39001 matches found
Light Blog Remote Multiple Vulnerabilities Exploit
Exploit for unknown platform in category web applications ================================================== Light Blog Remote Multiple Vulnerabilities Exploit ================================================== !/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and...
Windows Firewall Control 6.11.0 Unquoted Service Path Vulnerability
Exploit Title: Microsoft Windows Firewall Control 6.11.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage: http://www.binisoft.org Softwar...
Office Suite Premium 10.9.1.42602 Cross Site Scripting Vulnerability
Exploit Title: Office Suite Premium 10.9.1.42602 - Cross-Site Scripting reflected Exploit Author: tmrswrr Vendor Homepage: https://www.mobisystems.com/ Software Link: https://apps.apple.com/us/app/officesuite-docs-pdf-editor/id924005506 Version: Office Suite Premium 10.9.1.42602 Tested on: Ubuntu...
HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass Exploit
This utility generates the TOTP passcode used to sign in as the support service account user for HammerSpace GFS default installations. Both the OVA and ISO are affected. Versions 4.6.6-324 and below with a default installation are affected. Affected Product: HammerSpace Global Data Environment /...
Owlfiles File Manager 12.0.1 - Multiple Vulnerabilities
Exploit Title: Owlfiles File Manager 12.0.1 - Multiple Vulnerabilities Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/owlfiles-file-manager/id510282524 Version: 12.0.1 Tested on: iPhone iOS 16.0 path traversal on HTTP built-in...
Tenda HG6 3.3.0 Remote Command Injection Vulnerability
Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the pingAddr and traceAddr HTTP POST parameters in formPing, formPing6, formTracert and formTracert6 interfaces. Tenda HG6 v3.3.0 Remote Comman...
WordPress Ad Inserter Plugin < 2.7.12 - Cross Site Scripting Vulnerability
Tittle: WordPress Plugin Ad Inserter Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba...
Affiliate Pro 1.7 - (Multiple) Cross Site Scripting Vulnerability
Exploit Title: Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting XSS Document Title: =============== Affiliate Pro v1.7 - Multiple Cross Site Vulnerabilities Product & Service Introduction: =============================== Affiliate Pro is a Powerful and yet simple to use PHP affiliate Managemen...
PRTG Network Monitor Remote Code Execution Exploit
This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to a poorly validated input on the script name, it is possible to chain it with a...
Pharmacy Medical Store and Sale Point 1.0 - (catid) SQL Injection Vulnerability
Exploit for php platform in category web applications Title: Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection Exploit Author: Moaaz Taha 0xStorm Vendor Homepage: https://www.sourcecodester.com/php/14398/pharmacymedical-store-sale-point-using-phpmysql-bootstrap-framework.html...
Cisco WLC 2504 8.9 - Denial of Service Exploit
Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not applicable, works independent from OS CV...
Multilaser RE160V Header Manipulation Access Bypass Vulnerability
Multilaser RE160V web management interface versions 12.03.01.09pt and 12.03.01.10pt suffer from an access control bypass vulnerability through header manipulation. email protected Status: RO Content-Length: 5433 Lines: 153 =====Tempest Security Intelligence - Security Advisory -...
Easywall 0.3.1 - Authenticated Remote Command Execution Exploit
Exploit Title: Easywall 0.3.1 - Authenticated Remote Command Execution Exploit Author: Melvin Mejia Vendor Homepage: https://jpylypiw.github.io/easywall/ Software Link: https://github.com/jpylypiw/easywall Version: 0.3.1 Tested on: Ubuntu 22.04 import requests, json, urllib3 urllib3.disablewarnin...
Form Tools 3.1.1 Cross Site Scripting Vulnerability
Exploit Title: Form Tools Version: 3.1.1 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://formtools.org/ Version: 3.1.1 Tested on: https://www.softaculous.com/demos/FormTools 1 Write after formid your payload :...
WhatACart 2.0.7 Cross Site Scripting Vulnerability
Exploit Title: WhatACart Version: 2.0.7 - Reflected XSS Date: 2023-12-27 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://whatacart.com Version: 2.0.7 Tested on: https://whatacart.com/demo 1 Go to this page : https://demo.whatacart.com/ 2 Write search field this payload :...
Xoops CMS 2.5.10 - Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: Xoops CMS 2.5.10 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: tmrswrr Vendor Homepage: https://xoops.org/ Software https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10 Version: 2.5.10 Tested : https://www.softaculous.com/apps/cms/Xoops --- Description --- 1...
