39001 matches found
Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Remote Code Execution Expoit
Exploit for php platform in category web applications !/usr/bin/python Exploit Title: Dell KACE Systems Management Appliance K1000 = 6.4.120756 Unauthenticated RCE Version: = 6.4.120756 Author: Julien Ahrens @MrTuxracer Software Link:...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability
The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are...
Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)
Exploit for windows platform in category remote exploits function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var string2 = "BBBB"; while string2.length 500...
PHP-Fusion 7.02.05 XSS / LFI / SQL Injection Vulnerabilities
PHP-Fusion version 7.02.05 suffers from insecure backup handling, cross site scripting, local file inclusion, and remote SQL injection vulnerabilities. Multiple Vulnerabilities in PHP-Fusion 7.02.05 ===================================================== Author: Janek Vind "waraxe" Date: 27. Februa...
Kleeja Upload Script remote read config Vulnerability
Exploit for php platform in category web applications ===================================================== Kleeja Upload Script remote read config Vulnerability ===================================================== + Author : ali.erroor Contact : email protected HomePage :...
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 2
Exploit for unknown platform in category web applications ======================================================================== Woltlab Burning Board = 1.0.2, 2.3.6 search.php SQL Injection Exploit 2 ======================================================================== !/usr/bin/perl Woltla...
Journyx 11.5.4 XML Injection Vulnerability
Journyx version 11.5.4 has an issue where the soapcgi.pyc API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources. Title:...
revive-adserver v5.4.1 - Cross-Site Scripting Vulnerability
Exploit Title: revive-adserver v5.4.1 - Cross-Site Scripting XSS Application: revive-adserver Version: 5.4.1 Bugs: XSS Technology: PHP Vendor URL: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/ Date of found: 31-03-2023 Author: Mirabbas Ağalarov Tested o...
D-Link DIR-846 - Remote Command Execution Vulnerability
Exploit Title: D-Link DIR-846 - Remote Command Execution RCE vulnerability Exploit Author: Françoa Taffarel Vendor Homepage: https://www.dlink.com.br/produto/roteador-dir-846-gigabit-wi-fi-ac1200/suportehttps://www.dlink.com.br/wp-content/uploads/2020/02/DIR846enFW100A53DBR-Retail.zip Software...
NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle Vulnerability
Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...
Purchase Order Management - 1.0 - File Inclusion Vulnerabilities
Title: Purchase Order Management-1.0 - File Inclusion Vulnerabilities - Unprivilage user interaction Author: nu11secur1ty Date: 03.06.2023 Vendor: https://www.sourcecodester.com/user/257130/activity Software:...
Senayan Library Management System 9.2.0 SQL Injection Vulnerability
Title: Senayan Library Management System v9.2.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.2.0/SQLi...
Joomla Rentalot Plus 19.05 Cross Site Scripting Vulnerability
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Les Arbres Design │ │ Software :...
IpMatcher 1.0.4.1 Server-Side Request Forgery Vulnerability
IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors. Exploit Title: SSRF in .N...
ImpressCMS 1.4.2 Authentication Bypass Vulnerability
----------------------------------------------------------------------- ImpressCMS stripSlashesGPC$autologinName; 46. $pass = $myts-stripSlashesGPC$autologinPass; 47. if empty$uname || isnumeric$pass 48. $user = false ; 49. else 50. // V3 51. $uname4sql = addslashes$uname; 52. $criteria = new...
VIVE Runtime Service - (ViveAgentService) Unquoted Service Path Vulnerability
Exploit Title: VIVE Runtime Service - 'ViveAgentService' Unquoted Service Path Exploit Author: Faisal Alasmari Vendor Homepage: https://www.vive.com/ Software Link: https://developer.vive.com/resources/downloads/ Version: 1.0.0.4 Tested: Windows 10 x64 C:\Users\Usersc qc "VIVE Runtime Service" SC...
