored XSS via SVG...
Avaya Web License Manager XML Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Blind Out-Of-Band XML External Entity Injection Authenticated product: Avaya Web License Manager vulnerable version: 6.x, 7.0 through 7.1.3.6, 8.0 through 8.1.2.0.0 fixed...
WordPress Fancy Product Designer For WooCommerce 4.5.1 File Upload
About Fancy Product Designer for WooCommerce Fancy Product Designer for WooCommerce is a WordPress plugin which allows users to design custom products in a vendor's WooCommerce store. It is sold through the third-party marketplace "Envato Market" and boasts over 15,000 sales. Unrestricted File...
Online News Portal Local File Inclusion
Exploit Title: Online News Portal - Local File Inclusion Date: 2020-11-16 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Huawei LCD_Service 1.0.1.0 Unquoted Service Path
Exploit Title: Huawei LCDService 1.0.1.0 - 'LCDService' Unquote Service Path Date: 2020-11-07 Exploit Author: Gerardo González Vendor Homepage: https://consumer.huawei.com/mx Software Link: https://consumer.huawei.com/mx Version: 1.0.1.0 Tested on: Windows 10 Home Single Language x64 Esp Step to...
Social Networking Site SQL Injection
Exploit Title: Social Networking Site - Authentication Bypass SQli Date: 2020-11-17 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
EgavilanMedia User Registration And Login System With Admin Panel SQL Injection
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel Exploit - SQLi Auth Bypass Date: 17-11-2020 Exploit Author: Kislay Kumar Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/user-registration-and-login-system-with-admin-pane=l/ Version:...
Medical Center Portal Management System SQL Injection
Exploit Title: Medical Center Portal Management System - SQL Injections Date: 2020-11-16 Exploit Author: gh1mau Email: [email protected] Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Online Doctor Appointment Booking System PHP And MySQL 1.0 SQL Injection
Exploit Title: Online Doctor Appointment Booking System PHP and Mysql 1.0 - 'q' SQL Injection Google Dork: N/A Date: 11/16/2020 Exploit Author: Ramil Mustafayev Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-doctor-appointment-booking-system-php-and-mysql/ Software...
Aerospike Database 5.1.0.3 Remote Command Execution
Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...
Grocy Household Management Solution 2.7.1 Cross Site Scripting
Exploit Author: Simran Sankhala Vendor Homepage: https://berrnd.de/ Software Link: https://github.com/grocy/grocy Version: 2.7.1 Tested on: Kali Linux 2020.3 CVE ID Alloted : CVE-2020-25454 Proof Of Concept: grocy household management solution v2.7.1, allows stored XSS , via Add recipe module, th...
Apache Struts 2.5.20 Double OGNL Evaluation
Exploit Title: Apache Struts 2.5.20 - Double OGNL evaluation Date: 08/18/2020 Exploit Author: West Shepherd Vendor Homepage: https://struts.apache.org/download.cgi Version: Struts 2.0.0 - Struts 2.5.20 S2-059 CVE : CVE-2019-0230 Credit goes to reporters Matthias Kaiser, Apple InformationSecurity,...
Artworks Gallery 1.0 Shell Upload
Artworks Gallery - Arbitrary File Upload - RCE Authenticated - Edit Profile Exploit Title: Artworks Gallery - Arbitrary File Upload - RCE Authenticated - Edit Profile Date: November 17th, 2020 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: Source Code & Projects...
Cisco 7937G Denial Of Service / Privilege Escalation
Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os...
Super Store Finder 3.3 Cross Site Scripting
Exploit type : XSS INJECTION Exploit title : Super Store Finder Add location XSS Injection Descriptions : XSS injection from adding store and reflected XSS in SQL error login page PHP Script affected : Super Store Finder | Mega Locator Plugin URI : http://www.superstorefinder.net/ Version : 3.3 a...
SIGE 3.4.1 / 3.5.3 Pro Cross Site Scripting / Remote File Inclusion
Document Title: =============== SIGE Joomla 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2265 Release Date: ============= 2020-11-11 Vulnerability Laboratory ID VL-ID: ====================================...
