50653 matches found
Financials By Coda Authorization Bypass
Vulnerability type: Incorrect Access Control Vendor: https://www.unit4.com/ Product: Financials by Coda Product site: https://www.unit4.com/fr/products/financial-management-software Affected version: "user" : "", "password" : "", "company" : "", "newPassword" : "newpasswordfortargeteduser",...
JetBrains TeamCity Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JetBrains TeamCity Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability in...
StimulusReflex 3.5.0 Arbitrary Code Execution
StimulusReflex CVE-2024-28121 Arbitrary code execution in StimulusReflex. This affects version 3.5.0 up to and including 3.5.0.rc2 and v3.5.0.pre10. Vulnerable code excerpt stimulusreflex/lib/stimulusreflex/reflex.rb Invoke the reflex action specified by name and run all callbacks def processname...
GitLab CE/EE Password Reset
Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...
Fortinet FortiOS Out-Of-Bounds Write
CVE-2024-21762 out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability Vulnerability ===== FortiGate released a version update in February, fixing multiple medium- and high-risk vulnerabilities. One of the severe-level vulnerabilities is an unauthorized out-of-bounds write...
Honeywell PM43 Remote Code Execution
Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...
SolarView Compact 6.00 Command Injection
Exploit Title: SolarView Compact 6.00 - Command Injection - Shodan Dork: http.html:"solarview compact" - Exploit Author: ByteHunter - Email: [email protected] - Version: 6.00 - Tested on: 6.00 - CVE : CVE-2023-23333 import argparse import requests def vulncheckipaddress, port: url =...
Backdoor.Win32.Emegrab.b MVID-2024-0675 Buffer Overflow
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/19a14d0414aec62ef38378de2e8b259d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Emegrab.b Vulnerability: Remote Stack Buffer Overflow SEH Family: Emegrab...
JetBrains TeamCity 2023.05.3 Remote Code Execution
Exploit Title: JetBrains TeamCity 2023.05.3 - Remote Code Execution RCE - Shodan Dork: http.title:TeamCity , http.favicon.hash:-1944119648 - Exploit Author: ByteHunter - Vendor: JetBrains - Email: [email protected] - vendor: JetBrains - Version: versions before 2023.05.4 - Tested on:...
Viessmann Vitogate 300 2.1.3.0 Remote Code Execution
Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...
Ruijie Switch PSG-5124 26293 Remote Code Execution
Exploit Title: Ruijie Switch PSG-5124 26293 - Remote Code Execution RCE - Shodan Dork: http.htmlhash:-1402735717 - Fofa Dork: body="img/freeloginge.gif" && body="./img/loginbg.gif" - Exploit Author: ByteHunter - Email: [email protected] - Version: PSG-5124LINK SOFTWARE RELEASE:26293 - Tested...
Checkmk Agent 2.0.0 / 2.1.0 / 2.2.0 Local Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via writable files product: Checkmk Agent vulnerable version: 2.0.0, 2.1.0, 2.2.0 fixed version: 2.1.0p40, 2.2.0p23, 2.3.0b1, 2.4.0b1 CVE numbe...
Vinchin Backup And Recovery 7.2 Command Injection
CVE ID: CVE-2024-25228 Title: Authenticated Command Injection Vulnerability in ManoeuvreHandler.class.php of Vinchin Backup & Recovery Versions 7.2 and Earlier Description: A critical security vulnerability has been discovered in the getVerifydiyResult function within the ManoeuvreHandler.class.p...
OSGi 3.18 Remote Code Execution
!/usr/bin/python Exploit Title: OSGi v3.8-3.18 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...
MSMS-PHP 1.0 SQL Injection
Title: MSMS-PHP by: oretnom23 v1.0 Multiple-SQLi Author: nu11secur1ty Date: 03/13/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14924/online-mobile-store-management-system-using-php-free-source-code.html Reference:...
VMware Cloud Director 10.5 Authentication Bypass
Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...
OSGi 3.7.2 Remote Code Execution
!/usr/bin/python Exploit Title: OSGi v3.7.2 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...
Client Details System 1.0 SQL Injection
Exploit Title: CVE-2023-7137ClientDetailsSystem-SQLInjection1 + Date: 2023-26-12 + Exploit Author: Hamdi Sevben + Vendor Homepage: https://code-projects.org/client-details-system-in-php-with-source-code/ + Software Link:...
MSMS-PHP 1.0 Shell Upload
Title: MSMS-PHP by: oretnom23 v1.0 File Upload - RCE browser using Author: nu11secur1ty Date: 03/13/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14924/online-mobile-store-management-system-using-php-free-source-code.html Reference:...
