39001 matches found
Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality Vulnerability
Electrolink FM/DAB/TV Transmitter allows an unauthenticated attacker to bypass authentication and modify the Cookie to reveal hidden pages that allows more critical operations to the transmitter. Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality Vendor: Electrolink s.r.l. Product...
XCMS v1.83 - Remote Command Execution Exploit
Exploit Title: XCMS v1.83 - Remote Command Execution RCE Author: Onurcan Email: email protected Site: ihteam.net Script Download : http://www.xcms.it Date: 26/12/2022 The xcms's footerthat is in "/dati/generali/footer.dtb" is included in each page of the xcms. Taking "home.php" for example: So th...
Auto Dealer Management System 1.0 Privilege Escalation Vulnerability
Auto Dealer Management System - Broken Access Control leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Versio...
NetChess 2.1 Buffer Overflow Exploit
Exploit Title: NetChess2.1 Buffer Overflow SEH Exploit Author: Ugur Eminli Vendor Homepage: https://sourceforge.net/projects/avmnetchess/ Software Link: https://sourceforge.net/projects/avmnetchess/ Version: 2.1 Tested on: WinXP SP2 Build 2600 !/usr/bin/perl my $file= "exploit.pgn"; my $junk=...
WordPress Popup Maker 1.16.5 Plugin - Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...
FileBrowser 2.17.2 - Cross Site Request Forgery to Remote Code Execution Vulnerability
Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...
Microsoft Windows Explorer Preview Pane HTML File Link Spoofing Vulnerability
The Windows Explorer Preview Pane feature allows for spoofing of links contained in an HTML based file because upon moving the mouse over the link nothing happens and it cannot be right-clicked to show the actual target. Exploit Title: Windows Explorer Preview Pane HTML File Link Spoofing...
PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting Author: AppleBois Version: 7xx ≤ 746 Homepage: https://pandorafms.org/ Software Link: https://sourceforge.net/projects/pandora/files/Pandora FMS 7.0NG/ CVE-2020-11749 By...
BitZoom 1.0 - rollno SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: BitZoom 1.0 - 'rollno' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://bitzoom.sourceforge.io/ Software Link: https://excellmedia.dl.sourceforge.net/project/bitzoom/bitzoom-master.zip Version: 1.0 Category:...
Surreal ToDo 0.6.1.2 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Surreal ToDo 0.6.1.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodov0.6.1.2.zip...
CMS Frogss <= 0.4 (podpis) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================= CMS Frogss = 0.4 podpis Remote SQL Injection Exploit ======================================================= ?php echo "+"; echo "+\r\n"; echo "- - - DEVIL TEAM THE BEST POLISH TEAM -...
IntelliNet 2.0 Remote Root Exploit
Zero day remote root exploit for IntelliNet version 2.0. It affects multiple devices of AES Corp and Siemens. The exploit provides a remote shell and escalates your permissions to full root permissions by abusing execsuid. No authentication needed at all, neither any interaction from the victim...
Open Source Medicine Ordering System v1.0 - SQL injection Exploit
Exploit Title : Open Source Medicine Ordering System v1.0 - SQLi Author : Onur Karasalihoğlu Sample Usage % python3 omossqliexploit.py https://target.com Available Databases: 1. informationschema 2. omosdb Please select a database to use enter number: 2 You selected: omosdb Extracted Admin Users...
SpyCamLizard 1.230 Denial Of Service Exploit
!/usr/bin/perl use IO::Socket::INET; Exploit Title: SpyCamLizard 1.230 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 18 january 2024 Vendor Homepage: http://www.spycamlizard.com Download to demo:...
freeSSHd 1.0.9 Denial Of Service Exploit
!/usr/bin/perl use IO::Socket; Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 13 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: freeSSHd 1.0.9 - Denial of Service DoS Tested on: Window XP...
Nokia OneNDS 20.9 Insecure Permissions / Privilege Escalation Vulnerability
=============================================================================== title: Incorrect Permission Assignment product: Nokia OneNDS 20.9 vulnerability type: Security Misconfiguration severity: High CVSS Score: 7.8 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H found on:...
SecurePoint UTM 12.x Memory Leak Vulnerability
ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use of Uninitialized Variable CWE-457 Date found: 2023-01-05 Date published: 2023-04-12 CVSSv3 Score: 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...