SugarCRM 6.5.18 Cross Site Scripting
Document Title: =============== SugarCRM v6.5.18 - Contacts Persistent Cross Site Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2249 Release Date: ============= 2020-11-16 Vulnerability Laboratory ID VL-ID:...
PMB 5.6 Local File Disclosure / Directory Traversal
Exploit Title: PMB 5.6 - 'chemin' Local File Disclosure Date: 2020-10-13 Google Dork: inurl:opaccss Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 Tested on: Ubuntu 18.04.1 The PMB G...
Car Rental Management System 1.0 SQL Injection
Exploit Title: Car Rental Management System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software...
Fuel CMS 1.4 Remote Code Execution
!/usr/bin/env ruby Title: Fuel CMS 1.4 - Remote Code Execution Exploit Author: Alexandre ZANNI Date: 2020-11-14 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: FILE -h | --help Options: Root URL base path including...
Car Rental Management System 1.0 Shell Upload
Exploit Title: Car Rental Management System 1.0 - Remote Code Execution Authenticated Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html...
Taskcafe 0.1.0 / 0.1.1 Cross Origin Resource Sharing
Exploit Title: Taskcafé 0.1.0 and 0.1.1- Cross-Origin Resource Sharing Date: 2020- 09- 02 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://github.com/JordanKnott/ Software Link: https://github.com/JordanKnott/taskcafe Version: 0.1.0 and 0.1.1 Tested on: Kali Linux 2020.3 POC: The web...
WordPress Buddypress 6.2.0 Cross Site Scripting
Document Title: =============== Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2263 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID: ===================================...
MailDepot 2033 2.3.3022 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2020-037 Product: MailDepot Manufacturer: REDDOXX GmbH Affected Versions: 2033 2.3.3022 Tested Versions: 2033 2.3.3022 Vulnerability Type: Persistent Cross-site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer...
Kaa IoT Platform 1.2.0 Cross Site Scripting
Exploit Title: Kaa IoT Platform 1.2.0 Cross Site Scripting XSS Vulnerability Date: 2020-10-01 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.kaaproject.org/ Software Link: https://cloud.kaaiot.com/ Version: 1.2.0 Tested on: Kali Linux 2020.3 CVE: CVE-2020-26701 Proof Of Concept:...
Water Billing System 1.0 SQL Injection
Exploit Title: Water Billing System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor: https://www.sourcecodester.com/php/14560/water-billing-system-phpmysqli-full-source-code.html Version: 1.0 Tested on: Apache2 an...
Froxlor 0.10.16 Cross Site Scripting
Document Title: =============== Froxlor v0.10.16 CP - Customer Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2241 Release Date: ============= 2020-11-12 Vulnerability Laboratory ID VL-ID: ====================================...
SugarCRM 6.5.18 Cross Site Scripting
Document Title: =============== SugarCRM v6.5.18 - Employees Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2257 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID:...
RED-V Super Digital Signage System RXV-A740R Log Information Disclosure
RED-V Super Digital Signage System RXV-A740R Log Information Disclosure Vendor: RED-V S.R.L. Product web page: https://www.red-v.tv https://red-v.tv/digital-signage.html Affected version: Model name: RXV-A740R Android version: 5.1.1 Firmware version: 026 Player version: 7.8.6 Downloader version:...
KiteService 1.2020.1113.1 Unquoted Service Path
Exploit Title: KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path Discovery by: IRVIN GIL Discovery Date: 2020-11-14 Vendor Homepage: https://www.kite.com/ Tested Version: 1.2020.1113.1 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 x64 es Step to discover...
Pandora FMS 7.0 NG 749 SQL Injection
Exploit Title: Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection Authenticated Date: 11-14-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/1258a1a63535f60924fb69b1f7812c678570cc8e Software Link:...
HorizontCMS 1.0.0-beta Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HorizontCMS Arbitrary PHP File Upload', 'Description' = %q This module exploits an arbitrary file upload vulnerability in HorizontCMS 1.0.0-beta ...
