50621 matches found
📄 WordPress Chart 3.5.9 Missing Authentication
The Chartify WordPress Chart plugin contains a missing authentication vulnerability in all versions up to and including 3.5.9. The plugin registers an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter without any nonce or capability checks...
📄 NocoBase 2.0.27 VM Sandbox Escape
NocoBase versions 2.0.27 and below VM sandbox escape exploit. Exploit Title: NocoBase 2.0.27 - VM Sandbox Escape Date: 2026-03-26 Exploit Author: Onurcan Genç Vendor Homepage: https://www.nocobase.com/ Software Link: https://github.com/nocobase/nocobase Version: = 2.0.27 — patched in 2.0.28 Teste...
📄 Exim 4.91 Remote Command Execution
Exim versions 4.87 through 4.91 improper recipient-address validation remote command execution exploit. Spawns a netcat shell on port 31415 as root, then connects to it Vulnerablity is within Exim 4.87-4.91 import subprocess import socket import os import time from subprocess import Popen, PIPE...
📄 ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery
ThingsBoard IoT Platform version 4.2.0 suffers from a server-side request forgery vulnerability. Exploit Title: ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery SSRF Date: 2026-03-25 Exploit Author: Tamil Mathi T. Vendor Homepage: https://thingsboard.io Software Link:...
📄 MikroORM 7.0.5 SQL Injection
MikroORM versions 7.0.5 and below suffer from a remote SQL injection vulnerability. CVE-2026-43220 MikroORM SQL Injection ★ CVE-2026-43220 MikroORM SQL Injection PoC ★ https://github.com/user-attachments/assets/33724cfc-6151-47ff-9415-2f50c5124cd1 Overview CVE-2026-43220 is a SQL Injection...
📄 Hibernate ORM 5.6.15 SQL Injection
Hibernate ORM versions 5.6.15 and below suffer from a remote SQL injection vulnerability. CVE-2026-0603 Hibernate ORM Injection / Second-Order SQL Injection ★ CVE-2026-0603 Hibernate SQL Injection PoC ★ https://github.com/user-attachments/assets/2e7c3a89-e26f-48cd-af0b-8b82d32ce71f Overview...
📄 FacturaScripts 2025.43 Cross Site Scripting
FacturaScripts 2025.43 suffers from a persistent cross site scripting vulnerability in the product file upload functionality. Exploit Title: FacturaScripts 2025.43 - XSS Date: 30-12-2025 Exploit Author: VETTRIVEL U Author Profile: https://www.linkedin.com/in/vettrivel2006 Vendor Homepage:...
📄 Xibo CMS SSTI / Remote Code Execution
Xibo CMS versions prior to 4.3.1 suffer from an authenticated remote code execution vulnerability via server-side template injection. Exploit Title: Xibo CMS - Authenticated Remote Code Execution via SSTI Date: 2025-11-04 Exploit Author: Cristian Branet Vendor Homepage: https://xibosignage.com/...
📄 Atlona AT-OME-RX21 Authenticated Command Injection
Atlona AT-OME-RX21 suffers from an authenticated command injection vulnerability. // Exploit Title: Atlona AT-OME-RX21 Authenticated Command Injection // Google Dork: N/A // Date: 2025-12-28 // Exploit Author: RIZZZIOM // Vendor Homepage: https://atlona.com // Software Link:...
📄 HAX CMS 24.x Cross Site Scripting
HAX CMS version 24.x suffers from a persistent cross site scripting vulnerability. Exploit Title: HAX CMS 24.x - Stored Cross-Site Scripting XSS Date: 2026-01-28 Google Dork: "N/A" Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity Vendor Homepage:...
📄 GNU InetUtils telnetd Remote Privilege Escalation
GNU InetUtils versions 2.0 through 2.6 telnetd remote privilege escalation proof of concept exploit. Exploit Title: GNU InetUtils telnetd - Remote Privilege Escalation Date: 2026-01-24 Exploit Author: Ali Guliyev infat0x Author GitHub: https://github.com/infat0x Vendor Homepage:...
📄 GUnet OpenEclass E-learning Remote Code Execution
GUnet OpenEclass E-learning versions prior to 4.2 suffer from a remote code execution vulnerability. Exploit Title: GUnet OpenEclass E-learning platform """ def banner: printf'''YELLOW ┏━╸╻ ╻┏━╸ ┏━┓┏━┓┏━┓┏━┓ ┏━┓┏━┓┏━┓╻ ╻╺┓ ┃ ┃┏┛┣╸ ╺━╸┏━┛┃┃┃┏━┛┣━┓╺━╸┏━┛┏━┛┏━┛┗━┫ ┃ ┗━╸┗┛ ┗━╸ ┗━╸┗━┛┗━╸┗━┛ ┗━╸┗━╸┗━╸...
