50637 matches found
CMS Made Simple 2.1.6 Server-Side Template Injection
Exploit Title: CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection Google Dork: N/A Date: 11/10/2017 Exploit Author: Gurkirat Singh Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: N/A Version: 2.1.6 Tested on: Linux CVE : CVE-2017-16783 POC :...
InoERP 0.7.2 Remote Code Execution
!/usr/bin/python -- coding: UTF-8 -- Exploit Title: InoERP 0.7.2 Unauthenticated Remote Code Execution Date: March 14, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/03/14/inoerp-ab-rce/ Software Link: https://github.com/inoerp/inoERP Version: 0.7....
School Faculty Scheduling System 1.0 SQL Injection
Exploit Title: School Faculty Scheduling System 1.0 - Authentication Bypass Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...
Bludit 3.9.2 Bruteforce Mitigation Bypass
!/usr/bin/python3 Exploit Title: Bludit = 3.9.2 - Bruteforce Mitigation Bypass Author: ColdFusionX Mayank Deshmukh Author website: https://coldfusionx.github.io Date: 2020-10-19 Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/archive/3.9.2.tar.gz Version: ...
School Faculty Scheduling System 1.0 Cross Site Scripting
Exploit Title: School Faculty Scheduling System 1.0 - Stored Cross Site Scripting Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...
Libtaxii 1.1.117 / OpenTaxi 0.2.0 Server-Side Request Forgery
Libtaxii version = 1.1.117 & OpenTaxi =0.2.0 Blind SSRF Details ======================================================================================== Product: Security-Risk: High Remote-Exploit: yes Vendor-URL: https://github.com/eclecticiq/OpenTAXII , https://github.com/TAXIIProject/libtaxii...
GOautodial 4.0 Shell Upload
Exploit Title: GOautodial 4.0 - Authenticated Shell Upload Author: Balzabu Discovery Date: 07-23-2020 Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 Last relase as of today Tested on OS: CentOS 7...
Hrsale 2.0.0 Local File Inclusion
Exploit Title: Hrsale 2.0.0 - Local File Inclusion Date: 10/21/2020 Exploit Author: Sosecure Vendor Homepage: https://hrsale.com/index.php Version: version 2.0.0 Description: This exploit allow you to download any readable file from server with out permission and login session. Payload :...
Tiki Wiki CMS Groupware 21.1 Authentication Bypass
Exploit Title: Tiki Wiki CMS Groupware 21.1 - Authentication Bypass Date: 01.08.2020 1st August 2020 Exploit Author: Maximilian Barz aka. Silky Vendor Homepage: tiki.org Software Link: https://jztkft.dl.sourceforge.net/project/tikiwiki/Tiki21.xUYScuti/21.1/tiki-21.1.zip Version: 21.1 Tested on:...
BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery
Advisory: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system which allows participants of a conference with permissions to upload presentations to read arbitrary files from the file...
Rite CMS 2.2.1 Remote Code Execution
Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: H0j3n Vendor Homepage: http://ritecms.com/ Software Link: http://sourceforge.net/projects/ritecms/files/ritecms2.2.1.zip/download Version: 2.2.1 Tested on: Linux Reference:...
Apache Struts 2 Remote Code Execution
Exploit Title: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution Google Dork: ext:action | filetype:action Date: 2020/09/09 Exploit Author: Jonatas Fil Vendor Homepage: http://struts.apache.org/release/2.3.x/docs/s2-016.html Version: = 2.3.15 Tested on: Linux CVE : CVE-2013-2251...
Visitor Management System In PHP 1.0 SQL Injection
Title: Visitor Management System in PHP 1.0 - Authenticated SQL Injection Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On: Windo...
WordPress Rest Google Maps SQL Injection
Exploit Title: WordPress Rest Google Maps Plugin SQL Injection Google Dork: inurl:index.php?restroute=3D/wpgmza/ Date: 2020-09-09 Exploit Author: Jonatas Fil Vendor Homepage: https://wordpress.org/plugins/wp-google-maps/developers Software Link: https://wordpress.org/plugins/wp-google-maps/...
