50738 matches found
📄 phpMyAdmin 3.0 Bruteforce Login Bypass
phpMyAdmin version 3.0 suffers from a brute force login bypass vulnerability. """ Exploit-Title: PHPMyAdmin 3.0 - Bruteforce Login Bypass Author: Nikola Markovic [email protected] Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: 3.0 & 4.3.x before 4.3.13...
📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting
Easy Hosting Control Panel version 20.04.1.b suffers from multiple reflective cross site scripting vulnerabilities. Exploit Title: Easy Hosting Control Panel EHCP 20.04.1.b - Reflected Cross-Site Scripting in the List MySQL Databases function via action parameter. Date: Aug 18, 2025 Exploit Autho...
📄 BigAnt Office Messenger 5.6.06 SQL Injection
BigAnt Office Messenger version 5.6.06 suffers from a remote SQL injection vulnerability. Exploit Title: BigAnt Office Messenger 5.6.06 - SQL Injection Date: 01.09.2025 Exploit Author: Nicat Abbasov Vendor Homepage: https://www.bigantsoft.com/ Software Link: https://www.bigantsoft.com/download.ht...
📄 RiteCMS 3.0.0 Cross Site Scripting
RiteCMS versions 3.0.0 and below suffer from a cross site scripting vulnerability. Exploit Title: RiteCMS 3.0.0 – Reflected Cross-Site Scripting XSS Google Dork: N/A Date: 2024-08-12 Exploit Author: GURJOT SINGH Vendor Homepage: https://ritecms.com/ Software Link:...
📄 Easy Hosting Control Panel 20.04.1.b SQL Injection
Easy Hosting Control Panel version 20.04.1.b suffers from a remote SQL injection vulnerability in the listdomains function via the arananalan POST parameter. Title: Easy Hosting Control Panel EHCP 20.04.1.b - SQL Injection in the listdomains function via the arananalan POST parameter Description:...
📄 Soosyze CMS 2.0 Missing Rate Limiting
Soosyze CMS version 2.0 suffers from missing rate limiting that allows for brute force login attacks. Exploit Title: Soosyze CMS 2.0 - Brute Force Login Google Dork: N/A Date: 2025-08-13 Exploit Author: Beatriz Fresno Naumova beafn28 Vendor Homepage: https://soosyze.com/ Software Link:...
📄 Microsoft SQL Server 2016 / 2017 / 2019 / 2022 Privilege Escalation
Microsoft SQL Server versions 2016, 2017, 2019, and 2022 suffer from a database privilege escalation vulnerability from ALTER ANY LOGIN To SYSADMIN. Title: MSSQL Database Privilege Elevation From ALTER ANY LOGIN To SYSADMIN Product: Microsoft SQL Server Vendor: Microsoft Affected Versions: SQL...
📄 PivotX 3.0.0 RC 3 Remote Code Execution
This Metasploit module gains remote code execution in PivotX management system version 3.0.0 RC 3. The PivotX allows admin user to directly edit files on the webserver, including PHP files. The module exploits this by writing a malicious payload into index.php file, gaining remote code execution...
📄 ServiceNow Input Validation / Template Injection
The ServiceNow Platform contains an input validation vulnerability that allows unauthenticated remote code execution. The vulnerability affects Vancouver, Washington DC, and Utah releases of the Now Platform. !/usr/bin/env python3 """ Title : ServiceNow Multiple Versions - Input Validation &...
📄 WebsiteBaker 2.13.7 r164 Command Injection
WebsiteBaker version 2.13.7 r164 suffers from an authenticated command injection vulnerability. Exploit Title: WebsiteBaker 2.13.7 r164 Command Injection Authenticated Exploit Author: tmrswrr /Hulya KARABAG Vendor Homepage: https://forum.websitebaker.org/ Software Link:...
📄 JetBrains TeamCity Authentication Bypass
JetBrains TeamCity versions prior to 2023.11.4 contain a critical authentication bypass vulnerability that allows unauthenticated attackers to perform administrative actions. The vulnerability leverages a path traversal-like technique in the JSP handling mechanism combined with REST API endpoints...
