39001 matches found
ContentNow 1.30 (upload/xss) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ ContentNow 1.30 upload/xss Multiple Remote Vulnerabilities ============================================================ ContentNow Directory Traversalupload.php...
Linux io_uring Use-After-Free Exploit
The Linux kernel suffers from a use-after-free of struct ioevfd because ioeventfddosignal frees an object when the refcount reaches zero without waiting for the required grace period. Summary UAF of struct ioevfd because ioeventfddosignal frees an object when the refcount reaches zero without...
Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Exploit
Exploit Title: Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Authenticated Exploit Author: Sam Ferguson @AffineSecurity and Drew Jones @qhum7sec Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...
kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition Vulnerability
Exploit Title: kk Star Ratings Extensions Turbo Intruder Send to turbo intruder. 5- Drop the initial request and turn Intercept off. 6- In the Turbo Intruder window, add "%s" to the end of the connection header e.g. "Connection: close %s". 7- Use the code examples/race.py. 8- Click "Attack" at th...
RDP Manager 4.9.9.3 - Denial of Service Vulnerability
Exploit Title: RDP Manager 4.9.9.3 - Denial-of-Service PoC Vendor Homepage: https://www.cinspiration.de/uebersicht4.html Software Link: https://www.cinspiration.de/download.html Version: 4.9.9.3 Product & Service Introduction: =============================== RDP-Manager is a program for the bette...
Codiad 2.8.4 - Remote Code Execution Exploit (4)
Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...
QNAP myQNAPcloud Connect 1.3.4.0317 Username/Password Denial Of Service Exploit
!/usr/bin/python Exploit Title: QNAP myQNAPcloud Connect "Username/Password" DOS Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.qnap.com Version: 1.3.4.0317 and below are vulnerable Software Link: https://www.qnap.com/en/utilities/essentials Contact:...
VP-ASP Shopping Cart 7.0 DB Download Vulnerability
Exploit for asp platform in category web applications ================================================== VP-ASP Shopping Cart 7.0 DB Download Vulnerability ================================================== ======================================================================================== |...
Microsoft Windows TOCTOU Local Privilege Escalation Exploit
CVE-2024-30088 is a Windows kernel elevation of privilege vulnerability which affects many recent versions of Windows 10, Windows 11 and Windows Server 2022. The vulnerability exists inside the function called AuthzBasepCopyoutInternalSecurityAttributes specifically when the kernel copies the...
ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine AdSelfService Plus versions 6210 and below. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute arbitrary code by providing a...
Microsoft Defender Anti-Malware PowerShell API Arbitrary Code Execution Vulnerability
Microsoft Defender API and PowerShell APIs suffer from an arbitrary code execution due to a flaw in powershell not handling user provided input that contains a semicolon. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
SugarCRM 12.2.0 PHP Object Injection Vulnerability
------------------------------------------------------------------------------- SugarCRM = 12.2.0 DocusignGlobalSettings PHP Object Injection Vulnerability ------------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions...
Microsoft Windows Remote Desktop - (BlueKeep) Denial of Service Exploit
Exploit Title: Bluekeep Denial of Service metasploit module Shodan Dork: port:3389 Date: 07/14/2019 Exploit Author: RAMELLA Sebastien https://github.com/mekhalleh/ Vendor Homepage: https://microsoft.com Version: all affected RDP services by cve-2019-0708 Tested on: Windows XP 32-bits / Windows 7...
DuckDuckGo 7.64.4 Address Bar Spoofing Vulnerability
Vulnerability: Address Bar Spoofing Vulnerability Product: DuckDuckGo Discovered by: Rafay Baloch and Muhammad Samak Version: 7.64.4 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Description DuckDuckGo browser for iOS was prone to an "Address Bar Spoofing"...
MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits ====================================================================== MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit ====================================================================== / $Id: raptorudf2.c,v 1.1...
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection Exploit
SAP Netweaver version SAP DMIS 20111731 SP 0013 suffers from a remote ABAP code injection vulnerability in IUUCRECONRCCOUNTTABLEBIG. ======================================================================= title: Remote ABAP Code Injection in SAP IUUCRECONRCCOUNTTABLEBIG product: SAP Netweaver...
CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow Exploit
This Metasploit module exploits a buffer overflow within the CA Unified Infrastructure Management nimcontroller. The vulnerability occurs in the robot controller component when sending a specially crafted directorylist probe. Technically speaking the target host must also be vulnerable to...
Microsoft Excel - OLE Arbitrary Code Execution Exploit
Exploit for windows platform in category dos / poc Title: MS Office Excel all versions Arbitrary Code Execution Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007,2010,2013,2016...
Webmin 1.996 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Webmin 1.996 - Remote Code Execution RCE Authenticated Exploit Author: Emir Polat Technical analysis: https://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165 Vendor Homepage: https://www.webmin.com/ Software Link: https://www.webmin.com/download.html Version: 1.997...
TextPattern CMS 4.8.7 - Remote Command Execution Vulnerability
Exploit Title: TextPattern CMS 4.8.7 - Remote Command Execution RCE Authenticated Exploit Author: Mert Daş email protected Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp First of all we should use file...
Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution Vulnerabilities
Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if $1 == '' ; $2 ==...
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library glibc dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LDAUDIT environment variable when loading setuid...
SAP NetWeaver AS JAVA 7.1 < 7.5 - SQL Injection
Exploit for java platform in category web applications Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bugs: SQL injection Send: 04.12.2015 Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 09.02.2016...
WebKit CSSCrossfadeValue::crossfadeChanged Use-After-Free Vulnerability
WebKit: Use-after-free of RenderMathMLToken in CSSCrossfadeValue::crossfadeChanged There is a use-after-free of a RenderMathMLToken object in CSSCrossfadeValue::crossfadeChanged. CSSCrossfadeValue extends CSSImageGeneratorValue. CSSImageGeneratorValue keeps a HashCountedSet of clients mclients of...
Windows Defender Application Guard Denial Of Service Vulnerability
Windows Defender Application Guard also known as "WDAG", Microsoft Defender Application Guard, and "MDAG" can be closed by any script or website loaded in WDAG by redirecting the browser to a URL with a long hostname e.g, 10,000 characters long. This can cause a denial-of-service condition. Impac...
Darktrace Enterprise Immune System 3.0.9 / 3.0.10 Cross Site Request Forgery Vulnerability
Darktrace Enterprise Immune System versions 3.0.9 and 3.0.10 contain multiple cross site request forgery vulnerabilities. It is highly likely that older versions are affected as well, but this has not been confirmed. An attacker can whitelist domains and/or change core Darktrace configuration. 1 ...
Banking 1.0 SQL Injection Vulnerability
Banking version 1.0 suffers from a remote SQL injection vulnerability. Titles: banking-1.0-Copyright©2025-Multiple-SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Reference:...
part-db 0.5.11 - Remote Code Execution Exploit
Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848 --------------- !/bin/bash...
TOTOLINK Wireless Routers Remote Command Execution Exploit
Multiple TOTOLINK network products contain a command injection vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the command parameter. After exploitation, an attacker will have full access with the same user privileges under...
Wordpress Theme Divi Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Theme Divi Arbitrary File Download Vulnerability Date: 08/02/2015 Exploit Author: pool and Fran73 Vendor Homepage: http://www.elegantthemes.com/gallery/divi/ Contact : email protected YM Tested on: Linux / Window Googl...
eHub (cart.php) SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
mail2forum phpBB Mod <= 1.2 (m2f_root_path) Remote Include Vulns
Exploit for unknown platform in category web applications ================================================================ mail2forum phpBB Mod = 1.2 m2frootpath Remote Include Vulns ================================================================ Title : mail2forum = 1.2 Multiple Remote File...
SuiteCRM 7.11.18 - Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM Log File Remote Code Execution', 'Description' = %q This module exploits an input validation error on the log file extension parameter. ...
phpAdBoard (php uploads) Arbitrary File Upload Vulnerability
Exploit for unknown platform in category web applications ============================================================ phpAdBoard php uploads Arbitrary File Upload Vulnerability ============================================================...
