50637 matches found
Android GKI Kernels Use-After-Free
A central recurring theme in Linux MM development is that contention on the mmap lock can have a big negative performance impact on multithreaded workloads: If one thread is holding the mmap lock in exclusive mode for an extended amount of time, other threads will block as soon as they try to...
PHP-Nuke Top Module SQL Injection
Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...
ABB Cylon Aspect 3.08.01 calendarFileDelete.php Arbitrary File Deletion
ABB Cylon Aspect 3.08.01 calendarFileDelete.php Arbitrary File Deletion Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
OpenMediaVault 7.4.2-2 Code Injection
============================================================================================================================================= | Title : OpenMediaVault 7.4.2-2 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 6...
Gambio Online Webshop 4.9.2.0 Code Injection
============================================================================================================================================= | Title : Gambio Online Webshop 4.9.2.0 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution
ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...
Netis MW5360 Code Injection
============================================================================================================================================= | Title : Netis MW5360 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits | |...
Book Recording App 2024-09-24 Cross Site Scripting
Exploit Title: Book Recording App - Cross Site Scripting Stored XSS Date: 05/10/2024 Exploit Author: Arif Ari Vendor Homepage: https://www.sourcecodester.com/javascript/17600/book-recording-app-using-htmlcss-vanillajs-source-code.html Software Link:...
ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution
ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management a...
ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution
ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management an...
GeoServer 2.25.1 Code Injection
============================================================================================================================================= | Title : GeoServer 2.25.1 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits...
Hikvision IP Camera Cross Site Request Forgery
============================================================================================================================================= | Title : Hikvision IP Camera CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64...
ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure
ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
Acronis Cyber Infrastructure 5.0.1-61 Cross Site Request Forgery
============================================================================================================================================= | Title : Acronis Cyber Infrastructure 5.0.1-61 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
MD-Pro 1.0.76 Shell Upload / SQL Injection
Exploit Title: MD-Pro 1.0.76. SQL injection + shell upload Google Dork: intext: Powered by MD-Pro Date: 2024-08-30 Exploit Author: Emiliano Febbi Vendor Homepage: https://www.opensourcecms.com/wp-content/uploads/MDPro-website-description.png Software Link: https://www.opensourcecms.com/mdpro/...
Vehicle Service Management System 1.0 Code Injection
============================================================================================================================================= | Title : Vehicle Service Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...
Transport Management System 1.0 Code Injection
============================================================================================================================================= | Title : Transport Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
ABB Cylon Aspect 3.07.02 Authenticated File Disclosure
ABB Cylon Aspect 3.07.02 downloadDb.php Authenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building energy...
Vehicle Service Management System 1.0 WYSIWYG Code Injection
============================================================================================================================================= | Title : Vehicle Service Management System 1.0 WYSIWYG code injection vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
ManageEngine ADManager 7183 Password Hash Disclosure
============================================================================================================================================= | Title : ManageEngine ADManager 7183 Password Hash Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Computer Laboratory Management System 2024 1.0 Cross Site Scripting
Titles: LMS2024-1.0 XSS-Reflected Information Disclosure Author: nu11secur1ty Date: 00/04/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlgooglevignette Reference:...
Transport Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Transport Management System 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Vehicle Service Management System 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Vehicle Service Management System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Transport Management System 1.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Transport Management System 1.0 idor Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | |...
Printing Business Records Management System 1.0 Insecure Settings
============================================================================================================================================= | Title : Printing Business Records Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...
WordPress Bricks Builder Theme 1.9.6 Code Injection
============================================================================================================================================= | Title : WordPress Bricks Builder Theme 1.9.6 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
WordPress Hash Form 1.1.0 Code Injection
============================================================================================================================================= | Title : WordPress Hash Form 1.1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Online Eyewear Shop 1.0 Insecure Settings
============================================================================================================================================= | Title : Online Eyewear Shop v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
ViciDial 2.0.5 Cross Site Request Forgery
============================================================================================================================================= | Title : ViciDial Call Center - astguiclient - thirtieth public release 2.0.5 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows ...
reNgine 2.2.0 Command Injection
Exploit Title: reNgine 2.2.0 - Command Injection Authenticated Date: 2024-09-29 Exploit Author: Caner Tercan Vendor Homepage: https://rengine.wiki/ Software Link: https://github.com/yogeshojha/rengine Version: v2.2.0 Tested on: macOS POC : 1. Login the Rengine Platform 2. Click the Scan Engine 3...
WordPress GiveWP Donation Fundraising Platform 3.14.1 Code Injection
============================================================================================================================================= | Title : WordPress GiveWP Donation Fundraising Platform 3.14.1 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro /...
AVideo 12.4 Code Injection
============================================================================================================================================= | Title : AVideo 12.4 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits ...
Acronis Cyber Infrastructure Default Password Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'Acronis Cyber Infrastructure default password remote code execution', 'Description' = %q Acronis Cyber Infrastructure ACI is an ...
openSIS 9.1 SQL Injection
Exploit Title: openSIS 9.1 - SQLi Authenticated Google Dork: intext:"openSIS is a product" Date: 09.09.2024 Exploit Author: Devrim Dıragumandan d0ub1edd Vendor Homepage: https://www.os4ed.com/ Software Link: https://github.com/OS4ED/openSIS-Classic/releases/tag/V9.1 Version: 9.1 Tested on: Linux ...
dizqueTV 1.5.3 Remote Code Execution
Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...
SeedDMS 6.0.28 Cross Site Scripting
CVE-ID:CVE-2024-46409 --------------------------------------------------------------------- Suggested descriptionA stored cross-site scripting XSS vulnerability in SeedDMS v6.0.28 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter in...
Tourism Management System 1.0 Cross Site Scripting
============================================================================================================================================= | Title : Tourism Management System 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bi...
Student Attendance Management System 1.0 Insecure Settings
============================================================================================================================================= | Title : Student Attendance Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Printing Business Records Management System 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Printing Business Records Management System v1.0 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Online Eyewear Shop 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Online Eyewear Shop v1.0 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0...
Supply Chain Management 1.0 Backup Disclosure
============================================================================================================================================= | Title : Supply Chain Management v1.0 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Event Management System 1.0 Insecure Direct Object Reference
============================================================================================================================================= | Title : Event Management System v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bi...
Teacher Subject Allocation Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Teacher Subject Allocation Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozil...
Task Management System 1.0 Code Injection
============================================================================================================================================= | Title : Task Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
TitanNit Web Control 2.01 / Atemio 7600 Code Injection
============================================================================================================================================= | Title : TitanNit Web Control 2.01 / Atemio 7600 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Microsoft Office NTLMv2 Disclosure
Exploit Title: Microsoft Office NTLMv2 Disclosure Vulnerability Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...
Student Attendance Management System 1.0 Code Injection
============================================================================================================================================= | Title : Student Attendance Management System 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Event Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Event Management System v1.0 arbitrary File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Simple Music Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Simple Music Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Student Management System 1.0 Insecure Settings
============================================================================================================================================= | Title : Student Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...