39001 matches found
zlog 1.2.15 - Buffer Overflow Exploit
Exploit Title: zlog 1.2.15 - Buffer Overflow Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the "zloginit" API to pars...
Richfaces 3.x Remote Code Execution Vulnerability
Exploit for multiple platform in category web applications Original report+advisories: TITLE: ==================== Unauthenticated Remote Code execution in WebApps using Richfaces 3.X all versions. RESUME ==================== RichFaces Framework 3.X through 3.3.4 all versions is vulnerable to...
WordPress Share Buttons - Social Media 1.0.2 SQL Injection Vulnerability
CVE-2024-55982 Share Buttons – Social Media = 1.0.2 - Unauthenticated SQL Injection Description The Share Buttons – Social Media plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.0.2 due to insufficient escaping on the user supplied parameter and lack of...
Peel Shopping 2.x Cross Site Scripting / SQL Injection Exploit
Peel Shopping versions 2.x and below 3.1 suffer from cross site scripting and remote SQL injection vulnerabilities. This was already noted discovery in 2012 by Cyber-Crystal but this data provides more details. Exploit Title: Peel Shopping "catid=" SQL injection Google Dork:...
Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Vulnerability
Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested...
minaliC 2.0.0 Denial Of Service Exploit
!/usr/bin/perl use Socket; Exploit Title: minaliC 2.0.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 03 january 2024 Vendor Homepage: http://minalic.sourceforge.net/ Download to demo: https://drive.google.com/file/d/1WoDbps6up2s5Xa40YXDSABRU9J17yRQd/view?usp=sharing...
Bang Resto v1.0 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip Version: 1.0 Tested on...
FTPManager 8.2 Local File Inclusion / Directory Traversal Exploit
Exploit Title: FTPManager 8.2 Local File inclusion Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/ftpmanager-ftp-sftp-client/id525959186 Version: 8.2 Tested on: Ios 15.6 GET...
Pentaho Business Analytics / Pentaho Business Server 9.1 User Enumeration Vulnerability
Pentaho implements a series of web services using the SOAP protocol to allow scripting interaction with the backend server. HAWSEC identified that the services userRoleListService and ServiceAction exposed through the /pentaho/webservices/userRoleListService and...
Bludit 3.9.2 - Directory Traversal Exploit
Exploit for multiple platform in category web applications Title: Bludit 3.9.2 - Directory Traversal Author: James Green Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.9.2 Tested on: Linux Ubuntu 19.10 Eoan CVE: CVE-2019-16113 Special Thanks to...
SmartAgent 1.1.0 Remote Code Execution Vulnerability
Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can access a php script called...
Numbas < v7.3 - Remote Code Execution Exploit
Exploit Title: Numbas v7.3 - Remote Code Execution Exploit Author: Matheus Boschetti Vendor Homepage: https://www.numbas.org.uk/ Software Link: https://github.com/numbas/Numbas Version: 7.2 and below Tested on: Linux CVE: CVE-2024-27612 import sys, requests, re, argparse, subprocess, time from bs...
WordPress Admin Bar And Dashboard Access Control 1.28 XSS Vulnerability
WordPress Admin Bar and Dashboard Access Control plugin version 1.28 suffers from a persistent cross site scripting vulnerability. Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Exploit Author: Rachi...
Saflok - Key Derication Function Exploit
// Exploit Title: Saflok KDF // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGTH 4 int mainint argc...
Cisco ASA-X With FirePOWER Services Authenticated Command Injection Exploit
This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual...
WAGO 750-8xxx PLC Denial Of Service / User Enumeration Vulnerability
WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 v03.08.08 suffer from denial of service and user enumeration vulnerabilities. ======================================================================= title: Denial of service & User Enumeration product: WAGO 750-8xxx PLC vulnerable version:...
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter) Exploit
Exploit Title: Free MP3 CD Ripper 2.8 - Stack Buffer Overflow SEH + Egghunter Exploit Author: Eduard Palisek Vendor Homepage: https://www.cleanersoft.com Software Link: https://www.cleanersoft.com/download/FMCRSetup.exe Version: 2.8 Build 20140611 Tested on: Windows XP, Professional, Version 2002...
Keybase keybase-redirector - ($PATH) Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits keybase-redirector is a setuid root binary. keybase-redirector calls the fusermount binary using a relative path and the application trusts the value of $PATH. This allows a local, unprivileged user to trick the application to executing a cust...
