50738 matches found
Blood Bank And Donor Management System 2.2 Cross Site Scripting
Exploit Title: Blood Bank & Donor Management System using v2.2 - Stored XSS Application: Blood Donor Management System Version: v2.2 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-bank-donor-management-system-free-download/...
Ivanti Sentry Authentication Bypass / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Sentry MICSLogService Auth Bypass resulting in RCE CVE-2023-38035', 'Description' = %q This module exploits an authentication bypass in...
Fundraising Script 1.0 SQL Injection
Title: Fundraising Script-1.0 SQLi Author: nu11secur1ty Date: 09/13/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/fundraising-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The cid parameter appears to be vulnerable to...
Equipment Rental Script 1.0 SQL Injection
Title: Equipment Rental Script-1.0 - SQLi Author: nu11secur1ty Date: 09/12/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/equipment-rental-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The packageid parameter appears t...
KALIMATAN GMS 1.0.0 Cross Site Scripting
==================================================================================================================================== | Title : KALIMATAN GMS V1.0.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | | Vend...
Kylin CMS 1.3.0 SQL Injection
==================================================================================================================================== | Title : KylinCMS V1.3.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | |...
Online Pizza Ordering System 1.0 Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Online Pizza Ordering System PHP File Upload Vulnerability", 'Description' = %q This module exploits a vulnerability found in Online Pizza Orderi...
Kaledo RD CMS 1.0 SQL Injection
==================================================================================================================================== | Title : Kalédo RD CMS va1.0 SQL Injection vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit...
Kolifa Download CMS 1.2 HTML Injection
==================================================================================================================================== | Title : Kolifa Download CMS v1.2 HTML Inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...
Varient News Magazine Script 1.3.0 Insecure Settings
====================================================================================================================================== | Title : Varient News Magazine Script V1.3.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...
iSmile Soft CMS 0.3.0 Cross Site Scripting
==================================================================================================================================== | Title : iSmile Soft CMS v0.3.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...
VMware vRealize Log Insight Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/thrift' require 'rex/stopwatch' class MetasploitModule 'VMware vRealize Log Insight Unauthenticated RCE', 'Description' = %q VMware vRealize Log...
Shuttle Booking Software 1.0 SQL Injection
Title: Shuttle-Booking-Software-1.0 Multiple-SQLi Author: nu11secur1ty Date: 09/10/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/shuttle-booking-software/sectionPricing Reference: https://portswigger.net/web-security/sql-injection Description: The locationid...
IWT Imagine CMS 1.0 Cross Site Scripting
==================================================================================================================================== | Title : IWT Imagineِ CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bit | | Vend...
WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection
Vulnerability Summary from Wordfence Intelligence Description: Slimstat Analytics = 5.0.9 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: Slimstat Analytics Plugin Slug: wp-slimstat Affected Versions: = 5.0.9 CVE ID: CVE-2023-4597 CVSS Score: 6.4 Medium CVS...
Splunk Enterprise Account Takeover
https://github.com/redwaysecurity/CVEs/blob/main/CVE-2023-32707/README.md !/usr/bin/env python3 Splunk admin account take over exploit - CVE-2023-32707 Author: Redway Security Discovery: Santiago Lopez Vendor Description: A low-privilege user who holds a role that has the edituser capability...
OpenPLC Webserver 3 Denial Of Service / Buffer Overflow
import requests import sys import time import optparse import re parser = optparse.OptionParser parser.addoption'-u', '--url', action="store", dest="url", help="Base target uri ex. http://target-uri:8080" parser.addoption'-l', '--user', action="store", dest="user", help="User credential to login"...
WinRAR Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zip' class MetasploitModule 'WinRAR CVE-2023-38831 Exploit', 'Description' = %q This module exploits a vulnerability in WinRAR CVE-2023-38831. When a user opens...
