DerbyNet 9.0 photo-thumbs.php Cross Site Scripting

CVE ID: CVE-2024-30925 Description: A Cross-Site Scripting XSS vulnerability exists in DerbyNet version 9.0, specifically within the photo-thumbs.php component. This issue enables a remote attacker to execute arbitrary code through the improper handling of the racerid and back parameters. The...

DerbyNet 9.0 print/render/racer.inc SQL Injection

CVE ID: CVE-2024-30923 Description: An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, specifically within the print/render/racer.inc component. This vulnerability allows remote attackers to execute arbitrary code and disclose sensitive information by exploiting improper...

DerbyNet 9.0 checkin.php Cross Site Scripting

CVE ID: CVE-2024-30924 Description: A Cross Site Scripting XSS vulnerability has been identified in DerbyNet version 9.0, specifically within the checkin.php component. This vulnerability allows remote attackers to execute arbitrary code due to improper handling of the order URL parameter. The fl...

Human Resource Management System 2024 1.0 SQL Injection

Title: hrm2024.1.0-Multiple-SQLi Author: nu11secur1ty Date: 04/02/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...

Gibbon School Platform 26.0.00 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gibbon School Platform Authenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gibbon onlin...

Visual Planning 8 Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Title ===== SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Functionality in Visual Planning Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-49232 Link ====...

DerbyNet 9.0 playlist.php Cross Site Scripting

CVE ID: CVE-2024-30929 Description: A Cross-Site Scripting XSS vulnerability has been found in DerbyNet version 9.0, affecting the playlist.php component. This issue allows remote attackers to execute arbitrary code by exploiting the back parameter. The application does not properly sanitize the...

Feng Office 3.10.8.21 Cross Site Scripting

Exploit Title: Feng Office version 3.10.8.21 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.fengoffice.com/ version 3.10.8.21 1 Login admin https://127.0.0.1/FengOffice/index.php?c=access&a=index 2 Click Tasks " add task 3 Click Add worked hours you will be see xss alert...

DerbyNet 9.0 ajax/query.slide.next.inc SQL Injection

CVE ID: CVE-2024-30928 Description: An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, particularly within the ajax/query.slide.next.inc file. This vulnerability allows remote attackers to execute arbitrary code and disclose sensitive information by exploiting the...

DerbyNet 9.0 render-document.php Cross Site Scripting

CVE ID: CVE-2024-30920 Description: A Cross Site Scripting XSS vulnerability has been identified in DerbyNet v9.0, specifically within the render-document.php component. This vulnerability allows a remote attacker to execute arbitrary code via crafted URLs. The root cause of the vulnerability is...

Jasmin Ransomware 1.1 Arbitrary File Read

Exploit Title: Jasmin Ransomware arbitrary file read Date: 2024-04-04 Exploit Author: @chebuya Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: v1.1 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-30851 Description: Jasmin Ransomware panel contains multiple SQL injections and...

Visual Planning 8 Arbitrary File Read

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Title ===== SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in Visual Planning Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-49234 Link ====...

DerbyNet 9.0 print/render/award.inc SQL Injection

CVE ID: CVE-2024-30922 Description: A SQL Injection vulnerability has been identified in DerbyNet version 9.0, specifically affecting the 'where' clause in Award Document Rendering through the component print/render/award.inc. This vulnerability allows remote attackers to execute arbitrary code a...

DerbyNet 9.0 inc/kisosks.inc Cross Site Scripting

CVE ID: CVE-2024-30926 Description: A Cross-Site Scripting XSS vulnerability has been identified in DerbyNet version 9.0, affecting the ./inc/kiosks.inc component. This vulnerability permits remote attackers to execute arbitrary code by exploiting the addressforcurrentkiosk function. The issue...

Visual Planning REST API 2.0 Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Title ===== SCHUTZWERK-SA-2023-003: Authentication Bypass in Visual Planning REST API Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-49231 Link ==== https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-003/...

WordPress Membership For WooCommerce Shell Upload

Exploit Title: Wordpress Plugin - Membership For WooCommerce Resultz Uploader Uploaded ?PHP...

Positron Broadcast Signal Processor TRA7005 1.20 Authentication Bypass

!/usr/bin/env python -- coding: utf-8 -- Positron Broadcast Signal Processor TRA7005 v1.20 Passwd Exploit Vendor: Positron srl Product web page: https://www.positron.it https://www.positron.it/prodotti/apparati-broadcast/stereo-multicoder/tra-7005/ Affected version: 1.20 TRA7K5REV107 TRA7K5REV106...

