50630 matches found
📄 namrb.bg SQL Injection
namrb.bg suffers from a remote SQL injection vulnerability. The owner of the site has been unresponsive to the researcher so this is being posted to encourage them to address their issues for the safety of their users. Titles: namrb.bg app-Multiple-SQLi Author: nu11secur1ty Date: 09/15/2025 Vendo...
📄 Sitecore XP Post-Authentication Remote Code Execution
This Metasploit module exploits Sitecore XP with a path traversal that leads to remote code execution as well as a hardcoded credential vulnerability in the ServicesAPI account to gain a foothold. This module requires Metasploit: https://metasploit.com/download Current source:...
📄 Sitecore XP Post-Authentication File Upload
This Metasploit module exploits Sitecore XP with a file upload vulnerability in PowerShell extensions and a hardcoded credential vulnerability with the ServicesAPI account to gain a foothold. This module requires Metasploit: https://metasploit.com/download Current source:...
📄 Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated Remote Code Execution
This Metasploit module exploits an unauthenticated remote command injection vulnerability in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02. The vulnerability lies in the time parameter of the time configuration endpoint, which is passed unsanitized to a shell command executed via th...
📄 Sawtooth Software Lighthouse Studios Template Injection
This Metasploit module exploits a template injection vulnerability in the Sawtooth Software Lighthouse Studios ciwweb.pl web application. The application fails to properly sanitize user input within survey templates, allowing unauthenticated attackers to inject and execute arbitrary Perl commands...
📄 Rupee Invoice 1.0 SQL Injection
Rupee Invoice version 1.0 suffers from a remote SQL injection vulnerability. Titles: RUPEE-INVOICE-1.0-Multiple-SQLi Author: nu11secur1ty Date: 09/09/2025 Vendor: https://www.mayurik.com/ Software:...
📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell
Ilevia EVE X1/X5 Server version 4.7.18.0.eden reverse rootshell exploit. A misconfiguration in the sudoers file permits passwordless execution of specific Bash shell scripts via sudo, exposing a critical privilege escalation vulnerability. When such scripts are writable by a web-facing user...
📄 Sudo Chroot 1.9.17 Privilege Escalation
This Metasploit module exploits the chroot vulnerability in Sudo versions prior to 1.9.17p1. It allows the attacker to trick Sudo into loading an arbitrary shared object, thus resulting in a privilege escalation. This module requires Metasploit: https://metasploit.com/download Current source:...
📄 Concrete CMS 9.4.3 Cross Site Scripting
Concrete CMS version 9.4.3 suffers from a persistent cross site scripting vulnerability. Exploit Title: Concrete CMS version 9.4.3 - Stored XSS Date: 2/09/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.concretecms.org/ Software Link:...
📄 XWiki Platform Remote Code Execution
This Metasploit module exploits a template injection vulnerability in the the XWiki Platform. XWiki includes a macro called SolrSearch defined in Main.SolrSearchMacros that enables full-text search through the embedded Solr engine. The vulnerability stems from the way this macro evaluates search...
📄 Beakon Privilege Escalation
Beakon versions prior to 5.4.3 have an incorrect access control that allows authenticated attackers with low-level privileges to escalate privileges and execute commands with Administrator rights. Title: Privilege Escalation in Beakon Application versions prior to 5.4.3 Description: Incorrect...
📄 Remote for Mac 2025.6 Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability in Remote for Mac 2025.6. When the "Allow unknown devices" setting is enabled, it is possible to simulate keyboard input via UDP packets without authentication. By sending a sequence of key presses, an attacker...
📄 Coolify 4.0.0-beta.420.6 Command Injection
Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a critical remote code execution flaw in the project deployment workflow. The platform allows authenticated users, with low-level privileges, to inject arbitrary shell commands via the Git Repository URL field during...
