39001 matches found
Roundcube Webmail Stored XSS Exploit
Description: The CVE-2024-37383 vulnerability was discovered in the Roundcube Webmail email client. This is a stored XSS vulnerability that allows an attacker to execute JavaScript code on the user's page. To exploit the vulnerability, all attackers need to do is open a malicious email using a...
Flowmon Unauthenticated Command Injection Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon...
MinIO < 2024-01-31T20-20-33Z - Privilege Escalation Exploit
Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required before execution:...
Wondercms 4.3.2 - XSS to Remote Code Execute Exploit
Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...
EG Free AntiVirus 2020 Privilege Escalation / Unquoted Service Path Vulnerabilities
Exploit Title: EG Free AntiVirus v2020 - Unquoted Service Path Local Privilege Escalation Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: http://www.egsoftweb.in/index.aspx Software Link: http://www.egsoftweb.in/OurProductReadmore.aspx?id=6 Version: 2020 Tested: Windows 10...
HMA VPN 5.3 - Unquoted Service Path Vulnerability
Exploit Title: HMA VPN 5.3 - Unquoted Service Path Exploit Author: Saud Alenazi Vendor Homepage: https://www.hidemyass.com/ Software Link: https://www.hidemyass.com/en-us/downloads Version: 5.3.5913.0 Tested: Windows 10 Pro x64 es C:\Users\saudhsc qc HmaProVpn SC QueryServiceConfig SUCCESS...
Wordpress JS Jobs Manager 1.1.7 Plugin - Unauthenticated Plugin Install/Activation Vulnerability
Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def printusage: print"Usage...
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload Vulnerabilities
Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click. Bolt CMS = 3.7.0 Multiple Vulnerabilities Author - Sivanesh Ashok | @sivaneshashok | stazot.co...
NETGEAR R6700v3 Password Reset / Remote Code Execution Exploit
This document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the UPNP daemon /usr/sbin/upnpd, running on NETGEAR R6700v3 router with firmware versions V1.0.4.8210.0.57...
ABUS Secvest Wireless Control Device Missing Encryption Vulnerability
The wireless communication of the ABUS Secvest Wireless Control Device FUBE50001 for transmitting sensitive data like PIN codes or IDs of used proximity chip keys RFID tokens is not encrypted. Product: ABUS Secvest Wireless Control Device FUBE50001 Manufacturer: ABUS Affected Versions: N/A Tested...
Nexus Repository Manager 3.21.1-01 Remote Code Execution Exploit
This Metasploit module exploits a Java Expression Language EL injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. Tested against 3.21.1-01. This module requires Metasploit: https://metasploit.com/download Current source:...
Joomla com_fabrik 3.9.11 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on:...
Ricoh Driver - Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Ricoh Driver Privilege Escalation', 'Description' = %q Various Ricoh printer drivers allow escalation of privilege...
Firefly CMS 1.0 Remote Command Execution Exploit #RCE
Exploit for php platform in category web applications + Remote Comand Execution on Firefly CMS v. 1.0 + Date: 11/05/2019 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: email protected + Tested on: Windows 7 and Linux + Vendor Homepage: https://fireflydigital.com/ +...
HP iMC Plat 7.2 - Remote Code Execution Exploit
Exploit for windows platform in category remote exploits !/opt/local/bin/python2.7 Exploit Title: HP iMC Plat 7.2 dbman Opcode 10007 Command Injection RCE Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...
nginx 1.3.9-1.4.0 DoS PoC
Exploit for linux platform in category dos / poc Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2070 Google Dork: CVE-2013-2070 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...
SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Vulnerability
Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage: https://www.kiwisyslog.com/ Softwar...
FoF Pretty Mail 1.1.2 Server-Side Template Injection Vulnerability
The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger in the server in Circontrol Raption through 5.6.2 is vulnerable to OS...
Kingo ROOT 1.5.8 - Unquoted Service Path Vulnerability
Exploit Title: Kingo ROOT 1.5.8 - Unquoted Service Path Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: https://www.kingoapp.com/ Software Link: https://www.kingoapp.com/android-root/download.htm Version: 1.5.8.3353 Tested on: Windows 10 Pro -------------Discovering Unquoted...
mooDating 1.2 - Reflected Cross-site scripting Vulnerability
Exploit Title: mooDating 1.2 - Reflected Cross-site scripting XSS Exploit Author: CraCkEr aka skalvin Vendor: mooSocial Vendor Homepage: https://moodatingscript.com/ Software Link: https://demo.moodatingscript.com/home Version: 1.2 Tested on: Windows 10 Pro Impact: Manipulate the content of the...
AVG Anti Spyware 7.5 - Unquoted Service Path (AVG Anti-Spyware Guard) Vulnerability
Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...
Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal / Local File Inclusion Vulnerability
Exploit Title: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI Fix Date: 2020-05 Exploit Author: Kahvi-0 Github: https://github.com/Kahvi-0 Vendor Homepage: https://www.mitel.com/ Vendor Security Advisory:...
Book Store Management System 1.0.0 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Book Store Management System 1.0.0 - Stored Cross-Site Scripting XSS Exploit Author: Rajeshwar Singh Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsmsci.zip Tested on: Windows/XAMPP Payload use...
