39001 matches found
DIAEnergie 1.10 SQL Injection Exploit
This Metasploit module exploit a remote SQL injection vulnerability in the CBEC service of DIAEnergie versions 1.10 and below from Delta Electronics. The commands will get executed in the context of NT AUTHORITY\SYSTEM. class MetasploitModule 'DIAEnergie SQL Injection CVE-2024-4548', 'Description...
GL.iNet MT6000 4.5.5 - Arbitrary File Download Exploit
Exploit Title: GL-iNet MT6000 4.5.5 - Arbitrary File Download CVE: CVE-2024-27356 Google Dork: intitle:"GL.iNet Admin Panel" Exploit Author: Bandar Alharbi aggressor Vendor Homepage: www.gl-inet.com Tested Software Link:...
OSGi v3.7.2 (and below) Console - Remote Code Execute Exploit
!/usr/bin/python Exploit Title: OSGi v3.7.2 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...
Academy LMS 6.0 - Reflected XSS Vulnerability
Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Version: 6.0 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4119 Greetin...
GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution Vulnerability
Exploit Title: GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution Exploit Author: p4r4bellum Vendor Homepage: https://getgreenshot.org Software Link: https://getgreenshot.org/downloads/ Version: 1.2.6.10 Tested on: windows 10.0.19045 N/A build 19045 CVE : CVE-2023-34634 GreenSho...
pfSense v2.7.0 - OS Command Injection Exploit
Exploit Title: pfSense v2.7.0 - OS Command Injection Exploit Author: Emir Polat CVE-ID : CVE-2023-27253 class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of...
PHPFusion 9.10.30 - Stored Cross-Site Scripting Vulnerability
Exploit Title: PHPFusion 9.10.30 - Stored Cross-Site Scripting XSS Application: PHPFusion Version: 9.10.30 Bugs: XSS Technology: PHP Vendor URL: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/ Date of found: 28-04-2023 Author: Mirabbas Ağalarov...
GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal Vulnerabilities
Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees C...
IBM Aspera Faspex 4.4.1 - YAML deserialization Remote Code Execution Exploit
Exploit Title: IBM Aspera Faspex 4.4.1 - YAML deserialization RCE Exploit Author: Maurice Lambert Vendor Homepage: https://www.ibm.com/ Software Link: https://www.ibm.com/docs/en/aspera-faspex/5.0?topic=welcome-faspex Version: 4.4.1 Tested on: Linux CVE : CVE-2022-47986 """ This file implements a...
EasyNas 1.1.0 - OS Command Injection Exploit
Exploit Title: EasyNas 1.1.0 - OS Command Injection Exploit Author: Ivan Spiridonov email protected Author Blog: https://xbz0n.medium.com Version: 1.0.0 Vendor home page : https://www.easynas.org Authentication Required: Yes CVE : CVE-2023-0830 !/usr/bin/python3 import requests import sys import...
ImageMagick 7.1.0-49 - Denial Of Service Vulnerability
Exploit Title: ImageMagick 7.1.0-49 - DoS Author: nu11secur1ty Vendor: https://imagemagick.org/ Software: https://imagemagick.en.uptodown.com/windows/download/82953605 Reference: https://portswigger.net/daily-swig/denial-of-service CVE-ID: CVE-2022-44267 Description: ImageMagick 7.1.0-49 is...
Online Pizza Ordering System 1.0 SQL Injection Vulnerability
Exploit Title: Online Pizza Ordering System 1.0 - "id" SQLi Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Download:...
Transposh WordPress Translation 1.0.8.1 Information Disclosure Vulnerability
Transposh WordPress Translation versions 1.0.8.1 and below have an ajax action called "tphistory" which is intended to return data about who has translated a text given by the "token" parameter. However, the plugin also returns the user's login name as part of the "userlogin" attribute. Successfu...
Loki RAT (Relapse) SQL Injection Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/aabb54951546132e70a8e9f02bf8b5baB.txt Contact: email protected Media: twitter.com/malvuln Threat: Loki RAT Relapse Vulnerability: SQL Injection Description: The LokiRAT WebUI panel for LokiRATRelapse.e...
