39001 matches found
Wordpress ImageMagick-Engine 1.7.4 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: Wordpress Plugin ImageMagick-Engine 1.7.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:"/wp-content/plugins/imagemagick-engine/" Date: Thursday, September 1, 2022 Exploit Author: ABDO10 Vendor Homepage: https://wordpress.org/plugins/imagemagick-engine/ Software Link...
Real Player 16.0.3.51 - external::Import() Directory Traversal to Remote Code Execution Exploit
Exploit Title: Real Player 16.0.3.51 - 'external::Import' Directory Traversal to Remote Code Execution RCE Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: ver. 16.00.282, 16.0.3.51, Cloud 17.0.9.17, v.20.0.7.309 Tested on: Windows 7,...
Fast Food Ordering System 1.0 SQL Injection Vulnerability
Title: Fast Food Ordering System 1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15366/fast-food-ordering-system-phpoop-free-source-code.html Reference:...
FFS Colibri Controller Module 1.8.19.8580 Directory Traversal Vulnerability
============== Author ============== = Name: Momen Eldawakhly Cyber Guy = Company: Cypro.se ====================================== ============== Product ============== = Vendor: Franklin Fueling Systems = Product: FFS Colibri Controller Module = Version: 1.8.19.8580...
DEOS AG OPEN 710/810 Cross Site Scripting Vulnerability
Title: DEOS control systems GmbH - OPEN 710/810 EMS Cross Site Scripting Vulnerability Vendor page: https://www.deos-ag.com/en/ Exploit Author: n4pst3r Tested on: Debian POST /cgi-bin/option.cgi?function=2 HTTP/1.1 Content-Length: 83 Content-Type: application/x-www-form-urlencoded Referer:...
Ericsson Network Location MPS GMPC21 - Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Privilege Escalation Meow Variant', 'Description' = %q This module exploits privilege escalation vulnerability in...
Blood Bank System 1.0 - SQL Injection / Authentication Bypass Vulnerabilities
Exploit Title: Blood Bank System 1.0 - SQL Injection / Authentication Bypass Exploit Author: Nitin Sharma vidvansh Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code/ Software Link : https://download.code-projects.org/details/f44a4ba9-bc33-48c3-b030-02f62117d230 Version...
SAPIDO RB-1732 - Remote Command Execution Exploit
Exploit Title: SAPIDO RB-1732 command line execution Exploit Author: k1nm3n.aotoi Vendor Homepage: http://www.sapido.com.tw/ Software Link: http://www.sapido.com.tw/CH/data/Download/firmware/rb1732/tc/RB-1732TCv2.0.43.bin Version: RB-1732 V2.0.43 Tested on: linux import requests import sys def...
Liferay Portal 7.1 CE GA=3 / SimpleCaptcha API - Cross-Site Scripting Vulnerability
Exploit for jsp platform in category web applications Exploit Title: Liferay Portal ” / or ” /. A customized Liferay portlet which directly calls the Simple Captcha API without sanitizing the input could be susceptible to this vulnerability. Poc In a sample scenario of custom code calling the ” /...
Bosch Video Management System 8.0 - Configuration Client Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Bosch Video Management System 8.0-Configuration Client-Denial of Service Poc Discovery by: Daniel Software Name: Bosch Video Management System Software Version: 8.0 Vendor Homepage:...
DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload Vulnerabilities
Exploit for php platform in category web applications Exploit Title: DoceboLMS 1.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.spaghettilearning.com/ Software Link:...
Blue Server 1.1 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Blue Server 1.1 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mafiatic.org/ Software Link: https://master.dl.sourceforge.net/project/blueserver/Blue-Server-1.1.exe Version: 1.1 Category: Dos Teste...
Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability
Exploit for php platform in category web applications Exploit Title : Joomla ComAjax Component Jsnextfw Plugin JformArticle Incorrect Default Permission Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/10/2018 Vendor Homepage : joomla.org Tested On...
GeoVision GV-SNVR0811 Directory Traversal Vulnerability
Exploit for linux platform in category web applications Exploit Title: GeoVision GV-SNVR0811 Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811 Software Link:...
Compop Online Mall 3.5.3 Authentication Bypass Vulnerability
Exploit Title: Compop Online Mall Authentication Bypass Google Dork: Terms of Use inurl:compop.vip Exploit Author: dmlino Vendor Homepage: https://www.compop.ca/ Version: 3.5.3 CVE : CVE-2024-48445 Vulnerability Overview: The system uses a Unix timestamp "ts" parameter in URLs for authentication,...
