39001 matches found
SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH) Exploit
Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested Windows 7 SP1 x86...
ACTi ACM-5611 Video Camera Remote Command Execution Exploit
Exploit for hardware platform in category web applications !/usr/bin/perl ACTi ACM-5611 Video Camera Remote Command Execution Exploit Copyright 2019 c Todor Donev Firmware Version = A1D-220-V3.08.08-AC Production ID = ACM5611-08G-X-00485 Factory Default Type = NTSC, Composite, Two Ways Audio 0x71...
V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID:...
WordPress iLive 1.0.4 Plugin - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: iLive - Intelligent WordPress Live Chat Support Plugin v1.0.4 Stored XSS Injection Exploit Author: m0ze Vendor Homepage: http://www.ilive.wpapplab.com/ Software Link:...
McAfee ePO 5.9.1 - Registered Executable Local Access Bypass Vulnerability
Exploit for windows platform in category web applications Exploit Title: McAfee ePO 5.9.1 Registered Executable Local Access Bypass Exploit Author: @leonjza Vendor Homepage: https://www.mcafee.com/ Software Link: https://www.mcafee.com/enterprise/en-us/products/epolicy-orchestrator.html Version:...
Microsoft Windows Kernel - IOCTL 0x120007 (NsiGetParameter) nsiproxy/netio Pool Memory Disclosure
Exploit for windows platform in category dos / poc / We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys \.\Nsi device discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit...
Nuxeo Platform 6.x / 7.x Shell Upload Exploit
Exploit for php platform in category web applications Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform. By...
Ktools Photostore 4.7.5 - Multiple Vulnerabilities
Exploit for php platform in category web applications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ktools Photostore = 4.7.5 Multiple Vulnerabilities Bug discovered by Yakir Wizman Date 01/07/2016 Affected versions prior to 4.7.5 Vendor Homepage - http://www.ktools.net...
Daily Habit Tracker 1.0 - SQL Injection Vulnerability
Exploit Title: Daily Habit Tracker 1.0 - SQL Injection Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Debian CVE :...
iGalerie 3.0.22 Cross Site Scripting Vulnerability
Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://www.igalerie.org/ Version: 3.0.22 Tested on: https://softaculous.com/demos/iGalerie 1 Go to home page and click edit https://127.0.0.1/iGalerie/ Titre : "sVg/onLy=1 onLoaD=confirm1// 2 Write i...
OpenPLC WebServer 3 - Denial of Service Exploit
Exploit Title: OpenPLC WebServer 3 - Denial of Service Exploit Author: Kai Feng Vendor Homepage: https://autonomylogic.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3.git Version: Version 3 and 2 Tested on: Ubuntu 20.04 import requests import sys import time import optparse import r...
ReyeeOS 1.204.1614 - MITM Remote Code Execution Exploit
Exploit Title: ReyeeOS 1.204.1614 - MITM Remote Code Execution RCE Google Dork: None Exploit Author: Riyan Firmansyah of Seclab Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/support/documents/slideEW1200G-PRO-Firmware-B11P204 Version: ReyeeOS 1.204.1614...
RosarioSIS 10.8.4 - CSV Injection Vulnerability
Exploit Title: RosarioSIS 10.8.4 - CSV Injection Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://www.rosariosis.org/ Software Link: https://gitlab.com/francoisjacquet/rosariosis/-/archive/v10.8.4/rosariosis-v10.8.4.zip Affected Version: 10.8.4 Category: WebApps Tested on: Windows 10 1...
Blackcat Cms v1.4 - Stored XSS Vulnerability
Exploit Title: Blackcat Cms v1.4 - Stored XSS Application: blackcat Cms Version: v1.4 Bugs: Stored XSS Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...
Ulicms 2023.1 sniffing-vicuna - Remote Code Execution Vulnerability
Exploit Title: Ulicms-2023.1 sniffing-vicuna - Remote Code Execution RCE Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: RCE Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link: https://www.ulicms.de/content/files/Releases/2023.1/ulicms-2023.1-sniffing-vicuna-full.zip Date o...
