39001 matches found
AIDA64 Engineer 6.20.5300 - (Report File) filename Buffer Overflow (SEH) Exploit
Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86 SP1 - Build 7601...
Grandstream UCM6200 Series WebSocket 1.0.20.20 - (user_password) SQL Injection Exploit
Exploit for hardware platform in category web applications Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'userpassword' SQL Injection Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link:...
VMware Fusion 11.5.2 - Privilege Escalation Exploit
Exploit Title: VMware Fusion 11.5.2 - Privilege Escalation Exploit Author: Rich Mirch Vendor Homepage: https://www.vmware.com/products/fusion.html Vendor Advisory: https://www.vmware.com/security/advisories/VMSA-2020-0005.html Software Link:...
Microsoft Windows 10 - Theme API (ThemePack) File Parsing Exploit
Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10 v.1803 17134.407 Tested on: Windows 7, 8.0, 8.1, 10, Server 2012, Server 2012 R2, Server 201...
Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Exploit
Exploit Title: Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Date: 2019-10-19 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: 1.62.0.1218 and below Tested on: Microsoft Windows CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...
Yealink VoIP Phone SIP-T38G - Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits Title: Yealink VoIP Phone SIP-T38G Privileges Escalation Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team Vendor Homepage: http://www.yealink.com/Companyprofile.aspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5759 Description: Using the...
IdoDesigns 1.0 XSS / CSRF / File Upload / File Deletion / SQL Injection Vulnerabilities
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title IdoDesigns - Multiple Vulnerabilities .:. Google Dorks .:. "Design by www.idodesigns.in" "Web Design by : www.idodesigns.in" "Design by : I DO Designs" You may use the dorks followed by inurl:?id= like "Design b...
TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vulnerability
TELSAT marKoni FM Transmitter version 1.9.5 has a hidden super administrative account factory that has the hardcoded password inokram25 that allows full access to the web management interface configuration. TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page:...
Microsoft Windows 11 - (apds.dll) DLL hijacking (Forced) Exploit
--------------------------------------------------------- Title: Microsoft Windows 11 - 'apds.dll' DLL hijacking Forced Date: 2023-09-01 Author: Moein Shahabi Vendor: https://www.microsoft.com Version: Windows 11 Pro 10.0.22621 Tested on: Windows 11x64 eng...
Joomla iProperty Real Estate 4.1.1 - Reflected XSS Vulnerability
Exploit Title: Joomla iProperty Real Estate 4.1.1 - Reflected XSS Exploit Author: CraCkEr Vendor: The Thinkery LLC Vendor Homepage: http://thethinkery.net Software Link: https://extensions.joomla.org/extension/vertical-markets/real-estate/iproperty/ Demo: https://iproperty.thethinkery.net/ Versio...
dotclear 2.25.3 - Remote Code Execution (Authenticated) Exploit
Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...
Auto Dealer Management System 1.0 - Broken Access Control Exploit
Exploit Title: Auto Dealer Management System 1.0 - Broken Access Control Exploit It leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account Date: 18 February 2023 CVE Assigned: CVE-2023-0916 mitre.org nvd.nist.org Author: Muhammad Navaid...
Secure Web Gateway 10.2.11 - Cross-Site Scripting Vulnerability
Exploit Title: Secure Web Gateway 10.2.11 - Cross-Site Scripting XSS Product: Secure Web Gateway Affected Versions: 10.2.11, potentially other versions Fixed Versions: 10.2.17, 11.2.6, 12.0.1 Vulnerability Type: Cross-Site Scripting Security Risk: high Vendor URL:...
Liferay Portal 6.2.5 - Insecure Permissions Exploit
Exploit Title: Liferay Portal 6.2.5 - Insecure Permissions Google Dork: -inurl:/html/js/editor/ckeditor/editor/filemanager/browser/ Exploit Author: fu2x2000 Version: Liferay Portal 6.2.5 or later CVE : CVE-2021-33990 import requests import json print " Search this on Google Dork for liferay...
