39001 matches found
Centreon 23.10-1.el8 SQL Injection Vulnerability
;; Postauth SQL Injection in Centreon 23.10-1.el8 ;; by code610 ;; ;; version: centreon-vbox-vm-2310-1.el8.zip ;; details: https://code610.blogspot.com/2024/04/postauth-sqli-in-centreon-2310-1el8.html ;; ;; sqlmap request.txt POST /centreon/main.get.php?p=60201 HTTP/1.1 Host: 192.168.56.156...
Pydio Cells 4.1.2 - Server-Side Request Forgery Vulnerability
Exploit Title: Pydio Cells 4.1.2 - Server-Side Request Forgery Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Server-Side Request Forgery Security Risk: medium Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...
Ulicms 2023.1 - create admin user via mass assignment Vulnerability
Exploit Title: Ulicms 2023.1 - create admin user via mass assignment Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: create admin user via mass assignment Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...
MobileTrans 4.0.11 Weak Service Permissions Vulnerability
Vendor Name: MobileTrans Product Name: MobileTrans Vendor Home Page: https://mobiletrans.wondershare.com/ Affected Versions: MobileTrans version 4.0.11 Vulnerability Type: Weak Service Permissions CWE-276 CVE Reference: CVE-2023-31748 Security Researcher: Thurein Soe Vulnerability description:...
Serendipity 2.4.0 - Cross-Site Scripting Vulnerability
Exploit Title: Serendipity 2.4.0 - Cross-Site Scripting XSS Author: Mirabbas Ağalarov Application: Serendipity Version: 2.4.0 Bugs: Stored XSS Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found: 13.04.2023 Tested on: Linux 2. Technic...
WordPress Translatepress Multilinugal plugin < 2.3.3 - Authenticated SQL Injection Vulnerability
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04 CVE :...
Blockchain AltExchanger 1.2.1 SQL Injection Vulnerability
Information Vulnerability Name : Multiple Remote SQL Injections in Inout Blockchain AltExchanger Product : Inout Blockchain AltExchanger version : 1.2.1 Vendor Site : https://www.inoutscripts.com/products/inout-blockchain-altexchanger/ Exploit Detail :...
Event Management System 1.0 Shell Upload Vulnerability
Title: Event Management System 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip Reference:...
Huawei DG8045 Router 1.0 - Credential Disclosure Vulnerability
Title: Huawei DG8045 Router 1.0 - Credential Disclosure Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 HardwareVersion: VER.A CVE: N/A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. ...
Engineers Online Portal 1.0 - File Upload Remote Code Execution Vulnerability
Exploit Title: Engineers Online Portal 1.0 - File Upload Remote Code Execution RCE Exploit Author: SadKris Venor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Version: 1.0 Tested on: XAMPP, Windows 11...
Rconfig 3.x Chained Remote Code Execution Exploit
This Metasploit module takes advantage of a command injection vulnerability in the path parameter of the ajax archive file functionality within the rConfig web interface in order to execute the payload. Valid credentials for a user with administrative privileges are required . However, this modul...
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1) Exploit
Exploit for linux platform in category remote exploits !/usr/bin/env python3 coding=utf-8 struts-pwn: Apache Struts CVE-2018-11776 Exploit Author: Mazin Ahmed This code uses a payload from: https://github.com/jas502n/St2-057 import argparse import random import requests import sys try: from urlli...
Intel AMT Digest Authentication Bypass Scanner Exploit
This module scans for Intel Active Management Technology endpoints and attempts to bypass authentication using a blank HTTP digest CVE-2017-5689. This service can be found on ports 16992, 16993 tls, 623, and 624tls. This module requires Metasploit: http://metasploit.com/download Current source:...
Hide vnc HVNC (Hide VNC/VNC User Desktop/WebCam/Download & Upload Files)
src -server -backconnect server -bot -builder -resextract -removal !This project is stopped with the end of 2013. !Not supported !EXE files posted on the public! !identified as a virus. !need to correct and modifying. !src for creative interest. !today all RIP from zeus +Download & Upload Files...
Joomla Component com_facileforms 1.4.4 RFI Vulnerability
Exploit for unknown platform in category web applications ======================================================== Joomla Component comfacileforms 1.4.4 RFI Vulnerability ======================================================== Title: Joomla Component ComFacileforms...