📄 Generic Payload Handler
This Metasploit module is a stub that provides all of the features of the Metasploit payload system to exploits that have been launched outside of the framework. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
📄 Beakon Cross Site Scripting
Beakon versions prior to 5.4.3 suffer from a cross site scripting vulnerability via a malicious file upload. Title: Cross Site Scripting/Phishing Delivery through File upload in Beakon versions prior to 5.4.3 Description: The vulnerability exists due to insufficient validation of uploaded file...
📄 Pretalx Limited File Write / Remote Code Execution
This Metasploit module exploits CVE-2023-28458, a limited file write in Pretalx, up to version 2.3.1. The module will use the vulnerability to write a malicious site-specific configuration hook for Python. Once hook is written, payload will be executed every time Pretalx user runs any Python code...
📄 Update-motd.d Persistence
This Metasploit module will add a script in /etc/update-motd.d/ in order to persist a payload. The payload will be executed with root privileges every time a user logs in. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...
📄 Script Web Delivery
This Metasploit module quickly fires up a web server that serves a payload. The module will provide a command to be run on the target machine based on the selected target. The provided command will download and execute a payload using either a specified scripting language interpreter or...
📄 Kubernetes Authenticated Code Execution
This Metasploit module executes a payload within a Kubernetes pod. -- coding: binary -- This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kubernetes authenticated code execution', 'Description' =...
📄 WordPress StoryChief 1.0.42 Shell Upload
WordPress StoryChief plugin versions 1.0.42 and below suffer from a remote shell upload vulnerability. Exploit Title: StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload Exploit Author: xpl0dec Vendor Homepage: https://www.storychief.io/wordpress-content-scheduler Software Link:...
📄 Ivanti Endpoint Manager Mobile 12.5.0.0 Authentication Bypass
Ivanti Endpoint Manager Mobile version 12.5.0.0 authentication bypass proof of concept exploit. !/usr/bin/env python3 Exploit Title: Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass Google Dork: inurl:/mifs "Ivanti" OR "EPM" OR "Endpoint Manager" Date: 2025-01-21 Exploit Author: Yo...
📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass
Ilevia EVE X1/X5 Server versions 4.7.18.0.eden and below construct a shell command using unsanitized user input passed to the system function, calling an external binary for authentication. Due to improper input handling and reliance on the binary's return value for access control, an attacker ca...
📄 Pharmacy Product Management System 1.0 Cross Site Scripting
Pharmacy Product Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: Pharmacy Product Management System - Persistent XSS Date: 25.08.2025 Exploit Author: Ömer Ahmet Yılmaz Vendor Homepage:...
📄 GeoVision ASManager Windows Application 6.1.2.0 Remote Code Execution
GeoVision ASManager Windows Application version 6.1.2.0 suffers from a remote code execution vulnerability. Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution RCE Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...
📄 GeoVision ASManager Windows Application 6.1.2.0 Credential Disclosure
GeoVision ASManager Windows Application version 6.1.2.0 suffers from a credential disclosure vulnerability. Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...
📄 Lingdang CRM 8.6.4.7 SQL Injection
Lingdang CRM versions 8.6.4.7 and below suffer from a remote SQL injection vulnerability. Exploit Title: Lingdang CRM 8.6.4.7 - SQL Injection Google Dork: N/A Date: 2025-08-19 Exploit Author: Beatriz Fresno Naumova Vendor: Shanghai Lingdang Information Technology Software Link: N/A – commercial...
📄 Wise-Insurance Agency Insurance Management System 1.0 Cross Site Scripting
Wise-Insurance Agency Insurance Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: Wise-Insurance Agency - Insurance Management System 1.0 - Stored XSS Date: 25.08.2025 Exploit Author: Emir Bulutlu Vendor:...
📄 WordPress WP Reactions Box 1.0 SQL Injection
WordPress WP Reactions Box plugin versions 1.0 and below suffer from a remote SQL Injection vulnerability. Exploit Title: WordPress WP Reactions Box Plugin 1.0 - SQL Injection Google Dork: N/A Date: 2025-08-24 Exploit Author: bRpsd cyatlive.no Vendor Homepage:...
