39001 matches found
Codiad 2.8.4 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 !/usr/bin/env python encoding: utf-8 import requests...
Windows/x64 - Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode 232 bytes
Shellcode Title: Windows\x64 Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode 232 bytes Shellcode Author: Bobby Cooke Date: March 2020-03-17 Tested On: Windows 10 Pro 1909 x86: HelpPane.exe, notepad.exe, certutil.exe Windows 10 Pro 1909 x8664: mmc.exe, xwizard.exe ! Will onl...
Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execute Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...
XOOPS CMS 2.5.9 SQL Injection Vulnerability
Exploit for php platform in category web applications + Sql Injection on XOOPS CMS v.2.5.9 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: email protected + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...
phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities
Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0...
Cisco ASA - Crash PoC Exploit
Exploit for hardware platform in category dos / poc Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers =...
Zyxel P-2812HNU-F1 DSL Router Command Injection Vulnerability
The Zyxel P-2812HNU-F1 DSL router suffers from a remote command injection vulnerability. Firmware versions V3.11TUE3 KPN and V3.11TUE8 KPN are affected. Zyxel P-2812HNU-F1 DSL router - command injection ================================================= The Zyxel P-2812 is common in the Netherland...
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabiliti
Exploit for php platform in category web applications Video: https://www.youtube.com/watch?v=yOWz25sHMI SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Potential backdoor access through multiple vulnerabilities product...
Mac OS X Rootpipe Privilege Escalation Exploit
This Metasploit module exploits a hidden backdoor API in Apple's Admin framework on Mac OS X to escalate privileges to root, dubbed Rootpipe. Tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run this...
OpenSSH rootkit backdoor tool with ssh sniffer
This is a private version of OpenSSH backdoor rootkit tool wih ssh sniffer. If u want to have a hidden acces to a unix server on ssh conexion you can us this tool safetly. Also this rootkit can catch all ssh conexiones from the server where install this tool. If a email protected or email protect...
Ministry Malaysia XSS and SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
WP-UserOnline 2.88.0 - Stored Cross Site Scripting (Authenticated) Vulnerability
Exploit Title: WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Authenticated Google Dork: inurl:/wp-content/plugins/wp-useronline/ Exploit Author: Onur Göğebakan Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...
GL.iNet AR300M v4.3.7 Remote Code Execution Exploit
!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...
R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure Vulnerability
R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure Vendor: R Radio Network Product web page: http://www.pktc.ac.th Affected version: 1.07 Summary: R Radio FM Transmitter that includes FM Exciter and FM Amplifier parameter setup. Desc: The transmitter suffers from an improper acces...
Wordpress EventON Calendar 4.4 Plugin - Unauthenticated Event Access Vulnerability
Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-2796 1. Description The plugin lacks authentication and...
MiniDVBLinux 5.4 Arbitrary File Read Exploit
!/usr/bin/env python3 MiniDVBLinux 5.4 Arbitrary File Read Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Vide...
Microfinance Management System 1.0 - (customer_number) SQL injection Vulnerability
Exploit Title: Microfinance Management System 1.0 - 'customernumber' SQLi Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/14822/microfinance-management-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/mims0.zip...
Multi Store Inventory Management System 1.0 Account Takeover Vulnerability
Exploit Title: Multi Store Inventory Management System - Account Takeover Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.bdtask.com/ Software Link: https://www.campcodes.com/projects/php/complete-multi-store-inventory-management-system-in-php-mysql/ Version: 1.0 Tested...
Moxa TN-5900 Firmware Post Authentication Command Injection Exploit
Moxa TN-5900 versions 3.1 and below suffer from an issue where a user who has authenticated to the management web application is able to leverage a command injection vulnerability in the p12 processing code of the certificate management function webCERMGMTUpload. Title: Moxa TN-5900 Post...
WordPress Media-Tags 3.2.0.2 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on Windows How to...
Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit
Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7 x64 and Windows 7...
Cisco 7937G Denial Of Service Exploit
CVE-2020-16138.py: Exploit Title: Cisco 7937G DoS 2 MSF Module Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: ', 'type': 'cve', 'ref': '2020-', 'type': 'edb', 'ref': '' , 'type': 'dos', 'options': 'rhost': 'type': 'address', 'description': 'Target address...
RiteCMS 2.2.1 - Authenticated Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux 1- Go to following url. http://HOST/cms/ 2- Default username and password is...
Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution Exploit
This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including 2.3.4.2103. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
NeonLMS Learning Management System PHP Laravel Script 4.6 Shell Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: NeonLMS - Learning Management System PHP Laravel Script -Authenticated Arbitrary File Upload Exploit Author: th3d1gger Vendor Homepage: https://www.neonlms.com/ Software Link:...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution Exploit
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit...
