39001 matches found
Rudder Server SQL Injection / Remote Code Execution Exploit
This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform CDP. The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may le...
TerraMaster TOS 4.2.15 Remote Code Execution Exploit
This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected. This module requires Metasploit: https://metasploit.com/download...
Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Vulnerability
Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ version 7.12.3 Tested o...
nostromo 1.9.6 - Remote Code Execution Exploit
Exploit Title: nostromo 1.9.6 - Remote Code Execution Exploit Author: Kr0ff Vendor Homepage: Software Link: http://www.nazgul.ch/dev/nostromo-1.9.6.tar.gz Version: 1.9.6 Tested on: Debian CVE : CVE-2019-16278 cve201916278.py !/usr/bin/env python import sys import socket art = """ -2019-16278 \ \ ...
Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit
Exploit Title: Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit Author : Peter Lapp Vendor Homepage : https://www.trendmicro.com/enus/business.html Link Software : https://help.deepsecurity.trendmicro.com/software.html?regs=NABU&prodid=1716 Tested on OS: v11.0.582 and...
uHotelBooking System - system_page SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: uHotelBooking System - 'systempage' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.hotel-booking-script.com Demo Site: https://www.hotel-booking-script.com/demo/ Version: Lastest Tested on: Kali Lin...
blog ink Bypass Setting Vulnerability
Exploit for unknown platform in category web applications ===================================== blog ink Bypass Setting Vulnerability ===================================== ======================================================================================== | Title : blog ink By Pass Setting...
CPGNuke Dragonfly 9.0.6.1 Remote Commands Execution Exploit
Exploit for unknown platform in category web applications =========================================================== CPGNuke Dragonfly 9.0.6.1 Remote Commands Execution Exploit =========================================================== this works regardless of magicquotesgpc settings Sun-Tzu:...
Honeywell PM43 < P10.19.050004 - Remote Code Execution Exploit
Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...
Bitbucket Environment Variable Remote Command Injection Exploit
For various versions of Bitbucket, there is an authenticated command injection vulnerability that can be exploited by injecting environment variables into a user name. This module achieves remote code execution as the atlbitbucket user by injecting the GITEXTERNALDIFF environment variable, a null...
Omnia MPX 1.5.0+r1 - Path Traversal Vulnerability
Exploit Title: Omnia MPX 1.5.0+r1 - Path Traversal Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.telosalliance.com/ Software Link: https://support.telosalliance.com/article/934ixoaz3l-mpx-node-release-notes-and-update-instructions Version: 1.5.0+r1 Tested on: MacOS PoC:...
CodoForum v5.1 - Remote Code Execution Exploit
Exploit Title: CodoForum v5.1 - Remote Code Execution RCE Exploit Author: Krish Pandey @vikaran101 Vendor Homepage: https://codoforum.com/ Software Link: https://bitbucket.org/evnix/codoforumdownloads/downloads/codoforum.v.5.1.zip Version: CodoForum v5.1 Tested on: Ubuntu 20.04 CVE: CVE-2022-3185...
Travel Management System 1.0 Multiple SQL Injection Vulnerability
Title: Travel Management System 1.0 Multiple SQLi Author: nu11secur1ty Vendor: https://code-projects.org/author/fabian/ Software: https://code-projects.org/travel-management-system-using-php-source-code/ Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-28079 Descriptio...
Microfinance Management System 1.0 SQL Injection Vulnerability
Microfinance Management System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code. Title: Microfinance Management System 1.0 SQLi To Rce Author: Hejap Zairy Vendor:...
File Upload Manager v1.3 exploit
Exploit for unknown platform in category web applications...
OpenPanel 0.3.4 Command Injection Vulnerability
Exploit Title: OpenPanel 0.3.4 - OS Command Injection via The Timezone Parameter Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53584 POST...
Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution Exploit
The Rejetto HTTP File Server HFS version 2.x is vulnerable to an unauthenticated server side template injection SSTI vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process. This exploit has been tested to work...
