39001 matches found
Intel (Skylake / Kaby Lake) - PortSmash CPU SMT Side-Channel Exploit
Exploit for hardware platform in category local exploits Intel Skylake / Kaby Lake - PortSmash CPU SMT Side-Channel Exploit Summary This is a proof-of-concept exploit of the PortSmash microarchitecture attack, tracked by CVE-2018-5407. Setup Prerequisites A CPU featuring SMT e.g. Hyper-Threading ...
PHP-fusion (articles.php) SQL Injection Exploit
Exploit for php platform in category web applications Title : PHP-fusion articles.php SQL Injection Exploit Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote SQL Injection Tested on :...
UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================ UBB.threads = 6.5.1.1 doeditconfig.php Code Execution Exploit ================================================================ !/usr/bin/php -q -d shortopentag=on ? //...
WordPress Hurrakify 2.4 Server-Side Request Forgery Vulnerability
CVE-2024-54330 Hurrakify bfdibc85r04ky96cie05dfzjjgigz...
Wordpress Travelscape v1.0.3 Theme - Arbitrary File Upload Exploit
Exploit Title: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys import os.path import requests import re import urllib3 from requests.exceptions import SSLError from multiprocessing.dummy impor...
MCL-Net 4.3.5.8788 - Information Disclosure Vulnerability
Exploit Title: MCL-Net 4.3.5.8788 - Information Disclosure Exploit Author: Victor A. Morales, GM Sectec Inc. Vendor Homepage: https://www.mcl-mobilityplatform.com/net.php Version: 4.3.5.8788 other versions may be affected Tested on: Microsoft Windows 10 Pro CVE: CVE-2023-34834 Description:...
Joomla MarvikShop ShoppingCart 3.4 SQL Injection Vulnerability
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...
ALLPlayer ALLMediaServer V1.6 SEH Exploit
Exploit Title: ALLPlayer ALLMediaServer V1.6 SEH Exploit Version:ALLMediaServer V1.6 Exploit Author: Achilles Vendor Homepage: http://www.allmediaserver.org/ Downlod Link:http://www.allmediaserver.org/LiveUpdate/ALLMediaServer.exe Tested on: Windows 7 Sp1 x86 Original Dos Author: Yehia Elghaly...
McAfee Safe Connect VPN - Unquoted Service Path Elevation Of Privilege Vulnerability
Exploit Title: McAfee® Safe Connect VPN - Unquoted Service Path Elevation Of Privilege Exploit Author: Saud Alenazi Vendor Homepage: https://www.mcafee.com/ Software Link: https://www.mcafee.com/en-us/vpn/mcafee-safe-connect.html Version: 2.13 Tested: Windows 10 x64 Contact:...
Xerte 3.9 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows 10 XAMP CVE :...
BSCW Server Remote Code Execution Vulnerability
BSCW Server versions 7.4.2 and below, 7.3.2 and below, 5.2.3 and below, 5.1.9 and below, and 5.0.11 and below suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated RCE product: BSCW Server...
OpenBSD Dynamic Loader chpass Privilege Escalation Exploit
This Metasploit module exploits a vulnerability in the OpenBSD ld.so dynamic loader CVE-2019-19726. The dlgetenv function fails to reset the LDLIBRARYPATH environment variable when set with approximately ARGMAX colons. This can be abused to load libutil.so from an untrusted path, using...
Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSL Exploit
The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: When kgslmementrydestroy in drivers/gpu/msm/kgsl.c is called for a writable entry with memtype KGSLMEMENTRYUSER, it attempts to mark the entry's pages as dirty...
Joomla ARI Quiz 3.7.4 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component ARI Quiz 3.7.4 - SQL Injection Exploit Author: Mr Winst0n Author E-mail: email protected Discovery Date: April 27, 2019 Vendor Homepage: http://www.ari-soft.com Software Link :...
Linux Nested User Namespace idmap Limit Local Privilege Escalation Exploit
This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root CVE-2018-18955. The target system must have unprivileged user namespaces enabl...
Joomla Aist 2.0 Component - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Aist = 2.0 - SQL Injection Vendor Homepage: http://aist.bmstu.ru/ Software Link: http://aist.bmstu.ru/ Version: = 2.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5993 Exploit Author: Ihsan...
PHPizabi 0.848b C1 HFP1 Remote Code Execution Exploit
Exploit for unknown platform in category web applications ===================================================== PHPizabi 0.848b C1 HFP1 Remote Code Execution Exploit ===================================================== !/usr/bin/perl inphex PHPizabi v0.848b C1 HFP1 Remote Code Execution if you a...
