39001 matches found
WordPress Frontend Uploader 1.3.2 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin Frontend Uploader 1.3.2 - Stored Cross Site Scripting XSS Unauthenticated Exploit Author: Veshraj Ghimire Vendor Homepage: https://wordpress.org/plugins/frontend-uploader/ Software Link: https://plugins.trac.wordpress.org/browser/frontend-uploader/ Version: 1.3.2...
Online Traffic Offense Management System 1.0 - Privilage escalation Vulnerability
Exploit Title: Online Traffic Offense Management System 1.0 - Privilage escalation Unauthenticated Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://www.sourcecodester.com Software Link:...
Microsoft Server Message Block 3.1.1 (SMBv3) Compression Buffer Overflow Exploit
A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. This module requires Metasploit...
MicroStrategy Intelligence Server And Web 10.4 XSS / Disclosure / SSRF / Code Execution Vulnerabilit
Exploit for multiple platform in category web applications Exploit Title: MicroStrategy Intelligence Server and Web 10.4 - multiple vulnerabilities Exploit Author: RedTimmy Security Authors blog: https://www.redtimmy.com/web-application-hacking/another-ssrf-another-rce-the-microstrategy-case/...
ASUS AXSP 1.02.00 - (asComSvc) Unquoted Service Path Vulnerability
Exploit Title: ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path Discovery by: Roberto Piña Vendor Homepage: https://www.asus.com/ Software Link :https://dlcdnets.asus.com/pub/ASUS/misc/utils/AISuite3Win10H97M-ProV10102.zip?ga=2.170180192.1334401606.1583873755-790266082.1583873755 Tested...
Cisco RV320 Unauthenticated Configuration Export Vulnerability
The configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor. Cisco RV320 Unauthenticated Configuration Export Vulnerability Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly...
libSSH - Authentication Bypass Exploit
!/usr/bin/env python3 import paramiko import socket import argparse from sys import argv, exit parser = argparse.ArgumentParserdescription="libSSH Authentication Bypass" parser.addargument'--host', help='Host' parser.addargument'-p', '--port', help='libSSH port', default=22...
PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution Exploit
Exploit for php platform in category web applications !/usr/bin/python Exploit Title: RCE for PHPMailer 5.2.20 with Exim MTA Date: 16/06/2017 Exploit Author: @phacktul Software Link: https://github.com/PHPMailer/PHPMailer Version: 5.2.20 Tested on: Debian x86/x64 CVE :...
PHPMailer 5.2.20 - Remote Code Execution Exploit
Exploit for php platform in category web applications !/usr/bin/python intro = """ PHPMailer RCE PoC Exploits PHPMailer 5.2.18 Remote Code Execution PoC Exploit CVE-2016-10033 + PHPMailer 5.2.20 Remote Code Execution PoC Exploit CVE-2016-10045 the bypass of the first patch for CVE-2016-10033...
PHP DateTime Use After Free Vulnerability
Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod...
Template CMS (FCKEditor) File Upload Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 »...
Symlink bypass Vulnerability
Exploit for php platform in category web applications mail : email protected + Exploit Title: symlink bypass vulnerability + Author : 3H34N + E-mail : email protected + Platform : Tested on: linux symlink bypass with ini method when you symlink /etc/passwd and you can read it but symlink...
PHP-Nuke Module PostGuestbook 0.6.1 (tpl_pgb_moddir) RFI Vulnerability
Exploit for unknown platform in category web applications ====================================================================== PHP-Nuke Module PostGuestbook 0.6.1 tplpgbmoddir RFI Vulnerability ====================================================================== PostGuestbook...
Open eShop 2.7.0 Cross Site Scripting Vulnerability
Exploit Title: Open eShop Version : 2.7.0 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: http://www.open-eshop.com/ Version : 2.7.0 1 Go to home page https://127.0.0.1/OpeneShop 2 Write url this payload : test.html" 3 After save it you will be see xss alert...
WBCE CMS 1.6.1 Shell Upload Vulnerability
Exploit Title: WBCE CMS Version : 1.6.1 Remote Command Execution Exploit Author: tmrswrr Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.1.zip Version: 1.6.1 Tested on: https://www.softaculous.com/apps/cms/WBCECMS POC: 1 Login with admin...
HiSecOS 04.0.01 - Privilege Escalation Exploit
Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Exploit Author: dreizehnutters Vendor Homepage: https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=15437&mediaformatid=50063&destinationid=10016 Version...