Tftpd32_SE 4.60 - (Tftpd32_svc) Unquoted Service Path Vulnerability
Exploit Title: Tftpd32SE 4.60 - 'Tftpd32svc' Unquoted Service Path Discovery by: Ismael Nava Vendor Homepage: https://pjo2.github.io/tftpd64/ Software Links : https://bitbucket.org/phjounin/tftpd64/downloads/Tftpd32SE-4.60-setup.exe Tested Version: 4.60 Vulnerability Type: Unquoted Service Path...
Microsoft User Account Control Nuances Vulnerability
This write up is an overview of how Microsoft's attempts to manage elevated access to executables via registry entries has added over complexity that still allows for escalation. Hi @ll, with Windows 2000, Microsoft virtualised the HKEYCLASSESROOT registry branch: what was just an alias for...
Osprey Pump Controller 1.0.1 userName Command Injection Vulnerability
Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...
Syncovery For Linux Web-GUI Authenticated Remote Command Execution Exploit
This Metasploit module exploits an authenticated command injection vulnerability in the Web GUI of Syncovery File Sync and Backup Software for Linux. Successful exploitation results in remote code execution under the context of the root user. Syncovery allows an authenticated user to create jobs,...
e107 CMS v3.2.1 - Multiple Vulnerabilities
Exploit Title: e107 CMS v3.2.1 - Multiple Vulnerabilities Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 3.2.1 Tested on: Windows 10 using XAMPP, Apache/2.4.48 Win64 OpenSSL/1.1.1l PHP/7.4.2...
ImpressCMS 1.4.2 SQL Injection Vulnerability
--------------------------------------------------------------- ImpressCMS getUserCountByGroupLink@$POST"groups", $criteria; 282. 283. $validsort = array"uname", "email", "lastlogin", "userregdate", "posts"; 284. $sort = !inarray$POST'usersort', $validsort ? "uname" : $POST'usersort'; 285. $order...
Wordpress iQ Block Country 1.2.13 Plugin - Arbitrary File Deletion via Zip Slip Vulnerability
Exploit Title: Wordpress Plugin iQ Block Country 1.2.13 - Arbitrary File Deletion via Zip Slip Authenticated Exploit Author: Ceylan Bozoğullarından Blog Post: https://bozogullarindan.com/en/2022/01/wordpress-iq-block-country-1.2.13-admin-arbitray-file-deletion-via-zip-slip/ Software Link:...
Moodle 3.9 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Moodle 3.9 - Remote Code Execution RCE Authenticated Exploit Author: lanz Vendor Homepage: https://moodle.org/ Version: Moodle 3.9 Tested on: FreeBSD !/usr/bin/python3 Moodle 3.9 - RCE Authenticated as teacher Based on PoC and Payload to assign full permissions to manager rol:...
Online Polling System 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Polling System 1.0 - Authentication Bypass Author: AppleBois Version: NULL Software Link: https://www.sourcecodester.com/php/14330/online-polling-system.html Administration Control Panel || Authentication Bypass...
Responsive Online Blog 1.0 - (id) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Responsive Online Blog 1.0 - 'id' SQL Injection Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...
Linux Kernel 4.10 < 5.1.17 - PTRACE_TRACEME pkexec Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits // Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec // https://github.com/bcoles/kernel-exploits/tree/master/CVE-2019-13272...
IBM Rational ClearQuest Web Login Bypass SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== IBM Rational ClearQuest Web Login Bypass SQL Injection Vulnerability ====================================================================...
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect Vulnerabilities
Concrete CMS version 9.2.7 suffers from information disclosure, open redirection, and persistent cross site scripting vulnerabilities. Exploit Title: Multiple Web Flaws in concretecmsv9.2.7 Exploit Author: Andrey Stoykov Version: 9.2.7 Tested on: Ubuntu 22.04 Blog: http://msecureltd.blogspot.com...