BulletProof FTP Server 2019.0.0.51 Denial Of Service Exploit
Exploit Title: BulletProof FTP Server 2019.0.0.51 - Denial of Service Discovery by: Yehia Elghaly - Mrvar0x Vendor Homepage: https://barcodemagic.com/ Software Link: http://bpftpserver.com/products/bpftpserver/windows/download Tested Version: 2019.0.0.51 Tested on: Windows 7 x86 Steps To Crash:...
PhotoShow 3.0 - Remote Code Execution Exploit
Exploit Title: PhotoShow 3.0 - Remote Code Execution Date: January 11, 2023 Exploit Author: LSCP Responsible Disclosure Lab Detailed Bug Description: https://lscp.llc/index.php/2021/07/19/how-white-box-hacking-works-remote-code-execution-and-stored-xss-in-photoshow-3-0/ Vendor Homepage:...
Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Vulnerability
Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite Description: The...
WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin ‘GetYourGuide Ticketing’ - Stored Cross-Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/search/GetYourGuide+Ticketing/ Version: 1.0.1 Tested on: Firefox Contact me: email protected Vulnerable code: " POC: ...
CosaNostra Builder WebPanel Cross Site Request Forgery Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83C.txt Contact: email protected Media: twitter.com/malvuln Threat: CosaNostra Builder WebPanel Vulnerability: Cross Site Request Forgery CSRF Description: The Panel does...
Windscribe VPN WindscribeService Named Pipe Privilege Escalation Exploit
The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...
AVE DOMINAplus 1.10.x Authentication Bypass Vulnerability
AVE DOMINAplus =1.10.x Authentication Bypass Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...
Cisco RV320 Unauthenticated Configuration Export Vulnerability
RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17. Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15,...
Morris Worm fingerd Stack Buffer Overflow Exploit
This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...
PHP Links <= 1.3 (vote.php id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= PHP Links = 1.3 vote.php id Remote SQL Injection Vulnerability =================================================================...
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass Vulnerability
Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables them to...
Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution Vulnerability
Exploit Title: Codigo Markdown Editor v1.0.1 Electron - Arbitrary Code Execution Exploit Author: 8bitsec Vendor Homepage: https://alfonzm.github.io/codigo/ Software Link: https://github.com/alfonzm/codigo-app Version: 1.0.1 Tested on: Mac OS 13 Release Date: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3...
Beehive Forum - Account Takeover Vulnerability
Exploit Title: Beehive Forum - Account Takeover Exploit Author: Pablo Santiago Vendor Homepage: https://www.beehiveforum.co.uk/ Software Link: https://sourceforge.net/projects/beehiveforum/ Version: 1.5.2 Tested on: Kali Linux and Ubuntu 20.0.4 CVE N/A PoC: https://imgur.com/a/hVlgpCg...
Prime95 Version 30.7 build 9 - Remote Code Execution Exploit
Exploit Title: Prime95 Version 30.7 build 9 - Remote Code Execution RCE Discovered by: Yehia Elghaly Vendor Homepage: https://www.mersenne.org/ Software Link : https://www.mersenne.org/ftproot/gimps/p95v307b9.win32.zip Tested Version: 30.7 build 9 Vulnerability Type: Buffer Overflow RCE Local...
PHProjekt PhpSimplyGest / MyProjects 1.3.0 Cross Site Scripting Vulnerability
Exploit Title: PHProjekt PhpSimplyGest / MyProjects, 1.3.0 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.phprojekt.altervista.org removed demo was at http://phprojekt.altervista.org/phpsimplygest130 Software Link:...
WordPress Stafflist 3.1.2 Cross Site Request Forgery Vulnerability
Exploit Title: WordPress Plugin stafflist 3.1.2 - CSRF Authenticated Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A CSRF vulnerability exists in staff record...
Medical Hub Directory Site 1.0 Cross Site Scripting Vulnerability
Title: Medical Hub Directory Site 1.0 XSS Stored Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15252/simple-medical-hub-directory-site-phpoop-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/mhds.zip Reference:...
Attendance and Payroll System v1.0 - Remote Code Execution Exploit
Exploit Title: Attendance and Payroll System v1.0 - Remote Code Execution RCE Exploit Author: pr0z Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip Version: v1.0 Tested on: Linux, MySQL, Apache import...