Jetpack 11.4 - Cross Site Scripting Vulnerability
Exploit Title: Jetpack 11.4 - Cross Site Scripting XSS Author: Behrouz Mansoori Software Link: https://wordpress.org/plugins/jetpack Version: 11.4 Tested on: Mac m1 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search feature and tab parameter via...
ImpressCMS v1.4.3 - Authenticated SQL Injection Vulnerability
Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor: https://www.impresscms.org Source:...
101+ News Portal 1.0 SQL Injection Vulnerability
Exploit Title: 101+ News Portal - SQLi Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16067/best-online-news-portal-project-php-free-download.html Software Download:...
WordPress The True Ranker 2.2.2 Plugin - Arbitrary File Read (Unauthenticated) Exploit
Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Version: versions = 2.2...
Online Food Ordering System 2.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Link:...
Seowon 130-SLC router - (queriesCnt) Remote Code Execution (Unauthenticated) Vulnerability
Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: All Version...
COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Vulnerability
Exploit Title: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Biometric Access Control System 1.0.0 Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected...
Pi-Hole Remove Commands Linux Privilege Escalation Exploit
Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since...
GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated) Vulnerability
Exploit for php platform in category web applications Exploit Title: GOautodial 4.0 - Persistent Cross-Site Scripting Authenticated Author: Balzabu Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 La...
Getsup 3.1.46 XSS Vulnerability
Exploit for php platform in category web applications Title: Getsup 3.1.46 Version 3.1 patch 46 All vers affected Author: @Eawhitehat - Eren Arslan Vendor: https://gestsup.fr/ Demo available : https://demo.gestsup.fr/ User: admin Password: admin Software Link:...
Cisco Small Business 220 Series - Multiple Vulnerabilities
!/usr/bin/python2.7 """ Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o...
Sahi pro 8.x - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS 0day.today 2019-06-18...
Mongoose Web Server 6.9 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Mongoose Web Server 6.9 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: https://cesanta.com/binary.html Software Link: https://backend.cesanta.com/cgi-bin/api.cgi?act=dl&os=win Version: 6.9 Category: Dos Teste...
PHP openssl_x509_parse() Memory Corruption Vulnerability
Exploit for php platform in category dos / poc Overview: Quote from http://www.php.net "PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML." The PHP function opensslx509parse uses a helper function called...
ABB Cylon FLXeon 9.3.4 Insecure Backup Sensitive Data Exposure Vulnerability
ABB Cylon FLXeon version 9.3.4 has backups that contain sensitive system files, including main.db, SSL/TLS certificates and keys, the system shadow file with hashed passwords, and the license key. ABB Cylon FLXeon 9.3.4 Insecure Backup Sensitive Data Exposure Vendor: ABB Ltd. Product web page:...
ABB Cylon Aspect 4.00.00 factorySaved.php Cross Site Scripting Vulnerability
ABB Cylon Aspect version 4.00.00 suffers from an unauthenticated reflected cross site scripting vulnerability in the title GET parameter. Input is not properly sanitized before being returned to the user, allowing the execution of arbitrary HTML/JS code in a browser session in the context of the...
Aurba 501 - Authenticated Remote Code Execution Exploit
Exploit Title: Remote Command Execution | Aurba 501 Exploit Author: Hosein Vita Vendor Homepage: https://www.hpe.com Version: Aurba 501 CN12G5W0XX Tested on: Linux import requests from requests.auth import HTTPBasicAuth def getinputprompt, defaultvalue: userinput = inputprompt return userinput if...
Best Student Result Management System v1.0 - Multiple SQL injection Vulnerability
Title: Best Student Result Management System v1.0 - Multiple SQLi Author: nu11secur1ty Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...
Perch v3.2 - Persistent Cross Site Scripting Vulnerability
Exploit Title: Perch v3.2 - Persistent Cross Site Scripting XSS Google Dork: N/A Exploit Author: Dinesh Mohanty Vendor Homepage: https://grabaperch.com/ Software Link: https://grabaperch.com/download Version: v3.2 Tested on: Windows CVE : Requested Description: Stored Cross Site Scripting Stored...
Suprema BioStar 2 v2.8.16 - SQL Injection Vulnerability
Exploit Title: Suprema BioStar 2 v2.8.16 - SQL Injection Exploit Author: Yuriy Vander Tsarenko https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/ Vendor Homepage: https://www.supremainc.com/ Software Link: https://www.supremainc.com/en/platform/hybrid-security-platform-biostar-2.asp Software...
Altenergy Power Control Software C1.2.5 - OS command injection
Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests import argparse def...
Online Admission System 1.0 SQL Injection Vulnerability
Exploit Title: online-admission-system 1.0 - unauthenticated SQL Injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15514/online-admission-system-php-and-mysql.html Version: 1.0 Tested on: Windows 10 + XAMPP 3.2.4 CVE I...
Sports Complex Booking System 1.0 Local File Inclusion Vulnerability
Title: Sports Complex Booking System 1.0 LFI To RCE Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...
macOS Gatekeeper Check Bypass Exploit
This Metasploit module serves an OSX app as a zip that contains no Info.plist, which bypasses gatekeeper in macOS versions prior to 11.3. If the user visits the site on Safari, the zip file is automatically extracted, and clicking on the downloaded file will automatically launch the payload. If t...
Savsoft Quiz 5 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux...
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit
Exploit for java platform in category web applications Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage:...
SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH) Exploit
Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested Windows 7 SP1 x86...