50738 matches found
Splunk edit_user Capability Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk "edituser" Capability Privilege Escalation', 'Description' = %q A low-privileged user who holds a role that has the "edituser" capability...
SugarCRM 13.0.1 Shell Upload
------------------------------------------------------------------------------- SugarCRM = 13.0.1 setnoteattachment Unrestricted File Upload Vulnerability ------------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions:...
XAMPP 3.3.0 Buffer Overflow
Exploit Title: XAMPP v3.3.0 ā '.ini' Buffer Overflow Unicode + SEH Date: 2023-10-26 Author: Talson @Ripp3rdoc Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.0.28/xampp-windows-x64-8.0.28-0-VS16-installer.exe Version: 3.3.0 Tested on: Windows 11 CVE-2023-46517 \ / \ ...
SugarCRM 13.0.1 Server-Side Template Injection
---------------------------------------------------------------------------- SugarCRM = 13.0.1 GetControl Server-Side Template Injection Vulnerability ---------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Versio...
phpFox 4.8.13 PHP Object Injection
-------------------------------------------------------------- phpFox = 4.8.13 redirect PHP Object Injection Vulnerability -------------------------------------------------------------- - Software Link: https://www.phpfox.com - Affected Versions: Version 4.8.13 and prior versions. - Vulnerability...
Oracle 19c / 21c Sharding Component Password Hash Exposure
Title: CVE-2023-22074 ā Oracle database password hash exposure in sharding component Product: Database Manufacturer: Oracle Affected Versions: 19c,21c 19.3-19.20 and 21.3-21.11 Tested Versions: 19c Risk Level: Low Solution Status: Fixed CVE Reference: CVE-2023-22074 Base Score: 2.4 Author of...
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion
Vulnerability Details and Technical Analysis The AI ChatBot plugin provides website owners with a plug and play chat solution that can be expanded upon with customizable FAQs and custom text responses. It provides website users with an interface that allows them to look up order information, leav...
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...
TEM Opera Plus FM Family Transmitter 35.45 Cross Site Request Forgery
CSRF Change Forward Power: -------------------------...
VMWare Aria Operations For Networks SSH Private Key Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight SSH Private Key Exposure',...
WordPress LiteSpeed Cache 5.6 Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: LiteSpeed Cache = 5.6 ā Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: LiteSpeed Cache Plugin Slug: litespeed-cache Affected Versions: = 5.6 CVE ID: CVE-2023-4372 CVSS Score: 6.4 Medium CVSS...
Moodle 4.3 Cross Site Scripting
Exploit Title: Moodle 4.3 Reflected XSS Date: 21/10/2023 Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3 Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the application with the given...
VIMESA VHF/FM Transmitter Blue Plus 9.7.1 Denial Of Service
VIMESA VHF/FM Transmitter Blue Plus 9.7.1 doreboot Remote Denial Of Service Vendor: Video Medios, S.A. VIMESA Product web page: https://www.vimesa.es Affected version: img:v9.7.1 Html:v2.4 RS485:v2.5 Summary: The transmitter Blue Plus is designed with all the latest technologies, such as high...
Atlassian Confluence Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an improper input validation issue in...
NLB mKlik Makedonija 3.3.12 SQL Injection
NLB mKlik Makedonija 3.3.12 SQL Injection Vendor: NLB Banka AD Skopje Product web page: https://www.nlb.mk Google Play: https://play.google.com/store/apps/details?id=hr.asseco.android.jimba.tutunskamk.production Affected version: 3.3.12 Summary: NLB mKlik е мобилна Š°ŠæŠ»ŠøŠŗŠ°ŃŠøŃа Š½Š°Š¼ŠµŠ½ŠµŃа за ŃŠøŠ·ŠøŃŠŗŠø...
Zoo Management System 1.0 Shell Upload
Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Date: 16.10.2023 Exploit Author: ĆaÄatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...
WordPress WP ERP 1.12.2 SQL Injection
Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection Date: 15-10-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/erp/ Vendor Homepage: https://wperp.com/ Version: 1.12.2 Tested on: Windows, Linux CVE: CVE-2023-2744 Product Description WP ERP is the first full-fledge...
