39001 matches found
Magento eCommerce CE v2.3.5-p2 - Blind SQL injection Vulnerability
Exploit Title: Magento eCommerce CE v2.3.5-p2 - Blind SQLi Exploit Author: Aydin Naserifard Vendor Homepage: https://www.adobe.com/ Software Link: https://github.com/magento/magento2/releases/tag/2.3.5-p2 Version: 2.3.5-p2 Tested on: 2.3.5-p2 POC: 1PUT...
Delta Controls enteliTOUCH 3.40.3935 Cookie User Password Disclosure Vulnerability
Delta Controls enteliTOUCH 3.40.3935 Cookie User Password Disclosure Vendor: Delta Controls Inc. Product web page: https://www.deltacontrols.com Affected version: 3.40.3935 3.40.3706 3.33.4005 Summary: enteliTOUCH - Touchscreen Building Controller. Get instant access to the heart of your BAS. The...
ICEHRM 31.0.0.0S - Cross-site Request Forgery to Account Takeover Vulnerability
Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Takeover Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 1. About - ICEHRM IceHrm...
RedLine.MainPanel Insecure Permissions Vulnerability
Original source: https://malvuln.com/advisory/baf102927947289e4d589028620ce291.txt Contact: email protected Media: twitter.com/malvuln Threat: RedLine.MainPanel - cracked.exe Vulnerability: Insecure Permissions Description: The malware writes PE files with insecure permissions to c drive granting...
Malwarebytes 4.5 - Unquoted Service Path Vulnerability
Exploit Title: Malwarebytes 4.5 - Unquoted Service Path Exploit Author: Hejap Zairy Vendor Homepage: https://www.malwarebytes.com/ Software Link: https://www.malwarebytes.com/mwb-download/ Version: 4.5.0 Tested: Windows 10 Pro x64 es C:\Users\Hejapsc qc MBAMService SC QueryServiceConfig SUCCESS...
CosaNostra Builder WebPanel Insecure Cryptographic Storage Vulnerability
CosaNostra Builder WebPanel malware only uses straight MD5 to store passwords without any salt. Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83B.txt Contact: email protected Media: twitter.com/malvuln Threat:...
IFSC Code Finder Project 1.0 - SQL injection (Unauthenticated) Vulnerability
Title: IFSC Code Finder Project 1.0 - SQL injection Unauthenticated Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ifsc-code-finder-project-using-php/ Version: 1 Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=14478 Tested On: Windows 10, XAMPP...
Gurock Testrail 7.2.0.3014 - (files.md5) Improper Access Control Vulnerability
Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Reference:...
Maxpatrol 8 / Xspider Denial Of Service Vulnerability
Positive Technologies Maxpatrol 8 and Xspider appears to suffer from a denial of service vulnerability. Exploit Title: Positive Technologies Maxpatrol 8 & Xspider Remote DoS Force clients disconect Exploit Author: AsCiI Vendor Homepage: https://www.ptsecurity.com/ Affected Positive Technologies...
ImpressCMS 1.4.2 - Remote Code Execution (Authenticated) Exploit
Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Authenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.impresscms.org/ Software Link: https://www.impresscms.org/modules/downloads/ Version: 1.4.2 Category: Webapps Tested on: Linux/Windows ImpressCMS is a...
Rencode Denial Of Service Vulnerability
Rencode Denial Of Service Vulnerability 1 About Rencode Rencode is a "Python module for fast basic object serialization similar to bencode". https://github.com/aresch/rencode This library is used as a faster and more efficient data encoder than bencode. There are implementations in other language...
Compro Technology IP Camera - (Multiple) Credential Disclosure Vulnerability
Exploit Title: Compro Technology IP Camera - 'Multiple' Credential Disclosure Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40380 There are unauthorized access vulnerabilitie...
Kamailio 5.4.0 Header Smuggling Exploit
Kamailio version 5.4.0 is vulnerable to header smuggling via a bypass of removehf. Kamailio vulnerable to header smuggling possible due to bypass of removehf - Fixed versions: Kamailio v5.4.0 - Enable Security Advisory: - Tested vulnerable versions: 5.3.5 and earlier - Timeline: - Report date &...
FreeCommander XE 2020 Pathname Buffer Overflow Exploit
!/usr/bin/python Exploit Title: FreeCommander XE 2020 - Pathname Buffer Overflow SEH Version: Build 810a 32-bit Software Link: https://freecommander.com/downloads/FreeCommanderXE-32-publicsetup.zip Exploit Author: Hodorsec email protected / email protected Vendor Homepage:...
netkit-telnet-0.17 telnetd (Fedora 31) - (BraveStarr) Remote Code Execution Exploit
!/usr/bin/env python3 BraveStarr ========== Proof of Concept remote exploit against Fedora 31 netkit-telnet-0.17 telnetd. This is for demonstration purposes only. It has by no means been engineered to be reliable: 0xff bytes in addresses and inputs are not handled, and a lot of other constraints...
CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Vulnerability
Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Point Endpoint Security VPN = E80.87 Build 986009514 Version: Check Point ZoneAlarm = 15.4.062.17802 CVE...
Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution Exploit
Horde Webmail version 5.2.22 suffers from code execution, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Title: Horde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails var url = "http://webmail.victimserver.com/trean/"; var params =...
Solaris 7/8/9 (#SPARC) - (dtprintinfo) Local Privilege Escalation (1) Exploit
Exploit for solaris platform in category local exploits / raptordtprintnamesparc.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability an...
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Exploit
Exploit for asp platform in category web applications Exploit Title: Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Exploit Author: Chris Lyne @lynerc Vendor Homepage: http://www.advantech.com Device: NRVMini2 Software Link:...
Wordpress Site Editor 1.1.1 Plugin - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for...
MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow Exploit
Exploit for hardware platform in category remote exploits !/usr/bin/env python import socket import struct import sys import telnetlib NETBIOSSESSIONMESSAGE = "\x00" NETBIOSSESSIONREQUEST = "\x81" NETBIOSSESSIONFLAGS = "\x00" trick from http://shell-storm.org/shellcode/files/shellcode-881.php wil...
Checkmarx CxQL 7.1.5 Sandbox Bypass Vulnerability
Exploit for php platform in category web applications Checkmarx CxQL Sandbox bypass CVE-2014-8778 Vendor: Checkmarx - www.checkmarx.com Product: CxSuite Version affected: 7.1.5 and prior Credit: Huy-Ngoc DAU @ngocdh of Deloitte Conseil, France ================================ Introduction...
ACal <= 2.2.6 (day.php) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications =========================================================== ACal = 2.2.6 day.php Remote File Inclusion Vulnerability =========================================================== $$ $ Title: ACal 2.2.6 = Remote File Inclusion $ $$ $ URL:...
Ray cpu_profile Command Injection Exploit
This Metasploit module demonstrates a command injection vulnerability in Ray via cpuprofile. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray cpuprofile command injection', 'Description' = %...
pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute Exploit
Exploit Title: pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute Author: nu11secur1ty Vendor: https://pimcore.com/en Software: https://packagist.org/packages/pimcore/skeleton Reference:...
Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution Vulnerability
Exploit Title: Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution RCE + Centos Web Panel 7 - 0.9.8.1147 + Affected Component ip:2031/login/index.php?login=$whoami + Discoverer: Numan Türle @ Gais Cyber Security + Author: Numan Türle + Vendor: https://centos-webpanel.com/ -...
SugarSync 4.1.3 - (SugarSync Service) Unquoted Service Path Vulnerability
Exploit Title: SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Vendor Homepage: https://www1.sugarsync.com Software Link: https://www1.sugarsync.com/apps/windows/ Version : 4.1.3 Tested on: Windows 11 64bit CVE : N/A About Unquoted Service Pat...
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root Exploit
Schneider Electric C-Bus Automation Controller 5500SHAC version 1.10 suffers from an authenticated arbitrary command execution vulnerability. An attacker can abuse the Start-up init script editor and exploit the script POST parameter to insert malicious Lua script code and execute commands with...
TikTok reset account password Exploit
Exploit can reset password and get full control any TikTok account. You can change target mobile phone without any problems, because exploit use bypass 2fa vulnerability...
Insurance Management System v1.0 SQL injection Vulnerability
Title: Insurance Management System v1.0 SQLi Author: nu11secur1ty Vendor: https://itsourcecode.com/free-projects/php-project/php-projects-source-code-free-downloads/ Software: https://itsourcecode.com/free-projects/php-project/insurance-management-system-project-in-php-free-download/ Reference:...
Hotel Druid 3.0.3 - Remote Code Execution Exploit
Exploit Title: Hotel Druid 3.0.3 - Remote Code Execution RCE Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://www.hoteldruid.com/ Software Link: https://www.hoteldruid.com/download/hoteldruid3.0.3.tar.gz Version: 3.0.3 CVE : CVE-2022-22909 !/usr/bin/python3 import requests...
PHP Restaurants 1.0 - SQL injection (Unauthenticated) Vulnerability
Exploit Title: PHP Restaurants 1.0 - SQLi Unauthenticated Google Dork: None Exploit Author: Nefrit ID Vendor Homepage: https://github.com/jcwebhole Software Link: https://github.com/jcwebhole/phprestaurants Version: 1.0 Tested on: Kali Linux & Windows 10 SQL injection is a code injection techniqu...