📄 Cybersecurity AI (CAI) Framework 0.5.10 Command Injection
Cybersecurity AI CAI Framework versions 0.5.10 and below suffer from a command injection vulnerability. Exploit Title: Cybersecurity AI CAI Framework 0.5.10 - Command Injection CVE: CVE-2026-25130 Date: 2026-02-03 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram:...
📄 MindsDB 25.9.1.1 Path Traversal
MindsDB version 25.9.1.1 suffers from a path traversal vulnerability. Exploit Title: MindsDB 25.9.1.1 - Path Traversal Date: 06-03-2026 Exploit Author: Lohitya Pushkar thewhiteh4t Vendor Homepage: https://mindsdb.com/ Software Link: https://github.com/mindsdb/mindsdb Version: not installed handle...
📄 SumatraPDF 3.5.2 Remote Code Execution
SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks using INTERNETFLAGIGNORECERTCNINVALID and do not perform any signature or integrity validation on the downloaded installer. Exploit Title: SumatraPDF 3.5.2 - Remote Code Execution Date: 2026-02-10 Exploit...
📄 OpenWrt 23.05 Remote Code Execution
OpenWrt version 23.05 suffers from an authenticated remote code execution vulnerability. Exploit Title: OpenWrt 23.05 - Authenticated Remote Code Execution RCE Date: 2026-01-17 Exploit Author: Ahmet Mersin Vendor Homepage: https://github.com/stangri/luci-app-https-dns-proxy Software Link:...
📄 Erugo 0.2.14 Remote Code Execution
Erugo versions 0.2.14 suffer from an authenticated remote code execution vulnerability. Exploit Title: Erugo = 0.2.14 - Authenticated Remote Code Execution RCE Date: 2026-02-02 Exploit Author: Abdul Moiz Vendor Homepage: https://github.com/ErugoOSS/Erugo Software Link:...
📄 Microsoft Windows 11 23H2 Denial of Service
Microsoft Windows 11 23H2 suffers from a denial of service vulnerability. Exploit Title: Windows 11 23H2 - Denial of Service DoS Google Dork: N/A Date: 2025-08-22 Exploit Author: Kryptoenix Vendor Homepage: https://www.microsoft.com/ Software Link:...
📄 HUSTOJ 26.01.24 Zip-Slip Remote Code Execution
HUSTOJ version 26.01.24 suffers from zip-slip remote code execution vulnerability. Exploit Title: HUSTOJ Zip-Slip v26.01.24 - RCE Date: 2026-02-14 Exploit Author: Marshall Whittaker / oxagast Vendor Homepage: https://github.com/zhblue/hustoj Software Link:...
📄 Python-Multipart 0.0.22 Path Traversal
Python-Multipart version 0.0.22 suffers from a path traversal vulnerability. Exploit Title: Python-Multipart 0.0.22 - Path Traversal Date: 2026-02-23 Exploit Author: cardosource Vendor Homepage: https://github.com/Kludex/python-multipart Software Link: https://pypi.org/project/python-multipart/...
📄 Microsoft Windows 11 24H2 Local Privilege Escalation
Microsoft Windows 11 24H2 suffers from a local privilege escalation vulnerability. Exploit Title: Windows 11 24H2 - Local Privilege Escalation Google Dork: inurl:http.sys "Windows 11 24H2" vulnerability | intitle:"HTTP.sys" "CVE-2026-21250" "Elevation of Privilege" Date: 2026-02-27 Exploit Author...
📄 NiceGUI 3.6.1 Path Traversal
NiceGUI version 3.6.1 suffers from a path traversal vulnerability. Exploit Title: NiceGUI 3.6.1 - Path Traversal Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: NiceGUI = 3.6.1 Python 3.8–3.12 on Linux/Windows CVE:...
📄 Linksys E1200 2.0.04 Buffer Overflow
Linksys E1200 with firmware versions 2.0.04 and below authenticated stack buffer overflow exploit. Exploit Title: Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow RCE Date: 2026-15-03 Exploit Author: JarrettgxzSec Vendor Homepage: www.linksys.com Version: FW " printf"! Example: python3...