WordPress Royal Elementor 1.3.78 Shell Upload
Today, on October 13, 2023, the Wordfence Threat Intelligence Team became aware of a vulnerability that was recently patched in Royal Elementor Addons and Templates, a WordPress plugin installed on over 200,000 sites, that makes it possible for unauthenticated attackers to upload arbitrary files ...
2023 Mount Carmel School 6.4.1 Cross Site Scripting
Title: 2023-Mount-Carmel-School-6.4.1 XSS-Reflected - User Interaction Author: nu11secur1ty Date: 10/14/2023 Vendor: https://smart-school.in/ Software: https://demo.smart-school.in/site/userlogin Reference: https://portswigger.net/kb/issues/00200300cross-site-scripting-reflected Description: The...
ChurchCRM 4.5.4 SQL Injection
Exploit Title: ChurchCRM 4.5.4 - Authenticated Blind SQL Injection via the ENtyid Date: 03-05-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-29842/CVE-2023-29842.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage:...
WordPress Core 6.3.1 XSS / DoS / Arbitrary Shortcode Execution
The newest WordPress patch includes fixes for 8 Medium-Severity security issues, several of which are trivial to exploit. WordPress Core 6.3.2 was released today, on October 12, 2023. It includes a number of security fixes and additional hardening against commonly exploited vulnerabilities. While...
PyTorch Model Server Registration / Deserialization Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'PyTorch Model Server Registration and Deserialization RCE', 'Description' = %q The PyTorch model server contains multiple...
Apache Superset 2.0.0 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Superset Signed Cookie RCE', 'Description' = %q Apache Superset versions MSFLICENSE, 'Author' = 'h00die', MSF module 'paradoxis', original...
Dawa Pharma 1.0-2022 SQL Injection
Title: dawa-pharma-1.0-2022 Multiple-SQLi Author: nu11secur1ty Date: 10/12/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The email...
Clinic's Patient Management System 1.0 Shell Upload
Exploit Title: Clinic's Patient Management System 1.0 - Unauthenticated RCE Date: 07.10.2023 Exploit Author: OÄulcan Hami Gül Vendor Homepage: https://www.sourcecodester.com/php-clinics-patient-management-system-source-code Software Link:...
Lost And Found Information System 1.0 Insecure Direct Object Reference
Exploit Title: Lost and Found Information System v1.0 - idor leads to Account Take over Date: 2023-12-03 Exploit Author: OR4NG.M4N Category : webapps CVE : CVE-2023-38965 Python p0c : import argparse import requests import time parser = argparse.ArgumentParserdescription='Send a POST request to t...
Smart School 6.4.1 SQL Injection
Exploit Title: Smart School 6.4.1 - SQL Injection Exploit Author: CraCkEr Date: 28/09/2023 Vendor: QDocs - qdocs.net Vendor Homepage: https://smart-school.in/ Software Link: https://demo.smart-school.in/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-5495 CWE: CWE-89 - CWE-74 -...
Gaatitrack 1.0-2023 SQL Injection
Title: gaatitrack-1.0-2023 Multiple-SQLi Author: nu11secur1ty Date: 08/31/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php Reference: https://portswigger.net/web-security/sql-injection Description: The email...
GLPI GZIP(Py3) 9.4.5 Remote Code Execution
!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...
WordPress Sonaar Music 4.7 Cross Site Scripting
Exploit Title: Wordpress Sonaar Music Plugin 4.7 - Stored XSS Date: 2023-09-05 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/wp/wordpress/wp-comments-post.php Version: 4.7 REQUIRED Tested on: Windows/Linux...
Atcom 2.7.x.x Command Injection
Exploit Title: Atcom 2.7.x.x - Authenticated Command Injection Google Dork: N/A Date: 07/09/2023 Exploit Author: Mohammed Adel Vendor Homepage: https://www.atcom.cn/ Software Link: https://www.atcom.cn/html/yingwenban/Product/FastIPphone/2017/1023/135.html Version: All versions above 2.7.x.x Test...
Coppermine Gallery 1.6.25 Remote Code Execution
Exploit Title: coppermine-gallery 1.6.25 RCE Application: coppermine-gallery Version: v1.6.25 Bugs: RCE Technology: PHP Vendor URL: https://coppermine-gallery.net/ Software Link: https://github.com/coppermine-gallery/cpg1.6.x/archive/refs/tags/v1.6.25.zip Date of found: 05.09.2023 Author: Mirabba...