Nacos 2.0.3 - Access Control vulnerability
Exploit Title: Nacos 2.0.3 - Access Control vulnerability Date: 2023-01-17 Exploit Author: Jenson Zhao Vendor Homepage: https://nacos.io/ Software Link: https://github.com/alibaba/nacos/releases/ Version: Up to including2.0.3 Tested on: Windows 10 CVE : CVE-2021-43116 Required before execution: p...
Roxy WI v6.1.0.0 - Improper Authentication Control Vulnerability
Exploit Title: Roxy WI v6.1.0.0 - Improper Authentication Control Date of found: 21 July 2022 Application: Roxy WI = v6.1.0.0 Author: Nuri Çilengir Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Advisory:...
Art Gallery Management System Project v1.0 - SQL Injection (Authenticated) Vulnerability
Exploit Title: Art Gallery Management System Project v1.0 - SQL Injection sqli authenticated Exploit Author: Rahul Patwari Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/projects/Art-Gallery-MS-PHP.zip Version: 1.0 Tested on: XAMPP / Windows 10 CVE : CVE-2023-23163...
Korenix JetWave Command Injection / Denial Of Service Exploit
Multiple versions of Korenix JetWave suffer from authenticated command injection and denial of service vulnerabilities. ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| JetWave4221 HP-E, JetWave 2212G, JetWave 2212X/2212S, |...
Explore CMS 1.0 SQL Injection Vulnerability
Exploit Title: explore CMS - Boolean Based SQL Injection Exploit Author: Sajibe Kanti Vendor Name : EXPLORE IT Vendor Homepage: https://exploreit.com.bd CVE: On Request POC SQL Injection SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an...
Dnsmasq < 2.78 - Lack of free() Denial of Service Exploit
Exploit for multiple platform in category dos / poc ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the...
NetBIOS NBSTAT Name Query Reflection Denial Of Service Exploit
NetBIOS NBSTAT name query reflection denial of service proof of concept exploit. !/usr/bin/perl NetBios NBSTAT name query reflection dos Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is fo...
MRCGIGUY The Ticket System 2.0 Insecure Cookie Handling Vuln
Exploit for unknown platform in category web applications...
Invesalius 3.1 Remote Code Execution Exploit
Invesalius versions 3.1.99991 through 3.1.99998 suffer from a remote code execution vulnerability. The exploitation steps of this vulnerability involve the use of a specifically crafted DICOM file which, once imported inside the victim's client application, allows an attacker to gain remote code...
Firefox 121 / Chrome 120 Denial Of Service Exploit
Minor firefox DoS - semi silently polluting /Downloads with files part 2 Tested on: firefox 121 and chrome 120 on GNU/linux Date: Thu Jan 18 08:38:28 AM UTC 2024 This is barely a DoS, but since it might affect Chrome too we decided to disclose it. If firefox user visits a specially crafted page,...
ShopSite 14.0 Cross Site Scripting Vulnerability
Exploit Title: ShopSite Version: 14.0 - Stored XSS Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://www.shopsite.com/ Version: 14.0 Tested on: https://www.shopsite.com/demo.html 1 Upload poc.svg file here : https://demo.shopsite.com/cgi-bin/ssdemos/stores/alsdemo/ss/mediam.cgi...
SLIMS 9.5.2 Cross Site Scripting Vulnerability
Title: SLIMS-9.5.2 - XSS Reflected - Account Exploit Development: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.5.2 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.2 Description:...
Shoplazza 1.1 Cross Site Scripting Vulnerability
Exploit Title: Shoplazza 1.1 - Stored Cross Site Scripting Exploit Author: Andrey Stoykov Software Link: https://github.com/Shoplazza/LifeStyle Version: 1.1 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as normal user account 2. Browse "Blog Posts" - "Manage Blogs"...
Genesys PureConnect Cross Site Scripting Vulnerability
Product: Genesys PureConnect - Interaction Web Tools Chat Service Description: Interaction Web Tools Chat Service allows XSS within the Printable Chat History via the participant - name JSON POST parameter. Vulnerability Type: XSS Vendor of Product: Genesys PureConnect Affected Product Code Base:...
Paymoney 3.3 Cross Site Scripting Vulnerability
Title: paymoney-3.3 XSS-Reflected Author: nu11secur1ty Vendor: https://paymoney.techvill.org/ Software: paymoney-3.3 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3 Description: The parameters firstname and lastname in Users are vulnerable...
Easy Appointments 1.4.2 - Information Disclosure Exploit
Exploit Title: Easy Appointments 1.4.2 - Information Disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2022-0482 Vendor Homepage: https://easyappointments.org/ Software Link...
