39001 matches found
Men Salon Management System 1.0 - Multiple Vulnerabilities
Exploit Title: Men Salon Management System 1.0 - Multiple Vulnerabilities Exploit Author: Aryan Chehreghani Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql Version: 1.0 Tested on: Windows 10 - XAMPP Server Vulnerable pa...
Microsoft SharePoint Server 2019 - Remote Code Execution Exploit (2)
Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution 2 Google Dork: inurl:quicklinks.aspx Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 20...
QiHang Media Web Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability
Exploit for hardware platform in category web applications QiHang Media Web QH.aspx Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected...
Curfew e-Pass Management System 1.0 SQL Injection Vulnerability
Curfew e-Pass Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to gh1mau. Exploit Title: Curfew e-Pass Management System 1.0 Multiple SQL Injection Vulnerabilities Exploit Author: Mucahit...
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH) Exploit
Exploit Title: Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow SEH Author: Felipe Winsnes Software Link: https://nidesoft-dvd-ripper.softonic.com/ Version: 5.2.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will create the file...
Infor Storefront B2B 1.0 - (usr_name) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Version...
JavaScript V8 Turbofan Out-Of-Bounds Read Exploit
V8: Turbofan may read a Map pointer out-of-bounds when optimizing Reflect.construct The following JavaScript program found through fuzzing triggers an assertion failure in debug builds of the latest v8 and the current release branch, 7.2.502.28: function farg const o =...
Linux Kernel 4.8.0 - Packet Socket Local root Privilege Escalation Exploit
Exploit for linux platform in category local exploits // A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on 4.8.0-41-generic Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308 // // Usage: // email protected:$...
Zervit Webserver 0.4 Directory Traversal / Memory Corruption PoC
Exploit for windows platform in category remote exploits ================================================================ Zervit Webserver 0.4 Directory Traversal / Memory Corruption PoC ================================================================ Zervit webserver 0.4 Directory Traversal &...
Palo Alto Expedition 1.2.91 Remote Code Execution Exploit
This Metasploit module lets you obtain remote code execution in Palo Alto Expedition versions 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a defau...
ABB Cylon Aspect 3.08.01 Remote Code Execution Vulnerability
ABB Cylon Aspect version 3.08.01 BMS/BAS controller suffers from a remote code execution vulnerability. The vulnerable uploadFile function in bigUpload.php improperly reads raw POST data using the php://input wrapper without sufficient validation. This data is passed to the fwrite function,...
WordPress AN_Gradebook 5.0.1 Plugin - SQL injection Vulnerability
!/usr/bin/python3 Exploit Title: WordPress Plugin ANGradebook = 5.0.1 - Subscriber+ SQLi Date: 2023-07-26 Exploit Author: Lukas Kinneberg Github: https://github.com/lukinneberg/CVE-2023-2636 Vendor Homepage: https://wordpress.org/plugins/an-gradebook/ Software Link:...
SitemagicCMS 4.4.3 - Remote Code Execution Vulnerability
Exploit Title: SitemagicCMS 4.4.3 Remote Code Execution RCE Application: SitemagicCMS Version: 4.4.3 Bugs: RCE Technology: PHP Vendor URL: https://sitemagic.org/Download.html Software Link: https://github.com/Jemt/SitemagicCMS Date of found: 14-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...
projectSend r1605 - Remote Code Exectution Vulnerability
Exploit Title: projectSend r1605 - Remote Code Exectution RCE Application: projectSend Version: r1605 Bugs: rce via file extension manipulation Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 26-01-2023 Author: Mirabbas Ağalarov...
Riello UPS Restricted Shell Bypass Vulnerability
Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access. I. VULNERABILITY ------------------------- Riello UPS systems allow to easily escape the configuration shell and get access to the operating system II. VENDOR...
Delta Electronics DX-2100-L1-CN 1.5.0.10 Command Injection / XSS Vulnerabilities
Delta Electronics DX-2100-L1-CN version 1.5.0.10 suffers from command injection and cross site scripting vulnerabilities. ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Delta Electronics DX-2100-L1-CN vulnerable version|...