Dotclear 2.29 - Remote Code Execution Exploit
Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on: MacOS import requests import...
Kemp LoadMaster Local sudo Privilege Escalation Exploit
This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such,...
Tourism Management System 2.0 Shell Upload Vulnerability
Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/tourism-management-system-free-download/ Version: 2.0 Tested on: Windows 10 Pro Impact: Allows admin to upload all files to t...
Gom Player 2.3.92.5362 Buffer Overflow Exploit
Exploit Title: Gom Player 2.3.92.5362 - Buffer Overflow PoC Discovered by: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.gomlab.com/en Tested Version: 2.3.92.5362 Tested on: Windows 7, Windows 10 - Open GOM Player - Click on the settings - From the menu, select Audio -- Equalizer - Click on...
Drupal H5P Module 2.0.0 Zip Slip Traversal Vulnerability
------------------------------------------------------------------ Drupal H5P Module statIndex$i'name'; 892. 893. if pregmatch'/^.|/./', $fileName !== 0 894. continue; // Skip any file or folder starting with a . or 894. This regex check should be enough to prevent path traversal attacks through...
CLink Office 2.0 SQL Injection Vulnerability
Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console Exploit Author: Erwin Chan, Stephen Tsoi Vendor Homepage: https://www.communilink.net/ Softwar: CLink Office Version: 2.0 Tested on: CLink Office 2.0 Anti-Spam management console...
Moodle Pre-Auth Remote Code Execution 0day Exploit
The exploit allow remote code execution, work with default installations and should not require any authentication or user interaction. 0day exploit affecting recent versions of Moodle...
Hospital Management Startup 1.0 - (Multiple) SQL injection Vulnerability
Exploit Title: Hospital Management Startup 1.0 - 'loginid' SQLi Exploit Author: nu11secur1ty Vendor: https://github.com/kabirkhyrul Software: https://github.com/kabirkhyrul/HMS CVE-2022-23366 Description: The loginid and password parameters from Hospital Management Startup 1.0 appear to be...
Hospital Management System 4.0 SQL Injection Vulnerability
Hospital Management System version 4.0 suffers from multiple remote SQL injection vulnerabilities. Original discovered of SQL injection in this version is attributed to Metin Yunus Kandemir in January of 2020. Title: Hospital Management System v4.0 Multiple SQL-Injections Author: nu11secur1ty...
Hospitals Patient Records Management System 1.0 - (room_types) Stored XSS Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomtypes' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Employee Record Management System 1.2 - (empid) SQL injection Vulnerability
Title: Employee Record Management System 1.2 - 'empid' SQL injection Unauthenticated Exploit Author: Anubhav Singh Vendor Homepage: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/ Version: 1.2 Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=8967...
Phpwcms 1.9.30 - File Upload to XSS Vulnerability
Exploit Title: Phpwcms 1.9.30 - File Upload to XSS Exploit Author: Okan Kurtulus | okankurtulus.com.tr Software Link: http://www.phpwcms.org/ Version: 1.9.30 Tested on: Ubuntu 16.04 Steps: 1- You need to login to the system. http://target.com/phpwcms/login.php 2- Creating payload with SVG...
Linux/x86 - Egghunter(0x50905090) + sigaction + execve(/bin/sh) Shellcode (35 bytes)
Exploit Title: Linux/x86 - Egghunter0x50905090 + sigaction + execve/bin/sh Shellcode 35 bytes Author: danf42 Platform: Linux/x86 / sigaction2 approach to egghunting as described in the paper "Safely Searching Process Virtual Address Space" by skape The shellcode prepares the registers to start th...
snap - seccomp BBlacklist for TIOCSTI can be Circumvented Exploit
/ snap uses a seccomp filter to prevent the use of the TIOCSTI ioctl; in the source code, this filter is expressed as follows: TIOCSTI allows for faking input man ttyioctl TODO: this should be scaled back even more ioctl - !TIOCSTI In the X86-64 version of the compiled seccomp filter, this result...
Pixel Studio 2.17 - Denial of Service Exploit
Exploit Title: Pixel Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbpixelstudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Pixel...
Budabot 4.0 Denial Of Service Vulnerability
Exploit for php platform in category dos / poc 4.0 Tested on: 4.0 CVE: CVE-2018-19290 1. Description In modules/HELPBOTMODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in...