GOM Player 2.3.90.5360 Buffer Overflow
Exploit Title: GOM Player 2.3.90.5360 - Buffer Overflow PoC Discovered by: Ahmet Ümit BAYRAM Discovered Date: 30.08.2023 Vendor Homepage: https://www.gomlab.com Software Link: https://cdn.gomlab.com/gretech/player/GOMPLAYERGLOBALSETUPNEW.EXE Tested Version: 2.3.90.5360 latest Tested on: Windows 1...
Wp2Fac 1.0 Command Injection
Exploit Title: Wp2Fac v1.0 - OS Command Injection Date: 2023-08-27 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://github.com/metinyesil/wp2fac Tested on: Kali Linux & Windows 11 CVE: N/A import requests def sendpostrequesthost, revshell: url = f'http://host/send.php' headers = 'User-Agent':...
Drupal 10.1.2 Web Cache Poisoning
Title: drupal-10.1.2 web-cache-poisoning-External-service-interaction Author: nu11secur1ty Date: 08/30/2023 Vendor: https://www.drupal.org/ Software: https://www.drupal.org/download Reference: https://portswigger.net/kb/issues/00300210external-service-interaction-http Description: It is possible ...
Kibana Timelion Prototype Pollution Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kibana Timelion Prototype Pollution RCE', 'Description' = %q Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in...
Soosyze 2.0.0 Arbitrary File Upload
Title: soosyze 2.0.0 - File Upload Author: nu11secur1ty Date: 04.26.2023-08.28.2023 Vendor: https://soosyze.com/ Software: https://github.com/soosyze/soosyze/releases/tag/2.0.0 Reference: https://portswigger.net/web-security/file-upload Description: Broken file upload logic. The malicious user ca...
Sonicwall GMS 9.9.9320 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sonicwall', 'Description' = %q This module exploits a series of vulnerabilities - including auth bypass, SQL injection, and shell injection - to...
SyncBreeze 15.2.24 Denial Of Service
Exploit Title: SyncBreeze 15.2.24 -'login' Denial of Service Date: 30/08/2023 Exploit Author: mohamed youssef Vendor Homepage: https://www.syncbreeze.com/ Software Link: https://www.syncbreeze.com/setups/syncbreezesetupv15.4.32.exe Version: 15.2.24 Tested on: windows 10 64-bit import socket impor...
WordPress Elementor Iframe Injection
Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Date: 28.08.2023 Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlle...
LG Simple Editor Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LG Simple Editor Remote Code Execution', 'Description' = %q This Metasploit module exploits broken access control and directory traversal...
Axigen 10.5.0–4370c946 Cross Site Scripting
Exploit Title: Axigen if xhr1.readyState === XMLHttpRequest.DONE hcookie = new URLxhr1.responseURL.search.split"="1; xhr2.open'PATCH', /api/v1/conversations/MQ/?h=$hcookie...
TECHView LA5570 Wireless Gateway 1.0.19_T53 Traversal / Privilege Escalation
Exploit Title: Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities Google Dork: N/A Date: 25/08/2023 Exploit Author: The Security Team exploitsecurity.io Vendor Homepage: https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570 Software...
OpenTSDB 2.4.1 Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenTSDB 2.4.1 unauthenticated command injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
Event Ticketing System 1.0 Cross Site Scripting
Title: Event Ticketing System-1.0 XSS-Reflected - RCE Author: nu11secur1ty Date: 09/08/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/event-ticketing-system/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The...
Izdelava IDS 2.0 Cross Site Scripting
==================================================================================================================================== | Title : Izdelava IDS v2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bit | | Vendor :...
Meeting Room Booking System 1.0 SQL Injection
Title: Meeting Room Booking System-1.0 Multiple - SQLi Author: nu11secur1ty Date: 09/06/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The column...
JPC2 CMS 1.0 SQL Injection
====================================================================================================================================== | Title : JPC2 CMS v1.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 61.0.1 32-bit | |...
ImgHosting 1.3 SQL Injection
==================================================================================================================================== | Title : ImgHosting v1.3 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.032-bit | |...