Loan Management System 1.0 Cross Site Scripting
Exploit Title: Loan Management System 1.0 - Multiple Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/19 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...
User Registration And Login And User Management System 2.1 Cross Site Scripting
Exploit Title: User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS Google Dork: N/A Date: 2020-08-07 Exploit Author: yusufmalikul Vendor Homepage: https://phpgurukul.com Software Link:...
Textpattern CMS 4.6.2 Cross Site Request Forgery
Exploit Title: Textpattern CMS 4.6.2 - Cross-site Request Forgery Exploit Author: Alperen Ergel Contact: @alprenae Software Homepage: https://textpattern.com/ Version : 4.6.2 Tested on: windows 10 / xammp Category: WebApp Google Dork: intext:"Published with Textpattern CMS" Date: 2020-10-29...
WordPress Colorbox Lightbox 1.1.1 Cross Site Scripting
Exploit Title: WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting Vulnerability Authenticated Date: 10.8.2020. Exploit Author: n1x MS-WEB Software Homepage: https://wordpress.org/plugins/wp-colorbox/ Software Link v1.1.1:...
Ultimate Project Manager CRM PRO 2.05 SQL Injection
Exploit Title: Ultimate Project Manager CRM PRO 2.0.5 - SQLi Credentials Leakage Date: 2020-16-09 Exploit Author: nag0mez Vendor Homepage: https://ultimatepro.codexcube.com/ Version: = 2.0.5 Tested on: Kali Linux 2020.2 The SQLi injection does not allow UNION payloads. However, we can guess...
Comtrend AR-5387un Cross Site Scripting
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Persistent XSS on Comtrend AR-5387un router Date: 19/10/2020 Exploit Author: OscarAkaElvis Vendor Homepage: https://www.comtrend.com/ Version: Comtrend AR-5387un router Tested on: Software/Firmware version A731-410JAZ-C04R02.A2pD035g.d2...
Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::Remote::HttpClient include...
Typesetter CMS 5.1 Remote Code Execution
Exploit Title: Typesetter CMS 5.1 - Arbitrary Code Execution Exploit Author: Rodolfo "t0gu" Tavares Contact: @t0guu TW Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Linux / Apache Category: WebApp Google Dork: intext:"Powered by Typesetter" Date: 2020-09-29 CVE :...
Hostel Management System 2.1 Cross Site Scripting
Exploit Title: PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, City Google Dork: N/A Date: 2020-10-08 Exploit Author: Kokn3t Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/hostel-management-syste...
WordPress SuperStoreFinder 6.1 CSRF / Shell Upload
Exploit Title : SuperStoreFinder Wordpress Plugins CSRF File Upload Wordpress Plugins Affected : Super Store Finder | Super Interactive Maps | Super Logo Showcase Exploit Type : Cross Site Request Forgery Plugin URI: http://www.superstorefinder.net/ Version : All versions from 6.1 and below , sho...
WordPress HS Brand Logo Slider 2.1 Shell Upload
Exploit Title: WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload Date: 2020-10-20 Exploit Author: Net-Hunter Google Dork: N/A Software Link: https://ms.wordpress.org/plugins/hs-brand-logo-slider/ Vendor Homepage: https://www.heliossolutions.co/ Tested on: Linux Apache / Wordpre...
Linux / Unix su Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Login to Another User with Su on Linux / Unix Systems', 'Description' = %q This module attempts to create a new login session by invoking the su...
ReQuest Serious Play Media Player 3.0 File Disclosure / Path Traversal
ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure Vulnerability Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 3.0.0 2.1.0.831 1.5.2.822 1.5.2.821 1.5.1.820 Summary: With the MediaPlayer, ReQuest delivers video content and...
HiSilicon Video Encoder 1.97 File Disclosure / Path Traversal
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: https://www.szuray.com/ Software Link: N/A Version: up to 1.97 Tested on: Linux CVE: CVE-2020-24219 Vendors: URayTech...