WordPress Hide My WP < 6.2.9 - Unauthenticated SQL injection Vulnerability
Exploit Title: Wordpress Plugin Hide My WP 6.2.9 - Unauthenticated SQLi Original Researcher: Xenofon Vassilakopoulos Exploit Author: Xenofon Vassilakopoulos Submitter: Xenofon Vassilakopoulos Vendor Homepage: https://wpwave.com/ Version: Hide My WP v6.2.8 and prior Tested on: Hide My WP v6.2.7...
PopojiCMS 2.0.1 Remote Command Execution Vulnerability
Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Date: 27/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...
Ivanti Sentry Authentication Bypass / Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Sentry MICSLogService Auth Bypass resulting in RCE CVE-2023-38035', 'Description' = %q This module exploits an authentication bypass in...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read Vulnerability
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read root-only files via the dig command without a password. Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary...
Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing Vulnerability
Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Author: nu11secur1ty Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...
ManageEngine ServiceDesk Plus Remote Code Execution Exploit
This Metasploit module exploits CVE-2021-44077, an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus, to upload an EXE msiexec.exe and execute it as the SYSTEM account. Note that build 11305 is vulnerable to the authentication bypass but not the file upload. The...
Meneame English Pligg 5.8 - search SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Meneame English Pligg 5.8 - 'search' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/meneame-english/ Software Link:...
BBClone 0.31 (selectlang.php) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================= BBClone 0.31 selectlang.php Remote File Inclusion Vulnerability =================================================================...
AWStats 5.7 - 6.2 Multiple Remote Exploit (extra)
Exploit for cgi platform in category web applications ================================================= AWStats 5.7 - 6.2 Multiple Remote Exploit extra ================================================= / Awstats exploit "shell" code by omin0us omin0us208 at gmail dot com dtors security group .:...
WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution Exploit
The GiveWP Donation plugin and Fundraising Platform plugin for WordPress in all versions up to and including 3.14.1 is vulnerable to a PHP object injection POI flaw granting an unauthenticated attacker arbitrary code execution. This module requires Metasploit: https://metasploit.com/download...
Gitea 1.22.0 - Stored XSS Vulnerability
Exploit Title: Stored XSS in Gitea Exploit Authors: Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/go-gitea/gitea Version: 1.22.0 Tested on: Linux 5.15.0-107, Go 1.23.0 CVE: CVE-2024-6886 Vulnerability Description Gitea 1.22.0 is vulnerable to a Stored Cross-Site...
ASUS Control Center Express 01.06.15 - Unquoted Service Path Vulnerability
Exploit Title: ASUS Control Center Express 01.06.15 - Unquoted Service Path Privilege Escalation Exploit Author: Alaa Kachouh Vendor Homepage: https://www.asus.com/campaign/ASUS-Control-Center-Express/global/ Version: Up to 01.06.15 Tested on: Windows CVE: CVE-2024-27673...
Lepton CMS 7.0.0 Remote Code Execution Vulnerability
Exploit Title: LeptonCMS Version : 7.0.0 Remote Code Execution Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.lepton-cms.com/ Version : 7.0.0 Tested on: https://www.softaculous.com/apps/cms/LEPTON 1 Login with admin cred https://127.0.0.1/LEPTON/backend/login/index.php 2 G...
Kibana Timelion Prototype Pollution Remote Code Execution Exploit
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This leads to an arbitrary command execution with permissions of the...
Osprey Pump Controller 1.0.1 Cross Site Request Forgery Vulnerability
!-- Osprey Pump Controller 1.0.1 Cross-Site Request Forgery Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...
Dr. Fone 4.0.8 - (net_updater32.exe) Unquoted Service Path Vulnerability
Exploit Title: Dr. Fone v4.0.8- 'netupdater32.exe' Unquoted Service Path Discovery by: Esant1490 Vendor Homepage: https://drfone.wondershare.net Software Link : https://download.wondershare.net/drfonefull4008.exe Tested Version: 4.0.8 Tested on OS: Windows 10 Pro x64 en Vulnerability Type: Unquot...
Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal Vulnerability
Carel pCOWeb HVAC BACnet Gateway version 2.1.0 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the logdownload.cgi bash script is not properly verified before being used to download log files. This can be exploited to...
Reprise License Manager 14.2 User Enumeration Vulnerability
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44155 Vulnerability Title: Unauthenticated User Enumeration Severity: Low Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Introduction: An issue...
Vehicle Service Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Vehicle Service Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html Software Link:...
SteelCentral Aternity Agent 11.0.0.120 Privilege Escalation Vulnerability
======================================================================= title: Privilege Escalation Vulnerability product: SteelCentral Aternity Agent vulnerable version: 11.0.0.120 fixed version: CVE number: CVE-2020-15592, CVE-2020-15593 impact: Critical homepage: https://www.riverbed.com/gb/ b...
ASRock Drivers Privilege Escalation / Code Execution Exploit
ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were...
WordPress WPCode Lite 2.1.14 Cross Site Scripting Vulnerability
Exploit Title: Wordpress WPCode Lite Version 2.1.14 Stored XSS Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://wpcode.com/?utmsource=wprepo&utmmedium=link&utmcampaign=liteplugin Version 2.1.14 Steps to Execute the Payload: 1. Access the Admin Panel: - Navigate to the admin pan...
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation Vulnerabilities
OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities. ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT Frentix GmbH...
WhatsUp Gold 2022 (22.1.0 Build 39) - XSS Vulnerability
Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-35759 WhatsU...
SmartNode SN200 3.21.2-23021 OS Command Injection Vulnerability
Product: SmartNode SN200 Analog Telephone Adapter ATA & VoIP Gateway Manufacturer: Patton LLC Affected Versions: = 3.21.2-23021 Tested Versions: 2.21.1-22041, 3.21.2-23021, 3.22.0-23083 Vulnerability Type: OS Command Injection CWE-78 Vulnerability Type: Improper Access Control CWE-284 Risk Level:...
The Shop v2.5 - SQL Injection Vulnerability
Exploit Title: The Shop v2.5 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json Accept:...
CiviCRM 5.59.alpha1 Cross Site Scripting Vulnerability
Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: https://civicrm.org Software Link: https://civicrm.org/download Version: 5.59.alpha1, 5.58.0 and earlier, 5.57.3 and earlier Tested on: Latest Version of Desktop Web Browsers...
Cisco RV Series Authentication Bypass / Command Injection Exploit
This Metasploit module exploits two vulnerabilities, a session ID directory traversal authentication bypass CVE-2022-20705 and a command injection vulnerability CVE-2022-20707, on Cisco RV160, RV260, RV340, and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with...
Netfilter nft_set_elem_init Heap Overflow Privilege Escalation Exploit
An issue was discovered in the Linux kernel through version 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to escalate privileges. The attacker can obtain root access, but must start with an unprivileged user namespace to obtain...
ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure Exploit
Exploit Title: ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Details:...
Baixar GLPI Project 9.4.6 - SQL injection Vulnerability
Exploit Title: Baixar GLPI Project 9.4.6 - SQLi Exploit Author: Joas Antonio Vendor Homepage: https://glpi-project.org/pt-br/ https://www.blueonyx.it/ Software Link: https://glpi-project.org/pt-br/baixar/ Version: GLPI - 9.4.6 Tested on: Windows/Linux CVE : CVE-2021-44617 POC1:...
Tdarr 2.00.15 - Command Injection Vulnerability
Exploit Title: Tdarr 2.00.15 - Command Injection Exploit Author: Sam Smith Vendor Homepage: https://tdarr.io Software Link: https://f000.backblazeb2.com/file/tdarrs/versions/2.00.15/linuxarm64/TdarrServer.zip Version: 2.00.15 likely also older versions Tested on: 2.00.15 Exploit: The Help tab...
H2 Database Console Remote Code Execution Exploit
The H2 Database console suffers from an unauthenticated remote code execution vulnerability. Document Title =============== Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Product Description =============== The H2 Console Application The Console lets you access a SQL databas...