📄 Repetier-Server 1.4.10 Path Traversal
Repetier-Server versions 1.4.10 and below suffer from a path traversal vulnerability. Exploit Title: Repetier-Server 1.4.10 - Path Traversal Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://www.repetier.com/ Version: str: return "..%5c" depth def attemptreadtargeturl: str,...
📄 Craft CMS 5.6.16 Remote Code Execution
Craft CMS version 5.6.16 remote code execution exploit. Exploit Title: Craft CMS 5.6.16 - RCE Google Dork: N/A Date: 2026-01-24 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Vendor Homepage: https://craftcms.com Software Link: https://github.com/craftcms/cms Version: = 3.9.14, =...
📄 Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking
Traccar GPS Tracking System version 6.11.1 cross-site websocket hijacking proof of concept exploit. Exploit Title: Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking CSWSH Date: 2026-02-26 Exploit Author: Hazar Taspinar Vendor Homepage: https://www.traccar.org/ Software Link:...
📄 LangChain Core Insecure Deserialization
LangChain Core versions prior to 1.2.5 and 0.3.81 suffer from a deserialization vulnerability that allows for server-side template injection that can lead to remote code execution. Exploit Title: LangChain Core - SSTI/RCE Date: 2025-12-29 Exploit Author: Mohammed Idrees Banyamer Author Country:...
📄 Frigate NVR 0.16.3 Remote Code Execution
Frigate NVR version 0.16.3 proof of concept remote code execution exploit written in Python. Exploit Title: Frigate NVR 0.16.3 - Remote Code Execution Date: 2026-02-05 Exploit Author: jduardo2704 Vendor Homepage: https://frigate.video/ Software Link: https://github.com/blakeblackshear/frigate...
📄 deephas 1.0.7 Prototype Pollution
The deephas npm package suffers from a prototype pollution vulnerability in versions 1.0.7 and below due to unsafe recursive property assignment without proper hasOwnProperty checks and inadequate path sanitization. Exploit Title: deephas 1.0.7 - Prototype Pollution Google Dork: N/A Date:...
📄 phpMyFAQ 4.0.16 Improper Authorization
phpMyFAQ versions 4.0.16 and below suffer from an improper authorization vulnerability. Exploit Title: phpMyFAQ = 4.0.16 - Improper Authorization Google Dork: N/A Date: 2026-01-23 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: https://www.phpmyfaq.de/ Software Link:...
📄 BusyBox 1.37.0 Path Traversal
BusyBox version 1.37.0 suffers from a path traversal vulnerability. Exploit Title: BusyBox 1.37.0 - Path Traversal Google Dork: N/A Date: 2026-02-11 Exploit Author: Calil Khalil Vendor Homepage: https://busybox.net Software Link: https://busybox.net/downloads/ Version: BusyBox 1.36.1, 1.37.0 Test...
📄 JUNG Smart Visu Server 1.1.1050 Denial of Service
JUNG Smart Visu Server version 1.1.1050 suffers from a denial of service vulnerability. Exploit Title: JUNG Smart Visu Server 1.1.1050- Dos CVE: CVE-2026-26235 Date: 2026-02-12 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity Author GitHub:...
📄 Camaleon CMS 2.9.0 Path Traversal
Camaleon CMS version 2.9.0 suffers from a path traversal vulnerability. Exploit Title: Camaleon CMS v2.9.0 - Path Traversal Date: 2026-02-02 Exploit Author: Sakshi Velampudi CyberQuestor Vendor Homepage: https://github.com/owen2345/camaleon-cms Software Link:...
📄 JuzaWeb CMS 3.4.2 Remote Code Execution
JuzaWeb CMS version 3.4.2 suffers from an authenticated remote code execution vulnerability. Exploit Title: JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution Date: 2026-01-10 Exploit Author: Sardor Shoakbarov Author GitHub: https://github.com/TheDeepOpc Vendor Homepage: https://juzaweb.com/...
📄 UltimatePOS 4.8 Cross Site Scripting
The administrative panel in UltimatePOS version 4.8 suffers from a persistent cross site scripting vulnerability. CVE-2025-60503 — Stored Cross-Site Scripting XSS in UltimatePOS UltimateFosters v4.8 Publication date: 2025-10-30 CVE ID: CVE-2025-60503 RESERVED Researcher: Vivien Lebas Vendor:...
📄 cPanel Authentication Manipulation / Session Injection
This Python script attempts to an authentication bypass against a cPanel login endpoint by crafting a modified login request and manipulating session-related data. Versions after 11.40 are affected...
