50738 matches found
Check Point Security Gateway Information Disclosure
Exploit Title: Check Point Security Gateway - Information Disclosure Unauthenticated Exploit Author: Yesith Alvarez Vendor Homepage: https://support.checkpoint.com/results/sk/sk182336 Version: R77.20 EOL, R77.30 EOL, R80.10 EOL, R80.20 EOL, R80.20.x, R80.20SP EOL, R80.30 EOL, R80.30SP EOL, R80.40...
iMLog Cross Site Scripting
Exploit Title: iMLog "User Maintenance" 3. Click on "Search" and then select your UserID. 4. Change the "Last Name" input to 5. Click on "Save" 6. Refresh the page, XSS will be triggered...
changedetection 0.45.20 Remote Code Execution
Exploit Title: changedetection = 0.45.20 Remote Code Execution RCE Date: 5-26-2024 Exploit Author: Zach Crosman zcrosman Vendor Homepage: changedetection.io Software Link: https://github.com/dgtlmoon/changedetection.io Version: = 0.45.20 Tested on: Linux CVE : CVE-2024-32651 from pwn import impor...
ORing IAP-420 2.01e Cross Site Scripting / Command Injection
CyberDanube Security Research 20240528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage|...
Akaunting 3.1.8 Server-Side Template Injection
Exploit Title: Akaunting 3.1.8 - Server-Side Template Injection SSTI Exploit Author: tmrswrr Date: 30/05/2024 Vendor: https://akaunting.com/forum Software Link: https://akaunting.com/apps/crm Vulnerable Versions: 3.1.8 Tested : https://www.softaculous.com/apps/erp/Akaunting 1 Login with admin cre...
Progress Flowmon 12.3.5 Local sudo Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Progress Flowmon Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Flowmon. Certa...
Akaunting 3.1.8 Client-Side Template Injection
Exploit Title: Akaunting 3.1.8 - Client Side Template Injection CSTI Exploit Author: tmrswrr Date: 30/05/2024 Vendor: https://akaunting.com/forum Software Link: https://akaunting.com/apps/crm Vulnerable Versions: 3.1.8 1 Login with admin cred and go to : Currencies New Currency...
Aquatronica Control System 5.1.6 Password Disclosure
!/usr/bin/env python -- coding: utf-8 -- Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Vendor: Aquatronica s.r.l. Product web page: https://www.aquatronica.com Affected version: Firmware: 5.1.6 Web: 2.0 Summary: Aquatronica's electronic AQUARIUM CONTROLLER is easy to use, allowing...
Flowmon Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in Progres...
HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: HAWKI Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany vulnerable version: 1.0.0-beta.1,...
Eclipse ThreadX Buffer Overflows
-- HNS-2024-06 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Eclipse ThreadX OS: Eclipse ThreadX Date: 2024-05-28 CVE IDs and severity: CVE-2024-2214 - High - 7.0 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-2212 - High - 7.3 -...
Siemens CP-XXXX Series Exposed Serial Shell
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Exposed Serial Shell on multiple PLCs product: Siemens CP-XXXX Series CP-2014, CP-2016, CP-2017, CP-2019, CP-5014 vulnerable version: All hardware revisions fixed version...
ElkArte Forum 1.1.9 Remote Code Execution
Exploit Title : ElkArte Forum 1.1.9 - Remote Code Execution RCE Authenticated Date: 2024-5-24 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.elkarte.net/ Software Link : https://github.com/elkarte/Elkarte/releases/download/v1.1.9/ElkArtev1-1-9install.zip Version : 1.1.9 1...
4BRO Insecure Direct Object Reference / API Information Exposure
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Broken access control & API Information Exposure product: 4BRO App vulnerable version: before 2024-04-17 fixed version: 2024-04-17 CVE number: - impact: Critical homepage...
Jcow Social Network Cross Site Scripting
Exploit Title: Jcow Social Networking 14.2 3 After Send invitations you will be see alert button...
Debezium UI 2.5 Credential Disclosure
Exploit Title: Debezium UI - Credential Leakage Google Dork: N/A Date: 2024-03-11 Exploit Author: Ihsan Cetin, Hamza Kaya Toprak Vendor Homepage: https://debezium.io/ Software Link: N/A Version: 2.5 REQUIRED Tested on: N/A CVE : CVE-2024-28736 Proof of concept: Details Debezium-ui version 2.5 is...