Windows/x86 - Locate kernel32 base address / Stack Crack method NullFree Shellcode (171 bytes)
171 bytes small Windows/x86 shellcode with a new method to find the kernel32 base address by walking down the stack and look for a possible Kernel32 address using a custom SEH handler. Each address found on the stack will be tested using the Exception handling function. If it's valid and starts...
Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated) Vulnerability
Exploit Title: Compro Technology IP Camera - RTSP stream disclosure Unauthenticated Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40379 Some devices have unauthorized access ...
PHPStudy - Backdoor Remote Code execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...
Jira 8.3.4 - Information Disclosure (Username Enumeration) Exploit
Exploit for java platform in category web applications Exploit Title: Jira 8.3.4 - Information Disclosure Username Enumeration Exploit Author: Mufeed VH Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira Version: 8.3.4 Tested on: Pop!OS 19.10 CVE :...
NUUO NVRMini 2 3.9.1 - (sscanf) Stack Overflow Exploit
!/usr/bin/python Exploit Title: NUUO NVRMini2 3.9.1 'sscanf' stack overflow Google Dork: n/a Date: Advisory Published: Nov 18 Exploit Author: @0x00string Vendor Homepage: nuuo.com Software Link: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 and prior Tested on: 3.9.1 CVE :...
BlueStacks 4.80.0.1060 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: BlueStacks 4.80.0.1060 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.bluestacks.com Software: https://www.bluestacks.com/download.html?utmcampaign=bluestacks-4-en Version: 4.80.0.1060 Tested on: Windows 10 Proof of Concept: 1.- R...
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory Vulnerability
Exploit for multiple platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1039 The Samba server is supposed to only grant access to configured share directories unless "wide links" are enabled, in which case the server is allowed to follow symlink...
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference Vulnerability
Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page:...
phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
?php / -------------------------------------------------------------- phpFox = 4.8.13 redirect PHP Object Injection Vulnerability -------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................: n0b0d13satgmaildotcom software...
RoyalTSX 6.0.1 - RTSZ File Handling Heap Memory Corruption PoC
RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption PoC Vendor: Royal Apps GmbH Web page: https://www.royalapps.com Affected version: 6.0.1.1000 macOS Summary: Royal TS is an ideal tool for system engineers and other IT professionals who need remote access to systems with different protocols...
Cinema Booking System 1.0 Cross Site Scripting Vulnerability
Title: Cinema Booking System-1.0 XSS-Reflected Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/car-rental-script/ Reference: https://portswigger.net/web-security/sql-injection Description: The name of an arbitrarily supplied URL parameter is copied in...
Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated) Exploit
-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...
Music Gallery Site v1.0 - Broken Access Control Vulnerability
Exploit Title: Music Gallery Site v1.0 - Broken Access Control Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested on: Windows 11 Broken...
HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Vulnerability
Exploit Title: HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path Exploit Author : Wim Jaap van Vliet Vendor Homepage: www.clevo.com.tw Software Link: https://enstrong.blob.core.windows.net/en-driver/PDXXPNX1/Others/CC301006.zip Version: 2.1.0.6 Tested on: Windows 11 Pro...
Online Notice Board 2022 SQL injection Vulnerability
Title: ONLINE-NOTICE-BOARD-2022 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/razormist Software: https://www.sourcecodester.com/php/14317/online-notice-board-system.html Reference:...
WordPress Stafflist 3.1.2 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin stafflist 3.1.2 - Reflected XSS Authenticated Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A cross site scripting reflected...
Toll Tax Management System v1.0 SQL injection Vulnerability
Title: Toll Tax Management System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-source-code.html Reference:...
Online Car Wash Booking System v1.0 Multiple SQL injection Vulnerability
Title: Online Car Wash Booking System v1.0 Multiple SQLi Author: nu11secur1ty Date: 04.14.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15274/online-car-wash-booking-system-phpoop-free-source-code.html Reference:...