Freefloat FTP Server 1.0 - (PWD) Remote Buffer Overflow Exploit
Exploit title: Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow Exploit Author: Waqas Ahmed Faroouqi ZEROXINN Vendor Homepage: http://www.freefoat.com Version: 1.0 Tested on Windows XP SP3 !/usr/bin/python import socket Metasploit Shellcode msfvenom -p windows/shellreversetcp...
Office Suite Premium 10.9.1.42602 Path Traversal Vulnerability
Exploit Title: Office Suite Premium 10.9.1.42602 - Path Traversal Exploit Author: tmrswrr Vendor Homepage: https://www.mobisystems.com/ Software Link: https://apps.apple.com/us/app/officesuite-docs-pdf-editor/id924005506 Version: Office Suite Premium 10.9.1.42602 Tested on: Ubuntu 18.04 POC GET...
Employee Task Management System v1.0 - Broken Authentication Vulnerability
Exploit Title: Employee Task Management System v1.0 - Broken Authentication Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0905 mitre.org, nvd.nist.org Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Software Link:...
Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated) Vulnerability
Exploit Title: Online Eyewear Shop 1.0 - SQL Injection Unauthenticated Exploit Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com/php/16089/online-eyewear-shop-website-using-php-and-mysql-free-download.html Software Link:...
ERPNext 12.29 - Cross-Site Scripting Vulnerability
Exploit Title: ERPNext 12.29 - Cross-Site Scripting XSS Exploit Author: Patrick Dean Ramos / Nathu Nandwani / Junnair Manla Github - https://github.com/patrickdeanramos/CVE-2022-28598 Vendor Homepage: https://erpnext.com/ Version: 12.29 CVE-2022-28598 Summary: Stored cross-site scripting XSS...
FlipRotation v1.0 decoder - Shellcode (146 bytes)
Exploit Title: FlipRotation v1.0 decoder - Shellcode 146 bytes Exploit Author: Eduardo Silva Date: 2022-12-31 Tested on: Linux x8664 SMP Debian 4.19.260-1 SLAE/Student ID: PA-31319 Webpage: https://0xnibbles.github.io/ Twitter: @0xnibbles Course: This shellcode was created for the x86 Assembly...
Revenue Collection System v1.0 - Remote Code Execution Exploit
Exploit Title: Revenue Collection System v1.0 - Remote Code Execution RCE Exploit Author: Joe Pollock Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/rates.zip Tested on: Kali Linux,...
Multi Store Inventory Management System 1.0 Information Disclosure Vulnerability
Exploit Title: Multi Store Inventory Management System - Information Disclosure Exploit Author: Saud Alenazi Vendor Homepage: https://www.bdtask.com/ Software Link: https://www.campcodes.com/projects/php/complete-multi-store-inventory-management-system-in-php-mysql/ Version: 1.0 Tested on: XAMPP,...
Audio Conversion Wizard v2.01 - Buffer Overflow Exploit
Exploit Title: Audio Conversion Wizard v2.01 - Buffer Overflow Exploit Author: Hejap Zairy Software Link: https://www.litexmedia.com/acwizard.exe Tested Version: v2.01 Tested on: Windows 10 64bit 1.- Run python code : 0day-HejapZairy.py 2.- Open 0dayHejap.txt and copy All content to Clipboard 3.-...
TeamSpeak 3.5.6 - Insecure File Permissions Vulnerability
Exploit Title: TeamSpeak 3.5.6 - Insecure File Permissions Exploit Author: Aryan Chehreghani Contact: email protected Vendor Homepage: https://www.teamspeak.com Software Link: https://www.teamspeak.com/en/downloads Version: 3.5.6 Tested on: Windows 10 x64 About - TeamSpeak : TeamSpeak TS is a...