Bludit Panel Brute Forcer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bludit Panel Brute force', 'Description' = %q This Module performs brute force attack on Bludit Panel. , 'Author' = 'Eren Simsek ', 'License' =...
Anuko Time Tracker 1.19.23.5311 Missing Rate Limiting
Exploit Title: Anuko Time Tracker 1.19.23.5311 No rate Limit on Password Reset functionality Date: 2020-10-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5311 Patched Version: 1.19.23.5325...
ASUS TM-AC1900 Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS TM-AC1900 - Arbitrary Command Execution', 'Description' = %q This module exploits a code execution vulnerability within the ASUS TM-AC1900...
Atheros Coex Service Application 8.0.0.255 Unquoted Service Path
Exploit Title: Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path Exploit Author : Isabel Lopez Exploit Date: 2020-11-13 Vendor Homepage : https://www.file.net/process/athcoexagent.exe.html Link Software :...
ReadyTalk Avian JVM FileOutputStream.write() Integer Overflow
Vulnerability title: Avian JVM FileOutputStream.write Integer Overflow Author: Pietro Oliva Vendor: ReadyTalk Product: Avian JVM Affected version: 1.2.0 before 27th October 2020 Fixed Version: 1.2.0 since 27th October 2020 Description: The issue is located in the FileOutputStream.write method...
Advanced System Care Service 13 Unquoted Service Path
Title: Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/es/advancedsystemcarepro.php Version : 13.0.0.157 Tested on: Windows 10 64bitEN CVE : N/A ...
Citrix ADC NetScaler Local File Inclusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler - Local File Inclusion Metasploit', 'Description' = % The remote device is affected by multiple vulnerabilities. An...
Anuko Time Tracker 1.19.23.5311 Password Reset
Exploit Title: Anuko Time Tracker 1.19.23.5311 Password Reset Vulnerability leading to Account Takeover Date: 2020-11-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version Tested: 1.19.23.5311 Patched...
Logitech Solar Keyboard Service Unquoted Service Path
Title: Logitech Solar Keyboard Service - 'L4301Solar' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.logitech.com/es-mx Software Link: https://support.logi.com/hc/en-us/articles/360024692874--Downloads-Wireless-Solar-Keyboard-K750 Version : 1.10.3.0 Teste...
WordPress Good LMS 2.1.4 SQL Injection
Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection Software Link: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850 Version: prefix . 'gdlrpayment '; 688- $sql .= 'WHERE id=' . $POST'id' . ' AND '; 689- $sql .=...
Water Billing System 1.0 SQL Injection
Exploit Title: Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection SQL Injection in 'username' and 'password' parameters allows attacker to run the SQL commands on the victim to extract entire DB. In advanced exploitation, an attacker can run the arbitrary code on the...
SaltStack Salt REST API Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt REST API Arbitrary Command Execution', 'Description' = %q This module exploits an authentication bypass and command injection in...
CMSUno 1.6.2 Remote Code Execution
Exploit Title: CMSUno 1.6.2 - 'user' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.09.30 Exploit Author: Fatih Çelik Vendor Homepage: https://github.com/boiteasite/cmsuno/ Software Link: https://github.com/boiteasite/cmsuno/ Blog:...
Microsoft Windows Local Spooler Bypass
Windows: Local Spooler CVE-2020-1337 Bypass One way of exploiting this on Windows 10 2004 is to understand that FileNormalizedNameInformation will fail if the new path after the mount point is not under the root directory of the server. For example the admin$ share points to c:\windows. If you se...
Customer Support System 1.0 Cross Site Request Forgery
Exploit Title: Customer Support System 1.0 - Cross-Site Request Forgery Admin Account Takeover Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Joomla SIGE 3.4.1-FREE / 3.5.3-PRO RFI / Cross Site Scripting
Title: SIGE - Simple Image Gallery Extended joomla extension 3.4.1-FREE / 3.5.3-PRO - Multi Vulnerability Remote File Inclusion RFI & Cross Site Scripting XSS date: 2020-11-11 Vendor Homepage: https://kubik-rubik.de/ Software Link: https://kubik-rubik.de/sige-simple-image-gallery-extended Softwar...