WordPress ThemeEgg ToolKit 1.2.9 Shell Upload Exploit
import argparse import re import time import requests from bs4 import BeautifulSoup by Nxploit | Khaled Alenazi requests.packages.urllib3.disablewarnings session = requests.Session session.verify = False def displaybanner: banner = """...
NodeBB v3.6.7 Broken Access Control Vulnerability
Exploit Title: Broken Access Control - on NodeBB v3.6.7 Exploit Author: Vibhor Sharma Vendor Homepage: https://nodebb.org/ Version: 3.6.7 Description: I identified a broken access control vulnerability in nodeBB v3.6.7, enabling attackers to access restricted information intended solely for...
Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file Vulnerability
Exploit Title: Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0...
Automatic Systems SOC FL9600 FastLine - Backdoor Account Vulnerability
Exploit Title: Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN =...
WordPress RSVPMaker 9.3.2 SQL Injection Vulnerability
!/bin/bash Set the URL of the website running the vulnerable plugin url="http://example.com/wp-content/plugins/rsvpmaker/rsvpmaker-email.php" Set the number of columns in the query columns=5 response=$curl -s "$url" query=$echo "$response" | grep -oP 'FROM . WHERE .' payload="' UNION SELECT...
ProSSHD 1.2 20090726 Denial Of Service Exploit
!/usr/bin/perl use Net::SSH2 Exploit Title: ProSSHD 1.2 20090726 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 13 january 2024 Vendor Homepage: https://prosshd.com/ Notification vendor: No reported Tested Version: ProSSHD 1.2 20090726 Tested on: Window XP Professional -...
TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Vulnerability
Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v. 16.0.2.14 is an...
Best POS Management System 1.0 SQL Injection Vulnerability
Exploit Title: SQL Injection on Best pos Management System Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link: https://www.sourcecodester.com/sites/default/files/download/mayurik/kruxton.zip Version: 1.0...
io_uring Same Type Object Reuse Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'iouring Same Type Object Reuse Priv Esc', 'Description' = %q This module exploits a bug in iouring leading to an additional putcred that can be...
PTPublisher v2.3.4 - Unquoted Service Path Vulnerability
Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path Discovery by: bios Vendor Homepage: https://www.primera.com/ Tested Version: 2.3.4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic service get...
PHP Everywhere 2.0.3 Remote Code Execution Vulnerability
On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution vulnerabilities in PHP Everywhere, a WordPress plugin installed on over 30,000 websites. One of these vulnerabilities allowed any authenticated user of any level,...
WordPress Pie Register 3.7.1.4 Plugin - Admin Privilege Escalation Vulnerability
Exploit Title: WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation Unauthenticated Google Dork: inurl:/plugins/pie-register/ Exploit Author: Lotfi13-DZ Vendor Homepage: https://wordpress.org/plugins/pie-register/ Software Link:...
Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode (230 bytes)
; Name: Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode 230 bytes ; Author: h4pp1n3ss ; Tested on: Microsoft Windows Version 10.0.19042.1237 ; Description: ; This is a shellcode that ; pop a MessageBox and show the text "Pwn3d by h4pp1n3ss". In order to accomplish...
QiHang Media Web Digital Signage 3.0.9 Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications function uploadShellPoC var xhr = new XMLHttpRequest; xhr.open"POST", "http://192.168.1.74:8090/QH.aspx", true; xhr.s...
WBCE CMS v1.6.2 - Remote Code Execution Exploit
Exploit Title: WBCE CMS v1.6.2 - Remote Code Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.2.zip Version: 1.6.2 Tested on: MacOS import requests from bs4 import BeautifulSoup import sys...
Taokeyun SQL Injection Vulnerability
!/bin/bash Variables url="http://example.com/path/to/taokeyun/application/index/controller/m/Drs.php" cid="1' UNION SELECT 1,2,3,4,5,6,7,8,9,email FROM users-- -" Construct the request request="POST $url HTTP/1.1\r\n" request+="Content-Type: application/x-www-form-urlencoded\r\n"...
LG Simple Editor Remote Code Execution Exploit
This Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities exist in versions of LG Simple Editor prior to v3.21. By exploiting this flaw, an attacker can upload and execute a malicious...
EuroTel ETL3100 Transmitter Information Disclosure Vulnerability
The EuroTel ETL3100 TV and FM transmitters suffer from an unauthenticated configuration and log download vulnerability. This will enable the attacker to disclose sensitive information and help him in authentication bypass, privilege escalation and full system access. EuroTel ETL3100 Transmitter...