FleetCart 4.1.1 Information Disclosure
Exploit Title: FleetCart 4.1.1 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 13/05/2024 Vendor: EnvaySoft Vendor Homepage: https://codecanyon.net/item/fleetcart-laravel-ecommerce-system/23014826 Software Demo Link: https://demo.fleetcart.envaysoft.com/en Tested on: Window...
AVideo WWBNIndex Plugin Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVideo WWBNIndex Plugin Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated remote code execution RCE vulnerability ...
NorthStar C2 Cross Site Scripting / Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NorthStar C2 XSS to Agent RCE', 'Description' = %q NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the log...
Chat Bot 1.0 SQL Injection
Titles: Chat Bot - PHP by: oretnom23 v1.0 Multiple SQLi Author: nu11secur1ty Date: 05/22/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...
Joomla 4.2.8 Information Disclosure
!/bin/bash Exploit Title: Joomla! \n" exit 1 else echo -e "\n Joomla! out.tmp echo -e "\ni Database info:\n" echo -e "+ DB Type: $sed -E 's/."dbtype":"^"+"./\1/' out.tmp" echo -e "+ DB Host: $sed -E 's/."host":"^"+"./\1/' out.tmp" echo -e "\e92m+ DB User: $sed -E 's/."user":"^"+"./\1/' out.tmp\e0...
Nethserver 7 / 8 Cross Site Scripting
CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting XSS in WebTop package Suggested description The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message. ------------------------------------------ Additional Information NethServe...
CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chaos RAT XSS to RCE', 'Description' = %q CHAOS v5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to...
PopojiCMS 2.0.1 Remote Command Execution
Exploit Title: PopojiCMS 2.0.1 - Remote Command Execution Date: 14/04/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...
Tenant Limited 1.0 SQL Injection
Titles: TENANT-LIMITED-1.0 SQLi Author: nu11secur1ty Date: 05/20/2024 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter...
Rocket LMS 1.9 Cross Site Scripting
Title: Rocket LMS 1.9 - Persistent Cross Site Scripting XSS Date: 04/16/2024 Exploit Author: Sergio Medeiros Vendor Homepage: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Software Link: https://lms.rocket-soft.org Version: 1.9 Tested on Firefox and Chrome...
Backdrop CMS 1.27.1 Remote Command Execution
Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Date: 04/27/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os impor...
Apache OFBiz 18.12.12 Directory Traversal
Exploit Title: Apache OFBiz 18.12.12 - Directory Traversal Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://ofbiz.apache.org/download.html Version: below example.createBlogPost...
WordPress XStore Theme 9.3.8 SQL Injection
Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent:...
SAP Cloud Connector 2.16.1 Missing Validation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Tolerating Self-Signed Certificates product: SAP® Cloud Connector vulnerable version: 2.15.0 - 2.16.1 Portable and Installer fixed version: 2.16.2 Portable and Installer...
Zope 5.9 Command Injection
Vulnerability Report Title: Command Argument Injection Vulnerability in Zope WSGI Instance Creation Script Leading to RCE Description: A command Argument injection vulnerability has been identified in the Zope WSGI instance creation script used by the Zope web application server framework, which ...
Cacti 1.2.26 Remote Code Execution
---------------------------------------------------------------- Cacti = 1.2.26 import.php Remote Code Execution Vulnerability ---------------------------------------------------------------- - Software Link: https://cacti.net - Affected Versions: Version 1.2.26 and prior versions. - Vulnerabilit...
Backdoor.Win32.AsyncRat MVID-2024-0683 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/2337b9a12ecf50b94fc95e6ac34b3ecc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.AsyncRat Vulnerability: Arbitrary Code Execution Description: The malware...
CrushFTP Directory Traversal
Exploit Title: CrushFTP Directory Traversal Google Dork: N/A Date: 2024-04-30 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Vendor Homepage: https://www.crushftp.com/ Software Link: https://www.crushftp.com/download/ Version: below 10.7.1 and 11.1.0 as well as legacy 9.x Tested...