📄 WordPress Upload.am 1.0.0 Setting Modification / Information Disclosure
WordPress Upload.am plugin versions 1.0.0 and below suffer from unauthorized settings modification and sensitive information disclosure vulnerabilities. Exploit Title: Upload.am 1.0.0 WordPress Plugin - Multiple Vulnerabilities Date: Aug 12, 2025 Exploit Author: bRpsd cyatlive.no Vendor Homepage:...
📄 Ghost CMS 5.59.1 Arbitrary File Read
Ghost CMS version 5.59.1 proof of concept arbitrary file read exploit. !/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link:...
📄 Citrix NetScaler ADC/Gateway 14.1 Memory Disclosure
Citrix NetScaler ADC/Gateway version 14.1 CitrixBleed memory disclosure exploit that achieves an out-of-bounds read. Exploit Title: Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure Exploit Author: Yesith Alvarez Vendor Homepage:...
📄 Wazuh Server Remote Code Execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are serialized as JSON and...
📄 Ghost CMS Path Traversal
Ghost CMS versions prior to 5.42.1 contain a path traversal vulnerability that allows remote attackers to read arbitrary files within the active theme's folder structure. !/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.42.1 - Path Traversal Date: 2023-06-15 Exploit...
📄 VMware vSphere Client 8.0.3.0 Cross Site Scripting
VMware vSphere Client version 8.0.3.0 suffers from a cross site scripting vulnerability. VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Exploit Title: VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Date: 2025-08-08 - Exploit Author: Imraan Khan Lich-Sec...
📄 Anchor CMS 0.12.7 Cross Site Scripting
Anchor CMS version 0.12.7 suffers from a persistent cross site scripting vulnerability. Anchor CMS v0.12.7 - Stored XSS CVE-2025-46041 Anchor CMS v0.12.7 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability in the description field of the /admin/pages/add interface. CVE ID...
📄 Grav CMS 1.7.48 Remote Code Execution
Grav CMS version 1.7.48 suffers from a remote code execution vulnerability. Exploit Title: Grav CMS 1.7.48 - Remote Code Execution RCE Date: 2025-08-07 Exploit Author: binneko https://github.com/binneko Vendor Homepage: https://getgrav.org/ Software Link:...
📄 Microsoft SharePoint Server 2019 16.0.10383.20020 Remote Code Execution
Microsoft SharePoint Server 2019 version 16.0.10383.20020 proof of concept that demonstrates unauthenticated remote code execution by exploiting unsafe deserialization in SharePoint's ToolPane.aspx via the Scorecard:ExcelDataSet control. Exploit Title: Microsoft SharePoint Server 2019 – Remote Co...
📄 Projectworlds Online Admission System 1.0 SQL Injection
Projectworlds Online Admission System version 1.0 suffers from a remote SQL injection vulnerability. / Title : projectworlds Online Admission System 1.0 - SQL Injection Author : Byte Reaper CVE : CVE-2025-8471 / include include include include include "argparse.h" include define FULL 2200 int...
📄 Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated Remote Code Execution
Shenzhen Aitemi M300 Wi-Fi Repeater suffers from a remote code execution vulnerability. package main import "flag" "fmt" "io" "net/http" "net/url" "os" "strings" / Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE CVE-2025-34152 - does not require authentication even when the login panel is...
📄 Pandora ITSM Authenticated Command Injection
This Metasploit module exploits a command injection vulnerability in the name backup setting at the application setup page of Pandora ITSM. This can be triggered by generating a backup with a malicious payload injected at the name parameter. You need to have admin access at the Pandora ITSM Web...
📄 Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution
This Metasploit module exploits the authentication bypass vulnerabilities CVE-2025-49706 and CVE-2025-53771, and an unsafe deserialization vulnerability CVE-2025-49704, to achieve unauthenticated RCE against a vulnerable Microsoft SharePoint Server. The vulnerability CVE-2025-53770 was disclosed ...
📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting
Easy Hosting Control Panel version 20.04.1.b suffers from a cross site scripting vulnerability in the ftpusername parameter. This enables the attacker to inject malicious JavaScript payloads, leading to session hijacking, redirection to malicious sites, defacement, or other actions performed in t...
