39001 matches found
Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit
!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...
Advanced Comment System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications 0day.today 2018-11-12...
PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability
Exploit for unknown platform in category web applications ================================================================== PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability ==================================================================...
PHP CPMS 2.0 SQL Injection Vulnerability
Titles: PHP - CPMS Version 2.0 SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php-clinics-patient-management-system-source-code Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to be...
Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated) Vulnerability
Exploit Title: Craft CMS Logs Plugin 3.0.3 - Path Traversal Authenticated Exploit Author: Steffen Rogge Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerability Lab An...
Rail Pass Management System 1.0 - Time-Based SQL Injection Vulnerability
Exploit Title: Rail Pass Management System - 'searchdata' Time-Based SQL Injection Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/rail-pass-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17479 Version: 1.0 Test...
Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit Remote Code Execution Vulnerability
Title: Microsoft 365 MSO Version 2305 Build 16.0.16501.20074 64-bit Remote Code Execution Vulnerability Author: nu11secur1ty Date: 04.17.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/ Reference:...
Stock Management System 2022 1.0 From Erick Cesar SQL Injection Vulnerability
Title: Stock-Management-System-2022-1.0-from-Erick-Cesar Multiple SQLi Author: nu11secur1ty Vendor: https://github.com/rickxy/Stock-Management-System Software: https://github.com/rickxy/Stock-Management-System Reference:...
Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass Exploit
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism. Exploit Title: Boa Web Server 0.94.13-0.94.14 Authentication Bypass Date: 19-11-2022 Exploit Author: George...
PhotoSync 4.7 Local File Inclusion Vulnerability
Exploit Title: PhotoSync 4.7 IOS APP Local file inclusion Exploit Author: Chokri Hammedi Vendor Homepage: https://www.photosync-app.com/home.html Software Link: https://apps.apple.com/us/app/photosync-transfer-photos/id415850124 Version: 4.7 Tested on: iPhone IOS 16.0 GET...
ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion Vulnerability
Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Deletion Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 CVE: CVE-2022-26588 1. About...
Car Driving School Management 1.0 SQL Injection Vulnerability
Title: Car Driving School Management v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15070/car-driving-school-management-system-phpoop-free-source-code.html Reference:...
Small CRM 3.0 - (description) Stored Cross-Site Scripting Vulnerability
Exploit Title: Small CRM 3.0 - 'description' Stored Cross-Site Scripting XSS Exploit Author: Ghuliev Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Tested on: Server: Ubuntu When a user or admin creates a ticket, we can inject javascript...
WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Category : Webapps Software Link:...
Symantec DLP 15.5 MP1 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Persistent XSS on Symantec DLP = 15.5 MP1 Exploit Author: Chapman Schleiss Vendor Homepage: https://www.symantec.com/ Software Link: https://support.symantec.com/us/en/mysymantec.html Version: = 15.5 MP1 CVE : 2019-9701...
Linux/x86 - XOR Encoder / Decoder execve(/bin/sh) Shellcode (45 bytes)
/ ; XOR-Encoder.py ; Author: Daniele Votta ; Description: This program encode shellcode with XOR technique. ; Tested on: i686 GNU/Linux ; Shellcode Length:25 !/usr/bin/python Python XOR Encoder Execve /bin/sh shellcode...
Suricata < 4.0.4 - IDS Detection Bypass Vulnerability
Exploit for multiple platform in category dos / poc ----------------------------------------------------- Vulnerability Type: Detection Bypass Affected Product: Suricata Vulnerable version: SYN Seq=0 Ack= 0 - Evil Server Client ACK Seq=1 Ack= 84 - Evil Server Client - PSH, ACK Seq=1 Ack= 84 - Evi...
WordPress Yoast SEO Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Discoverer: Elias Dimopoulos Linkedin: https://gr.linkedin.com/in/dimopouloselias Vulnerability: Reflected XSS Affected plugin: Yoast SEO plugin alertwindow.location!-- The victim has to have a valid profile under...
Tenda N3 Wireless N150 Home Router - Authentication Bypass Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Complete Authentication Bypass In Tenda N3 Wireless N150 Routers Date: 03-09-2015 Software Link: http://tendacn.com/en/product/N150.html Exploit Author: Mandeep Jadon Contact: http://twitter.com/1337tr0lls Website:...
ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vulnerability
ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the webserver's log file containing system information running on the device. ABB Cylon Aspect 3.08.01...
Wordpress Theme XStore 9.3.8 - SQL injection Vulnerability
Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 Windows NT...
Typora v1.7.4 - OS Command Injection Vulnerability
Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps to Reproduce Open the...
Ruijie Reyee Mesh Router - MITM Remote Code Execution Exploit
Exploit Title: Ruijie Reyee Wireless Router firmware version B11P204 - MITM Remote Code Execution RCE Date: April 15, 2023 Exploit Author: Mochammad Riyan Firmansyah of SecLab Indonesia Vendor Homepage: https://ruijienetworks.com Software Link:...
Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution Vulnerability
Anevia Flamingo XL version 3.6.20 suffers from an authenticated remote code execution vulnerability. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges. Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution...
Flexense HTTP Server 10.6.24 - Buffer Overflow Exploit
Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow DoS Metasploit Exploit Author: Ege Balci Vendor Homepage: https://www.flexense.com/downloads.html Version: 'Flexense HTTP Server Denial Of Service', 'Description' = %q This module triggers a Denial of Service vulnerability in the...
ChurchCRM 4.5.4 Cross Site Scripting Vulnerability
Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: http://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM/releases/tag/4.5.4 Version: 4.5.4 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE: CVE-2023-31699 Step...
Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution Exploit
!/usr/bin/env python """ Exploit Title: Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution RCE Exploit Author: max / Zoltan Padanyi Vendor Homepage: https://exchange.nagios.org/directory/Addons/Configuration/Lilac-2DReloaded/visit Software Link:...
BoxBilling <= 4.22.1.5 - Remote Code Execution Vulnerability
Exploit Title: BoxBilling POC Video : https://drive.google.com/file/d/1m2glCeJ9QXc8epuY2QfvbWwjLTJ8Hjx/view?usp=sharing...
binutils 2.37 - Objdump Segmentation Fault Vulnerability
Exploit Title: binutils 2.37 - Objdump Segmentation Fault Exploit Author: p3tryx Vendor Homepage: https://www.gnu.org/software/binutils/ Version: binutils 2.37 Tested on: Ubuntu 18.04 CVE : CVE-2021-43149 Payload file %223"\972\00\0083=Q333A11111111411111333333A $$$\FF$\80 1114...
ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File Modification Exploit
ICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability. !/usr/bin/env python3 -...
MiniOrange SAML Drupal Module 8.x-2.22 Privilege escalation via XML Signature Wrapping Vulnerability
Exploit Title: Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation via XML Signature Wrapping Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://www.miniorange.com/ Software Link: https://www.drupal.org/project/miniorangesaml Version: 8.x-2.22 REQUIRED Tested on: Linux...
Ignition 2.5.1 Remote Code Execution Exploit
Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel versions prior to 8.4.2. Exploit...
PNPSCADA 2.200816204020 - (interf) SQL Injection (Authenticated) Vulnerability
Exploit for php platform in category web applications Exploit Title: PNPSCADA 2.200816204020 - 'interf' SQL Injection Authenticated Exploit Author: İsmail ERKEK Vendor Homepage: http://wiki.pnpscada.com/forumHome.jsp Version: 2.200816204020 Tested on: - 1. Description: ----------------------...
Prestashop 1.7.6.4 XSS / CSRF / Remote Code Execution Vulnerabilities
Exploit for php platform in category web applications Prestashop | stazot.com Last Modified: 2020-04-11 Vendor : https://www.prestashop.com/ Version : = 1.7.6.4 Tested on : 1.7.6.4 -- Table of Contents 00 - Introduction 01 - Exploit 02 - Cross-Site Request Forgery CSRF 02.1 - Exploitation 03 -...
CuteNews 2.1.2 - avatar Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CuteNews 2.1.2 - 'avatar' Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in CuteNews prior to...
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload) Vulnerability
Exploit for php platform in category web applications Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link:...
Centos 7.1 / Fedora 22 - abrt Local Root Exploit
CentOS version 7.1 and Fedora version 22 abrt local root exploit. It leverages abrt-hook-ccpp insecure open usage and abrt-action-install-debuginfo insecure temp directory usage. !/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions...
Joomla Component com_jce remote Code Injecion / Execution Exploit (perl)
JCE component for Joomla! could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the file.php script. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP...
TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit
Exploit for unknown platform in category web applications =================================================================== TorrentFlux 2.2 downloaddetails.php Local File Disclosure Exploit =================================================================== Description: TorrentFlux fails to...
Winter CMS 1.2.2 / 1.2.3 Server-Side Template Injection Vulnerability
Exploit Title: Winter CMS 1.2.2 / 1.2.3 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 / 1.2.3 Tested :...
Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass Vulnerability
Electrolink FM/DAB/TV Transmitter suffers from an authentication bypass vulnerability affecting the Login Cookie. An attacker can set an arbitrary value except NO to the Login Cookie and have full system access. Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor:...
Lost And Found Information System 1.0 Broken Access Control / Privilege Escalation Vulnerability
Vulnerability: Broken Access Control Author: Akash Pandey CVE: CVE-2023-3018 Source: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Steps to re-produce: 1. Go to https://site.com/admin/?page=user/list as staff user...
GDidees CMS 3.9.1 - Local File Disclosure Vulnerability
Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 and lower versions w...
VMware Workspace ONE Access Privilege Escalation Exploit
This Metasploit module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified by the horizon user. This allows a local attacker with the uid 1001 to escalate their privileges to root access. This module requires...
Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free Shellcode 373 bytes
; Title: Name: Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free Shellcode 373 bytes ; Author: Xavi Beltran ; Contact: email protected ; Website: https://xavibel.com/2023/01/18/shellcode-windows-x86-create-administrator-user-dynamic-peb-edt/ ; Date: 18/01/2022 ; Tested...
Google Chrome 109.0.5414.74 Unsafe Library Load Vulnerability
Google Chrome version 109.0.5414.74 on Ubuntu attempts to load libnssckbi.so from a user-writable location and if missing, a replacement piece of malware can be used by an attacker to achieve code execution. Although privilege escalation is not likely as an attacker would already need access to t...
Kramer VIAware - Remote Code Execution Exploit
Exploit Title: Remote Code Execution as Root on KRAMER VIAware Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys, urllib3 from request...
Hospitals Patient Records Management System 1.0 - (room_list) Stored XSS Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomlist' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Ericsson Network Location MPS GMPC21 - Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...
Oracle Solaris SunSSH PAM parse_user_name() Buffer Overflow Exploit
This Metasploit module exploits a stack-based buffer overflow in the Solaris PAM library's username parsing code, as used by the SunSSH daemon when the keyboard-interactive authentication method is specified. Tested against SunSSH 1.1.5 on Solaris 10u11 1/13 x86 in VirtualBox, VMware Fusion, and...