Bank Management System 1.0 SQL Injection Vulnerability
Title: Bank Management System - MCB Bank v1.0 - SQLi Author: nu11secur1ty Vendor: https://www.campcodes.com/projects/php/ by:Tariq Fareeds Software: https://www.campcodes.com/projects/php/bank-management-system-in-php-mysql-free-download/ Reference:...
WordPress Popup Anything 2.0.3 Plugin - (Multiple) Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting XSS Exploit Author: Luca Schembri Vendor Homepage: https://www.essentialplugin.com/ Software Link: https://wordpress.org/plugins/popup-anything-on-click/ Version: 2.0.4 Summary A user with a low privileg...
Denver Smart Wifi Camera SHC-150 - (Telnet) Remote Code Execution Vulnerability
Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested on: Denver SHC-150...
Travel Management System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Travel Management System v1.0 - SQLi Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec and Bobby Cooke boku Vendor Homepage: https://www.projectsworld.in Software Link:...
Teachers Record Management System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Alcatel-Lucent Omnivista 8770 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...
Online Clinic Management System 2.2 - HTML Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Clinic Management System 2.2 - HTML Injection Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system...
Spidermonkey IonMonkey JS_OPTIMIZED_OUT Value Leak Exploit
Spidermonkey IonMonkey can, during a bailout, leak an internal JSOPTIMIZEDOUT magic value to the running script. This magic value can then be used to achieve memory corruption. Spidermonkey: IonMonkey leaks JSOPTIMIZEDOUT magic value to script Related CVE Numbers: CVE-2019-9792. TURN ON "CODE...
The Company Business Website CMS - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: The Company Business Website CMS - 'username' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.codester.com/items/6806/the-company-business-website-cms Demo Site: http://thecompany.morkocbilisim.com...
Android Bluetooth - Blueborne Information Leak (1) Exploit
Exploit for Android platform in category remote exploits from pwn import import bluetooth if not 'TARGET' in args: log.info'Usage: python CVE-2017-0781.py TARGET=XX:XX:XX:XX:XX:XX' exit target = args'TARGET' count = 30 Amount of packets to send port = 0xf BTPSMBNEP context.arch = 'arm'...
osCommerce 2.3.4.1 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 Remote Code Execution Date: 29.0.3.2018 Exploit Author: Simon Scannell - https://scannell-infosec.net Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely to be vulnerable Tested on:...
SantriaCMS SQL Injection Vulnerability
Exploit for php platform in category web applications Author : Troy Date : Thursday, Dec 08, 2011 Location : /home/troy -------- CMS info ----------- Vendor : http://www.jasawebsitemurah.info/cms/ Exploit title : SantriaCMS SQL Injection Vulnerability Dork : "view.php?idArtikel=" Version : Null/1...
Mosaic Commerce (category.php cid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== Mosaic Commerce category.php cid SQL Injection Vulnerability ============================================================== Mosaic Commerce SQL Injection Vulnerability Discover...
DokuWiki <= 2006-03-09b (dwpage.php) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================== DokuWiki = 2006-03-09b dwpage.php Remote Code Execution Exploit ================================================================== !/usr/bin/php -q -d shortopentag=on ?...
RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit
Exploit for unknown platform in category web applications ======================================================================= RunCMS = 1.2 class.forumposts.php Arbitrary Remote Inclusion Exploit ======================================================================= ?php ---runcms13axpl.php...
Ray Agent Job Remote Code Execution Exploit
This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication. This module requires Metasploit: https://metasploit.com/download...
LBT-T300-mini1 - Remote Buffer Overflow Exploit
include include define MAXLEN 256 define BUFFEROVERRUNLENGTH 50 define SHELLCODELENGTH 32 // NOP sled to increase the chance of successful shellcode execution char nopsledSHELLCODELENGTH =...
Femitter FTP Server 1.03 Denial Of Service Exploit
!/usr/bin/perl use Net::FTP; Exploit Title: Femitter FTP Server 1.03 - Denial of Service DoS Discovery by: Fernando Mengali Vendor Homepage: https://acritum.com/ Download to demo: https://drive.google.com/file/d/1GBFmc7tMavA9mMoZPYVlUVUe62dGjBhF/view?usp=sharing Notification vendor: No reported...