📄 EasyApp Limited 2.5 Remote Code Execution / Deserialization / File Upload
EasyApp Limited versions 2.5 and below suffer from PHP object injection allowing for remote code execution, arbitrary file upload, and hardcoded credential vulnerabilities. It looks like it may also suffer from cross site request forgery, cross site scripting, etc. Obviously, security is hard, an...
📄 Student Result Management System 2.0 SQL Injection / Local File Inclusion
Student Result Management System version 2.0 suffers from unauthenticated remote SQL injection and local file inclusion vulnerabilities. Exploit Title: Student Result Management System v2.0 Unauthenticated SQL Injection / Local File Inclusion Date: 2025-08-22 Exploit Author: Mehmet Can Kadıoğlu...
📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting
Easy Hosting Control Panel version 20.04.1.b suffers from a cross site scripting vulnerability in the ftpusername parameter. This enables the attacker to inject malicious JavaScript payloads, leading to session hijacking, redirection to malicious sites, defacement, or other actions performed in t...
📄 Netdata ndsudo 1.45.0 Privilege Escalation
ndsudo versions 1.45.0 and below have a vulnerability that allows an attacker to achieve privilege escalation. It leverages an untrusted search path, when searching for additional binary files, such as nvme. An attacker can create a malicious binary with the same name and add the directory of thi...
📄 Ilevia EVE X1 Server 4.7.18.0.eden Credentials Leak
A critical vulnerability was identified in the EVE smart home and BMS/BAS controller system due to improper handling of sensitive information in server-side logging. Specifically, .log files accessible via the web server expose cleartext credentials, including username and password submitted duri...
📄 Piciorgros TMO-100 Information Disclosure
Piciorgros TMO-100 suffers from an issue where it provides unauthorized log data access. It affects versions prior to 4.20. PDF advisory: https://rt-solutions.de/piciorgros/PiciorgrosTMO-100IP-Loggeren.pdf Classification -------------- - CWE-200: Exposure of Sensitive Information to an Unauthoriz...
📄 iDempiere WebUI 12.0.0.202508171158 Session Fixation
iDempiere WebUI version 12.0.0.202508171158 suffers from a session fixation vulnerability. The application does not issue a new session identifier JSESSIONID after successful authentication. An attacker who can set or predict a victim’s session ID prior to login may hijack the victim’s...
📄 nopCommerce 4.10 / 4.80.3 CSV Injection
nopCommerce versions 4.10 and 4.80.3 are vulnerable to CSV injection Formula Injection when exporting data to CSV. The application does not properly sanitize user-supplied input before including it in CSV export files. nopCommerce versions v4.10 and v4.80.3 are vulnerable to CSV Injection Formula...
📄 nopCommerce 4.10 / 4.80.3 Session Invalidation
nopCommerce versions 4.10 and 4.80.3 are vulnerable to insufficient invalidation of session cookies. The application does not properly invalidate or expire authentication cookies after logout or session termination. nopCommerce v4.10 and 4.80.3 is vulnerable to Insufficient Invalidation of Sessio...
📄 liblcf 0.8.1 Integer Overflow
A crafted RPG Maker save file .lsd can trigger an integer overflow in liblcf’s lcfstrings compressed integer decoding logic LcfReader::ReadInt, resulting in an unbounded shift and accumulation loop. The overflowed value is later used in buffer size allocations and structure parsing, causing large...
📄 nopCommerce 4.10 / 4.80.3 Resource Exhaustion
nopCommerce versions 4.10 and 4.80.3 are vulnerable to resource exhaustion vulnerabilities. nopCommerce is vulnerable to Insufficient Resource Allocation Limits when handling large Excel file imports. Although the application provides a warning message recommending that users avoid importing more...