📄 cPanel / WHM Authentication Bypass / CRLF Injection
A critical authentication bypass vulnerability exists in the cPanel/WHM cpsrvd daemon due to improper neutralization of line delimiters CRLF in the whostmgrsession cookie and Authorization headers. An unauthenticated remote attacker can leverage this flaw to inject malicious session parameters...
📄 GoAnywhere MFT 7.9.1 HTML Injection
GoAnywhere MFT versions prior to 7.10.0 are affected by an HTML injection vulnerability in the email templating functionality. If an attacker is able to influence the content of a template variable, malicious HTML can be embedded into outgoing emails generated by the application. As these message...
📄 SolarEdge 3.0-2021 Cross Site Request Forgery / Out-Of-Bounds Access
SolarEdge version 3.0-2021 suffers from cross site request forgery and out-of-band injection vulnerabilities. Titles: solaredge-CSRF-OOB-Injection 3.0-2021 web portal Author: nu11secur1ty Date: 2026-04-26 Vendor: SolarEdge Technologies Ltd. Software: SolarEdge Monitoring Platform - Framework...
📄 LiteLLM 1.83.0 Insecure Direct Object Reference
LiteLLM exposes a /config/update API endpoint that allows administrators to make configuration changes to the instance. Due to a missing authorization check, low-privileged users can access this endpoint without restriction. An attacker with a low-privileged account can exploit this to exfiltrate...
📄 EfficientLab Controlio DLL Hijacking
EfficientLab Controlio versions prior to 1.3.95 suffer from dll hijacking vulnerabilities. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: DLL Hijacking product: EfficientLab Controlio cloud-based employee monitoring...
📄 DeskTime Time Tracking App 1.3.671 Missing Certificate / Remote Code Execution
DeskTime Time Tracking App version 1.3.671 has an issue where due to missing TLS certificate validation, attackers, who can inject themselves into the network path between the client and the DeskTime update servers, can return a malicious executable in response to an update request and achieve...
📄 SAP HANA Cockpit / Database Explorer Private Key Disclosure
SAP HANA Cockpit and SAP HANA Database Explorer expose the private key of their X.509 certificate. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Exposed Private Key of X.509 Certificate product: SAP HANA...
📄 Pizzafy Ecommerce System 1.0 Shell Upload
The savemenu function in Pizzafy Ecommerce System version 1.0 handles image uploads for menu items without performing any file type validation. The application retrieves the file extension using pathinfo but never actually checks or restricts the allowed file types before moving the uploaded file...
📄 Coaching Management System 1.0 Cross Site Scripting
Coaching Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Stored Cross-Site Scripting XSS in Coaching Management System Leads to Account Takeover --- Product Coaching Management System in PHP Code-Projects.org...
📄 Pizzafy Ecommerce System 1.0 SQL Injection
The admin/vieworder.php endpoint in Pizzafy Ecommerce System version 1.0 fails to properly sanitize the id GET parameter before passing it to a MySQL query. An authenticated administrator can manipulate this parameter to inject arbitrary SQL, leading to full database compromise. SQL Injection in...
📄 OpenNebula 6.10.0.1 Cross Site Scripting
OpenNebula version 6.10.0.1 suffers from multiple persistent cross site scripting vulnerabilities. OpenNebula-CVE-2025-56537 Exploit Title : OpenNebula 6.10.0.1 - Stored XSS Cross-site Scripting in virtual network template Exploit Author : Mark Artamonov Vendor Homepage : https://opennebula.io/...
📄 ESP-RFID-Tool V2 PRO Traversal / XSS / Bypass / Enumeration
ESP-RFID-Tool V2 PRO suffers from bypass, cross site request forgery, cross site scripting, information leakage, path traversal, and multiple other vulnerabilities. The vendor has seemingly taken a hostile approach to responding to these findings and is uncooperative. Security Advisory:...
📄 School Management System PHP 1.0.0 Cross Site Scripting
School Management System PHP version 1.0.0 suffers from a persistent cross site scripting vulnerability that can lead to administrative account takeover. ==================================================== School Management System PHP - Stored XSS leading to Admin Account Takeover...
📄 Microsoft WinLogon Registry Deletion / Privilege Escalation
This code represents a highly destructive proof of concept targeting Windows WinLogon and Registry access control mechanisms to achieve privilege escalation and system integrity compromise. The exploit is built around abusing Registry symbolic links and session-based Accessibility paths to redire...