User Registration And Login And User Management System 3.2 SQL Injection

Exploit Title: User Registration & Login and User Management System v3.2 - SQL Injection Unauthenticated Exploit Author: Yusuf DİNÇ Google Dork: NA Date: 05/03/2024 Vendor Homepage: https://phpgurukul.com Software Link:...

SUPERAntiSpyware Professional X 10.0.1264 DLL Hijacking / Privilege Escalation

Title: SUPERAntiSpyware Professional X Version =10.0.1264 "version.dll" Local Privilege Escalation Date: 03.04.2024 Author: M. Akil Gündoğan Vendor Homepage: https://superantispyware.com/ Version: 10.0.1262 and lastest version 10.0.1264 Tested on: Windows 10 Professional x64 PoC Video:...

Computer Laboratory Management System 1.0 SQL Injection

Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 03/28/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...

ESET NOD32 Antivirus 17.0.16.0 Unquoted Service Path

Exploit Title: ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-04-01 Vendor : https://www.eset.com Version : 17.0.16.0 Tested on OS: Microsoft Windows 10 pro x64 C:\wmic service get name,displayname,pathname,startmode |findstr /i...

WordPress Alemha Watermarker 1.3.1 Cross Site Scripting

Exploit Title: Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.3.1 Proof Of Concept: 1. Click Add New Watermark and enter the XSS payload into the Watermark Text. 2. Stored XSS will...

Rapid7 Nexpose 6.6.240 Unquoted Service Path

Exploit Title: Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path Date: 2024-04-2 Exploit Author: Saud Alenazi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/ Version: 6.6.240 Tested: Windows 10 x64 Step to discover Unquoted Service Path:...

Daily Habit Tracker 1.0 Cross Site Scripting

Exploit Title: Daily Habit Tracker 1.0 - Stored Cross-Site Scripting XSS Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0...

Daily Habit Tracker 1.0 SQL Injection

Exploit Title: Daily Habit Tracker 1.0 - SQL Injection Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Debian...

E-Insurance 1.0 Cross Site Scripting

Exploit Title: E-INSUARANCE v1.0 - Stored Cross Site Scripting XSS Google Dork: NA Date: 28-03-2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: v1.0...

GL-iNet MT6000 4.5.5 Arbitrary File Download

Exploit Title: GL-iNet MT6000 4.5.5 - Arbitrary File Download CVE: CVE-2024-27356 Google Dork: intitle:"GL.iNet Admin Panel" Date: 2/26/2024 Exploit Author: Bandar Alharbi aggressor Vendor Homepage: www.gl-inet.com Tested Software Link:...

Microsoft Windows 10.0.17763.5458 Privilege Escalation

Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 This module requires Metasploit: https://metasploit.com/download Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High require 'msf/core' class...

Employee Management System 1.0 SQL Injection

Exploit Title: Employee Management System 1.0 - txtfullname and txtphone SQL Injection Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16999/employee-management-system.html Version: 1.0 Tested on:...

Daily Habit Tracker 1.0 Broken Access Control

Exploit Title: Daily Habit Tracker 1.0 - Broken Access Control Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on:...

ASUS Control Center Express 01.06.15 Unquoted Service Path

Exploit Title: ASUS Control Center Express 01.06.15 - Unquoted Service Path Privilege Escalation Date: 2024-04-02 Exploit Author: Alaa Kachouh Vendor Homepage: https://www.asus.com/campaign/ASUS-Control-Center-Express/global/ Version: Up to 01.06.15 Tested on: Windows CVE: CVE-2024-27673...

OpenCart Core 4.0.2.3 SQL Injection

Exploit Title: OpenCart Core 4.0.2.3 - 'search' SQLi Date: 2024-04-2 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://github.com/opencart/opencart/releases Version: 4.0.2.3 Tested on: XAMPP, Linux Contact: https://twitter.com/dmaral3noz Description :...

Computer Laboratory Management System 1.0 Insecure Direct Object Reference

Vulnerability Details: Application Name: Computer Laboratory Management System Software Link: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html Vendor Homepage: https://www.sourcecodester.com/users/tips23 BuG: Insecure Direct Object References...

Elementor Website Builder SQL Injection

EXPLOIT Elementor Website Builder Replace URL page. On the Replace URL page, enter any random string as the "New URL" and the following malicious payload as the "Old URL": code : http://localhost:8080/?test',metakey='key4'where+metaid=SLEEP2; Press "Replace URL" on the Replace URL page. Burp Suit...

