50738 matches found
Education Time Indonesian School CRM 1.7 Directory Traversal
==================================================================================================================================== | Title : Education Time Indonesian School CRM v 1.7 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
EI Tube YouTube API 3 SQL Injection
==================================================================================================================================== | Title : EI Tube YouTube API V3 site builder Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...
Elevel CMS 1.0 SQL Injection
==================================================================================================================================== | Title : Elevel CMS v1.0 authentication bypass vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
WordPress Core 5.6.2 XPath Injection
Exploit Title: WordPress Core 5.6.2 - Xpath Injection Date: 13/08/2023 Exploit Author: Behrouz Mansoori Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/download/releases Version: 5.6.2 Tested on: Mac VULNERABILITY DETAILS : This vulnerability allows remote attackers to...
Blood Donor Management System 1.0 Cross Site Scripting
Exploit Title: Blood Donor Management System - Stored XSS Application: Blood Donor Management System Version: v1.0 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-donor-management-system-using-codeigniter/ Date: 15.08.2023...
Education Time Indonesian School CRM 1.7 Cross Site Scripting
==================================================================================================================================== | Title : Education Time Indonesian School CRM v 1.7 Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
BookingWizz 6.0.1 Information Disclosure
==================================================================================================================================== | Title : BookingWizz v6.0.1 sensitive information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
DBCInfoTech CMS 2.0 Administrator Reinstall
==================================================================================================================================== | Title : dbcinfotech CMS v2.0 Reinstall Script Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
E-Biz CMS 2.0 Cross Site Request Forgery
==================================================================================================================================== | Title : E-Biz CMS v2.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vendor :...
Eden CMS 1.02 Cross Site Scripting
==================================================================================================================================== | Title : Eden CMS v1.02 Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | | Vendor :...
Easy2Pilot 7 SQL Injection
==================================================================================================================================== | Title : Easy2Pilot V7 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vendo...
Ecommerce Responsive 1.2 Insecure Direct Object Reference
==================================================================================================================================== | Title : Ecommerce Responsive v1.2 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
EasyPX CMS 06.02.04 Cross Site Scripting
==================================================================================================================================== | Title : EasyPX CMS V06.02.04 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | | Vend...
Microsoft Azure Subdomain Scanner / Enumerator
Background: Microsoft makes use of a number of different domains and subdomains for each of their Azure services. From SQL databases to SharePoint drives, each service maps to its respective domain/subdomain, and with the proper toolset, these can be identified through DNS enumeration to yield...
E-commerce Growisei CMS 2.0 Insecure Settings
==================================================================================================================================== | Title : E-commerce Growisei CMS v2.0 insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting
St. Pölten UAS ------------------------------------------------------------------------------- title| Multiple XSS in Advantech product| Advantech EKI-1524-CE series, EKI-1522 series, | EKI-1521 series vulnerable version| =1.21 CVE-2023-4202, =1.24 CVE-2023-4203 fixed version| 1.26 CVE number|...
Phoenix Contact TC Cloud / TC Router 2.x XSS / Memory Consumption
St. Pölten UAS ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Phoenix Contact TC Cloud Client 1002-4G, | TC Router 3002T-4G, Cloud Client 1101T-TX/TX vulnerable version| 2.07.2, 2.07.2, 2.06.10 fixed version| 2.07.2, 2.07.2...
DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting
==================================================================================================================================== | Title : DigaSell - Digital store PHP Script V1.0.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
systemd 246 Local Root Privilege Escalation
Exploit Title: systemd 246 - Local Privilege Escalation Exploit Author: Iyaad Luqman K init6 Application: systemd 246 Tested on: Ubuntu 22.04 CVE: CVE-2023-26604 systemd 246 was discovered to contain Privilege Escalation vulnerability, when the systemctl status command can be run as root user. Th...
Maltrail 0.53 Remote Code Execution
Exploit Title: Maltrail v0.53 - Unauthenticated Remote Code Execution RCE Exploit Author: Iyaad Luqman K init6 Application: Maltrail v0.53 Tested on: Ubuntu 22.04 CVE: CVE-2023-27163 PoC import sys; import os; import base64; def main: listeningIP = None listeningPORT = None targetURL = None if...
i2soft CMS 2.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : i2soft CMS v2.0 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...
Request-Baskets 1.2.1 Server-Side Request Forgery
Exploit Title: Request-Baskets v1.2.1 - Server-side request forgery SSRF Exploit Author: Iyaad Luqman K init6 Application: Request-Baskets v1.2.1 Tested on: Ubuntu 22.04 CVE: CVE-2023-27163 PoC !/bin/bash if "$" -lt 2 || "$1" = "-h" || "$1" = "--help" ; then help="Usage: exploit.sh \n\n";...