VP-ASP 6.00 (shopcurrency.asp) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= VP-ASP 6.00 shopcurrency.asp Remote SQL Injection Vulnerability ================================================================= VP-ASP 6.00 SQL Injection / Exploit by...
Palo Alto OS Command Injection Vulnerability
Palo Alto OS was recently hit by a command injection zero day attack. These are exploitation details related to the zero day. CVE-2024-3400 CVE-2024-3400 Palo Alto OS Command Injection send this HTTP request: http POST /ssl-vpn/hipreport.esp HTTP/1.1 Host: 127.0.0.1 Cookie:...
WordPress Membership For WooCommerce Shell Upload Vulnerability
Exploit Title: Wordpress Plugin - Membership For WooCommerce Resultz Uploader Uploaded ?PHP...
cpio 2.13 Privilege Escalation Vulnerability
cpio version 2.13 suffers from a privilege escalation vulnerability via setuid files in a cpio archive. cpio privilege escalation vulnerability via setuid files in cpio archive Happy New Year, let in 2024 happiness be with you! : When extracting archives cpio at least version 2.13 preserves the...
Pydio Cells 4.1.2 - Cross-Site Scripting via File Download Vulnerability
Exploit Title: Pydio Cells 4.1.2 - Cross-Site Scripting XSS via File Download Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Cross-Site Scripting Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...
GaanaGawaana Music Platform PHP Script 1.0 Cross Site Scripting / SQL Injection Vulnerabilities
Title: GaanaGawaana - Music Platform PHP Script-1.0 XSS-Reflected and SQLi Vulnerability Author: nu11secur1ty Vendor: https://www.codester.com/ Software: https://www.codester.com/items/27270/gaanagawaana-music-platform-php-script Reference XSS:...
sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit
!/usr/bin/env bash Exploit Title: sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit Author: n3m1.sys CVE: CVE-2023-22809 Date: 2023/01/21 Vendor Homepage: https://www.sudo.ws/ Software Link: https://www.sudo.ws/dist/sudo-1.9.12p1.tar.gz Version: 1.8.0 to 1.9.12p1 Tested on: Ubuntu Server 22.0...
Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution Exploit
This Metasploit module exploits an object deserialization vulnerability in Fortra GoAnywhere MFT. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unsafe Deserialization...
Senayan Library Management System 9.1.0 SQL Injection Vulnerability
Title: Senayan Library Management System v9.1.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.1.0/slims9bulian-9.1.0.zip Reference:...
Multi-Language Hotel Management 2022 1.0 SQL Injection Vulnerability
Title: Multi-Language-Hotel-Management-2022 1.0 SQLi Author: nu11secur1ty Vendor: https://www.nikhilbhalerao.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/Nikhil%20Bhalerao/2022/Multi-Language-Hotel-Management-2022/Docs/sparkz.zip Reference:...
Owners Collection Management System v1.0 SQL - Injection Vulnerability
Title: Owners Collection Management System v1.0 SQL - Injections Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15162/home-owners-collection-management-system-phpoop-free-source-code.html Reference:...
Croogo 3.0.2 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Croogo 3.0.2 - Remote Code Execution Authenticated Exploit Author: Deha Berkin Bir Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 == Tutorial $command"; ? ...
FLEX 1085 Web 1.6.0 - HTML Injection Vulnerability
Exploit Title: FLEX 1085 Web 1.6.0 - HTML Injection Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested on: Android Title: ================ FLEX 1085 Web - HTML Injection Summary: ================ Th...
IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution Exploit
IBM Cognos TM1 Server / Planning Analytics Server TM1 suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research is included in this advisory as well as the Metasploit module. IBM PA / TM1, dating back to...
Android Bluetooth Remote Denial Of Service Exploit
Exploit Title: Critical Bluetooth Vulnerability in Android CVE-2020-0022 - Remote DoS Author: nu11secur1ty Date: 2020-03-24 Vendor: Android Link: https://github.com/nu11secur1ty/Andr01dExploits/tree/master/CVE-2020-0022 CVE: CVE-2020-0022 + Credits: Ventsislav Varbanovski @ nu11secur1ty + Website...