Advanced Host Monitor v12.56 - Unquoted Service Path Vulnerability
Exploit Title: Advanced Host Monitor v12.56 - Unquoted Service Path CVE: CVE-2023-2417 Exploit Author: MrEmpy Vendor Homepage: https://www.ks-soft.net Software Link: https://www.ks-soft.net/hostmon.eng/downpage.htm Version: 12.56 Tested on: Windows 10 21H2 Title: ================ Advanced Host...
Art Gallery Management System Project v1.0 - SQL Injection (Unauthenticated) Vulnerability
Exploit Title: Art Gallery Management System Project v1.0 - SQL Injection sqli Unauthenticated Exploit Author: Rahul Patwari Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/projects/Art-Gallery-MS-PHP.zip Version: 1.0 Tested on: XAMPP / Windows 10 CVE : CVE-2023-231...
Senayan Library Management System 9.0.0 SQL Injection Vulnerability
Title: Senayan Library Management System v9.0.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.0.0/slims9bulian-9.0.0.zip Reference:...
Zentao Project Management System 17.0 Remote Code Execution Exploit
Exploit Title: Zentao Project Management System 17.0 - Authenticated Remote Code Execution Exploit Author: mister0xf Software Link: https://github.com/easysoft/zentaopms Version: tested on 17.0 probably works also on newer/older versions Tested On: Kali Linux 2022.2 Exploit Tested Using: Python...
Infix LMS 4.3.0 IFRAME Injection Vulnerability
Exploit Title: Infix LMS - Learning Management System IFRAME Injection Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/infixlms-learning-management-system/30626608 Version: 4.3.0 Tested on Ubuntu 18.04 sign up as teacher go course page...
FE File Explorer 11.0.4 Local File Inclusion Exploit
Exploit Title: FE File Explorer 11.0.4 Local File inclusion Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/fe-file-explorer-file-manager/id510282524 Version: 11.0.4 Tested on: iPhone ios 15.6 from ftplib import FTP import...
Online Employee Leave Management System 1.0 Cross Site Request Forgery Vulnerability
Exploit Title: Online Employee Leave Management System 1.0 - Cross-Site Request Forgery addemployee.php Exploit Author: Amolo Hunters Software Link: https://www.sourcecodester.com/php/15374/online-employee-leave-management-system-php-free-source-code.html Version: 1.0 Tested on: Linux Title:...
WordPress Booking Calendar 9.1 PHP Object Injection / Insecure Deserialization Vulnerabilities
On April 18, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for an Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations. We received a response the same day and sent over our full disclosure early the next...
Delta Controls enteliTOUCH 3.40.3935 Cross Site Request Forgery Vulnerability
enteliTouch CSRF CSRF Add User: input type=...
Medical Hub Directory Site 1.0 Shell Upload Vulnerability
Title: Medical Hub Directory Site 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15252/simple-medical-hub-directory-site-phpoop-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/mhds.zip Reference:...
Fingerprint Attendance 1.0 SQL Injection Vulnerability
Title: Fingerprint Attendance 1.0 Blind boolean SQLi To Rce Author: Hejap Zairy Vendor: https://www.vetbossel.in/fingerprint-attendance-project-php/ Software: https://app.box.com/s/xlyqalhvayq8oi25tqykcbouzrrjytqy Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache Steps 1...
Microweber 1.2.11 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Microweber 1.2.11 - Remote Code Execution RCE Authenticated Google Dork: NA Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber Version: 1.2.11 Tested on: KALI OS CVE : CVE-2022-0557...
VUPlayer 2.49 - (.wax) Local Buffer Overflow (DEP Bypass) Exploit
Exploit Title: VUPlayer 2.49 - '.wax' Local Buffer Overflow DEP Bypass Exploit Author: Bryan Leong Vendor Homepage: http://www.vuplayer.com/ Software Link: Null Version: VUPlayer 2.49 Tested on: Windows 7 x64 CVE : CVE-2009-0182 VUPlayer 2.49 Local Buffer Overflow to Arbitrary Code Execution...
RiteCMS 3.1.0 - Arbitrary File Overwrite (Authenticated) Vulnerability
Exploit Title: RiteCMS 3.1.0 - Arbitrary File Overwrite Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: Browse.. 4. Upload any fi...
Hostel Management System 2.1 - Cross Site Scripting Vulnerability
Exploit Title: Hostel Management System 2.1 - Cross Site Scripting XSS Exploit Author: Chinmay Vishwas Divekar Vendor Homepage: https://phpgurukul.com/hostel-management-system/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Tested on: PopOS20.10 Steps to reproduce ...
COVID-19 Contact Tracing System With QR Code Scanning 1.0 SQL Injection Exploit
COVID-19 Contact Tracing System web app with QR Code Scanning version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Covid-19 Contact Tracing System Web App with QR Code Scanning CTS-QR by: oretnom23 v1.0 remote...
