39001 matches found
Joomla Akeeba Kickstart Unserialize Remote Code Execution Exploit
This Metasploit module exploits a vulnerability found in Joomla! through 2.5.25, 3.2.5 and earlier 3.x versions and 3.3.0 through 3.3.4 versions. The vulnerability affects the Akeeba component, which is responsible for Joomla! updates. Nevertheless it is worth to note that this vulnerability is...
Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================================== Woltlab Burning Board Lite 1.0.2 decodecookie SQL Injection Exploit ====================================================================== ?php printr'...
FlatPress v1.3 - Remote Command Execution Exploit
Exploit Title: FlatPress v1.3 - Remote Command Execution Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://www.flatpress.org Software Link: https://github.com/flatpressblog/flatpress/archive/1.3.zip Tested Version: 1.3 latest Tested on: MacOS import requests import time import random impo...
Savsoft Quiz v6.0 Enterprise - Stored XSS Vulnerability
Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting Exploit Author: Eren Sen Vendor: SAVSOFT QUIZ Vendor Homepage: https://savsoftquiz.com Software Link: https://savsoftquiz.com/web/index.php/online-demo/ Version: 6.0 CVE-ID: N/A Tested on: Kali Linux / Windows 10...
UPS Network Management Card 4 - Path Traversal Vulnerability
Exploit Title: UPS Network Management Card 4 - Path Traversal Google Dork: inurl:nmc inurl:logon.htm Exploit Author: Víctor García Vendor Homepage: https://www.apc.com/ Version: 4 Tested on: Kali Linux CVE: N/A PoC: curl -k...
Firefox v.117 Denial Of Service Exploit
This is barely a DoS, but since Chrome has explicit protection against it, we decided to disclose it. If firefox user visits a specially crafted page, then firefox may create many files in /Downloads, The user is notified about this in a small dialog, but there is no option to stop the downloads...
projectSend r1605 - Stored XSS Vulnerability
Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...
WBiz Desk 1.2 SQL Injection Vulnerability
Exploit Title: WBiz Desk 1.2 - SQL Injection CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: WBiz Desk Application Version: 1.2 Link:...
Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Vulnerability
Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...
Microsoft Excel Spoofing Vulnerability
Title: Microsoft Excel Spoofing Vulnerability Author: nu11secur1ty Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/ CVE-2023-23398 Description: The attack itself is carried out locally...
Yoga Class Registration System 1.0 Cross Site Scripting Vulnerability
Exploit Title: Yoga Class Registration System - Cross Site Scripting Vulnerability Authenticated Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.ht...
Tiki Wiki CMS Groupware 24.0 structlib.php Code Execution Vulnerability
-------------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 24.0 structlib.php PHP Code Injection Vulnerability -------------------------------------------------------------------------------- - Software Link: https://tiki.org - Affected Versions:...
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read Vulnerability
======================================================================= title: Multiple Memory Corruption Vulnerabilities product: COVESA DLT daemon Diagnostic Log and Trace Connected Vehicle Systems Alliance COVESA, formerly GENIVI vulnerable version: = 2.18.8 fixed version: current master branc...
Mobile Mouse 3.6.0.4 Remote Code Execution Exploit
Exploit Title: Mobile Mouse 3.6.0.4 Remote Code Execution Exploit Author: Chokri Hammedi Vendor Homepage: https://mobilemouse.com/ Software Link: https://www.mobilemouse.com/downloads/setup.exe Version: 3.6.0.4 Tested on: Windows 10 Enterprise LTSC Build 17763 !/usr/bin/env python3 import socket...
Fast CD Ripper V1.8rc1 Denial of Service Exploit
Exploit Title: Fast CD Ripper V1.8rc1 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.litexmedia.com Software Link: https://en.softonic.com/download/fast-cd-ripper/windows/post-download Exploit Author: Achilles Tested Version: V1.7-V1.8rc1 Tested on: Windows 7 x64 1.- Run...
Joomla! 4.1.0 Zip Slip File Overwrite / Path Traversal Vulnerabilities
Joomla! versions 4.1.0 and below suffer from path traversal and file overwrite vulnerabilities due to misplaced trust in the handling of compressed archives. ------------------------------------------------- Joomla! getTarInfo$this-data; 114. 115. for $i = 0, $n = \count$this-metadata; $i...
WOW21 5.0.1.9 - (Service WOW21_Servic) Unquoted Service Path Vulnerability
Exploit Title: WOW21 5.0.1.9 - 'Service WOW21Service' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Vendor : ilwebmaster21 Version : WOW21Service 5.0.1.9 Vendor Homepage : https://wow21.life/ Tested on OS: Windows 10 Pro x64 PoC : ============== C:\sc qc WOW21Service SC...
WordPress ProfilePress 3.1.3 Plugin - Privilege Escalation (Unauthenticated) Exploit
Exploit Title: WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation Unauthenticated Exploit Author: Numan Rajkotiya Vendor Homepage: https://profilepress.net/ Software Link: https://downloads.wordpress.org/plugin/wp-user-avatar.3.0.zip Version: 1 ProfilePress Formerly WP User Avatar 3.0 -...