SofaWiki 3.9.2 Shell Upload Exploit
Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote code execution RCE...
Zoo Management System 1.0 Shell Upload Vulnerability
Zoo Management System version 1.0 suffers from a remote shell upload vulnerability. This version originally had a shell upload vulnerability discovered by D4rkP0w4r that leveraged the upload CV flow but this particular finding leverages the saveanimal flow. Exploit Title: Zoo Management System 1....
Macro Expert 4.9 - Unquoted Service Path Vulnerability
Exploit Title: Macro Expert 4.9 - Unquoted Service Path Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro Expert" SC...
Roxy Fileman 1.4.5 - Arbitrary File Upload Vulnerability
Exploit Title: Roxy Fileman 1.4.5 - Arbitrary File Upload Exploit Author: Zer0FauLT email protected Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20190317053437/http://roxyfileman.com/download.php?f=1.4.5-net Version: = 1.4.5 Tested on: Windows 10 and Windows Server...
Label Studio 1.5.0 - Authenticated Server Side Request Forgery Vulnerability
Exploit Title: Label Studio 1.5.0 - Authenticated Server Side Request Forgery SSRF Google Dork: intitle:"Label Studio" intext:"Sign Up" intext:"Welcome to Label Studio Community Edition" Date: 2022-10-03 Exploit Author: @DeveloperNinja, email protected Vendor Homepage:...
Atrocore 1.5.25 Shell Upload Exploit
Title: atrocore-1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Date: 02.16.2023 Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The Create...
macOS Dirty Cow Arbitrary File Write Local Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...
Trend Micro Virtual Mobile Infrastructure 6.0.1278 Denial Of Service Vulnerability
Exploit Title: Trend Micro Virtual Mobile Infrastructure TMVMI version 6 - Denial of Service PoC Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.trendmicro.com/ Software Link: App Store for iOS devices Version: 6.0.1278 Tested: iPhone 6 iOS 12.4.7 Vulnerability Type:...
Zepl Notebook Remote Code Execution Vulnerability
Exploit Title: Zepl Notebook - Remote Code Execution Vendor Homepage: https://zepl.com/ Software Link: https://app.zepl.com/ Version: All previous versions of product to the date of this submission Tested on: The issue affects all versions of the product up to the date of this submission Exploit...
Online Traffic Offense Management System 1.0 - Multiple SQL Injection Vulnerability
Exploit Title: Online Traffic Offense Management System 1.0 - Multiple SQL Injection Unauthenticated Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://www.sourcecodester.com Software Link:...
Student Quarterly Grading System 1.0 - SQL Injection Authentication Bypass Vulnerability
Exploit Title: Student Quarterly Grading System 1.0 - SQLi Authentication Bypass Exploit Author: Blackhan Vendor Homepage: https://www.sourcecodester.com/php/14953/student-quarterly-grading-system-using-php-and-sqlite-free-source-code.html Software Link:...
TotalAV 5.15.69 - Unquoted Service Path Vulnerability
Exploit Title: TotalAV 5.15.69 - Unquoted Service Path Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.totalav.com Software Link: https://download.totalav.com/windows/beta-trial or https://install.protected.net/windows/cdn3/5.15.69/TotalAV.exe Version: 5.15.69 Tested on: Windows 1...
Reptile Rootkit reptile_cmd Privilege Escalation Exploit
This Metasploit module uses Reptile rootkit's reptilecmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch 2019-03-04 on Ubuntu 18.04.3 x64 and Linux Mint 19 x64. This module requires Metasploit:...
WordPress Form Maker 1.13.3 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Form Maker 1.13.3 - SQL Injection Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://10web.io/plugins/ Software Link: https://wordpress.org/plugins/form-maker/ Version: 1.13.3 Tested on:...
Mumsoft Easy Software 2.0 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Mumsoft Easy Software 2.0 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: https://www.munsoft.com/EasyRARRecovery/ Software Link:...
Net-Billetterie 2.9 - login SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Net-Billetterie 2.9 - 'login' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://net-billetterie.tuxfamily.org/ Software Link: https://netix.dl.sourceforge.net/project/netbilletterie/Netbilletterie2.9.zip Version...
Seagate GoFlex Satellite Remote Telnet Default Password Vulnerability
Seagate GoFlex Satellite Mobile Wireless Storage devices contain a hardcoded backdoor account. An attacker could use this account to remotely tamper with the underlying operating system when Telnet is enabled. Title: Seagate GoFlex Satellite Remote Telnet Default Password Publication URL:...
