39001 matches found
SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration Exploit
Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp: print"Usage:...
Credit Lite 1.5.4 SQL Injection Vulnerability
Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4407...
WordPress Real Estate 7 Theme 3.3.4 Abuse Of Functionality Vulnerability
==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Abuse of Functionality Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz https://fearzzzz.ru Component...
Emporium eCommerce Online Shopping CMS 1.2 SQL Injection Vulnerability
┌┌────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...
Windows/x86 Download File / Execute Shellcode (458 bytes)
; Exploit Title: Windows/x86 - Download File and Execute / Dynamic PEB & EDT method Shellcode 458 bytes ; Exploit Author: Techryptic @Tech ; Date: 2022-01-31 ; Tested on: WIN7X86 ; Shoutout to 848 Advanced Software Exploitation and DSU. ; Description: ; The shellcode works in three parts. The fir...
Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Vulnerability
Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0...
Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The vulnerabilities allow an unauthenticated remote attacker to execute commands as root. This module requires Metasploi...
MTPutty 1.0.1.21 - SSH Password Disclosure Vulnerability
Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...
Simple Subscription Website 1.0 - SQL injection Authentication Bypass Vulnerability
Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass Exploit Author: Daniel Haro Dirox Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html Software Link:...
Alchemy CMS 6.0.0 Arbitrary File Upload Vulnerability
Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux ruby 2.6.8p205 rai...
Cacti v1.2.8 - Unauthenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit:...
BMC Patrol Agent Privilege Escalation / Command Execution Exploit
This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the...
Vbulletin Blog 4.0.2 XSS Vulnerability
Exploit for php platform in category web applications ====================================== Vbulletin Blog 4.0.2 XSS Vulnerability ====================================== Author: FormatXformat Version: Vbulletin 4.0.2 Dork: Powered by vBulletin Version 4.0.2 Copyright 2010 vBulletin Solutions, In...
Workout Journal App 1.0 - Stored XSS Vulnerability
Exploit Title: Workout Journal App 1.0 - Stored XSS Exploit Author: MURAT CAGRI ALIS Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17088/workout-journal-app-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Windows / MacOS / Linux CVE...
Quick.CMS 6.7 - SQL Injection Login Bypass Vulnerability
Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass Exploit Author: ./H4X.Forensics - Diyar Vendor Homepage: https://www.opensolution.org Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows CVE : N/A How to exploit : -- Open...
CMS Made Simple 2.2.19 Cross Site Scripting Vulnerability
Exploit Title: CMS Made Simple Version: 2.2.19 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Content File Manager 2 Write in New directory: place payload "...
TYPO3 11.5.24 Path Traversal Vulnerability
Exploit Title: TYPO3 11.5.24 Path Traversal Vulnerability Authenticated Exploit Author: Saeed reza Zamanian Software Link: https://get.typo3.org/release-notes/11.5.24 Version: 11.5.24 Tested on: Kali 2022.3 CVE : CVE-2023-30451 In TYPO3 11.5.24, the filelist component allows attackers with access...
Minio 2022-07-29T19-40-48Z - Path traversal Exploit
Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before execution: pip install...
ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Vulnerability
Exploit Title: ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Author: nu11secur1ty Vendor: https://www.manageengine.com/ Software: https://www.manageengine.com/privileged-session-management/download.html Reference:...
WordPress Profile Builder 3.9.0 Missing Authorization Vulnerability
WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppbtoolboxusermetahandler. Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given...
Ivanti Endpoint Manager 4.6 - Remote Code Execution Vulnerability
Exploit Title: Ivanti Endpoint Manager 4.6 - Remote Code Execution RCE Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 - EOF Aug 2021 Tested on: Linux x8664 CVE :...
Apache APISIX 2.12.1 - Remote Code Execution Exploit
Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT = '\3335m' NOTICE =...
Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting Vulnerability
Sofico Miles RIA version 2020.2 build 127964T suffers from a persistent cross site scripting vulnerability. ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version:...
Google SLO-Generator 2.0.0 - Code Execution Vulnerability
Exploit Title: Google SLO-Generator 2.0.0 - Code Execution Exploit Author: Kiran Ghimire Software Link: https://github.com/google/slo-generator/releases Version: = 2.0.0 Tested on: Linux CVE: CVE-2021-22557 Introduction: Is a tool to compute and export Service Level Objectives SLOs, Error Budgets...
Avaya IP Office 11 Insecure Transit / Password Disclosure Vulnerability
Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
Microsoft Windows (x84/x64) - Error Reporting Discretionary Access Control List / Local Privilege
Exploit for windows platform in category local exploits Microsoft Windows x84/x64 - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation EDIT: Apparently this was patched earlier this month.. so whatever. Windows Error Reporting Arbitrary DACL write It can take upwards...
Linux Kernel - ping Local Denial of Service Exploit
Exploit for linux platform in category dos / poc Source: https://raw.githubusercontent.com/danieljiang0415/androidkernelcrashpoc/master/panic.c include include include include static int sockfd = 0; static struct sockaddrin addr = 0; void fuzzvoid param while1 addr.sinfamily = 0;//rand%42;...
WordPress Workreap 2.2.2 Shell Upload Exploit
Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author: Mohammad Hossei...
Feehi CMS 2.1.1 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting XSS Exploit Author: Shivam Singh Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/ Version: 2.1.1 REQUIRED Tested on: Linux, Windows, Docke...
Library Management System With QR Code 1.0 Shell Upload Vulnerability
Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
Zyxel Firewall ZTP Unauthenticated Command Injection Exploit
This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning ZTP support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler...