Product Key Explorer 4.2.0.0 - (Key) Denial of Service Exploit
Exploit Title: Product Key Explorer 4.2.0.0 - 'Key' Denial of Service POC Discovery by: SajjadBnd Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested ...
Webiness Inventory 2.3 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
Bonza-Cart E-Commerce - SQLi/XSS Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
PHPWebThings <= 1.4 (forum) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================= PHPWebThings / && print "+ MD5 hash of password is: $1\n"; print "- Unable to retrieve hash of password\n" if!$1; 0day.today 2018-04-08...
ABB Cylon Aspect 3.08.01 Active Debug Data Exposure Vulnerability
ABB Cylon Aspect version 3.08.01 is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information. ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page:...
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vulnerability
Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables...
GNOME Files 43.4 Privilege Escalation Vulnerability
GNOME Files version 43.4 nautilus on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges. Affected: GNOME Files 43.4 nautilus on fedora 37 Description: If an user A opens in GNOME files zip archive containing setuid file F,...
MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path (MTSchedulerService) Vulnerabil
Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService" Vulnerability Exploit Author: Idan Malihi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.7 Tested on: Microsoft Windows 10 Pro...
PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting Vulnerability
Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please login from this...
Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password Vulnerability
!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX...
Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Vulnerability
Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3 FPGA:10....
flatnux 2021-03.25 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: flatnux-2021-03.25 - Remote Code Execution Authenticated Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://en.altervista.org Software Link: http://flatnux.altervista.org/flatnux.html Version: 2021-03.25 Tested on: Windows/Linux POST...
Employee Task Management System v1.0 - SQL Injection Vulnerability
Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version:...
Responsive FileManager 9.9.5 - Remote Code Execution Exploit
Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution RCE Exploit Author: Galoget Latorre @galoget Vendor Homepage: https://responsivefilemanager.com Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.9.5/responsivefilemanager.zip Dockerfile:...
RSA NetWitness Endpoint EDR Agent 12.x Incorrect Access Control / Code Execution
RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands. + Credits: John Page aka hyp3rlinx + Websit...
Joomla Sexy Polling 2.1.7 SQL Injection Vulnerability
SexyPolling SQL Injection ==================== | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...
WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin uleak-security-dashboard 1.2.3 - Stored Cross-Site Scripting Authenticated Date: 31-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/uleak-security-dashboard/ Version: 1.2.3 Tested on: Firefox Contact me: h at...
Student Grading System v1.0 SQL Injection Vulnerability
Title: Student Grading System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14522/student-grading-system-using-phpmysql-source-code.html Reference:...
Datarobot Remote Code Execution Vulnerability
Exploit Title: Datarobot -- Remote Code Execution Vendor Homepage: https://www.datarobot.com Software Link: https://app.datarobot.com/ Version: TBD - awaiting build version from vendor Tested on: The issue affects all versions of the product up to the date of this submission Exploit Authors: Mike...
Exam Reviewer Management System 1.0 - (id) SQL Injection Vulnerability
Exploit Title: Exam Reviewer Management System 1.0 - ‘id’ SQL Injection Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...
AnyDesk GUI Format String Write Exploit
The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...
DHCP Client - Command Injection (DynoRoot) Exploit
Exploit for linux platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DHCP Client Command Injection DynoRoot', 'Description' = %q This module exploits the...
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow Exploit
Exploit for multiple platform in category dos / poc ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open three...
e107 Plugin - Tap Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
AirOs (NanoStation,AirGrid) M5 Multiple Vulnerabilities
Exploit for hardware platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1...
ABB Cylon FLXeon 9.3.4 cert.js System Logs Information Disclosure Vulnerability
ABB Cylon FLXeon version 9.3.4 has an issue where an authenticated attacker can access sensitive information via the system logs page of ABB Cylon FLXeon controllers. The logs expose critical data, including the OpenSSL password for stored certificates. This information can be leveraged for furth...
PHP CPMS 2.0 Shell Upload Exploit
PHP CPMS version 2.0 suffers from a remote shell upload vulnerability...
Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS Vulnerabilities
Exploit Title:Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS Exploit Author: Hakkı TOKLU Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: 1.0 Tested on: Windows 11 / PHP...
MajorDoMo Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in MajorDoMo versions before 0662e5e. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MajorDoMo Command Injection', 'Descriptio...
Coppermine Gallery 1.6.25 - Remote Code Execution Vulnerability
Exploit Title: coppermine-gallery 1.6.25 RCE Application: coppermine-gallery Version: v1.6.25 Bugs: RCE Technology: PHP Vendor URL: https://coppermine-gallery.net/ Software Link: https://github.com/coppermine-gallery/cpg1.6.x/archive/refs/tags/v1.6.25.zip Date of found: 05.09.2023 Author: Mirabba...
D-LINK DPH-400SE - Exposure of Sensitive Information Vulnerability
Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the web portal, the...
Kardex Mlog MCC 5.7.12 - Remote Code Execution Exploit
!/usr/bin/env python3 Exploit Title: Kardex Mlog MCC 5.7.12 - RCE Remote Code Execution Date: 12/13/2022 Exploit Author: Patrick Hener Vendor Homepage: https://www.kardex.com/en/mlog-control-center Version: 5.7.12+0-a203c2a213-master Tested on: Windows Server 2016 CVE : CVE-2023-22855 Writeup:...