Atom CMS 2.0 - Remote Code Execution Exploit
Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script uploads...
FLEX 1080/1085 Web 1.6.0 Information Disclosure Vulnerability
FLEX 1080/1085 Web version 1.6.0 suffers from an information disclosure vulnerability. Exploit Title: FLEX 1080/1085 Web - Information Disclosure Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested o...
Xerte 3.10.3 - Directory Traversal (Authenticated) Exploit
Exploit Title: Xerte 3.10.3 - Directory Traversal Authenticated Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.9.zip Version: up until 3.10.3 Tested on: Windows 10 XAMP CVE : CVE-2021-44665...
aaPanel 6.8.21 Directory Traversal Vulnerability
Exploit Title: aaPanel 6.8.21 - Directory Traversal Authenticated Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.aapanel.com/ Software Link: https://www.aapanel.com Version: 6.8.21 Tested on: Ubuntu Application vulnerable to Directory Traversal and attacker can get root user...
CoreFTP Server build 725 - Directory Traversal (Authenticated) Vulnerability
Exploit Title: CoreFTP Server build 725 - Directory Traversal Authenticated Exploit Author: LiamInfosec Vendor Homepage: http://coreftp.com/ Version: build 725 and below Tested on: Windows 10 CVE : CVE-2022-22836 Description: CoreFTP Server before 727 allows directory traversal for file creation ...
Chikitsa Patient Management System 2.0.2 - (backup) Remote Code Execution Exploit
Exploit Title: Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution RCE Authenticated Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Vulnerability
Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...
BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection Exploit
Exploit for asp platform in category web applications Exploit Title: Out-of-band XML External Entity Injection on BlogEngine.NET Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10718 1. Description ============== BlogEngine.N...
Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3) Exploit
Exploit for windows platform in category local exploits Microsoft Windows - AppX Deployment Service Local Privilege Escalation 3 CVE-2019-0841 BYPASS 2 There is a second bypass for CVE-2019-0841. This can be triggered as following: Delete all files and subfolders within...
LibreOffice 6.0.7 / 6.1.3 - Macro Code Execution Exploit
Exploit for multiple platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Code Execution', 'Description' = %q LibreOffice comes bundled with...
PHP 5.2.3 imap (Debian Based) - imap_open Disable Functions Bypass Vulnerability
Exploit for linux platform in category local exploits PHP 5.2.3 imap Debian Based - imapopen Disable Functions Bypass Vulnerability /tmp/test0001 $server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh"; imapopen''.$server.':143/imapINBOX', '', '' or...
Intel (Skylake / Kaby Lake) - PortSmash CPU SMT Side-Channel Exploit
Exploit for hardware platform in category local exploits Intel Skylake / Kaby Lake - PortSmash CPU SMT Side-Channel Exploit Summary This is a proof-of-concept exploit of the PortSmash microarchitecture attack, tracked by CVE-2018-5407. Setup Prerequisites A CPU featuring SMT e.g. Hyper-Threading ...
UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================ UBB.threads = 6.5.1.1 doeditconfig.php Code Execution Exploit ================================================================ !/usr/bin/php -q -d shortopentag=on ? //...
Wordpress Travelscape v1.0.3 Theme - Arbitrary File Upload Exploit
Exploit Title: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys import os.path import requests import re import urllib3 from requests.exceptions import SSLError from multiprocessing.dummy impor...
CSZCMS 1.3.0 SQL Injection Vulnerability
Title: CSZCMS v1.3.0 - SQL Injection Author: Abdulaziz Almetairy Vendor: https://www.cszcms.com/ Software: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Reference: https://github.com/oh-az Tested on: Windows 11, MySQL, Apache 1 - Log in to the admin portal...
MCL-Net 4.3.5.8788 - Information Disclosure Vulnerability
Exploit Title: MCL-Net 4.3.5.8788 - Information Disclosure Exploit Author: Victor A. Morales, GM Sectec Inc. Vendor Homepage: https://www.mcl-mobilityplatform.com/net.php Version: 4.3.5.8788 other versions may be affected Tested on: Microsoft Windows 10 Pro CVE: CVE-2023-34834 Description:...
ProLink PRS1841 Backdoor Account Vulnerability
Exploit Title: Router backdoor - ProLink PRS1841 PLDT Home fiber Exploit Author: Lawrence Amer @zux0x3a Vendor Homepage: https://prolink2u.com/product/prs1841/ Firmware : PRS1841 U V2 reference:...