HiSilicon Video Encoder Malicious Firmware Code Execution
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...
QRadar RemoteJavaScript Deserialization
------------------------------------------------------------------------ Java deserialization vulnerability in QRadar RemoteJavaScript Servlet ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------...
Tourism Management System 1.0 Shell Upload
Exploit Title: Tourism Management System 1.0 - Arbitrary File Upload Date: 2020-10-19 Exploit Author: Ankita Pal & Saurav Shukla Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7204 Version: V1...
Jenkins 2.63 Sandbox Bypass
Exploit Title: Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in Date: 8th October 2020 Exploit Author: dmw0ng Vendor Homepage: https://www.jenkins.io Software Link: http://archives.jenkins-ci.org/windows/jenkins-2.63.zip Version: Jenkins 2.63 Tested on: Ubuntu 18.04 / 20.04 CVE :...
Nagios XI 5.7.3 SQL Injection
Exploit Title: Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...
FRITZ!Box 7.20 DNS Rebinding Protection Bypass
Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box router devices which allows to resolve DNS answers that point to IP addresses in the private local network, despite the DNS rebinding protection mechanism. Details ======= Product:...
Online Job Portal 1.0 Cross Site Scripting
Exploit Title: Online Job Portal 1.0 Cross Site Scripting Stored Google Dork: N/A Date: 2020/10/17 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/13850/online-job-portal-phppdo.html Software Link:...
Online Discussion Forum Site 1.0 Cross Site Scripting
Exploit Title: Online Discussion Forum Site 1.0 - XSS in Messaging System Google Dork: N/A Date: 2020-10-17 Exploit Author: j5oh Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...
HiSilicon Video Encoder Backdoor Password
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...
HiSilicon Video Encoder Buffer Overflow / Denial Of Service
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...
TinyMCE 5 HTML Injection
Exploit Title: iframe Injection\Html Injection TinyMCE 5 HTML WYSIWYG Date:18.10.2020 Author: Vincent666 ibn Winnie Software Link: https://www.tiny.cloud/features/ Tested on: Windows 10 Web Browser: Mozilla Firefox Blog : https://pentest-vincent.blogspot.com/ PoC:...
Microsoft SharePoint SSI / ViewState Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SharePoint Server-Side Include and ViewState RCE', 'Description' = %q This module exploits a server-side include SSI in SharePoint to...
HiSilicon Video Encoder Command Injection
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated command injection Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech, J-Tech...
Online Student's Management System 1.0 Shell Upload
Exploit Title: Online Student's Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020/10/18 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14490/online-students-management-system-php-full-source-code-2020.html Software Link:...
ReQuest Serious Play F3 Media Server 7.0.3 Denial Of Service
ReQuest Serious Play F3 Media Server 7.0.3 Remote Denial of Service Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954 6.4.2.4681 6.3.2.4203 2.0.1.823 Summary: F3 packs all the power of ReQuest's multi-zone serious Play...
ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution
!/usr/bin/env python3 -- coding: utf-8 -- ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954 6.4.2.4681 6.3.2.4203 2.0.1.823 Summary: F3...
Nagios XI 5.7.3 Cross Site Scripting
Exploit Title: Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...
OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
Product: OX App Suite / OX Documents Vendor: OX Software GmbH Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.2, 7.10.3 Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.2-rev29, 7.10.3-rev15 Vendor notificatio...
ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure
ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954 6.4.2.4681 6.3.2.4203 2.0.1.823 Summary: F3 packs all the power of ReQuest's multi-zone serious Play...
Employee Management System 1.0 Cross Site Scripting
Exploit Title: Employee Management System 1.0 - Stored Cross Site Scripting Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...
Hotel Management System 1.0 Remote Code Execution
Exploit Title: Hotel Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-09-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14458/hotel-management-system-project-using-phpmysql.html Software Link:...
Employee Management System 1.0 SQL Injection
Exploit Title: Employee Management System 1.0 - Authentication Bypass Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...