📄 Easy Hosting Control Panel 20.04.1.b SQL Injection
Easy Hosting Control Panel version 20.04.1.b suffers from multiple remote SQL injection vulnerabilities that affect the id and theorder parameters. Exploit Title: Easy Hosting Control Panel EHCP v20.04.1.b - SQL injection vulnerability via the id parameter Date: Aug 6, 2025 Exploit Author: Charan...
📄 ICTBroadcast Unauthenticated Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution RCE vulnerability in ICTBroadcast. The vulnerability exists in the way session cookies are handled and processed, allowing an attacker to inject arbitrary system commands. This module requires Metasploit:...
📄 Ametys Portal 4.4 Local File Inclusion
Ametys Portal version 4.4 suffers from a local file inclusion vulnerability. Exploit Title: Ametys Portal 4.4 - Local File Inclusion Date: 05.08.2025 Exploit Author: tmrswrr Vendor Homepage: https://www.ametys.org Software Link:...
📄 Lost and Found Information System 1.0 SQL Injection
Lost and Found Information System version 1.0 suffers from a remote SQL injection vulnerability. This particular version was already known to be susceptible to such attacks in 2023 but appears to have other vectors of exploitability for the same issue. Titles: Lost and Found Information System-1....
📄 Oracle 19c / 21c Denial of Service
Oracle Database versions 19c and 21c proof of concept exploitation details for CVE-2023-22077. It illustrates that even though the "Lockdown Profile" security feature was in-place to restrict OS accessibility, an attacker is able to cause a denial of service attack that can impact all customers...
📄 WordPress Ultimate Member 2.6.6 Privilege Escalation
WordPress Ultimate Member plugin version 2.6.6 proof of concept privilege escalation exploit. !/usr/bin/env python3 Exploit Title: Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation Exploit Author: Gurjot Singh CVE: CVE-2023-3460 Description : The attached PoC demonstrates how an...
📄 VX Guestbook 1.07 SQL Injection
VX Guestbook version 1.07 suffers from a remote SQL injection vulnerability. Exploit Title: VX Guestbook SQL Injection Authenticated Date: 2025-08-02 Exploit Author: tmrswrr Category : Webapps Vendor: https://phpversion.com/ Version 1.07 1. Access the Admin Panel: - Click Words Censor...
📄 Malicious XDG Desktop File
This Metasploit module creates a malicious XDG Desktop .desktop file. On most modern systems, desktop files are not trusted by default. The user will receive a warning prompt that the file is not trusted when running the file, but may choose to run the file anyway. The default file manager...
📄 Ultimate Control Receiver 1.2 Remote Code Execution
Ultimate Control Receiver version 1.2 is vulnerable to an unauthenticated remote code execution vulnerability. An attacker can exploit the keyboard input functionality over TCP to execute arbitrary system commands on the target machine without user interaction. Exploit Title: Ultimate Control...
📄 FullControl: Remote for Mac 4.0.5 Remote Command Execution
FullControl Remote for Mac version 4.0.5 is vulnerable to unauthenticated remote command execution vulnerability via TCP port 2846. Attackers on the same network can send crafted packets to simulate keyboard input, allowing command execution without user interaction or authentication. Exploit...
📄 FullControl: Remote for Mac 4.0.5 Directory Traversal / Enumeration
FullControl Remote for Mac version 4.0.5 is vulnerable to an unauthenticated directory traversal flaw. An attacker can remotely enumerate and traverse arbitrary directories on the target system by sending crafted JSON requests to TCP port 2846. This vulnerability arises from insufficient input...
📄 Ilevia EVE X1 Server 4.7.18.0.eden File Disclosure
Ilevia EVE X1 Server versions 4.7.18.0.eden and below suffer from an unauthenticated file disclosure vulnerability. Using the dblog POST parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. Ilevia EVE X1 Server 4.7.18.0.eden dblog...
📄 Ilevia EVE X1 Server 4.7.18.0.eden Command Injection
iIlevia EVE X1 Server versions 4.7.18.0.eden and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the passwd HTTP POST parameter in the /ajax/php/login.php script. !/usr/bin/env python Ilevia EVE ...