Teltonika RUT9XX Unauthenticated OS Command Injection Exploit
Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges...
WallScript-Powerful Wallpaper Site Script Persistent Xss Vulnerability
Exploit for php platform in category web applications ====================================================================== WallScript-Powerful Wallpaper Site Script Persistent Xss Vulnerability ======================================================================...
Craft CMS Twig Template Injection / Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Craft CMS Twig Template Injection RCE via FTP Templates Path', 'Description' = %q This module exploits a Twig template injection vulnerability in...
ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path Vulnerability
Exploit Title: ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Vendor : https://www.eset.com Version : 17.0.16.0 Tested on OS: Microsoft Windows 10 pro x64 C:\wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v...
Nokia ASIKA 7.13.52 - Hard-coded private key disclosure Exploit
// Exploit Title: Nokia ASIKA 7.13.52 - Hard-coded private key disclosure // Exploit Author: Amirhossein Bahramizadeh // Category : Hardware // Vendor Homepage: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25187/ // Version: 7.13.52 REQUIRED // Tested on:...
PHP Restaurants 1.0 - SQL injection Authentication Bypass & Cross Site Scripting Vulnerabilities
Exploit Title: PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting XSS Exploit Author: Or4nG.M4n Vendor Homepage: https://github.com/jcwebhole Software Link: https://github.com/jcwebhole/phprestaurants Version: 1.0 functions.php function login global $conn; $email =...
SoftExpert (SE) Suite v2.1.3 - Local File Inclusion Vulnerability
Exploit Title: SoftExpert SE Suite v2.1.3 - Local File Inclusion Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.softexpert.com/ Version: 2.0 target=$1 u=$2 p=$3 file=$echo -n "$4"|base64 -w 0 end="\0330m\e0m" red="\e0;31m\0331m" blue="\e0;34m\0331m" echo -e "\n$4 : $file\...
Online Examination System 1.0 SQL Injection Vulnerability
Exploit Title: Online Examination System - SQL Injection Exploit Author: yousef alraddadi - https://twitter.com/y0usef11 Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-examination/ Software Link:...
WordPress Testimonial Slider and Showcase 2.2.6 Plugin - Stored XSS Vulnerability
Exploit Title: WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting XSS Exploit Author: saitamang , yunaranyancat , syad Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version: 2.2.6 Tested on:...
WordPress Hummingbird Plugin < 3.3.2 - Stored Cross-Site Scripting Vulnerability
Tittle: WordPress Plugin Hummingbird Configs edit the "Name and Description" and put the following payload in the Name field: Save and Click 'Apply' to trigger the XSS Go to Hummingbird's Settings Configs and Upload the following config "id": 1, "name": "", "description": "Xss", "config":...
Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery Vulnerability
Exploit Title: Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery CSRF Exploit Author: LiquidWorm Vendor Homepage: https://www.axesstmc.com/cloki/ !-- Zucchetti Axess CLOKI Access Control 1.64 CSRF Disable Access Control Vendor: Zucchetti Axess S.p.A. Product web page:...
Fuel CMS 1.4.1 - Remote Code Execution Exploit (3)
Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...
Pharmacy Point of Sale System 1.0 - (Add New User) Cross-Site Request Forgery Vulnerability
Exploit Title: Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery CSRF Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Online Employees Work From Home Attendance System 1.0 - SQL injection Authentication Bypass Vulnerab
Exploit Title: Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14981/online-employees-work-home-attendance-system-php-and-sqlite-free-source-code.html Software Link:...
Online Traffic Offense Management System 1.0 - Multiple Remote Code Execution Vulnerability
Exploit Title: Online Traffic Offense Management System 1.0 - Multiple RCE Unauthenticated Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://www.sourcecodester.com Software Link:...
Zen Load Balancer 3.10.1 - Remote Code Execution Exploit
Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...
PHPKB Multi-Language 9 image-upload.php Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.p...
Inateck 2.4 GHz Wireless Presenter WP1001 Keystroke Injection Vulnerability
Product: 2.4 GHz Wireless Presenter WP1001 Manufacturer: Inateck Affected Versions: Rev. v1.3C Tested Versions: Rev. v1.3C Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk Level: High Solution Status: Open Manufacturer Notification:...
PHP Mass Mail 1.0 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP Mass Mail 1.0 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: https://phpmassmail.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/phpmassmail/phpmassmail/1.0.0/phpmassmail.zip...