50637 matches found
Online Exam System 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Exam System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits...
Beauty Parlour And Saloon Management System 1.1 Insecure Settings
==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Backdoor.Win32.Delf.yj MVID-2024-0693 Information Disclosure
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/f991c25f1f601cc8d14dca4737415238.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Delf.yj Vulnerability: Information Disclosure Description: The malware listens on...
Backdoor.Win32.BlackAngel.13 MVID-2024-0695 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/d1523df44da5fd40df92602b8ded59c8.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.BlackAngel.13 Vulnerability: Unauthenticated Remote Command Execution Description...
Backdoor.Win32.CCInvader.10 MVID-2024-0694 Authentication Bypass
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/cb86af8daa35f6977c80814ec6e40d63.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.CCInvader.10 Vulnerability: Authentication Bypass Description: The malware runs a...
Nipah Virus Testing Management System 1.0 SQL Injection
==================================================================================================================================== | Title : Nipah virus NiV – Testing Management System 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Food Ordering And Table Reservation System For Restaurants 1.0 Insecure Settings
==================================================================================================================================== | Title : food ordering and table reservation system for restaurants 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro /...
Online Bus Ticket Booking Website 1.0 SQL Injection
============================================================================================================================================= | Title : online bus ticket booking Website v1.0 Auth By PAss Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
HYSCALE System 1.9 Add Administrator / Cross Site Request Forgery
============================================================================================================================================= | Title : HYSCALE System v1.9 CSRF add admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64...
Furniture Master 2 SQL Injection
==================================================================================================================================== | Title : Furniture master v2 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | |...
Online Traffic Offense 1.0 CSRF / Arbitrary File Upload
============================================================================================================================================= | Title : Online Traffic Offense 1.0 Auth by Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...
Live Membership Management System 1.0 Code Injection
============================================================================================================================================= | Title : Live Membership Management System version 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser ...
HTMLy 2.9.9 Cross Site Scripting
Exploit Title: Stored XSS to Account Takeover - htmlyv2.9.9 Date: 9/2024 Exploit Author: Andrey Stoykov Version: 2.9.9 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2024/08/friday-fun-pentest-series-9-stored-xss.html Description: - It was found that the application suffers from...
Membership Management System 1.0 Code Injection
============================================================================================================================================= | Title : Membership Management System version 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Online Student Grading System 1.0 Code Injection
============================================================================================================================================= | Title : Online Student Grading System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Online Bus Ticket Booking Website 1.0 Arbitary File Upload
============================================================================================================================================= | Title : online bus ticket booking Website v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozil...
Dockwatch Remote Command Execution
!/usr/bin/env python3 -- coding: UTF-8 -- dockexec.py Dockwatch Remote Command Execution Jeremy Brown jbrown3264/gmail / Sept 2024 Intro Dockwatch is a container management web UI for docker. It runs by default without authentication, although guidance is available for how to setup credentials fo...
Old Age Home Management System 1.0 Code Injection
============================================================================================================================================= | Title : Old Age Home Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Expense Management System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Expense Management System v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...
Beauty Parlour And Saloon Management System 1.1 SQL Injection
==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Auth By PAss Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...
Microsoft Windows TOCTOU Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Kernel Time of Check Time of Use LPE in AuthzBasepCopyoutInternalSecurityAttributes', 'Description' = %q CVE-2024-30088 is a Windows Kern...
WordPress LiteSpeed Cache Cookie Theft
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress LiteSpeed Cache plugin cookie theft', 'Description' = %q This module exploits an unauthenticated account takeover vulnerability in...
Microsoft SQL Server Masked Data Exposure
Title: SQL Server Masked Data Exposure Through Brute Force Attack Product: Database Manufacturer: Microsoft Affected Versions: SQL Server 2014, 2016,2017,2019,2022 Tested Versions: SQL Server 2014, 2016,2017,2019,2022 Risk Level: Low Security Feature: Dynamic Data Masking Author of Advisory: Emad...
Online Notice Board System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Online Notice Board System project 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozil...
Auto/Taxi Stand Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Auto/Taxi Stand Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
SPIP BigUp 4.0 Code Injection
============================================================================================================================================= | Title : SPIP BigUp 4.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bi...
Emergency Ambulance Hiring Portal 1.0 SQL Injection
==================================================================================================================================== | Title : Emergency Ambulance Hiring Portal 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0...
GYM Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : GYM Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...
IFSC Code Finder Portal 1.0 Insecure Settings
============================================================================================================================================= | Title : IFSC Code Finder Portal v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Auto/Taxi Stand Management System 1.0 SQL Injection
==================================================================================================================================== | Title : Auto/Taxi Stand Management System 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0...
Ship Ferry Ticket Reservation System 1.0 SQL Injection
Titles: SFTRS - PHP by: oretnom23 v1.0 Multiple-SQLi Bonus: FU + RCE & XSS - Information disclosure Author: nu11secur1ty Date: 09/14/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14923/shipferry-ticket-reservation-system-using-php-free-source-code.html...
Reservation Management System 1.0 Cross Site Request Forgery
============================================================================================================================================= | Title : Reservation Management System 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 ...
BP Monitoring Management System 1.0 SQL Injection
==================================================================================================================================== | Title : BP Monitoring Management System 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0...
Online Job Recruitment Portal Project 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Online Job Recruitment Portal project v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
ManageEngine DeviceExpert 5.9.7 Build 5970 Hash Disclosure
==================================================================================================================================== | Title : DeviceExpert v 5.9.7 build 5970 PHP extracts Credentials Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
COVID19 Testing Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : COVID19 - Testing Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...
Art Gallery Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Art Gallery Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Men Salon Management System 2.0 PHP Code Injection
============================================================================================================================================= | Title : Men Salon Management System 2.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Car Washing Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Car Washing Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Bus Pass Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Bus Pass Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0...
Emergency Ambulance Hiring Portal 1.0 Insecure Settings
==================================================================================================================================== | Title : Emergency Ambulance Hiring Portal 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
BP Monitoring Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : BP Monitoring Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Webpay E-Commerce 1.0 Cross Site Scripting
============================================================================================================================================= | Title : Webpay E-Commerce v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...
Auto/Taxi Stand Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : Auto/Taxi Stand Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...
Beauty Parlour And Saloon Management System 1.1 Insecure Cookie Handling
==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Cookie Handling Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
3DSecure 2.0 3DS Method Authentication Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...
Nipah Virus Testing Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : Nipah virus NiV – Testing Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...
3DSecure 2.0 3DS Authorization Method Cross Site Request Forgery
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Authorization Method Tested Versions: 3DSecure 2.0 3DS Authorization Method Vulnerability Type: Cross-Site Request Forgery CSRF Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17...
QNX Qconn Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNX qconn Command Execution', 'Description' = %q This module uses the qconn daemon on QNX systems to gain a shell. The QNX qconn daemon does not...
Windows Escalate UAC Execute RunAs
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Execute RunAs', 'Description' = %q This module will attempt to elevate execution level using the ShellExecute undocumented...