39001 matches found
AspEmail 5.6.0.2 Weak Permissions / Local Privilege Escalation Vulnerability
Exploit Title: AspEmail 5.6.0.2 - Local Privilege Escalation Vulnerability Category: Weak Services Permission - Binary Permission Vulnerability Date: 13/04/2023 Exploit Author: Zer0FauLT email protected Vendor Homepage: https://www.aspemail.com Software Link: https://www.aspemail.com/download.htm...
Roxy Fileman 1.4.6 Remote Shell Upload Exploit
Exploit Title: Roxy Fileman Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20210126213412/https://roxyfileman.com/download.php?f=1.4.6-php Version: \t\n' banner += '\t\t\t\t\t\t\n' banner += '\n' parser = OptionParser parser.addoption"-u", "--url", dest="url", help="u...
Hotel Reservation System 1.0 - SQL injection (Unauthenticated) Vulnerability
Exploit Title: Hotel Reservation System 1.0 - SQLi Unauthenticated Google Dork: None Exploit Author: Nefrit ID Author Website: https://manadocoder.com Vendor Homepage: https://github.com/dhruvmullick Software Link: https://github.com/dhruvmullick/hotel-reservation-system Tested on: Kali Linux &...
Pinkie 2.15 - TFTP Remote Buffer Overflow Exploit
Exploit Title: Pinkie 2.15 - TFTP Remote Buffer Overflow PoC Discovered by: Yehia Elghaly Vendor Homepage: http://www.ipuptime.net/ Software Link : http://ipuptime.net/PinkieSetup.zip Tested Version: 2.15 Vulnerability Type: Buffer Overflow DoS Remote Tested on OS: Windows XP SP3 - Windows 7...
i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Vulnerability
Exploit Title: i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Exploit Author: LiquidWorm Vendor Homepage: https://www.i3international.com i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page:...
Simple Online College Entrance Exam System 1.0 - SQL Injection Authentication Bypass Vulnerability
Exploit Title: Simple Online College Entrance Exam System 1.0 - SQLi Authentication Bypass Exploit Author: Mevlüt Yılmaz Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...
WordPress Email Subscribers & Newsletters 4.2.2 Plugin - Unauthenticated File Download Vulnerabi
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Exploit Author: email protectedESEC Vendor Homepage:...
Android-Gif-Drawable Double-Free Vulnerability
A double free vulnerability in the DDGifSlurp function in decoding.c in libpldroidsonroidsgif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawab...
Nginx (Debian-Based Distributions) - Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/bin/bash Source: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html Nginx Debian-based distros - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid...
Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation Exploit
Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...
Kafka UI 0.7.1 Command Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...
Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit
Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...
Microsoft Windows PowerShell Remote Command Execution Exploit
This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an updated exploit to work with Python3. from base64 import b64encode import argparse,sys,os PSTrojanFile.py By hyp3rlinx c 2023 ApparitionSec...
4images 1.9 Remote Command Execution Vulnerability
Exploit Title: 4images 1.9 - Remote Command Execution Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Select...
Property Listing Script 3.1 SQL Injection Vulnerability
┌┌────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...
Laundry Management System 1.0 SQL Injection Exploit
Exploit Title: Laundry Management System 1.0 - Authenticated SQL Injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-cilaundry.zip Version: 1.0 Tested on: Windows 10 + XAMPP 3.2.4 C...
WordPress Motopress Hotel Booking Lite 4.2.4 Plugin - SQL Injection Vulnerability
Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection Exploit Author: Mohsen Dehghani aka 0xProfessional Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4 Tested on:...
ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default...
Online Bike Rental 1.0 Shell Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Bike Rental v1.0 – Authenticated Arbitrary File Upload / Remote Code Execution Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https:/www.sourcecodester.com Software Link:...
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure Exploit
Exploit for multiple platform in category web applications Exploit Title: File disclosure in Pulse Secure SSL VPN metasploit Google Dork: inurl:/dana-na/ filetype:cgi Exploit Author: 0xDezzy Justin Wagner, Alyssa Herrera Vendor Homepage: https://pulsesecure.net Version: 8.1R15.1, 8.2 before...
WebERP 4.15 - SQL injection Exploit
Exploit for php platform in category web applications Exploit Title: Blind SQL injection in WebERP. Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: http://www.weberp.org/ Version: 4.15 A malicious query can be sent in base64 encoding to unseriali...
Pivot <= 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit
Exploit for unknown platform in category web applications ===================================================================== Pivot = 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit ===================================================================== !/usr/bin/php -q -d...
Linux Kernel 5.6.13 Use-After-Free Exploit
Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13. // gcc -o exploit exploit.c -masm=intel -static -s -lpthread define GNUSOURCE include include include include include include include include include include...
Wordpress Neontext Plugin - Stored XSS Vulnerability
Exploit Title: Wordpress Plugin Neon Text = 1.1 - Stored Cross Site Scripting XSS Exploit Author: Eren Car Vendor Homepage: https://www.eralion.com/ Software Link: https://downloads.wordpress.org/plugin/neon-text.zip Category: Web Application Version: 1.0 Tested on: Debian / WordPress 6.4.1 CVE :...
xbtitFM 4.1.18 SQL Injection / Shell Upload / Traversal Vulnerabilities
xbtitFM versions 4.1.18 and below suffer from remote shell upload, remote SQL injection, and path traversal vulnerabilities. Exploit Title: xbtitFM 4.1.18 Multiple Vulnerabilities Exploit Author: Who cares anyway Vendor Homepage: https://xbtitfm.eu Affected versions: 4.1.18 and prior CVE : Who...
TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Vulnerability
Exploit Title: TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Permissions Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31068 With TSPlus Remote Work v. 16.0.0.0 you can crea...
Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated) Vulnerability
Exploit Title: Crypto Currency Tracker CCT 9.5 - Admin Account Creation Unauthenticated Exploit Author: 0xBr Software Link: https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 Version: =9.5 CVE: CVE-2023-37759 POST /en/user/register HTTP/2 Host:...
MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control Vulnerability
Exploit Title: MilleGPG5 5.9.2 Gennaio 2023 - Local Privilege Escalation / Incorrect Access Control Exploit Author: Andrea Intilangelo Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it - https://millewin.it/prodotti/governo-clinico-3/ Software Link:...
BrainyCP V1.0 - Remote Code Execution Exploit
Exploit Title: BrainyCP V1.0 - Remote Code Execution Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://brainycp.io Demo: https://demo.brainycp.io Tested on: Kali Linux CVE : N/A import requests credentials url = input"URL: " username = input"Username: " password = input"Password: " ip =...
WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery Vulnerability
WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability. 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Cross-Site Request Forgery CSR...
SugarCRM Shell Upload Exploit
!/usr/bin/env python SugarCRM 0-day Auth Bypass + RCE Exploit Dorks: https://www.google.com/search?q=site:sugarondemand.com&filter=0 https://www.google.com/search?q=intitle:"SugarCRM"+inurl:index.php https://www.shodan.io/search?query=http.title:"SugarCRM"...
macOS/x64 Execve Null-Free Shellcode (253 bytes)
Shellcode Title: macOS/x64 - Execve Null-Free Shellcode 253 Bytes Shellcode Author: Bobby Cooke boku @0xBoku github.com/boku7 Date: 12/20/2022 Tested on: macOS Monterey; 21.6.0 Darwin Kernel Version; x8664 Shellcode Description: macOS 64 bit shellcode. Uses execve syscall to spawn bash. The strin...
WordPress Form Maker 1.13.3 Plugin - SQL Injection Exploit
Exploit for php platform in category web applications -- coding: utf-8 -- Exploit Title: WordPress Plugin Form Maker 1.13.3 - SQL Injection Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://10web.io/plugins/ Software Link: https://wordpress.org/plugins/form-maker/ Version:...
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit
This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions 'Apache Struts ClassLoader Manipulation Remote Code Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Apache Struts versions 'Mark Thomas', Vulnerabilit...
QNX Qconn Command Execution Exploit
This Metasploit module uses the qconn daemon on QNX systems to gain a shell. The QNX qconn daemon does not require authentication and allows remote users to execute arbitrary operating system commands. This Metasploit module has been tested successfully on QNX Neutrino 6.5.0 x86 and 6.5.0 SP1 x86...
Invision Community 4.7.15 SQL Injection Vulnerability
-------------------------------------------------------------------- Invision Community filter and \isarray \IPS\Request::i-filter 128 129 $url = $url-setQueryString 'filter', \IPS\Request::i-filter ; 130 foreach \IPS\Request::i-filter as $filterId = $allowedValues 131 132 $where = array...
TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution Vulnerability
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...
CSZ CMS 1.3.0 Remote Command Execution Exploit
Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 17/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...
Apache Airflow 1.10.10 Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability by combining two critical vulnerabilities in Apache Airflow version 1.10.10. The first, CVE-2020-11978, is an authenticated command injection vulnerability found in one of Airflow's example DAGs,...
WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection Vulnerabilities
Vulnerability Summary from Wordfence Intelligence Description: Slimstat Analytics = 5.0.9 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: Slimstat Analytics Plugin Slug: wp-slimstat Affected Versions: = 5.0.9 CVE ID: CVE-2023-4597 CVSS Score: 6.4 Medium CVS...
WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass Exploit
WordPress Abandoned Cart Lite for WooCommerce plugin versions 5.14.2 and below proof of concept authentication bypass exploit. Entering the URL in browser will give you access to the respective users acc...
Spryker Commerce OS 1.0 SQL Injection Vulnerability
An SQL injection vulnerability affecting Spryker-based webshops was discovered in the order history search form. It can be exploited by authenticated attackers in order to retrieve information from the database e.g. customer and administrator login information, order details, etc.. Depending on t...
WordPress PowerPress 10.0 Cross Site Scripting Vulnerability
On April 5, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting XSS vulnerability in Blubrry’s PowerPress plugin, which is actively installed on more than 50,000 WordPress websites. The vulnerability enables threat...
Music Gallery Site 1.0 Privilege Escalation / Missing Authentication Vulnerabilities
Music Gallery Site - Broken Access Control leads to compromise of complete application by adding admin user without log-in into the application. CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Music...
Employee Performance Evaluation v1.0 SQL injection Vulnerability
Title: Employee Performance Evaluation v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14617/employee-performance-evaluation-system-phpmysqli-source-code.html Reference:...
Hospitals Patient Records Management System 1.0 - (doctors) Stored XSS Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
WordPress Select All Categories and Taxonomies 1.3.1 Plugin - Reflected Cross-Site Scripting
Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting XSS Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip Version: 1.3.1 Tested on: Windows 10...
Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation Exploit
Windows: Windows Font Cache Service Insecure Sections EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The Windows Font Cache Service exposes section objects insecurely to low privileged...
Spring Security OAuth - Open Redirector Vulnerability
Exploit for java platform in category web applications Exploit Title: Open Redirector in spring-security-oauth2 Exploit Author: Riemann Vendor Homepage: https://spring.io/projects/spring-security-oauth Software Link: https://spring.io Version: Spring Security OAuth versions 2.3 prior to 2.3.6...
FusionPBX 4.4.3 - Remote Command Execution Exploit #RCE
Exploit for php platform in category web applications Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on:...