Internet Download Manager v6.41 Build 3 - Remote Code Execution Vulnerability
Exploit Title: Internet Download Manager v6.41 Build 3 - Remote Code Execution RCE Exploit Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://www.internetdownloadmanager.com/ Software Link:...
Evernote Web Clipper Same-Origin Policy Bypass Vulnerability
Evernote Web Clipper suffered from a same-origin policy bypass vulnerability. The link to the demo exploit was a 403 at the time of addition and has not been included in this post. Evernote: extension allows cross-origin iframe communication I happened to notice that the Evernote Web Clipper...
WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery Vulnerability
ADVISORY INFORMATION ======================= Product: BeCustom Wordpress Plugin Vendor URL: https://muffingroup.com/betheme/features/be-custom/ Type: Cross-Site Request Forgery CWE-253 Date found: 2021-10-28 Date published: 2022-11-10 CVSSv3 Score: 5.7...
Navigate CMS 2.9.4 - Server-Side Request Forgery (SSRF) (Authenticated) Exploit
!/usr/bin/env python3 Exploit Title: Navigate CMS 2.9.4 - Server-Side Request Forgery SSRF Authenticated Exploit Author: cheshireca7 Vendor Homepage: https://www.navigatecms.com/ Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.9.4r1561.zip/download Version:...
Online Sports Complex Booking System 1.0 SQL Injection Vulnerability
Online Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability in Users.php. This is a similar issue as the one discovered by Saud Alenazi in March of 2022 but affects a different file. Title: Online Sports Complex Booking System 1.0 SQL Injection Author:...
Prowise Reflect v1.0.9 - Remote Keystroke Injection Exploit
Exploit Title: Prowise Reflect v1.0.9 - Remote Keystroke Injection Exploit Author: Rik Lutz Vendor Homepage: https://www.prowise.com/ Version: V1.0.9 Tested on: Windows 10 Prowise Reflect software version 1.0.9 for Windows is vulnerable to a remote keystroke injection. Much like how a rubber duck...
Thinfinity VirtualUI 2.5.41.0 - IFRAME Injection Vulnerability
Exploit Title: Thinfinity VirtualUI 2.5.41.0 - IFRAME Injection Exploit Author: Daniel Morales Vendor: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version: Thinfinity VirtualUI " where "vpath=//" is the pointer to the external site to be iframed...
django-unicorn 0.35.3 - Stored Cross-Site Scripting Vulnerability
Exploit Title: django-unicorn 0.35.3 - Stored Cross-Site Scripting XSS Exploit Author: Raven Security Associates, Inc. ravensecurity.net Software Link: https://pypi.org/project/django-unicorn/ Version: = 0.35.3 CVE: CVE-2021-42053 django-unicorn = 0.35.3 suffers from a stored XSS vulnerability by...
Pharmacy Medical Store And Sale Point 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Title: Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection Exploit Author: Moaaz Taha 0xStorm Vendor Homepage: https://www.sourcecodester.com/php/14398/pharmacymedical-store-sale-point-using-phpmysql-bootstrap-framework.html...
D-Link Central WiFi Manager CWM(100) Remote Code Execution Exploit
This Metasploit module exploits a PHP code injection vulnerability in D-Link Central WiFi Manager CWM100 versions below v1.03R0100BETA6. The vulnerability exists in the username cookie, which is passed to eval without being sanitized. Dangerous functions are not disabled by default, which makes i...
Microsoft Windows VCF Denial Of Service Exploit
Microsoft Windows VCF cards do not properly sanitize email addresses allowing for HTML injection. A corrupt VCF card can cause all the users currently opened files and applications to be closed and their session to be terminated without requiring any accompanying attacker supplied code. + Credits...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Product web page: https://www.inim.biz Link:...
Supermicro Onboard IPMI Port 49152 Sensitive File Exposure Exploit
This module abuses a file exposure vulnerability accessible through the web interface on port 49152 of Supermicro Onboard IPMI controllers. The vulnerability allows an attacker to obtain detailed device information and download data files containing the clear-text usernames and passwords for the...