Online Leave Management System 1.0 System SQL injection Vulnerability
Title: Online Leave Management System 1.0 System SQLi Best PHP Project Idea for Beginners 2021-2022 Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14910/online-leave-management-system-php-free-source-code.html Reference:...
QuickDate 1.3.2 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: QuickDate 1.3.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11;...
Plogger <= Beta 2.1 Administrative Credentials Disclosure Exploit
Exploit for unknown platform in category web applications ================================================================= Plogger works with magicquotesgpc = Off\r\n\r\n"; echo "dork: intext:"Powered by Plogger!" -plogger.org\r\n\r\n"; if $argc3 echo "Usage: php ".$argv0." host path...
Wordpress Canto Plugin < 3.0.5 - Remote File Inclusion and Remote Code Execution Exploit
Exploit Title: Wordpress Plugin Canto " def createadminfilelocaldir, localshell=None: if not os.path.existslocaldir: os.makedirslocaldir If a local shell is p...
Sitecore Experience Platform (XP) Remote Code Execution Exploit
This Metasploit module exploits a deserialization vulnerability in the Report.ashx page of Sitecore XP 7.5 to 7.5.2, 8.0 to 8.0.7, 8.1 to 8.1.3, and 8.2 to 8.2.7. Versions 7.2.6 and earlier and 9.0 and later are not affected. The vulnerability occurs due to Report.ashx's handler, located in...
WordPress NexosReal Estate 1.7 Theme - (search_order) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'searchorder' SQL Injection Google Dork: inurl:/wp-content/themes/nexos/ Exploit Author: Vlad Vector Vendor: Sanljiljan https://themeforest.net/user/sanljiljan Software Version: 1.7 Softwar...
BisonWare BisonFTP Server 3.5 Buffer Overflow Exploit
BisonWare BisonFTP Server version 3.5 is prone to an overflow condition. This Metasploit module exploits a buffer overflow vulnerability in said application. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...
Auto Dealer Management System 1.0 SQL Injection Vulnerability
Auto Dealer Management System - SQL Injection on page viewtransaction.php and parameter is id, application url is ?page=vehicles/viewtransaction&id=? with low privilege authentication CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari Author Email:...
Vivo Fibra Askey RTF8225VW Command Execution Vulnerability
The Vivo Fibra Askey RTF8225VW modem suffers from an input validation vulnerability that allows for full escalation to a functioning shell once logged in and using the restricted aspsh shell. --- Exploit 1 Documentation on the Vivo Fibra Modem Exploit I discovered an exploit that allows access to...
Mirth Connect 4.4.0 Remote Command Execution Exploit
A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...
Oracle solaris sshd Remote Root Exploit
amd64/sparc targets, used vs. solaris in datacenters only rare across the perimeter...
Xerox DocuShare - SQL Injection Vulnerability
Exploit for hardware platform in category web applications The following request is vulnerable to a SQL injection in the last URI segment: GET /docushare/dsweb/ResultBackgroundJobMultiple/1 HTTP/1.1 Host: 172.31.16.194:8080 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101...
MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation
Exploit for multiple platform in category local exploits ============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-6662 - Release date: 12.09.2016 - Severity: Critical ============================================...
SikaBoom Remote Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python print "" print " name:SikaBoom Remote Buffer Overflow Exploit" print " Author:Angel Injection " print " EMail:email protected " print "\r\n" import socket,os,sys,time host = "IP Address" port = 4321 buffer="\x41" 268 crash...
Jorani Leave Management System 1.0.2 Host Header Injection Vulnerability
Exploit Title: Jorani Leave Management System v1.0.2 Host Header Attack Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://jorani.org/ Software Link: https://github.com/bbalet/jorani/releases/download/v1.0.2/jorani-1.0.2.zip Version: v1.0.2 Tested on: Windows 10,...
WordPress Robo Gallery 3.2.1 plugin - XSS Stored Vulnerability
Title: WordPress 6.0.1 Plugin-Robo Gallery 3.2.1 XSS-Stored Author: nu11secur1ty Vendor: https://wordpress.org/ Software: https://wordpress.org/plugins/robo-gallery/ Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/RoboGallery/XSS-Stored Description: Th...