WordPress Simple Backup Path Traversal / Arbitrary File Download

Exploit Title: Simple Backup Plugin 0: printresponse.text Replace with the desired action for the downloaded content filepath = f'simplebackupfilename' with openfilepath, 'wb' as file: file.writeresponse.content printf'File saved in: filepath' else: print"Nothing was downloaded. You can try to...

Computer Laboratory Management System 1.0 Cross Site Scripting

Vulnerability Details: Application Name: Computer Laboratory Management System Software Link: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html Vendor Homepage: https://www.sourcecodester.com/users/tips23 BuG: Insecure Direct Object References...

Online Hotel Booking In PHP 1.0 SQL Injection

Exploit Title: Online Hotel Booking In PHP 1.0 - Blind SQL Injection Unauthenticated Google Dork: n/a Date: 04/02/2024 Exploit Author: Gian Paris C. Agsam Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://projectworlds.in/wp-content/uploads/2019/06/hotel-booking.zip...

Backdoor.Win32.Agent.ju (PSYRAT) MVID-2024-0677 Bypass / Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/0e6e40aad3e8d46e3c0c26ccc6ab94b3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.ju PSYRAT Vulnerability: Authentication Bypass RCE Family: PSYRAT Typ...

Hospital Management System 1.0 Cross Site Scripting

Exploit Title: Hospital Management System v1.0 - Stored Cross Site Scripting XSS Google Dork: NA Date: 28-03-2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://code-projects.org Software Link:...

Blood Bank 1.0 Cross Site Scripting

Exploit Title: Blood Bank v1.0 Stored Cross Site Scripting XSS Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...

Gibbon 26.0.00 Server-Side Template Injection / Remote Code Execution

Exploit Title: Gibbon LMS has an SSTI vulnerability on the v26.0.00 version Date: 21.01.2024 Exploit Author: SecondX.io Research TeamIslam Rzayev,Fikrat Guliev, Ali Maharramli Vendor Homepage: https://gibbonedu.org/ Software Link: https://github.com/GibbonEdu/core Version: v26.0.00 Tested on:...

BioTime Directory Traversal / Remote Code Execution

. . \ | \ /|| | | / |/ | | | |/ / \ | | \ | | | Y Y \ / | /|/|| |||| /\ / / / Tested on 8.5.5 Build:20231103.R1905 Tested on 9.0.1 Build:20240108.18753 BioTime, "time" for shellz! https://claroty.com/team82/disclosure-dashboard/cve-2023-38952...

WordPress Gutenberg 18.0.0 Cross Site Scripting

Exploit Title: Wordpress Gutenberg Plugin Version 18.0.0 Stored XSS Date: 2024-3-29 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://wordpress.org/plugins/gutenberg/ Version 18.0.0 1 Go to Gutenberg Plugin edit page :...

ARIS: Business Process Management 10.0.21.0 Cross Site Scripting

Exploit Title: Stored Cross-Site Scripting XSS in ARIS: Business Process Management Edition Version 10.0.21.0 Exploit Author: Seid Yassin Date: 2024-03-28 Vendor: Software AG Software Link: https://aris.com/ Version: ARIS: Business Process Management Description: Discovered a file upload feature...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...

FoF Pretty Mail 1.1.2 Local File Inclusion

Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Local File Inclusion LFI Date: 03/28/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://flarum.org/ Software Link: https://github.com/FriendsOfFlarum/pretty-mail Version: 1.1.2 Tested on: Windows XP CVE: N/A Description: The FoF...

Soholaunch 4.9.4 r44 Shell Upload

Exploit Title: Soholaunch Version : v4.9.4 r44 Remote Code Execution Date: 2024-3-29 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://livesite.com/ Version : v4.9.4 r44 1 Login with admin cred click Main Menu File Manager Upload New Files Uploading test.php file Payload : 2 Afte...

FoF Pretty Mail 1.1.2 Command Injection

Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Command Injection Date: 03/28/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://flarum.org/ Software Link: https://github.com/FriendsOfFlarum/pretty-mail Version: 1.1.2 Tested on: Windows XP CVE: N/A Description: The FoF Pretty...

FoF Pretty Mail 1.1.2 Server-Side Template Injection

Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Server-Side Template Injection SSTI Date: 03/28/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://flarum.org/ Software Link: https://github.com/FriendsOfFlarum/pretty-mail Version: 1.1.2 Tested on: Windows XP CVE: N/A Descriptio...

Circontrol Raption Buffer Overflow / Command Injection

Circontrol EV Charger vulnerabilities. 1. CVE-2020-8006 Pre-Auth Stack Based Buffer Overflow CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 10 The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the...