Spring Cloud Gateway 3.1.0 - Remote Code Execution Exploit
Exploit Title: Spring Cloud Gateway 3.1.0 - Remote Code Execution RCE Exploit Author: Carlos E. Vieira Vendor Homepage: https://spring.io/ Software Link: https://spring.io/projects/spring-cloud-gateway Version: This vulnerability affect Spring Cloud Gateway 3.0.7 & 3.1.1 Tested on: 3.1.0 CVE :...
SeedDMS versions < 5.1.11 - Remote Command Execution Exploit
Exploit for php platform in category web applications Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions "; $cmd = $REQUEST'cmd'; system$cmd; echo ""; die; ? Step 3: Now after uploading the file check the document id corresponding to the document. Step 4:...
Joomla Webring Component <= 1.0 Remote Include Vulnerability
Exploit for unknown platform in category web applications ============================================================ Joomla Webring Component = 1.0 Remote Include Vulnerability ============================================================ C Y BE R - W A R R i O R T I M Joomla Webring Component...
Nokia BMC Log Scanner - Remote Code Execution Vulnerability
Exploit Title: Nokia BMC Log Scanner Remote Code Execution Google Dork: N/A Date: November 29, 2023 Exploit Author: Carlos Andres Gonzalez, Matthew Gregory Vendor Homepage: https://www.nokia.com/ Software Link: N/A Version: 13 Tested on: Linux CVE : CVE-2022-45899 Description The BMC Log Scanner...
WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting Vulnerability
Exploit Title: IDonate – blood request management system XSS in Recaptcha secret key and in Recaptcha Site key 3- Click on save changes. 4- While clicking on the payload text, XSS will trigger. Vulnerable Code: public function idonaterecaptchasecretkeycallback if isset...
Automatic Systems SOC FL9600 FastLine - Directory Transversal Vulnerability
Exploit Title: Automatic-Systems SOC FL9600 FastLine - Directory Transversal Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN = 285698a99acbd8d7ea09a57d5fbcb435da5427b3f6b8a CVE :...
WordPress LearnDash LMS 4.6.0 Insecure Direct Object Reference Vulnerability
Description: LearnDash LMS = 4.6.0 – Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary User Password Change Affected Plugin: LearnDash LMS Plugin Slug: sfwd-lms Affected Versions: = 4.6.0 CVE ID: CVE-2023-3105 CVSS Score: 8.8 High CVSS Vector:...
Secure Web Gateway 10.2.11 Cross Site Scripting Vulnerability
Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure We...
Acronis TrueImage XPC Privilege Escalation Exploit
Acronis TrueImage versions 2019 update 1 through 2021 update 1 are vulnerable to privilege escalation. The com.acronis.trueimagehelper helper tool does not perform any validation on connecting clients, which gives arbitrary clients the ability to execute functions provided by the helper tool with...
Academy Learning Management System 5.7 Shell Upload Exploit
Exploit Title: Academy Learning Management System 5.7 Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/academy-course-based-learning-management-system/22703468 Version: 5.7 Tested on Ubuntu 18.04 Totally wrong architecture f...
PrestaShop Ap Pagebuilder 2.4.4 SQL Injection Vulnerability
Exploit Title: AP PAGEBUILDER Prestashop module = 2.4.4 'productalloneimg' , 'imageproduct' Blind SQL Injection Exploit Author: Mohamed Ali Hammami Vendor Homepage: https://apollotheme.com/ Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module Version: 2.4.4 Tested on:...
Auerswald COMpact 8.0B - Arbitrary File Disclosure Vulnerability
Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users...
Aimeos Laravel ecommerce platform 2021.10 LTS - (sort) SQL injection Vulnerability
Exploit Title: Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection Exploit Author: Ilker Burak ADIYAMAN Vendor Homepage: https://aimeos.org Software Link: https://aimeos.org/laravel-ecommerce-package Version: Aimeos 2021.10 LTS Tested on: MacOSX Description: The Aimeos E-Commerce...
South Gate Inn Online Reservation System 1.0 Shell Upload / SQL Injection Vulnerabilities
Exploit Title: South Gate Inn Online Reservation System v1.0 - Remote Code Execution Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/php/10584/south-gate-inn-online-reservation-system.html Software Link:...
SmartAgent 1.1.0 Remote Code Execution Vulnerability
Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can access a php script called...
Peel Shopping 2.x Cross Site Scripting / SQL Injection Exploit
Peel Shopping versions 2.x and below 3.1 suffer from cross site scripting and remote SQL injection vulnerabilities. This was already noted discovery in 2012 by Cyber-Crystal but this data provides more details. Exploit Title: Peel Shopping "catid=" SQL injection Google Dork:...
Traccar 5.12 Remote Code Execution Exploit
This Metasploit module exploits a remote code execution vulnerability in Traccar versions 5.1 through 5.12. Remote code execution can be obtained by combining path traversal and an unrestricted file upload vulnerabilities. By default, the application allows self-registration, enabling any user to...
LaborOfficeFree 19.10 MySQL Root Password Calculator Exploit
LaborOfficeFree installs a MySQL instance that runs as SYSTEM and calculates the MySQL root password based on two constants. Each time the program needs to connect to MySQL as root, it employs the reverse algorithm to calculate the root password. This issue has been tested on version 19.10...
mooSocial 3.1.8 - Reflected XSS Vulnerability
Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173 Greetings ThePitBull...