/bin/sh Polymorphic shellcode with printable ASCII characters
Exploit for generator platform in category shellcode ============================================================= /bin/sh Polymorphic shellcode with printable ASCII characters =============================================================...
SofaWiki 3.9.2 - Remote Command Execution (Authenticated) Exploit
Exploit Title: SofaWiki 3.9.2 - Remote Command Execution RCE Authenticated Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Tested Version: v3.9.2 latest Tested on: MacOS import requests import random import...
PopojiCMS Version 2.0.1 - Remote Command Execution Vulnerability
Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on: https://www.softaculous.com/apps/cms/PopojiC...
Magento ver. 2.4.6 - XSLT Server Side Injection Vulnerability
Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: Magento 2.4.6-p3 Version: 2.4.6 Tested on: 2.4.6 POC 1. Enter with admin credentials to this URL: https://magento2demo.firebearstudio.com...
Golden FTP Server 2.02b Denial Of Service Exploit
!/usr/bin/perl use IO::Socket::INET; Exploit Title: Golden FTP Server 2.02b - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 21 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1AK6x0xKwjVZxoNHbCOIJsIiRAWeMmP0/view?usp=sharing Notification...
Gom Player 2.3.92.5362 DLL Hijacking Vulnerability
Exploit Title: Gom Player 2.3.92.5362 - nvcuda.dll DLL Hijacking Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.mrvar0x.com/ Version: 2.3.92.5362 Tested on: Windows 7, Windows 10 A DLL hijacking vulnerability has been discovered Gom Player 2.3.92.5362. When a user loads the...
FreeSWITCH Denial Of Service Exploit
FreeSWITCH versions prior to 1.10.11 remote denial of service exploit that leverages a race condition in the hello handshake phase of the DTLS protocol. include include include include define IP "127.0.0.1" define PORT 5061 int main SSLlibraryinit; SSLloaderrorstrings; OpenSSLaddsslalgorithms;...
Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities
Exploit Title: Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities Google Dork: N/A Date: 25/08/2023 Exploit Author: The Security Team exploitsecurity.io Vendor Homepage: https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570 Software...
Apache Superset 2.0.0 - Authentication Bypass Exploit
Exploit Title: Apache Superset 2.0.0 - Authentication Bypass Exploit Author: MaanVader Vendor Homepage: https://superset.apache.org/ Version: Apache Superset= 1.4.1 b'thisISaSECRET1234', deployment template b'YOUROWNRANDOMGENERATEDSECRETKEY', documentation b'TESTNONDEVSECRET' docker compose def...
SecurePoint UTM 12.x Session ID Leak Vulnerability
ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2023-01-05 Date published: 2023-04-11 CVSSv3 Score: 9.0...
Simple Task Managing System v1.0 - SQL Injection (Unauthenticated) Vulnerability
Exploit Title: Simple Task Managing System v1.0 - SQL Injection Unauthenticated Exploit Author: Hamdi Sevben Vendor Homepage: https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html Software Link:...
CKEditor 5 35.4.0 - Cross-Site Scripting Vulnerability
Exploit Title: CKEditor 5 35.4.0 - Cross-Site Scripting XSS Exploit Author: Manish Pathak Vendor Homepage: https://cksource.com/ Software Link: https://ckeditor.com/ckeditor-5/download/ Version: 35.4.0 Tested on: Linux / Web CVE : CVE-2022-48110 CKSource CKEditor5 35.4.0 was discovered to contain...
WordPress Blog2Social 6.9.11 Missing Authorization Vulnerability
Description: Missing Authorization to Authenticated Subscriber+ Settings Update Affected Plugin: Blog2Social Plugin Slug: blog2social Affected Versions: = 6.9.11 CVE ID: CVE-2022-3622 CVSS Score: 4.7 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Researcher/s: Marco Wotschka Ful...
Bakery Shop Management System 1.0 SQL Injection Vulnerability
Title: Bakery Shop Management System 1.0 - Blind Time SQLi To Rce Author: Hejap Zairy Vendor: https://www.campcodes.com/projects/php/simple-bakery-shop-management-system/ Software: https://www.campcodes.com/wp-content/uploads/2022/02/bsms0.zip Reference: https://github.com/Matrix07ksa Tested on:...
Online Thesis Archiving System 1.0 - SQL injection Authentication Bypass Vulnerability
Exploit Title: Online Thesis Archiving System 1.0 - SQLi Authentication Bypass Exploit Author: Yehia Elghaly YME Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Version: Onli...
Simple Payroll System 1.0 - SQL injection Authentication Bypass Vulnerability
Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...