Minio 2022-07-29T19-40-48Z Path Traversal
Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Date: 2023-09-02 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before executio...
BoidCMS 2.0.0 Shell Upload
!/usr/bin/python3 Exploit Title: BoidCMS v2.0.0 - authenticated file upload vulnerability Date: 08/21/2023 Exploit Author: 1337kid Vendor Homepage: https://boidcms.github.io// Software Link: https://boidcms.github.io/BoidCMS.zip Version: ' with open'shell.php','w' as f: f.writelinesphpcode ====...
Cacti 1.2.24 Command Injection
Exploit Title: Cacti 1.2.24 - Authenticated command injection when using SNMP options Date: 2023-07-03 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/info/downloads Version: Cacti 1.2.24 Tested on: Cacti 1.2.24 installed on...
OpenPLC WebServer 3 Denial Of Service
Exploit Title: OpenPLC WebServer 3 - Denial of Service Date: 10.09.2023 Exploit Author: Kai Feng Vendor Homepage: https://autonomylogic.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3.git Version: Version 3 and 2 Tested on: Ubuntu 20.04 import requests import sys import time import...
WordPress Masterstudy LMS 3.0.17 Account Creation
Exploit Title: Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation Google Dork: inurl:/user-public-account Date: 2023-09-04 Exploit Author: Revan Arifio Vendor Homepage: https:/.org/plugins/masterstudy-lms-learning-management-system/ Version: | | \ / | | / /| |...
Webedition CMS 2.9.8.8 Server-Side Request Forgery
Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRF Application: Webedition CMS Version: v2.9.8.8 Bugs: Blind SSRF Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 07.09.2023 Author: Mirabbas...
Microsoft Windows 11 apds.dll DLL Hijacking
--------------------------------------------------------- Title: Microsoft Windows 11 - 'apds.dll' DLL hijacking Forced Date: 2023-09-01 Author: Moein Shahabi Vendor: https://www.microsoft.com Version: Windows 11 Pro 10.0.22621 Tested on: Windows 11x64 eng...
Aicte India LMS 3.0 Cross Site Scripting
==================================================================================================================================== | Title : Aicte india LMS 3.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozilla firefox 69.032-bit | | Vendor :...
eClass IP 2.5 SQL Injection
==================================================================================================================================== | Title : eClass IP 2.5 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozilla firefox 69.032-bit | | Vend...
Chicv Management System Login 4.5.6 Insecure Direct Object Reference
==================================================================================================================================== | Title : Chicv Management System Login v4.5.6 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozilla firefox 63.0....
eClass Junior 4.0 SQL Injection
==================================================================================================================================== | Title : eClass Junior 4.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FranƧais V.Pro / browser : Mozilla firefox 69.032-bit | |...
Kibana Prototype Pollution / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kibana Upgrade Assistant Telemetry Collector Prototype Pollution', 'Description' = %q Kibana before version 7.6.3 suffers from a prototype...
SAP Application Server ABAP Open Redirection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Open Redirect in BSP Test Application it00 Bypass for CVE-2020-6215 Patch product: SAPĀ® Application Server ABAP and ABAPĀ® Platform SAPBASIS vulnerable version: see sectio...
glibc ld.so Local Privilege Escalation
Qualys Security Advisory Looney Tunables: Local Privilege Escalation in the glibc's ld.so CVE-2023-4911 ======================================================================== Contents ======================================================================== Summary Analysis Proof of concept...
Progress Software WS_FTP Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Progress Software WSFTP Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an unsafe .NET deserialization...
WordPress Contact Form Generator 2.5.5 Cross Site Scripting
Exploit Title: WP Plugins Contact Form Generator 2.5.5 - Reflected Cross-Site Scripting Date: 03-10-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/contact-form-generator/ Vendor Homepage: https://www.creative-solutions.net/ Version: 2.5.5 Tested on: Windows, Linux CVE:...
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAPĀ® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...
WordPress KiviCare 3.2.0 Cross Site Scripting
Exploit Title: WP Plugins KiviCare 3.2.0 - Reflected Cross-Site Scripting Date: 03-10-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/kivicare-clinic-management-system/ Vendor Homepage: https://kivicare.io/ Version: 3.2.0 Tested on: Windows, Linux CVE: CVE-2023-2624...