BSA Radar 1.6.7234.24750 - Local File Inclusion Vulnerability
Exploit for multiple platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion...
Lansweeper 7.2 Default Account / Remote Code Execution Vulnerability
Exploit Title: Lansweeper 7.2 - Incorrect Access Control SHODAN DORK : title:"Lansweeper - Login" Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.lansweeper.com/ Software Link: https://www.lansweeper.com Version: 6.0.x through 7.2.x Tested on: Windows CVE : CVE-2020-14011 Title...
Trend Micro Web Security (Virtual Appliance) Remote Code Execution Exploit
This Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. Unauthenticated users can execute a terminal command under the context of the root user. The specific flaw exists within the LogSettingHandler class of administrator interface software...
Mikrotik Router Monitoring System 1.2.3 - (community) SQL Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection Exploit Author: jul10l1r4 Julio Lira Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: = 1.2.3 Tested on: Debian ...
Serv-U FTP Server 15.1.7 Cross Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Title: Serv-U FTP Server 15.1.7 Cross Site Scripting Vulnerability Exploit Author: Cyb0r9 Vendor Homepage: https://www.serv-u.com/ Software Link: https://www.serv-u.com/downloads Version: SOLARWIND Serv-U FTP Server v15.1.7 Tested...
CyberArk Password Vault 10.6 - Authentication Bypass Vulnerability
Exploit for linux platform in category web applications Exploit Title: CyberArk Password Vault 10.6 - Authentication Bypass Author: Daniel Martinez Adan adon90 Vendor: https://www.cyberark.com Software:...
Mac OS X Feedback Assistant Race Condition Exploit
This Metasploit module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root. This module requires Metasploit: https://metasploit.com/download Current source:...
IPFire - Bash Environment Variable Injection (Shellshock)
Exploit for cgi platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'IPFire Bash Environment Variable Injection Shellshock', 'Description' = %q...
Flatnuke <= 2.5.5 Remote Code Execution
Exploit for unknown platform in category web applications ======================================= Flatnuke FlatNuke 2.5.5 remote commands execution FlatNuke 2.5.5 possibly prior versions remote commands execution a script by rgod at http://rgod.altervista.org form name="form1" method="post"...
ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution Vulnerability
ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the MODEM HTTP POST parameter called by the dialupSwitch.php script. ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Cod...
Docker Privileged Container Kernel Escape Exploit
This Metasploit module performs a container escape onto the host as the daemon user. It takes advantage of the SYSMODULE capability. If that exists and the linux headers are available to compile on the target, then we can escape onto the host. This module requires Metasploit:...
Computer Laboratory Management System v1.0 - Multiple SQL injection Vulnerability
Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...
WebsiteBaker v2.13.3 - Directory Traversal Vulnerability
Exploit Title: WebsiteBaker v2.13.3 - Directory Traversal Application: WebsiteBaker Version: 2.13.3 Bugs: Directory Traversal Technology: PHP Vendor URL: https://websitebaker.org/pages/en/home.php Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Date of found: 26.06.2023 Author:...
FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution Exploit
Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests def mainrhost,...
Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Exploit
Exploit Title: Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Google Dork: if applicable Date: 06 March 2023 Exploit Author: Shahid Parvez zippon Vendor Homepage: https://www.instana.com/trial/ and https://www.ibm.com/docs/en/instana-observability Software Link:...
craftercms 4.x.x - cross-origin resource sharing Vulnerability
Exploit Title: craftercms 4.x.x - CORS Author: nu11secur1ty Vendor: https://docs.craftercms.org/en/4.0/index.html Software: https://github.com/craftercms/craftercms/tags = 4.x.x Reference: https://portswigger.net/web-security/cors Description: The application implements an HTML5 cross-origin...
Citrix 22.2.1.103 / 23.1.1.11 Local Privilege Escalation Exploit
//Discovered by:: TOUHAMI KASBAOUI - VXREMALWARE //Reported to Citrix: 25/03/2023 //Tested Version: 22.2.1.103, 23.1.1.11/Last version //Exploit: https://github.com/sqrtZeroKnowledge/CitrixSecureAccessLPE0DAY define UNICODE define UNICODE include include include include include using namespace st...
Pega Platform 8.1.0 - Remote Code Execution Vulnerability
Exploit Title: Pega Platform 8.1.0 - Remote Code Execution RCE Exploit Author: Marcin Wolak using MOGWAI LABS JMX Exploitation Toolkit Vendor Homepage: www.pega.com Software Link: Not Available Version: 8.1.0 on-premise and higher, up to 8.3.7 Tested on: Red Hat Enterprise 7 CVE : CVE-2022-24082...