Apache mod_proxy_cluster Cross Site Scripting
import requests import argparse from bs4 import BeautifulSoup from urllib.parse import urlparse, parseqs, urlencode, urlunparse from requests.exceptions import RequestException class Colors: RED = '\03391m' GREEN = '\0331;49;92m' RESET = '\0330m' def getclustermanagerurlbaseurl, path:...
TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/f917c77f60c3c1ac6dbbadbf366ddd30.txt Contact: [email protected] Media: twitter.com/malvuln Threat: TrojanSpy.Win64.EMOTET.A Vulnerability: Arbitrary Code Execution Description: The malware...
Leafpub 1.1.9 Cross Site Scripting
Leafpub 1.1.9 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/Leafpub Software Link: https://github.com/Leafpub/leafpub Version: 1.1.9 Tested on: MacOS Steps to Reproduce - Please login from this address:...
Plantronics Hub 3.25.1 Arbitrary File Read
Exploit Title: Plantronics Hub 3.25.1 – Arbitrary File Read Date: 2024-05-10 Exploit Author: Farid Zerrouk from Deloitte Belgium, Alaa Kachouh from Mastercard Vendor Homepage: https://support.hp.com/us-en/document/ish9869257-9869285-16/hpsbpy03895 Version: Plantronics Hub for Windows version 3.25...
Chyrp 2.5.2 Cross Site Scripting
Chyrp 2.5.2 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/chyrp/ Software Link: https://github.com/chyrp/chyrp/archive/refs/tags/v2.5.2.zip Version: 2.5.2 Tested on: MacOS Steps to Reproduce - Login from the address:...
Prison Management System Using PHP SQL Injection
Exploit : Prison Management System Using PHP -SQL Injection Authentication Bypass Date: 15/03/2024 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/sql/17287/prison-management-system.html Tested on: Windows ,XAMPP CVE :...
Esteghlal F.C. Cross Site Scripting
EXPLOIT XSS Esteghlal F.C. باشگاه فوتبال استقلال تهران Site https://fcesteghlal.ir suffers from a remote XSS vulnerability. This security incident was reported by the SOC and Maher team and prevention centers and was ignored this site has not responded to their reports so we are posting this to a...
Kemp LoadMaster Local sudo Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Kemp LoadMaster...
Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560fB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Panel.SmokeLoader Vulnerability: Cross Site Request Forgery CSRF - Persistent XSS Family:...
Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Panel.SmokeLoader Vulnerability: Cross Site Scripting XSS Family: SmokeLoader Type: Web...
RIOT 2024.01 Buffer Overflows / Lack Of Size Checks / Out-Of-Bound Access
-- HNS-2024-07 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in RIOT OS OS: RIOT Date: 2024-05-07 CVE ID and severity: CVE-2024-31225 - High CVE-2024-32017 - Critical CVE-2024-32018 - High low-severity vulnerabilities were not assigned a CVE ID Vendor...
Clinic Queuing System 1.0 Remote Code Execution
Exploit Title: Clinic Queuing System 1.0 RCE Date: 2024/1/7 Exploit Author: Juan Marco Sanchez Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html Version: 1.0 Tested on...
Panel Amadey.d.c MVID-2024-0680 Cross Site Scripting
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Panel Amadey.d.c Vulnerability: Cross Site Scripting XSS Family: Amadey Type: Web Panel MD...
POMS PHP 1.0 SQL Injection / Shell Upload
Titles: POMS-PHP-by oretnom23 -v1.0-FU-SQLi-RCE-HAT.TRICK 1. SQLi Bypass Authentication 2. File Upload 3. RCE Latest update from the vendor: 5 hours 32 minutes ago Author: nu11secur1ty Date: 05/07/2024 Vendor: https://github.com/oretnom23 Software:...
Drupal-Wiki 8.31 / 8.30 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping XSS flaws in Drupal-Wiki Affected Products Drupal Wiki 8.31 Drupal Wiki 8.30 older releases have not been tested References https://www.secuvera.de/advisories/secuvera-SA-2024-02.txt used...
Microsoft PlayReady Complete Client Identity Compromise
Hello All, We have come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client Windows SW DRM scenario for the communication with a license server and identity purposes. More specifically, we successfully demonstrated the extraction of the...