50630 matches found
📄 Anchor CMS 0.12.7 Cross Site Scripting
Anchor CMS version 0.12.7 suffers from a persistent cross site scripting vulnerability. Anchor CMS v0.12.7 - Stored XSS CVE-2025-46041 Anchor CMS v0.12.7 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability in the description field of the /admin/pages/add interface. CVE ID...
📄 WordPress Upload.am 1.0.0 Setting Modification / Information Disclosure
WordPress Upload.am plugin versions 1.0.0 and below suffer from unauthorized settings modification and sensitive information disclosure vulnerabilities. Exploit Title: Upload.am 1.0.0 WordPress Plugin - Multiple Vulnerabilities Date: Aug 12, 2025 Exploit Author: bRpsd cyatlive.no Vendor Homepage:...
📄 Wazuh Server Remote Code Execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are serialized as JSON and...
📄 Citrix NetScaler ADC/Gateway 14.1 Memory Disclosure
Citrix NetScaler ADC/Gateway version 14.1 CitrixBleed memory disclosure exploit that achieves an out-of-bounds read. Exploit Title: Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure Exploit Author: Yesith Alvarez Vendor Homepage:...
📄 Ghost CMS Path Traversal
Ghost CMS versions prior to 5.42.1 contain a path traversal vulnerability that allows remote attackers to read arbitrary files within the active theme's folder structure. !/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.42.1 - Path Traversal Date: 2023-06-15 Exploit...
📄 Ghost CMS 5.59.1 Arbitrary File Read
Ghost CMS version 5.59.1 proof of concept arbitrary file read exploit. !/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link:...
📄 Microsoft SharePoint Server 2019 16.0.10383.20020 Remote Code Execution
Microsoft SharePoint Server 2019 version 16.0.10383.20020 proof of concept that demonstrates unauthenticated remote code execution by exploiting unsafe deserialization in SharePoint's ToolPane.aspx via the Scorecard:ExcelDataSet control. Exploit Title: Microsoft SharePoint Server 2019 – Remote Co...
📄 Grav CMS 1.7.48 Remote Code Execution
Grav CMS version 1.7.48 suffers from a remote code execution vulnerability. Exploit Title: Grav CMS 1.7.48 - Remote Code Execution RCE Date: 2025-08-07 Exploit Author: binneko https://github.com/binneko Vendor Homepage: https://getgrav.org/ Software Link:...
📄 WebsiteBaker 2.13.7 r164 Command Injection
WebsiteBaker version 2.13.7 r164 suffers from an authenticated command injection vulnerability. Exploit Title: WebsiteBaker 2.13.7 r164 Command Injection Authenticated Exploit Author: tmrswrr /Hulya KARABAG Vendor Homepage: https://forum.websitebaker.org/ Software Link:...
📄 VMware vSphere Client 8.0.3.0 Cross Site Scripting
VMware vSphere Client version 8.0.3.0 suffers from a cross site scripting vulnerability. VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Exploit Title: VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Date: 2025-08-08 - Exploit Author: Imraan Khan Lich-Sec...
📄 JetBrains TeamCity Authentication Bypass
JetBrains TeamCity versions prior to 2023.11.4 contain a critical authentication bypass vulnerability that allows unauthenticated attackers to perform administrative actions. The vulnerability leverages a path traversal-like technique in the JSP handling mechanism combined with REST API endpoints...
📄 ServiceNow Input Validation / Template Injection
The ServiceNow Platform contains an input validation vulnerability that allows unauthenticated remote code execution. The vulnerability affects Vancouver, Washington DC, and Utah releases of the Now Platform. !/usr/bin/env python3 """ Title : ServiceNow Multiple Versions - Input Validation &...
📄 Projectworlds Online Admission System 1.0 SQL Injection
Projectworlds Online Admission System version 1.0 suffers from a remote SQL injection vulnerability. / Title : projectworlds Online Admission System 1.0 - SQL Injection Author : Byte Reaper CVE : CVE-2025-8471 / include include include include include "argparse.h" include define FULL 2200 int...
📄 Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated Remote Code Execution
Shenzhen Aitemi M300 Wi-Fi Repeater suffers from a remote code execution vulnerability. package main import "flag" "fmt" "io" "net/http" "net/url" "os" "strings" / Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE CVE-2025-34152 - does not require authentication even when the login panel is...
📄 Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution
This Metasploit module exploits the authentication bypass vulnerabilities CVE-2025-49706 and CVE-2025-53771, and an unsafe deserialization vulnerability CVE-2025-49704, to achieve unauthenticated RCE against a vulnerable Microsoft SharePoint Server. The vulnerability CVE-2025-53770 was disclosed ...
📄 Pandora ITSM Authenticated Command Injection
This Metasploit module exploits a command injection vulnerability in the name backup setting at the application setup page of Pandora ITSM. This can be triggered by generating a backup with a malicious payload injected at the name parameter. You need to have admin access at the Pandora ITSM Web...