Easy Member Pro 3.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Easy Member pro v3.0 Unauthorised Administrative Access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
Easy Password Manager 1.1 Information Disclosure
==================================================================================================================================== | Title : Easy Password Manager v1.1 unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference
==================================================================================================================================== | Title : helloGTX Travel Portal CRM v1.6 Insecure Direct Object Reference Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser ...
Easy Web Portal 2.1.1 Cross Site Scripting
==================================================================================================================================== | Title : Easy Web Portal v2.1.1 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | |...
TP-Link Archer AX21 Command Injection
!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...
FlatApp Premium Admin Dashboard 1.0 SQL Injection
==================================================================================================================================== | Title : FlatApp - Premium Admin Dashboard 1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
OutSystems Service Studio 11.53.30 DLL Hijacking
Exploit Title: OutSystems Service Studio 11.53.30 - DLL Hijacking Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.outsystems.com/ Version: Up to 11.53.30 Build 61739 Tested on: Windows CVE : CVE-2022-47636 A DLL hijacking vulnerability...
Greeva 2.0 SQL Injection
==================================================================================================================================== | Title : Greeva 2.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | | Vendo...
e2 Distr CMS 2.8.5.3 Backup Disclosure
==================================================================================================================================== | Title : e2 distr CMS v2.8.5.3 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
Desenvolvido C3iM CMS 2.0 Cross Site Scripting
==================================================================================================================================== | Title : Desenvolvido C3iM CMS v2.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | ...
Doma CMS 1.0 Cross Site Scripting
========================================================================================== | Title : Doma CMS v1.0 xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | | Vendor : http://www.matstroeng.se/doma/ | | Dork :...
WordPress WP Project Manager 2.6.4 Privilege Escalation
Description: WP Project Manager = 2.6.4 – Arbitrary Usermeta Update to Authenticated Subscriber+ Privilege Escalation Affected Plugin: WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts Plugin Slug: wedevs-project-manager Affected Versions: =...
Discussion On Kontackt 1.18 Cross Site Scripting
==================================================================================================================================== | Title : Discussion on Kontackt - The Exclusive PHP Social Network Platform v1.18 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pr...
Deprixa 3.2.5 Cross Site Request Forgery
==================================================================================================================================== | Title : Deprixa 3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | | Vendor :...
Dynamic Journal CMS 2.5 Database Disclosure
==================================================================================================================================== | Title : Dynamic Journal cms v2.5 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...
DMIS:CRI LMS 2.0 SQL Injection
==================================================================================================================================== | Title : DMIS:CRI LMS V2.0 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 67.0.164-bit | ...
DriverPack Solution CMS 17.11.108 Cross Site Scripting
==================================================================================================================================== | Title : DriverPack Solution CMS v 17.11.108 Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
DigaSell Digital Store PHP Script 1.0.0 SQL Injection
==================================================================================================================================== | Title : DigaSell - Digital store PHP Script V1.0.0 Blind Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Digisha CMS 1.2.7 SQL Injection
==================================================================================================================================== | Title : Digisha CMS V1.2.7 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | ...
Dexx CMS HTML And Site Builder 2.2.3 XSS / Arbitrary File Upload
==================================================================================================================================== | Title : Dexx CMS - HTML and Site Builder V2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Chatone Social Networking PHP Script 1.6 Add Administrator
==================================================================================================================================== | Title : chatone social networking php script v1.6 Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
DevSoft Arge Bilişim CMS 1.0.0 Cross Site Scripting
====================================================================================================================================== | Title : DevSoft Arge Bilişim CMS V1.0.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
EuroTel ETL3100 Transmitter Information Disclosure
EuroTel ETL3100 Transmitter Unauthenticated Config/Log Download Vulnerability Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter v01x37...
Coupons CMS 7.00 Open Redirection
==================================================================================================================================== | Title : Coupons CMS v7.00 URL redirection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit...
Datoo Complete Dating Script 1.0 HTML Injection
==================================================================================================================================== | Title : Datoo - Complete Dating Script v1.0 HTML Inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Wchat 1.6 HTML Injection
==================================================================================================================================== | Title : Wchat v1.6 - Fully Responsive PHP AJAX Chat Script Html code inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...
Desenvolvido Buscazip Guiaking CMS 1.0 Cross Site Scripting
==================================================================================================================================== | Title : Desenvolvido Buscazip Guiaking CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Lucee 5.4.2.17 Cross Site Scripting
Exploit Title: Lucee 5.4.2.17 - Authenticated Reflected XSS Google Dork: NA Date: 05/08/2023 Exploit Author: Yehia Elghaly Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version:...