OpenAM 13.0 - LDAP Injection Exploit
Exploit Title: OpenAM 13.0 - LDAP Injection Exploit Author: Charlton Trezevant, GuidePoint Security Vendor Homepage: https://www.forgerock.com/ Software Link: https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/13.0.0,...
Filerun 2021.03.26 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...
Cloudron 6.2 Cross Site Scripting Vulnerability
Exploit Title: Cloudron 6.2 - Cross Site Scripting Reflected Exploit Author: Akıner Kısa Vendor Homepage: https://cloudron.io Software Link: https://www.cloudron.io/get.html Version: 6.3 Tested on: Demo / Localhost CVE : CVE-2021-31721 Proof of Concept: 1. Go to...
FrootVPN 4.8 - (frootvpn) Unquoted Service Path Vulnerability
Exploit : FrootVPN 4.8 - 'frootvpn' Unquoted Service Path Author : v3n0m Vendor : https://frootvpn.com/ App Link : https://frootvpn.com/en/download-client?platform=win Version : 4.8 Tested on : Windows 10 Pro build 19041.329 Credits : YOGYACARDERLINK, bejo6, Ika Atikasari PoC: Microsoft Windows...
Microsoft Windows MSHTA.EXE .HTA File XML Injection Vulnerability
Microsoft Windows MSHTA.EXE .HTA File XML Injection Vulnerability Vendor www.microsoft.com Product Windows MSHTA.EXE .HTA File An HTML Application HTA is a Microsoft Windows program whose source code consists of HTML, Dynamic HTML, and one or more scripting languages supported by Internet Explore...
Gila CMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
Exploit for perl platform in category web applications ===== Tempest Security Intelligence - ADV-07/2020 ========================== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of...
xglance-bin 11.00 - Privilege Escalation Exploit
Exploit Title: xglance-bin 11.00 - Privilege Escalation Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More details on...
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link: https://www.intelbras.com/pt-br/roteador-wireless-smart-dual-band-action-rf-1200...
Linux/ARM64 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (176 bytes)
/ Title: Linux/ARM64 - Bind 4444/TCP Shell /bin/sh + IPv6 Shellcode 176 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial...
RechnungsZentrale V2 <= 1.1.3 Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================ RechnungsZentrale V2 = 1.1.3 Remote Inclusion Vulnerability ============================================================ - GroundZero Security Research and Software Development...
ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit
Exploit for unknown platform in category web applications ======================================================================= ReloadCMS nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent:...
ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vulnerability
ABB Cylon Aspect version 3.07.02 suffers from a vulnerability that allows an unauthenticated attacker to enable or disable the SSH daemon by sending a POST request to sshUpdate.php with a simple JSON payload. This can be exploited to start the SSH service on the remote host without proper...
Intel PowerGadget 3.6 Local Privilege Escalation Vulnerability
Vulnerability summary: Local Privilege Escalation from regular user to SYSTEM, via conhost.exe hijacking triggered by MSI installer in repair mode Affected Products: Intel PowerGadget Affected Versions: tested on PowerGadget3.6.msi a3834b2559c18e6797ba945d685bf174, file signed on Monday, Februa...
EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR) Vulnerability
Exploit Title: EuroTel ETL3100 - Transmitter Authorization Bypass IDOR Exploit Author: LiquidWorm Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100...
sleuthkit 4.11.1 - Command Injection Exploit
Exploit Title: sleuthkit 4.11.1 - Command Injection CVE-2022-45639 Vendor Homepage: https://github.com/sleuthkit Vulnerability Type: Command injection Attack Type: Local Version: 4.11.1 Exploit Author: Dino Barlattani, Giuseppe Granato Link poc: https://www.binaryworld.it/guidepoc.aspCVE-2022-456...
Aero CMS v0.0.1 - SQL Injection (no auth) Vulnerability
Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64...
PHP Event Calendar Lite Edition SQL Injection Vulnerability
Product: PHP Event Calendar Manufacturer: Kayson Group Ltd. Affected Versions: PHP Event Calendar Lite edition Tested Versions: PHP Event Calendar Lite edition Vulnerability Type: SQL injection CWE-89 Risk Level: High Solution Status: Closed Manufacturer Notification: 2021-08-09 Solution Date:...