Azure Apache Ambari 2302250400 - Spoofing Exploit
Exploit Title: Azure Apache Ambari 2302250400 - Spoofing country: Iran Exploit Author: Amirhossein Bahramizadeh Category : Remote Vendor Homepage: Microsoft Apache Ambari Microsoft azure Hdinsights Tested on: Windows/Linux CVE : CVE-2023-23408 import requests Set the URL and headers for the Ambar...
Aigital Wireless-N Repeater Mini_Router.0.131229 Remote Command Execution Vulnerability
Exploit Title: Aigital Wireless-N Repeater - Command Injection Exploit Author: Matteo Mandolini Date : 13/04/2023 Vendor Homepage: https://web.archive.org/web/20220625053314/https://www.aigital.com/ Version: MiniRouter.0.131229 Command Injection POST /boafrm/formSysCmd HTTP/1.1 Host: 192.168.10.2...
Art Gallery Management System Project in PHP v 1.0 - SQL injection Vulnerability
Exploit Title: Art Gallery Management System Project in PHP v 1.0 - SQL injection Exploit Author: Yogesh Verma Vendor Homepage: https://y0gesh-verma.github.io/ Software Link: https://phpgurukul.com/art-gallery-management-system-using-php-and-mysql/,...
Froxlor 2.0.3 Stable - Remote Code Execution Exploit
!/usr/bin/python3 Exploit Title: Froxlor 2.0.3 Stable - Remote Code Execution RCE Date: 2023-01-08 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2023-0315 Vendor Homepage: https://froxlor.org/ Version: v2.0.3 Tested on: Ubuntu 20.04 / PHP 8.2 import telnetlib import requests import socket import...
Online Food Ordering System 2.0 Shell Upload Vulnerability
Exploit Title: Online Food Ordering System v2 - Remote Code Execution RCE Unauthenticated Exploit Author: Hakan Sonay Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...
PKP Open Journals System 3.3 - Cross-Site Scripting Vulnerability
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References: https://youtu.be/v8-9evO2oVg XSS via...
CollectorStealerBuilder Panel 2.0.0 Man-In-The-Middle Vulnerability
The panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability. Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/54530f88c8e4f4371c9418f00c256b1dB.txt Contact: email protected Media: twitter.com/malvuln Threat:...
Booked Scheduler 2.7.5 - Remote Command Execution Exploit
Exploit Title: Booked Scheduler 2.7.5 - Remote Command Execution RCE Authenticated Vulnerability founder: AkkuS Exploit Author: 0sunday Vendor Homepage: https://www.bookedscheduler.com/ Software Link: N/A Version: Booked Scheduler 2.7.5 Tester on: Kali 2021.2 CVE: CVE-2019-9581 !/usr/bin/python3...
Microsoft Exchange ProxyLogon Remote Code Execution Exploit
This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin CVE-2021-26855 and write arbitrary file CVE-2021-27065 to get the RCE Remote Code Execution. By taking advantage of this vulnerability, you...
Whatsapp Desktop (session hijacking) Payload 0day Exploit
This vulnerability makes you able to get Full Access Any account Victim installed Whatsapp Version Desktop By Payload Exploit Support ant last version proof video: https://0day.today/videos/34312.mp4...
Daily Tracker System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Daily Tracker System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https://www.sourcecodetester.com Software Link:...
Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit
!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...
Advanced Comment System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications 0day.today 2018-11-12...
PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability
Exploit for unknown platform in category web applications ================================================================== PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability ==================================================================...
PHP CPMS 2.0 SQL Injection Vulnerability
Titles: PHP - CPMS Version 2.0 SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php-clinics-patient-management-system-source-code Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to be...
Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS Vulnerability
Exploit Title: Axigen if xhr1.readyState === XMLHttpRequest.DONE hcookie = new URLxhr1.responseURL.search.split"="1; xhr2.open'PATCH', /api/v1/conversations/MQ/?h=$hcookie, true; xhr2.setRequestHeader'Content-Type', 'application/json';...
Member Login Script 3.3 - Client-side desync Vulnerability
Title: Member Login Script 3.3 - Client-side desync Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Reference: https://portswigger.net/web-security/request-smuggling/browser/client-side-desync Description: The server appears to be vulnerable to client-side desync attacks. A POST request...