📄 iDempiere WebUI 12.0.0.202508171158 CSV Injection
A CSV injection vulnerability exists in iDempiere WebUI version 12.0.0.202508171158. A CSV Injection vulnerability exists in iDempiere WebUI v12.0.0.202508171158. The application fails to properly sanitize user-supplied input before including it in exported CSV files. An authenticated attacker ca...
📄 Piciorgros TMO-100 Configuration Change
Piciorgros TMO-100 allows for an unauthorized configuration change via TFTP. This issue affects versions prior to 4.20. Classification -------------- - CWE-306: Missing Authentication for Critical Function - CWE-940: Improper Verification of Source of a Communication Channel - CWE-200: Exposure o...
📄 Optimizely Episerver Content Management System 11.x / 12.x Cross Site Scripting
Optimizely Episerver Content Management System versions prior to 11.21.4 and prior to 12.22.1 suffer from multiple persistent cross site scripting vulnerabilities. Confidentiality class: Internal & Partner SEC Consult Vulnerability Lab Security Advisory...
📄 RiteCMS 3.0.0 Cross Site Scripting
RiteCMS versions 3.0.0 and below suffer from a cross site scripting vulnerability. Exploit Title: RiteCMS 3.0.0 – Reflected Cross-Site Scripting XSS Google Dork: N/A Date: 2024-08-12 Exploit Author: GURJOT SINGH Vendor Homepage: https://ritecms.com/ Software Link:...
📄 BigAnt Office Messenger 5.6.06 SQL Injection
BigAnt Office Messenger version 5.6.06 suffers from a remote SQL injection vulnerability. Exploit Title: BigAnt Office Messenger 5.6.06 - SQL Injection Date: 01.09.2025 Exploit Author: Nicat Abbasov Vendor Homepage: https://www.bigantsoft.com/ Software Link: https://www.bigantsoft.com/download.ht...
📄 Easy Hosting Control Panel 20.04.1.b SQL Injection
Easy Hosting Control Panel version 20.04.1.b suffers from a remote SQL injection vulnerability in the listdomains function via the arananalan POST parameter. Title: Easy Hosting Control Panel EHCP 20.04.1.b - SQL Injection in the listdomains function via the arananalan POST parameter Description:...
📄 phpMyAdmin 3.0 Bruteforce Login Bypass
phpMyAdmin version 3.0 suffers from a brute force login bypass vulnerability. """ Exploit-Title: PHPMyAdmin 3.0 - Bruteforce Login Bypass Author: Nikola Markovic [email protected] Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: 3.0 & 4.3.x before 4.3.13...
📄 Soosyze CMS 2.0 Missing Rate Limiting
Soosyze CMS version 2.0 suffers from missing rate limiting that allows for brute force login attacks. Exploit Title: Soosyze CMS 2.0 - Brute Force Login Google Dork: N/A Date: 2025-08-13 Exploit Author: Beatriz Fresno Naumova beafn28 Vendor Homepage: https://soosyze.com/ Software Link:...
📄 Microsoft SQL Server 2016 / 2017 / 2019 / 2022 Privilege Escalation
Microsoft SQL Server versions 2016, 2017, 2019, and 2022 suffer from a database privilege escalation vulnerability from ALTER ANY LOGIN To SYSADMIN. Title: MSSQL Database Privilege Elevation From ALTER ANY LOGIN To SYSADMIN Product: Microsoft SQL Server Vendor: Microsoft Affected Versions: SQL...
📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting
Easy Hosting Control Panel version 20.04.1.b suffers from multiple reflective cross site scripting vulnerabilities. Exploit Title: Easy Hosting Control Panel EHCP 20.04.1.b - Reflected Cross-Site Scripting in the List MySQL Databases function via action parameter. Date: Aug 18, 2025 Exploit Autho...
📄 PivotX 3.0.0 RC 3 Remote Code Execution
This Metasploit module gains remote code execution in PivotX management system version 3.0.0 RC 3. The PivotX allows admin user to directly edit files on the webserver, including PHP files. The module exploits this by writing a malicious payload into index.php file, gaining remote code execution...