Slurp 1.10.2 Format String Vulnerability
Exploit Title: Slurp 1.10.2 - Remote Format String Date: 2022-02-12 Author: Milad Karimi slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offe...
WordPress Domain Check 1.0.16 Plugin - Reflected Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Domain Check 1.0.16 - Reflected Cross-Site Scripting XSS Authenticated Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://domaincheckplugin.com/ Software Link: https://wordpress.org/plugins/domain-check/...
uDoctorAppointment v2.1.1 - (Multiple) Cross Site Scripting Vulnerability
Exploit Title: uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting XSS Document Title: =============== uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities Product & Service Introduction: =============================== Clinic management, doctor or therapist online medical appointment...
OpenBMCS 2.4 Remote Privilege Escalation Vulnerability
OpenBMCS 2.4 Create Admin / Remote Privilege Escalation Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your business, the OpenBMCS software has the ability to expand to hundreds of...
Microsoft Windows Kernel Privilege Escalation Exploit
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tracing...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking Exploit
D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution Exploit
Exploit for windows platform in category remote exploits 46.0.1 -- CVE-2016-1960 and ASM.JS JIT-Spray "use strict" var Exploit = function this.asmjs = new Asmjs this.heap = new Heap Exploit.prototype.go = function / target address of fake node object / var nodetargetad...
SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution Exploit
Exploit for php platform in category web applications Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;? 0day.today 2018-03-31...
WordPress WP Live Chat Support 6.2.03 Plugin - Persistent Cross-Site Scripting
Exploit for php platform in category web applications Stored Cross-Site Scripting vulnerability in WP Live Chat Support WordPress Plugin Abstract A stored Cross-Site Scripting vulnerability was found in the WP Live Chat Support WordPress Plugin. This issue can be exploited by an unauthenticated...
vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
SofaWiki 3.9.2 Cross Site Scripting Vulnerability
Exploit Title: SofaWiki 3.9.2 - Stored XSS Authenticated Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A stored XSS exists in SofaWiki's Open Ticket feature. An...
Serendipity 2.5.0 - Remote Code Execution Exploit
Exploit Title: Serendipity 2.5.0 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://docs.s9y.org/ Software Link:https://www.s9y.org/latest Tested Version: v2.5.0 latest Tested on: MacOS import requests import time import random import string from bs4 import...
Blood Bank & Donor Management System using v2.2 - Stored XSS Vulnerability
Exploit Title: Blood Bank & Donor Management System using v2.2 - Stored XSS Application: Blood Donor Management System Version: v2.2 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-bank-donor-management-system-free-download/...
ProSysInfo TFTP Server TFTPDWIN 0.4.2 Denial Of Service Exploit
!/usr/bin/perl use IO::Socket::INET; Exploit Title: ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 20 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1MLqBkCyu0dA-cNgYxCAO8xbsVcof060Z/view?usp=sharin...
Blood Donor Management System v1.0 - Stored XSS Vulnerability
Exploit Title: Blood Donor Management System v1.0 - Stored XSS Application: Blood Donor Management System Version: v1.0 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-donor-management-system-using-codeigniter/ Author: Ehlullah...
eScan Management Console 14.0.1400.2281 - Cross Site Scripting Vulnerability
Exploit Title: eScan Management Console 14.0.1400.2281 - Cross Site Scripting Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31703 Step of Reproduction/ Proof of...
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit Exploit Author: LiquidWorm Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass Exploit Vendor: Sielco S.r.l Product web page: https://www.sielco.org...
Auto Dealer Management System v1.0 - SQL Injection Vulnerability (2)
Exploit Title: Auto Dealer Management System v1.0 - SQL Injection in sellvehicle.php Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0913 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System...
SuperMailer v11.20 - Buffer overflow DoS Vulnerability
Exploit Title: SuperMailer v11.20 - Buffer overflow DoS Exploit Author: Rafael Pedrero Vendor Homepage: https://int.supermailer.de/downloadnewslettersoftware.htm Software Link : https://int.supermailer.de/smintsw.zip / https://int.supermailer.de/smintswx64.zip Tested Version: v11.20 32bit/64bit...
Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal Vulnerability
Exploit Title: Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal Exploit Author: LiquidWorm Vendor: CAREL INDUSTRIES S.p.A. Product web page: https://www.carel.com Affected version: Firmware: A2.1.0 - B2.1.0 Application Software: 2.15.4A Software version: v16 13020200 Summary: pCO...
D-LINK DAP-1620 A1 v1.01 - Directory Traversal Vulnerability
Exploit Title: DLINK DAP-1620 A1 v1.01 - Directory Traversal Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://me.dlink.com/consumer Version: DAP-1620 - A1 v1.01 Tested on: Linux CVE : CVE-2021-46381 POST /apply.cgi HTTP/1.1 Content-Type: application/x-www-form-urlencoded Refere...
SAFARI Montage 8.5 - Reflected Cross Site Scripting Vulnerability
Exploit Title: SAFARI Montage 8.5 - Reflected Cross Site Scripting XSS Exploit Author: Momen Eldawakhly - Cyber Guy - Resecurity Inc Vendor Homepage: https://www.safarimontage.com/ Version: 8.3 and 8.5 Tested on: Ubuntu Linux Firefox CVE: CVE-2021-45425 Proof of Concept: GET...
Socket.io-file 2.0.31 - Arbitrary File Upload Exploit
Exploit for multiple platform in category web applications...
QRadar Community Edition 7.3.1.6 Default Credentials Vulnerability
QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including encrypted credentials and host tokens. With these host tokens it is...
Cacti 1.2.8 - Unauthenticated Remote Code Execution Exploit
Exploit for multiple platform in category web applications !/usr/bin/python3 Exploit Title: Cacti v1.2.8 Unauthenticated Remote Code Execution Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 import...
Reliable Datagram Sockets (RDS) rds_atomic_free_op Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Reliable Datagram Sockets RDS rdsatomicfreeop NULL pointer dereference Privilege Escalation', 'Description' = %q This module attempts to gain roo...
FTP Commander Pro 8.03 - Local Stack Overflow Exploit
Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor: http://www.internet-soft.com/ Software Link:...
Linux/ARM64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (164 bytes)
/ Title: Linux/ARM64 - Bind 4444/TCP Shell /bin/sh + Null-Free Shellcode 164 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu...
Windows/x86 - Start iexplore.exe (http://192.168.10.10/) Shellcode (191 Bytes)
191 bytes small Windows/x86 start iexplore.exe shellcode. / Title: start iexplore.exe Author: Joseph McDonagh Shellcode length 191 Could be smaller if the app your are exploiting loads msvcrt. Purpose: Use the start command to open internet explorer and connect to a malicious web server The comma...
Thunderbird ESR < 60.7.XXX - icalmemorystrdupanddequote Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...
Microsoft Windows (x84) - Task Scheduler (.job) Import Arbitrary Discretionary Access Control List
Exploit for windows platform in category local exploits Microsoft Windows x84 - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List Write / Local Privilege Escalation Task Scheduler .job import arbitrary DACL write Tested on: Windows 10 32-bit Bug information: There are two...
CMS Made Simple 2.2.7 Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: CMS Made Simple 2.2.7 - Remote Code Execution Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...
EQdkp <= 1.3.0 (dbal.php) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================= EQdkp = 1.3.0 dbal.php Remote File Inclusion Vulnerability ============================================================= Title: EQdkp = 1.3.0 Remote File Inclusion URL:...
WordPress A/B Image Optimizer 3.3 Plugin Arbitrary File Download Vulnerability
WordPress Plugin A/B Image Optimizer plugin versions 3.3 and below suffers from an arbitrary file download vulnerability. CVE-2025-25163 Plugin A/B Image Optimizer = 3.3 - Authenticated Subscriber+ Arbitrary File Download Description The Plugin A/B Image Optimizer plugin for WordPress is vulnerab...