📄 Create School Management System 1.0 Cross Site Scripting
Create School Management System version 1.0 suffers from a persistent cross site scripting vulnerabilities. Hello Full Disclosure community, I’m sharing details of a recently assigned CVE affecting a widely used open‑source School Management System PHP/MySQL...
📄 Helmholz Industrial Router REX100 / MBConnectline mbNET.mini Command Injection / DoS
Helmholz Industrial Router REX100 versions prior to 2.3.3 and MBConnectline mbNET.mini versions prior to 2.3.3 suffer from buffer overflow, command injection, denial of service, cross site scripting, and remote SQL injection vulnerabilities. St. Pölten UAS 20250721-0...
📄 SeoToaster 2.5.0 Cross Site Scripting
SeoToaster version 2.5.0 suffers from multiple persistent cross site scripting vulnerabilities. Exploit Title: Stored XSS "Edit Header" Functionality - seotoasterv2.5.0 Date: 07/2025 Exploit Author: Andrey Stoykov Version: 2.5.0 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Stored X...
📄 SeoToaster 2.5.0 Open Redirection
SeoToaster version 2.5.0 suffers from an open redirection vulnerability. Exploit Title: Open Redirect "Login Page" Functionality - seotoasterv2.5.0 Date: 07/2025 Exploit Author: Andrey Stoykov Version: 2.5.0 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Open Redirect "Login Page"...
📄 AK-Nord USB-Server-LXL Privilege Escalation
AK-Nord USB-Server-LXL with firmware versions up to 0.0.16 Build 2023-03-13 suffer from a local privilege escalation vulnerability that achieves root. ================== Overview ================== TL;DR: Using the low-privilege "admin" user account via SSH on the IoT device "USB-Server-LXL" 1, i...
📄 Caddy 2.10.0 Server-Side Request Forgery
Caddy version 2.10.0 suffers from a server-side request forgery vulnerability via a JSON configuration injection. Exploit Title: Caddy 2.10.0 - Admin API SSRF via JSON Config Injection Date: 2025-07-10 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://caddyserver.com/ Software Link:...
📄 Xorux XorMon-NG 1.8 Information Disclosure
Xorux XorMon-NG versions 1.8 and below has an API endpoint that should be limited to web application administrators. It is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...
📄 Adobe ColdFusion 2023.6 Remote File Read
Adobe ColdFusion version 2023.6 suffers from a remote file read vulnerability. Exploit Title: Adobe ColdFusion 2023.6 - Remote File Read Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahmsql Description: ColdFusion 2023 LUcee - Remote Code Execution CVE: CVE-2024-20767...
📄 Mezzanine CMS 6.1.0 Cross Site Scripting
Mezzanine CMS version 6.10 suffers from a persistent cross site scripting vulnerability. Exploit Title: Mezzanine CMS 6.1.0 Stored Cross Site Scripting XSS via component /blog/blogpost/add Date: 23/07/2025 Exploit Author: Kevin Dicks Vendor Homepage: https://github.com/stephenmcd/mezzanine Softwa...
📄 ISPConfig 3.3.0 Cross Site Scripting
ISPConfig version 3.3.0 suffers from a cross site scripting vulnerability in the system status webpage. CVE-2025-52206 Reflected Cross Site Scripting XSS Suggested description ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...
📄 Xorux LPAR2RRD 8.04 Denial of Service
Xorux LPAR2RRD versions 8.04 and below have an issue where an authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user. KL-001-2025-014: Xorux LPAR2RRD Read Only User Denial of Service Title: Xorux LPAR2RRD Read Only User Denial of...
📄 XWiki 14 SQL Injection
XWiki version 14 suffers from a remote blind SQL injection vulnerability in getdeleteddocuments.vm. Exploit Title: XWiki 14 - SQL Injection via getdeleteddocuments.vm Google Dork: N/A Date: 28 July 2025 Exploit Author: Byte Reaper LinkedIn: N/A Vendor Homepage: https://www.xwiki.org Software Link...