Microsoft Office Word (2003/2007/2010/2013 +2016) Universal Silent 0day Exploit
Office 2016+2013+2010+2007+2003 versions are running smoothly. Combines your exe file with your word file. When word file is opened, your exe file opens quietly. This module exploits a stack buffer overflow in SCOMCTL.OCX. It uses a malicious RTF to embed the specially crafted...
Fuel CMS 1.4.7 - (col) SQL Injection (Authenticated) Vulnerability
Exploit for php platform in category web applications Exploit Title: Fuel CMS 1.4.7 - 'col' SQL Injection Authenticated Exploit Author: Roel van Beurden Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.7.zip Version: 1.4.7 Tested o...
Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://snipeitapp.com/ Software Link:...
Brazzers Scenes Direct Download Private Video Vulnerability
A manageable direct download for Brazzers’ scenes suffer in any available quality. It is sort of authentication backdoor. This is private exploit. You can buy it at https://0day.today...
Messagebox Shellcode (113 bytes) - Any Windows Version
/ User32-free Messagebox Shellcode for any Windows version ======================================================== Title: User32-free Messagebox Shellcode for any Windows version Release date: 16/10/2013 Author: Giuseppe D'Amore http://it.linkedin.com/pub/giuseppe-d-amore/69/37/66b Size: 113 byt...
deV!L`z Clanportal 1.5.2 Remote File Include Vulnerability
Exploit for unknown platform in category web applications ========================================================== deV!Lz Clanportal 1.5.2 Remote File Include Vulnerability ========================================================== + deV!Lz Clanportal 1.5.2 Remote File Include Vulnerability...
Teachers Record Management System 2.1 Cross Site Scripting Vulnerability
Exploit Title: Teachers Record Management System v2.1 | Unauthenticated Cross-Site Scripting XSS Exploit Author: Mehmet Can Kadıoğlu a.k.a mao7un Vendor: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ Demo Site:...
WordPress Nabz Image Gallery 1.00 SQL Injection Vulnerability
CVE-2024-55976 Critical Site Intel = 1.0 - Unauthenticated SQL Injection Description The Critical Site Intel plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...
ABB Cylon Aspect 3.08.01 jsonProxy.php Information Disclosure Vulnerability
ABB Cylon Aspect 3.08.01 jsonProxy.php Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...
Flatboard 3.2 - Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: Flatboard 3.2 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://flatboard.org/ Version: 3.2 PoC: 1-Login admin panel , go to this url : https://127.0.0.1//Flatboard/index.php/forum 2-Click Add Forum and write in...
Cacti 1.2.24 - Authenticated command injection when using SNMP options Vulnerability
Exploit Title: Cacti 1.2.24 - Authenticated command injection when using SNMP options Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/info/downloads Version: Cacti 1.2.24 Tested on: Cacti 1.2.24 installed on 'php:7.4.33-apach...
ABB FlowX v4.00 - Exposure of Sensitive Information Exploit
Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information Exploit Author: Paul Smith Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series Version: ABB Flow-X all versions before V4.00 Tested on: Kali Linux CVE: CVE-2023-1258...
Best POS Management System v1.0 - Unauthenticated Remote Code Execution Exploit
Exploit Title: Best POS Management System v1.0 - Unauthenticated Remote Code Execution Google Dork: NA Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...
ProjeQtOr Project Management System 10.3.2 - Remote Code Execution Vulnerability
Exploit Title: ProjeQtOr Project Management System 10.3.2 -Remote Code Execution RCE Application: ProjeQtOr Project Management System Version: 10.3.2 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://www.projeqtor.org Software Link:...
pfSense pfBlockerNG 2.1.4_26 Shell Upload Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense plugin pfBlockerNG unauthenticated RCE as root', 'Description' = %q pfBlockerNG is a popular pfSense plugin that is not installed by...
Password Manager For IIS 2.0 Cross Site Scripting Vulneraility
Exploit Title: XSS Exploit Author: VP4TR10T Vendor Homepage:http://passwordmanager.adiscon.com/en/manual/ Software Link:http://passwordmanager.adiscon.com/ Version: Version 2.0 Tested on: WINDOWS CVE : CVE-2022-36664 Affected URI when trying to change user password: POST /isapi/PasswordManager.dl...
Joomla JUX Charity Hub 1.0.4 SQL Injection Vulnerability
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...
Bus Pass Management System 1.0 Cross Site Scripting Vulnerability
Exploit Title: Bus Pass Management System 1.0 - 'searchdata' Cross-Site Scripting XSS Exploit Author: Ali Alipour Vendor Homepage: https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql Software Link:...