All Club CMS <= 0.0.2 index.php Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== All Club CMS No go on the hack attempt."; // log attempt, from IP, etc. if $SYSSET'banattackip' // ban ip if banattackip die; $sth = $dbh-prepare"SELECT FROM accmsmodules...
appRain CMF 4.0.5 - Remote Code Execution (Authenticated) Exploit
Exploit Title: appRain CMF 4.0.5 - Remote Code Execution RCE Authenticated Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.apprain.org Software Link: https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip Version: latest Tested on: MacOS import requests import sys import...
TP-Link TL-WR740N - Buffer Overflow DOS Exploit
Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS' Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N Description: There exist a buffer overflow vulnerability in TP-Link TL-WR74...
WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting Exploit
Exploit Title: WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting XSS Dork: inurl:/admin/views/admin.php Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage: https://wordpress.org/plugins/wp-sticky-social Version: 1.0.1 REQUIRED Tested on:...
Monstra 3.0.4 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Monstra 3.0.4 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested : https://www.softaculous.com/softaculous/demos/Monstra --- Description --- 1 Login admin panel a...
Human Resources Management System - Multiple SQL injection Vulnerability
A Blind SQL injection vulnerability in the login page /hrm/controller/login.php in Human Resources Management System allows remote unauthenticated attackers to execute remote command through arbitrary SQL commands by "name" parameter. Request PoC POST /hrm/controller/login.php HTTP/1.1 Host:...
Device Manager Express 7.8.20002.47752 SQL Injection / XSS / Code Execution / Traversal
Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities. Product Name: Device Manager Express Vendor Homepage: https://www.audiocodes.com Software Link:...
Bitbucket Git Command Injection Exploit
Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated command injection vulnerability in multiple API endpoints. The /rest/api/latest/projects/projectKey/repos/repositorySlug/archive endpoint creates an archive of the repository, leveraging the git-archive...
Library Management System With QR Code 1.0 Cross Site Scripting Vulnerability
Title: Library Management System with QR code Attendance 1.0 Stored Cross-Site Scripting Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
dbus-broker-29 Memory Corruption Exploit
======================================================================= title: Multiple Memory Corruption Vulnerabilities product: dbus-broker vulnerable version: dbus-broker-29 fixed version: dbus-broker-31 CVE number: CVE-2022-31212, CVE-2022-31213 impact: medium homepage:...
WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation Vulnerability
Exploit Title: WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation Exploit Author: Momen Eldawakhly Cyber Guy at Cypro AB Vendor Homepage: https://www.wago.com Version: Firmware version 03.05.1017 Tested on: PopOS! Linux CVE : CVE-2021-46388 ======================================== = The ordinar...
INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit
Exploit for multiple platform in category web applications Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory:...
Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...
Realtek SDK Information Disclosure / Code Execution Exploit
Realtek SDK based routers suffer from information disclosure, incorrect access control, insecure password storage, code execution, and incorrectly implemented CAPTCHA vulnerabilities. 1 Sensitive data disclosure and incorrect access control in several series of Realtek SDK based routers...
Webiness Inventory 2.9 Shell Upload Exploit
Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.9 Arbitrary File Upload Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Software Link: https://github.com/webiness/webinessinventory Version: 2.9 46 foreach $FILES as $file 47 $fileName =...
Liferay Portal 7.0.x <= 7.0.2 - Pre-Auth RCE Exploit
Exploit for windows platform in category remote exploits !/bin/sh Exploit title: Liferay Portal 7.0 RCE Date: 11/16/2014 Exploit author: drone @dronesec Vendor homepage: http://www.liferay.com/ Software link:...
Backdrop CMS 1.27.1 - Remote Command Execution Exploit
Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os import time import...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit
This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...
Proxmox VE - TOTP Brute Force Exploit
Exploit Title: Proxmox VE TOTP Brute Force Exploit Author: Cory Cline, Gabe Rust Vendor Homepage: https://www.proxmox.com/en/ Software Link: http://download.proxmox.com/iso/ Version: 5.4 - 7.4-1 Tested on: Debian CVE : CVE-2023-43320 import time import requests import urllib.parse import json...
Webedition CMS v2.9.8.8 - Blind SSRF Vulnerability
Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRF Application: Webedition CMS Version: v2.9.8.8 Bugs: Blind SSRF Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 07.09.2023 Author: Mirabbas...
Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vulnerability
Electrolink FM/DAB/TV Transmitter allows access to an unprotected endpoint that allows an MPFS File System binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial Flash, or intern...