Sagemath 9.0 Overflow / Denial Of Service Exploit
sagemath 9.0 and reportedly later on ubuntu 20. sagemath gives access to the python interpreter, so code execution is trivial. We give DoS attacks, which terminates the sagemath process with abort, when raising symbolic expression to large integer power. We get abort with stack: gmp: overflow in...
COMPIE CMS Leado Local File Include Vulnerability
Exploit Title: COMPIE CMS Leado Local File Include Google Dork: /index.php?pathAjax= Date: 3/30/2022 Exploit Author: iranhack Security Team Vendor Homepage: iranhack.com Software Link: http://www.compie.co.il/ Version: V.1.0 Tested on: KaliLinux,windows 10 Local File Include...
WordPress MasterStudy LMS 2.7.5 Plugin - Unauthenticated Admin Account Creation Vulnerability
Title: WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation Author: Numan Türle CVE: CVE-2022-0441 Software Link: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/ Version: 2.7.6 https://www.youtube.com/watch?v=SIO6CHXMZk...
WordPress Error Log Viewer 1.1.1 Plugin - Arbitrary File Clearing (Authenticated) Vulnerability
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting (Unauthenticated) Vulnerability
Exploit Title: Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting XSS Unauthenticated Author: Luis Martinez Vendor Homepage: https://www.uniview.com/Products/NVR/Easy/NVR304-S-P/Product%20features Datasheet of NVR304-S-P: https://www.uniview.com/download.do?id=1819568 Tested...
AgentTesla Builder Web Panel SQL Injection Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7B.txt Contact: email protected Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: SQL Injection Description: The AgentTeslaBuilder WebUI uses...
Hospitals Patient Records Management System 1.0 - (id) SQL Injection (Authenticated) Vulnerability
Exploit Title: Hospitalss Patient Records Management System 1.0 - 'id' SQL Injection Authenticated Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...
Eclipse Jetty 11.0.5 - Sensitive File Disclosure Vulnerability
Exploit Title: Eclipse Jetty 11.0.5 - Sensitive File Disclosure Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/ Version: 9.4.37 ≤ version ColdFusionX - Web Application...
Purchase Order Management System 1.0 - Remote File Upload Exploit
Exploit Title: Purchase Order Management System 1.0 - Remote File Upload Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html Version: v1.0 Tested...
Compro Technology IP Camera - (killps.cgi) Denial of Service Exploit
Exploit Title: Compro Technology IP Camera - 'killps.cgi' Denial-of-Service DoS Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40378 There is a backdoor prefabricated in the...
Client Management System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Client Management System 1.0 - 'searchdata' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Small CRM 2.0 SQL Injection Exploit
Exploit for php platform in category web applications Exploit Title: Small CRM in PHP - 'id' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/small-crm-php/ Software Link:...
vBulletin 5.6.1 SQL Injection Exploit
This Metasploit module exploits a SQL injection vulnerability found in vBulletin versions 5.6.1 and below. This module uses the getIndexableContent vulnerability to reset the administrator's password and it then uses the administrators login information to achieve remote code execution on the...
ABB Cylon Aspect 3.08.01 mapConfigurationDownload.php Configuration Download Vulnerability
ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the SQLite DB that contains the configuration mappings information via the FTControlServlet by directly calling the mapConfigurationDownload.php script. ABB Cyl...
PHPJabbers Cleaning Business 1.0 - Reflected XSS Vulnerability
Exploit Title: PHPJabbers Cleaning Business 1.0 - Reflected XSS Exploit Author: CraCkEr Date: 21/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/ Version: 1.0 Tested on: Windows 10 Pro Impact: Manipulate...
Kimai 1.30.10 - SameSite Cookie session hijacking Exploit
Exploit Title: Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking Author: nu11secur1ty Vendor: https://www.kimai.org/ Software: https://github.com/kimai/kimai/releases/tag/1.30.10 Reference: https://www.thesslstore.com/blog/the-ultimate-guide-to-session-hijacking-aka-cookie-hijacking...
bgERP v22.31 (Orlovets) - Cookie Session vulnerability / Cross-Site Scripting Vulnerabilities
Title: bgERP v22.31 Orlovets - Cookie Session vulnerability & Cross-Site Scripting XSS Author: nu11secur1ty Vendor: https://bgerp.com/Bg/Za-sistemata Software: https://github.com/bgerp/bgerp/releases/tag/v22.31 Reference:...