MetaFox 5.1.8 Shell Upload
!/usr/bin/env python3 Exploit Title: MetaFox Remote Shell Upload Google Dork: "Social network for niche communities" Exploit Author: The Joker Vendor Homepage: https://www.phpfox.com Version: = 5.1.8import jsonimport requestsimport sysif lensys.argv != 4: sys.exit"Usage: %s " % sys.argv0...
SnipeIT 6.2.1 Cross Site Scripting
Exploit Title: SnipeIT 6.2.1 - Stored Cross Site Scripting Date: 06-Oct-2023 Exploit Author: Shahzaib Ali Khan Vendor Homepage: https://snipeitapp.com Software Link: https://github.com/snipe/snipe-it/releases/tag/v6.2.1 Version: 6.2.1 Tested on: Windows 11 22H2 and Ubuntu 20.04 CVE: CVE-2023-5452...
Cisco Firepower Management Center Remote Command Execution
Exploit Title: Cisco Firepower Management Center Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 6.2.3.18", "6.4.0.16", "6.6.7.1 CVE : CVE-2023-20048 import requests import json set the variables for the URL, username, and password for the FMC web services interface...
Human Resource Management System 1.0 SQL Injection
Exploit Title: Human Resource Management System - SQL Injection Date: 13-01-2024 Exploit Author: Srikar Exp1o1t9r Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution
Exploit Title: NorthStar C2 agent RCE via stored XSS Date: 2024-03-11 Exploit Author: @chebuya Software Link: https://github.com/EnginDemirbilek/NorthStarC2 Version: v1.0 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-28741 Description: NorthStar C2 applies insufficient sanitization on agent...
DataCube3 1.0 Shell Upload
Exploit Title: DataCube3 v1.0 - Unrestricted file upload 'RCE' Date: 7/28/2022 Exploit Author: Samy Younsi - NS Labs https://neroteam.com Vendor Homepage: https://www.f-logic.jp Software Link: https://www.f-logic.jp/pdf/support/manualproduct/manualproductdatacube3ver1.0sc.pdf Version: Ver1.0 Test...
Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read
Exploit Title: File Read Arbitrary Exploit for CVE-2023-26360 Google Dork: not Date: 12/28/2023 Exploit Author: Youssef Muhammad Vendor Homepage: https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html Software Link: https://drive.google.com/drive/folders/17ryBnFhswxiE1sHrNByxMVPKfUnwqmp0...
Hitachi NAS SMU Backup And Restore Insecure Direct Object Reference
!/usr/bin/python3 Title: Hitachi NAS HNAS System Management Unit SMU Backup & Restore IDOR Vulnerability CVE: CVE-2023-5808 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host",...
WordPress Duplicator Data Exposure / Account Takeover
Exploit Title: WordPress Plugin Duplicator 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover Google Dork: inurl:"plugins/duplicator/" Date: 2023-12-04 Exploit Author: Dmitrii Ignatyev Vendor Homepage:...
Sitecore 8.2 Remote Code Execution
!/usr/bin/env python3 Exploit Title: Sitecore - Remote Code Execution v8.2 Exploit Author: abhishek morla Google Dork: N/A Date: 2024-01-08 Vendor Homepage: https://www.sitecore.com/ Software Link: https://dev.sitecore.net/ Version: 10.3 Tested on: windows64bit / mozila firefox CVE : CVE-2023-358...
Numbas Remote Code Execution
Exploit Title: Numbas v7.3 - Remote Code Execution Google Dork: N/A Date: March 7th, 2024 Exploit Author: Matheus Boschetti Vendor Homepage: https://www.numbas.org.uk/ Software Link: https://github.com/numbas/Numbas Version: 7.2 and below Tested on: Linux CVE: CVE-2024-27612 import sys, requests,...
TP-Link TL-WR740N Buffer Overflow / Denial Of Service
Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS' Date: 8/12/2023 Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N Description: There exist a buffer overflow vulnerability in...
Backdoor.Win32.Beastdoor.oq MVID-2024-0674 Remote Command Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/6268df4c9c805c90725dde4fe5ef6fea.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Beastdoor.oq Vulnerability: Unauthenticated Remote Command Execution...
RUPPEINVOICE 1.0 SQL Injection
Title: RUPPEINVOICE-1.0 Multiple-SQLi Author: nu11secur1ty Date: 03/09/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Reference: https://portswigger.net/web-security/sql-injection Description: The...