📄 Easy Hosting Control Panel 20.04.1.b SQL Injection
Easy Hosting Control Panel version 20.04.1.b suffers from multiple remote SQL injection vulnerabilities that affect the id and theorder parameters. Exploit Title: Easy Hosting Control Panel EHCP v20.04.1.b - SQL injection vulnerability via the id parameter Date: Aug 6, 2025 Exploit Author: Charan...
📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting
Easy Hosting Control Panel version 20.04.1.b suffers from a cross site scripting vulnerability in the ftpusername parameter. This enables the attacker to inject malicious JavaScript payloads, leading to session hijacking, redirection to malicious sites, defacement, or other actions performed in t...
📄 Lost and Found Information System 1.0 SQL Injection
Lost and Found Information System version 1.0 suffers from a remote SQL injection vulnerability. This particular version was already known to be susceptible to such attacks in 2023 but appears to have other vectors of exploitability for the same issue. Titles: Lost and Found Information System-1....
📄 Oracle 19c / 21c Denial of Service
Oracle Database versions 19c and 21c proof of concept exploitation details for CVE-2023-22077. It illustrates that even though the "Lockdown Profile" security feature was in-place to restrict OS accessibility, an attacker is able to cause a denial of service attack that can impact all customers...
📄 Ametys Portal 4.4 Local File Inclusion
Ametys Portal version 4.4 suffers from a local file inclusion vulnerability. Exploit Title: Ametys Portal 4.4 - Local File Inclusion Date: 05.08.2025 Exploit Author: tmrswrr Vendor Homepage: https://www.ametys.org Software Link:...
📄 ICTBroadcast Unauthenticated Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution RCE vulnerability in ICTBroadcast. The vulnerability exists in the way session cookies are handled and processed, allowing an attacker to inject arbitrary system commands. This module requires Metasploit:...
📄 Ultimate Control Receiver 1.2 Remote Code Execution
Ultimate Control Receiver version 1.2 is vulnerable to an unauthenticated remote code execution vulnerability. An attacker can exploit the keyboard input functionality over TCP to execute arbitrary system commands on the target machine without user interaction. Exploit Title: Ultimate Control...
📄 VX Guestbook 1.07 SQL Injection
VX Guestbook version 1.07 suffers from a remote SQL injection vulnerability. Exploit Title: VX Guestbook SQL Injection Authenticated Date: 2025-08-02 Exploit Author: tmrswrr Category : Webapps Vendor: https://phpversion.com/ Version 1.07 1. Access the Admin Panel: - Click Words Censor...
📄 WordPress Ultimate Member 2.6.6 Privilege Escalation
WordPress Ultimate Member plugin version 2.6.6 proof of concept privilege escalation exploit. !/usr/bin/env python3 Exploit Title: Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation Exploit Author: Gurjot Singh CVE: CVE-2023-3460 Description : The attached PoC demonstrates how an...
📄 Malicious XDG Desktop File
This Metasploit module creates a malicious XDG Desktop .desktop file. On most modern systems, desktop files are not trusted by default. The user will receive a warning prompt that the file is not trusted when running the file, but may choose to run the file anyway. The default file manager...
📄 FullControl: Remote for Mac 4.0.5 Remote Command Execution
FullControl Remote for Mac version 4.0.5 is vulnerable to unauthenticated remote command execution vulnerability via TCP port 2846. Attackers on the same network can send crafted packets to simulate keyboard input, allowing command execution without user interaction or authentication. Exploit...
📄 FullControl: Remote for Mac 4.0.5 Directory Traversal / Enumeration
FullControl Remote for Mac version 4.0.5 is vulnerable to an unauthenticated directory traversal flaw. An attacker can remotely enumerate and traverse arbitrary directories on the target system by sending crafted JSON requests to TCP port 2846. This vulnerability arises from insufficient input...
📄 Ilevia EVE X1 Server 4.7.18.0.eden Command Injection
iIlevia EVE X1 Server versions 4.7.18.0.eden and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the passwd HTTP POST parameter in the /ajax/php/login.php script. !/usr/bin/env python Ilevia EVE ...
📄 Ilevia EVE X1 Server 4.7.18.0.eden File Disclosure
Ilevia EVE X1 Server versions 4.7.18.0.eden and below suffer from an unauthenticated file disclosure vulnerability. Using the dblog POST parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. Ilevia EVE X1 Server 4.7.18.0.eden dblog...
📄 AK-Nord USB-Server-LXL Privilege Escalation
AK-Nord USB-Server-LXL with firmware versions up to 0.0.16 Build 2023-03-13 suffer from a local privilege escalation vulnerability that achieves root. ================== Overview ================== TL;DR: Using the low-privilege "admin" user account via SSH on the IoT device "USB-Server-LXL" 1, i...
📄 Helmholz Industrial Router REX100 / MBConnectline mbNET.mini Command Injection / DoS
Helmholz Industrial Router REX100 versions prior to 2.3.3 and MBConnectline mbNET.mini versions prior to 2.3.3 suffer from buffer overflow, command injection, denial of service, cross site scripting, and remote SQL injection vulnerabilities. St. Pölten UAS 20250721-0...