Try My Recipe SQL Injection Vulnerability
Try My Recipe SQL Injection Vulnerability https://www.sourcecodester.com/php/14964/try-my-recipe-recipe-sharing-website-cms-php-and-sqlite-free-source-code.html CVE-nu11-17-092921 Vendor MySQL Vulnerability Description: The cid parameter appears on Recipe Sharing Website - CMS by:oretnom23 to be...
flatCore CMS 1.5.5 Cross Site Scripting / Arbitrary File Upload Vulnerabilities
Exploit for php platform in category web applications title: Multiple Vulnerabilities product: flatCore CMS vulnerable version: =1.5.5 fixed version: 1.5.7 CVE number: - impact: High homepage: https://flatcore.org/ found: 2020-03-28 by: Farhan Rahman Office Malaysia Azrul Ikhwan Zulkifli Office...
LibreHealth 2.0.0 Remote Code Execution Exploit
Exploit Title: LibreHealth v2.0.0 - Authenticated Remote Code Execution Exploit Author: Bobby Cooke Vendor Homepage: https://librehealth.io/ Software Link: https://github.com/LibreHealthIO/lh-ehr Version: 2.0.0 Tested On: Windows 10 Pro 1909 x6486 + XAMPP 7.4.4 Exploit Tested Using: Python 2.7.17...
Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 Remote Code Execution Exploit
Exploit for multiple platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual Appliance Remote Code Execution', 'Description' = %q...
Rejetto HttpFileServer Remote Command Execution Exploit
Rejetto HttpFileServer HFS is vulnerable to remote command execution attack due to a poor regex in the file ParserLib.pas. This Metasploit module exploit the HFS scripting commands by using '%00' to bypass the filtering. This Metasploit module has been tested successfully on HFS 2.3b over Windows...
Manage Engine Service Desk Plus 7.6 woID SQL Injection Vulnerability
Exploit for jsp platform in category web applications ==================================================================== Manage Engine Service Desk Plus 7.6 woID SQL Injection Vulnerability ==================================================================== Advisory Name: SQL injection in Mana...
HEXAGreen CMS SQL Injection Vulnerability
Title: HEXAGreen CMS - Authenticated SQLi Description: HEXAGreen CMS authenticated error-based sql injection Source URL: http://ezcode.pt/tests/hexagreen/admin/ Source Name/Email: Mehmet Can Kadıoğlu a.k.a mao7un CVEs: N/A Software URL: https://www.codester.com/items/36507/hexagreen-website-cms...
LTL Freight Quotes – SAIA Edition 2.2.10 SQL Injection Vulnerability
CVE-2024-13483 LTL Freight Quotes – SAIA Edition = 5.6 AND error-based - WHERE, HAVING...
WordPress Error Log Viewer by WP Guru 1.0.1.3 Arbitrary File Read Vulnerability
CVE-2024-12849 Error Log Viewer By WP Guru = 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read Description The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the...
Korenix JetPort 5601 1.2 Path Traversal Vulnerability
------------------------------------------------------------------------------- title| Path Traversal product| Korenix JetPort 5601 vulnerable version| 1.2 fixed version| - CVE number| CVE-2024-11303 impact| High homepage| https://www.korenix.com/ found| 2024-05-24 by| P. Oberndorfer, B. Tösch, M...
Simple Online Banking System 1.0 SQL Injection Vulnerability
Exploit Title: Simple Online Banking System - SQLi Authentication Bypass Exploit Author: bRpsd Vendor Homepage: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Software Link:...
Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Vulnerability
Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.inosoft.com/ Version: Up to 2022-2.1 Runtime RT7.3 RC3 20221209.5 Tested on: Windows CVE: CVE-2023-31468 Inoso...
Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting Vulnerability
Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting Exploit Author: Pedro ISSDU TW Vendor Homepage: https://loganalyzer.adiscon.com/ Software Link: https://loganalyzer.adiscon.com/download/ Version: v4.1.13 and before Tested on: Linux CVE : CVE-2023-36306 There are several...