WordPress Hide My WP SQL Injection
Exploit Title: Wordpress Plugin Hide My WP 6.2.9 - Unauthenticated SQLi Publication Date: 2023-01-11 Original Researcher: Xenofon Vassilakopoulos Exploit Author: Xenofon Vassilakopoulos Submitter: Xenofon Vassilakopoulos Vendor Homepage: https://wpwave.com/ Version: Hide My WP v6.2.8 and prior...
Akaunting 3.1.3 Remote Command Execution
Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...
MongoDB 2.0.1 / 2.1.1 / 2.1.4 / 2.1.5 Local Password Disclosure
Title: MongoDB MONGOSH Password Exposure Vulnerability Product: MongoDB database Tool: mongosh Affected Versions: 2.0.1 , 2.1.1,2.1.4,2.1.5 Tested Versions: 2.0.1 , 2.1.1,2.1.4,2.1.5 Risk Level: Low Author of Advisory: Emad Al-Mousa Vulnerability Details: Vulnerability in MongoDB database system...
Ladder 0.0.21 Server-Side Request Forgery
Exploit Title: Ladder v0.0.21 Server-side request forgery SSRF Date: 2024-01-20 Exploit Author: @chebuya Software Link: https://github.com/everywall/ladder Version: v0.0.1 - v0.0.21 Tested on: Ubuntu 20.04.6 LTS on AWS EC2 ami-0fd63e471b04e22d0 CVE: CVE-2024-27620 Description: Ladder fails to app...
NDtaskmatic 1.0 SQL Injection
Title: NDtaskmatic-1.0-by-Mayuri.K Multiple-SQLi Author: nu11secur1ty Date: 03/07/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Reference: https://portswigger.net/web-security/sql-injection...
GliNet 4.x Authentication Bypass
DZONERZY Security Research GLiNet: Router Authentication Bypass ======================================================================== Contents ======================================================================== 1. Overview 2. Detailed Description 3. Exploit 4. Timeline...
FullCourt Enterprise 8.2 Cross Site Scripting
Exploit Title: FullCourt enterprise XSS Date: 2023-28-12 Exploit Author: Omar Sabagh Author Linkedin: https://www.linkedin.com/in/omar-s-b937791a2/ Vendor Homepage: https://www.justicesystems.com Software Link: https://www.justicesystems.com/products/fullcourt-enterprise/ Version: FullCourt...
Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal
KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability Title: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability Advisory ID: KL-001-2024-001 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-001.txt 1...
Customer Support System 1.0 SQL Injection
Exploit Title: Customer Support System 1.0 - Multiple SQL injection vulnerabilities Date: 15/12/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Artica Proxy 4.50 Loopback Service Disclosure
KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Advisory ID: KL-001-2024-004 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt 1...
Artica Proxy 4.50 Unauthenticated PHP Deserialization
KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID: KL-001-2024-002 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt 1...
Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability Title: Artica Proxy Unauthenticated File Manager Vulnerability Advisory ID: KL-001-2024-003 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt 1. Vulnerability Detail...
Solar-Log 200 PM+ 3.6.0 Cross Site Scripting
Exploit Title: Stored XSS in Solar-Log 200 3.6.0 web panel Date: 10-30-23 Exploit Author: Vincent McRae, Mesut Cetin - Redteamer IT Security Vendor Homepage: https://www.solar-log.com/en/ Version: Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 Tested on: Proprietary devices:...
WordPress Neon Text 1.1 Cross Site Scripting
Exploit Title: Wordpress Plugin Neon Text = 1.1 - Stored Cross Site Scripting XSS Date: 2023-11-15 Exploit Author: Eren Car Vendor Homepage: https://www.eralion.com/ Software Link: https://downloads.wordpress.org/plugin/neon-text.zip Category: Web Application Version: 1.0 Tested on: Debian /...
RAD SecFlow-2 Path Traversal
Exploit Title: Path traversal in RAD SecFlow-2 devices with Firmware 4.1.01.63 Date: 3/2024 CVE: CVE-2019-6268 Exploit Author: Branko Milicevic RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated b...
KK Star Ratings Race Condition
Exploit Title: kk Star Ratings Extensions Turbo Intruder Send to turbo intruder. 5- Drop the initial request and turn Intercept off. 6- In the Turbo Intruder window, add "%s" to the end of the connection header e.g. "Connection: close %s". 7- Use the code examples/race.py. 8- Click "Attack" at th...
Petrol Pump Management Software 1.0 SQL Injection
Exploit Title: SQL Injection vulnerability in Petrol Pump Management Software v.1.0. Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version:...