DVD X Player 5.5.3 - .plf Buffer Overflow Exploit
Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: DVD X Player 5.5.3 Buffer Overflow Date: 20.03.2019 Exploit Author: Paolo Perego - email protected Vendor Homepage: http://www.dvd-x-player.com Software Link:...
Adobe ColdFusion 9 Administrative Login Bypass Vulnerability
Exploit for windows platform in category web applications +------------------------------------------------------------------------------+ | Title: Adobe ColdFusion 9 Administrative Login Bypass | +--------------------+---------------------------------------------------------+ | Release Date |...
Xhibiter NFT Marketplace 1.10.2 - SQL Injection Vulnerability
Exploit Title: xhibiter nft marketplace SQLI Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs" Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/ Vendor Homepage: https://elements.envato.com/xhibiter-nft-marketplace-html-template-AQN45FA...
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution Exploit
NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page. This cross sit...
Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 IDOR Exploit
!/usr/bin/python3 Title: Hitachi NAS HNAS System Management Unit SMU Backup & Restore IDOR Vulnerability CVE: CVE-2023-5808 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host",...
File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution Exploit
Exploit Title: File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution RCE Exploit Author: Mateus Machado Tesser Vendor Homepage: https://advancedfilemanager.com/ Version: File Manager Advanced Shortcode 2.3.2 Tested on: Wordpress 6.1 / Linux Ubuntu 5.15 CVE: CVE-2023-2068...
VMware Workstation 15 Pro - Denial of Service Exploit
Title: VMware Workstation 15 Pro - Denial of Service Author: Milad Karimi Tested on: Windows 10 Pro and Windows 7 Pro SP1 with VMware® Workstation 15 Pro 15.5.6 build-16341506 Affected: VMware Workstation Pro/Player 15.x config.version = "8" virtualHW.version = "4" displayName = "credit's to...
Wordpress Simple Job Board 2.9.3 Plugin - Local File Inclusion Exploit
Exploit Title: Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion Exploit Author: Ven3xy Vendor Homepage: https://wordpress.org/plugins/simple-job-board/ Software Link: https://downloads.wordpress.org/plugin/simple-job-board.2.9.3.zip Version: 2.9.3 Tested on: Ubuntu 20.04 LTS CVE :...
Gerapy 0.9.7 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to version 0.9.8 is...
High Infinity Technology HiKam S6 1.3.26 Spoofing / Broken Authentication Vulnerability
High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffer...
Artica Proxy VMWare Appliance 4.30.000000 SP273 Path Traversal Vulnerability
Product: Artica Proxy VMWare Appliance Vendor/Manufacturer: ArticaTech https://www.articatech.com Affected Versions: 4.30.000000 =SP273 Tested Versions: 4.30.000000 SP273 Vulnerability Type: Relative path traversal CWE-23, Improper Limitation of a Pathname to a restricted Directory CWE-22, CWE 35...
daloRADIUS 0.9-9 SQL Injection / Code Execution Vulnerabilities
Exploit for php platform in category web applications Abstract -------- "daloRADIUS is an advanced RADIUS web management application aimed at managing hotspots and general-purpose ISP deployments. It features user management, graphical reporting, accounting, a billing engine and integrates with...
Android Futex Requeue Kernel Exploit
This Metasploit module exploits a bug in futexrequeue in the linux kernel. Any android phone with a kernel built before June 2014 should be vulnerable. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web sit...
Wordpress Theme Avada Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Theme Avada Arbitrary File Download Vulnerability Date: 19/01/2014 Exploit Author: Vylegzhanin Contact : email protected Tested on: Linux / Window Google Dork: inurl:wp-content/themes/avada PoC...
Vinchin Backup And Recovery 7.2 syncNtpTime Command Injection Vulnerability
Vinchin Backup and Recovery versions 7.2 and below suffer from a command injection vulnerability in the syncNtpTime function. CVE ID: CVE-2024-22899 Title: Command Injection Vulnerability in Vinchin Backup and Recovery's syncNtpTime Function in Versions 7.2 and Earlier Description: A critical...
VMware vRealize Log Insight Unauthenticated Remote Code Execution Exploit
VMware vRealize Log Insights versions 8.x contain multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the...
WordPress Elementor 3.6.2 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: WordPress Plugin Elementor 3.6.2 - Remote Code Execution RCE Authenticated Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://elementor.com/ Software Link: https://wordpress.org/plugins/elementor/advanced/ scroll down to select the version Version:...