📄 SeoToaster 2.5.0 Open Redirection
SeoToaster version 2.5.0 suffers from an open redirection vulnerability. Exploit Title: Open Redirect "Login Page" Functionality - seotoasterv2.5.0 Date: 07/2025 Exploit Author: Andrey Stoykov Version: 2.5.0 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Open Redirect "Login Page"...
📄 SeoToaster 2.5.0 Cross Site Scripting
SeoToaster version 2.5.0 suffers from multiple persistent cross site scripting vulnerabilities. Exploit Title: Stored XSS "Edit Header" Functionality - seotoasterv2.5.0 Date: 07/2025 Exploit Author: Andrey Stoykov Version: 2.5.0 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Stored X...
📄 Caddy 2.10.0 Server-Side Request Forgery
Caddy version 2.10.0 suffers from a server-side request forgery vulnerability via a JSON configuration injection. Exploit Title: Caddy 2.10.0 - Admin API SSRF via JSON Config Injection Date: 2025-07-10 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://caddyserver.com/ Software Link:...
📄 Create School Management System 1.0 Cross Site Scripting
Create School Management System version 1.0 suffers from a persistent cross site scripting vulnerabilities. Hello Full Disclosure community, I’m sharing details of a recently assigned CVE affecting a widely used open‑source School Management System PHP/MySQL...
📄 XWiki 14 SQL Injection
XWiki version 14 suffers from a remote blind SQL injection vulnerability in getdeleteddocuments.vm. Exploit Title: XWiki 14 - SQL Injection via getdeleteddocuments.vm Google Dork: N/A Date: 28 July 2025 Exploit Author: Byte Reaper LinkedIn: N/A Vendor Homepage: https://www.xwiki.org Software Link...
📄 ISPConfig 3.3.0 Cross Site Scripting
ISPConfig version 3.3.0 suffers from a cross site scripting vulnerability in the system status webpage. CVE-2025-52206 Reflected Cross Site Scripting XSS Suggested description ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...
📄 Xorux LPAR2RRD 8.04 Denial of Service
Xorux LPAR2RRD versions 8.04 and below have an issue where an authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user. KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service Title: Xorux LPAR2RRD Read Only User Denial of...
📄 Xorux XorMon-NG 1.8 Information Disclosure
Xorux XorMon-NG versions 1.8 and below has an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...
📄 FullControl: Remote for Mac 4.0.5 Unauthenticated Screen Capture
FullControl: Remote for Mac version 4.0.5 is vulnerable to an unauthenticated remote screenshot capture and live screen streaming due to a lack of authentication on TCP port 2846. This exploit allows attackers to silently capture screenshots or continuously stream the victim's screen in real-time...
📄 Mezzanine CMS 6.1.0 Cross Site Scripting
Mezzanine CMS version 6.10 suffers from a persistent cross site scripting vulnerability. Exploit Title: Mezzanine CMS 6.1.0 Stored Cross Site Scripting XSS via component /blog/blogpost/add Date: 23/07/2025 Exploit Author: Kevin Dicks Vendor Homepage: https://github.com/stephenmcd/mezzanine Softwa...
📄 Xorux XorMon-NG 1.8 Privilege Escalation
Xorux XorMon-NG versions 1.8 and below has an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control t...
📄 Adobe ColdFusion 2023.6 Remote File Read
Adobe ColdFusion version 2023.6 suffers from a remote file read vulnerability. Exploit Title: Adobe ColdFusion 2023.6 - Remote File Read Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahmsql Description: ColdFusion 2023 LUcee - Remote Code Execution CVE: CVE-2024-20767...
📄 Xorux LPAR2RRD 8.04 Information Disclosure
Xorux LPAR2RRD versions 8.04 and below have an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive...
📄 Xorux LPAR2RRD 8.04 File Upload / Directory Traversal
Xorux LPAR2RRD versions 8.04 and below allow an authenticated, read-only user to upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code...
📄 Malicious Windows Script Host VBScript File
This Metasploit module creates a Windows Script Host WSH VBScript .vbs file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host VBScript .vbs File', 'Description' = %...
📄 Xlight FTP 1.1 Denial of Service
Xlight FTP version 1.1 suffers from a denial of service vulnerability. Exploit Title: Xlight FTP 1.1 - Denial Of Service DOS Google Dork: N/A Date: 22 July 2025 Exploit Author: Fernando Mengali LinkedIn: https://www.linkedin.com/in/fernando-mengali/ Vendor Homepage: https://www.xlightftpd.com...
📄 Malicious Windows Script Host JScript File
This Metasploit module creates a Windows Script Host WSH JScript .js file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host JScript .js File', 'Description' = %q Th...
📄 Remote Trackpad: Virtual Tool 1.5.7 Remote Code Execution
Remote Trackpad: Virtual Tool version 1.5.7 is vulnerable to unauthenticated remote code execution via TCP port 9999. An attacker on the same network can inject simulated keyboard input, allowing arbitrary command execution without user interaction or authentication. Exploit Title: Remote Trackpa...