Infinity Market Classified Ads Script 1.6.2 Cross Site Scripting
==================================================================================================================================== | Title : Infinity Market Classified Ads Script 1.6.2 xss via file uploads Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor...
Cleaning Business Software 1.0 Cross Site Scripting
Title: Cleaning Business Software-1.0 XSS-Reflected Author: nu11secur1ty Date: 09/06/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The...
SolarView Compact 6.00 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarView Compact unauthenticated remote command execution vulnerability.', 'Description' = %q CONTEC's SolarView™ Series enables you to monitor...
Event Booking Calendar 4.0 Cross Site Scripting
Title: Event Booking Calendar-4.0 XSS-Reflected Author: nu11secur1ty Date: 09/06/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The value o...
Firefox 117 Denial Of Service
This is barely a DoS, but since Chrome has explicit protection against it, we decided to disclose it. If firefox user visits a specially crafted page, then firefox may create many files in /Downloads, The user is notified about this in a small dialog, but there is no option to stop the downloads...
OpenCart CMS 4.0.2.2 Brute Force
Exploit Title: OpenCart CMS v4.0.2.2 Login Vulnerability Date: 5-9-2023 Category: Web Application CMS Exploit Author: Rajdip Dey Sarkar Version: 4.0.2.2 Tested on: Windows/Kali CVE: CVE-2023-40834 Description: ---------------- OpenCart CMS version 4.0.2.2 is susceptible to login brute-force...
WordPress Newsletter 7.8.9 Cross Site Scripting
Vulnerability Summary from Wordfence Intelligence Description: Newsletter = 7.8.9 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: Newsletter – Send awesome emails from WordPress Plugin Slug: newsletter Affected Versions: = 7.8.9 CVE ID: CVE-2023-4772 CVSS...
JZDCMS 1.3 Cross Site Scripting
==================================================================================================================================== | Title : JZDCMS v1.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.0.132-bit | | Vendor :...
Cinema Booking System 1.0 Cross Site Scripting
Title: Cinema Booking System-1.0 XSS-Reflected Author: nu11secur1ty Date: 09/05/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/car-rental-script/ Reference: https://portswigger.net/web-security/sql-injection Description: The name of an arbitrarily supplied URL...
WEBIGniter 28.7.23 Shell Upload
Title: WEBIGniter-28.7.23 File Upload - RCE Author: nu11secur1ty Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload vulnerability. The attacker...
DLINK DPH-400SE FRU2.2.15.8 Information Disclosure
Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Date : 25-08-2023 Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the...
WordPress WP Statistics 13.1.5 SQL Injection
Exploit Title: WP Statistics Plugin = 13.1.5 currentpageid - Time based SQL injection Unauthenticated Date: 13/02/2022 Exploit Author: psychoSherlock Vendor Homepage: https://wp-statistics.com/ Software Link: https://downloads.wordpress.org/plugin/wp-statistics.13.1.5.zip Version: 13.1.5 and prio...
Internet Radio auna IR-160 SE UIProto DoS / XSS / Missing Authentication
The internet radio device auna IR-160 SE has multiple vulnerabilities. It uses the firmware UIProto, different versions of which can also be found in many other radios. 1. The firmware offers a rudimentary web API that can be reached on the local network on port 80. This API is completely...
AtlasVPN Linux Client 1.0.3 IP Leak
The following is my 0day. This code, when executed on any website, disconnects the AtlasVPN linux client and leaks the users IP address. I am not yet aware of it being used in the wild. However, it shows that AtlasVPN does not take their users safety serious, because their software security...
FileMage Gateway 1.10.9 Local File Inclusion
Exploit Title: FileMage Gateway 1.10.9 - Local File Inclusion Date: 8/22/2023 Exploit Author: Bryce "Raindayzz" Harty Vendor Homepage: https://www.filemage.io/ Version: Azure Versions 1.10.9 Tested on: All Azure deployments 1.10.9 CVE : CVE-2023-39026 Technical Blog -...