Linux/ARM64 - execve("/bin/sh", NULL, NULL) Shellcode (40 Bytes)
/ Title: Linux/ARM64 - execve"/bin/sh", NULL, NULL Shellcode 40 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xerus...
IBM AIX 6.1 / 7.1 - Local root Privilege Escalation Vulnerability
Exploit for aix platform in category local exploits !/bin/sh Exploit Title: IBM AIX 6.1 / 7.1 local root privilege escalation Date: 2013-09-24 Exploit Author: Kristian Erik Hermansen Vendor Homepage: http://www.ibm.com Software Link: http://www-03.ibm.com/systems/power/software/aix/about.html...
KLINK SQL Injection Vulnerability
Exploit for php platform in category web applications Dork : "allinurl:.php?txtCodiInfo=" An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. Example 1:...
ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Directory Traversal Vulnerability
ABB Cylon Aspect version 3.08.01 has a directory traversal vulnerability that can be exploited by an unauthenticated attacker to list the contents of arbitrary directories without reading file contents, leading to information disclosure of directory structures and filenames. This may expose...
FusionInvoice 2023-1.0 - Cross-Site Scripting Vulnerability
Exploit Title: FusionInvoice 2023-1.0 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.squarepiginteractive.com Software Link: https://www.fusioninvoice.com/store Version: 2023-1.0 Tested on: Latest Version of Desktop Web Browsers ATTOW: Firefox...
WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated Remote Code Execution Exploit
Exploit Title: WIMAX SWC-5100W Firmware V1.11.0.1 :1.9.9.4 - Authenticated RCE Vulnerability Name: Ballin' Mada Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.seowonintech.co.kr/eng/main Version: Bootloader1.18.19.0 , HW 0.0.7.0, FW1.11.0.1 : 1.9.9.4 Tested on: Unix CVE :...
D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution Exploit
Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...
WordPress Security Audit 1.0.0 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Tested on Windows CVE...
Hospitals Patient Records Management System 1.0 - Account TakeOver Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - Account TakeOver Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...
Online Admission System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Admission System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/rskoolrash/Online-Admission-System Software Link: https://github.com/rskoolrash/Online-Admission-System Tested on: LAMP Stack Debian 10...
Socusoft Photo to Video Converter Professional 8.07 (Output Folder) Buffer Overflow (SEH Egghunter)
Exploit Title: Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow SEH Egghunter Exploit Author: MasterVlad Vendor Homepage: http://www.dvd-photo-slideshow.com/photo-to-video-converter.html Software Link:...
Park Ticketing Management System 1.0 - (viewid) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Google Chrome 80 JSCreate Side-Effect Type Confusion Exploit
This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw...
Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST...
Webmin 1.910 - (Package Updates) Remote Command Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin %q This module exploits an arbitrary command execution vulnerability in Webmin 1.910 and lower versions. Any user authorized to the "Packa...
TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link:...
Multiple CPUs - Spectre Information Disclosure (PoC) Exploit
Exploit for multiple platform in category local exploits include include include ifdef MSCVER include / for rdtscp and clflush / pragma optimize"gt",on else include / for rdtscp and clflush / endif / Victim code. / unsigned int array1size = 16; uint8t unused164; uint8t array1160 =...
Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits Exploit Title : Shuttle Tech ADSL WIRELESS 920 WM - Multiple Vulnerabilities Version: Gan9.8U6X-B-TW-R1B0201T1RP Exploit Author : Persian Hack Team Tested on Win Date 2016/12/05 1. Cross Site Scripting PoC : First We Need To login To Panel...
CMS Openpage (index.php) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================== CMS Openpage index.php SQL Injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...
D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =========================================================== D2-Shoutbox 4.2 IPB Mod load Remote SQL Injection Exploit =========================================================== !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL...
PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit
Exploit for unknown platform in category web applications ============================================================= PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit ============================================================= ?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8...
AWStats configdir Remote Command Execution Exploit (c code)
Exploit for cgi platform in category web applications =========================================================== AWStats configdir Remote Command Execution Exploit c code =========================================================== / AwStats exploit by Thunder, email protected This exploit makes...
ITA Forum <= 1.49 SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================= ITA Forum = 1.49 SQL Injection Exploit ======================================= !/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57...
Open WebUI 0.1.105 Persistent Cross Site Scripting Vulnerability
Title: Open WebUI Stored Cross-Site Scripting Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt 1. Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-79: Improper...