Subrion CMS 4.2.1 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Vendor Homepage: https://intelliants.com/ Version: 4.2.1 Tested on: Windows & XAMPP == Tutorial http://HOST/panel/fields/add 2- Write XSS Payload into the tooltip value of the field add page. 3- Press...
Online Shopping System Advanced 1.0 SQL Injection Vulnerability
Title: online-shopping-system-advanced-1.0 SQLi Author: nu11secur1ty Vendor: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software: https://github.com/PuneethReddyHC/online-shopping-system-advanced/archive/refs/heads/master.zip Reference:...
Contao 4.13.2 - Cross-Site Scripting Vulnerability
Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-1588 References: -...
CosaNostra Builder Insecure Permissions Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83.txt Contact: email protected Media: twitter.com/malvuln Threat: CosaNostra Builder Vulnerability: Insecure Permissions Description: The malware creates PE files with...
Simple Online College Entrance Exam System 1.0 - Unauthenticated Admin Creation Vulnerability
Exploit Title: Simple Online College Entrance Exam System 1.0 - Unauthenticated Admin Creation Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...
ZeroShell 3.9.0 - (cgi-bin/kerbynet) Remote Root Command Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zeroshell 3.9.0 Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection vulnerability found in...
RSA IG&L Aveksa 7.1.1 - Remote Code Execution Vulnerability
Exploit for multiple platform in category web applications Exploit Title: RSA IG&L Aveksa 7.1.1 - Remote Code Execution Exploit Author: Jakub Palaczynski, Lukasz Plonka Vendor Homepage: https://www.rsa.com/ Version: 7.1.1, prior to P02 CVE : CVE-2019-3759 all vulnerable versions can be found at...
Thunderbird ESR < 60.7.XXX - Type Confusion Vulnerability
Type confusion in Thunderbird ============================= Severity Rating: Medium Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...
Linux/x86 - Reposition + INC encoder with execve(/bin/sh) Shellcode (66 bytes)
Title: Linux/x86 - Reposition + INC encoder with execve/bin/sh Shellcode 66 bytes Author: Jonathan So Purpose: decode and spawn a /bin/sh shell Tested On: Linux kali 4.19.0-kali4-686 1 SMP Debian 4.19.28-2kali1 2019-03-18 i686 GNU/Linux Arch: x86 Size: 66 bytes Write-up Link:...
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal Exploit
Exploit for windows platform in category web applications Exploit Title: Directory traversal in Oracle Business Intelligence Exploit Author: @vah13 Vendor Homepage: http://oracle.com Software Link: https://www.oracle.com/technetwork/middleware/bi-enterprise-edition/downloads/index.html Version:...
Invision Power Board 4.x.x Uploading Shell Exploit
Uploading Shell Using PHP Injection Vulnerability This is private exploit. You can buy it at https://0day.today...
the GoNC Network(view.php)Blind Sql Injection Vulnerability
Exploit for php platform in category web applications Exploit Title:the GoNC Networkview.phpBlind Sql Injection Vulnerability Date: 16/8/2011 Author: Angel Injection home Page: http://www.club-h.co.cc ,http://www.sec-krb.org Email: Angel-InjectionathotmailDotcom Vendor or Software Link:...
Joomla com_propiedades Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Joomla comcompropiedades Multiple Vulnerabilities Date: 23.06.2011 Author: z0mbyak Vendor or Software Link: find by yourself Version: Don't know Category: remote, webapps. Google dork: inurl:"index.php?option=com propiedades"...
Journyx 11.5.4 Authenticated Remote Code Execution Vulnerability
Journyx version 11.5.4 has an issue where attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow. Title: Journyx Authenticated Remote Code Execution Advisory ID: KL-001-2024-008 Publication Date: 2024.08.07 Publication URL:...
PopojiCMS 2.0.1 - Remote Command Execution Exploit
Exploit Title: PopojiCMS 2.0.1 - Remote Command Execution Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference Vulnerability
Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected...
Perch v3.2 - Remote Code Execution Exploit
Exploit Title: Perch v3.2 - Remote Code Execution RCE Application: Perch Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://grabaperch.com/ Software Link: https://grabaperch.com/download Date of found: 21.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...