39001 matches found
Easy File Sharing Web Server 7.2 - author Remote Buffer Overflow (SEH) Exploit
An issue was discovered in Easy File Sharing EFS Web Server 7.2, A stack-based buffer overflow vulnerability occurs when an authenticated user sends a malicious POST request to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code. Exploit Titl...
Paramiko 2.4.1 - Authentication Bypass Exploit
Exploit Title: Paramiko 2.4.1 - Authentication Bypass Exploit Author: Adam Brown Vendor Homepage: https://www.paramiko.org Software Link: https://github.com/paramiko/paramiko/tree/v1.15.2 Version: 1.17.6, 1.18.x 1.18.5, 2.0.x 2.0.8, 2.1.x 2.1.5, 2.2.x 2.2.3, 2.3.x 2.3.2, and 2.4.x 2.4.1 Tested on...
Microsoft Credential Security Support Provider - Remote Code Execution Vulnerability
Exploit for windows platform in category remote exploits credssp This is a poc code for exploiting CVE-2018-0886. It should be used for educational purposes only. It relies on a fork of the rdpy projecthttps://github.com/preempt/rdpy, allowing also credssp relay. Written by Eyal Karni, Preempt...
Joomla K2 2.8.0 Component - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component K2 2.8.0 - Arbitrary File Download Dork: N/A Date: 26.02.2018 Vendor Homepage: http://www.joomlaworks.net/ Software Link:...
TeamSpeak Client <= 3.0.18.1 - RFI to RCE Exploit
Exploit for windows platform in category remote exploits Exploit Title: "PwnSpeak" a 0day Exploit for TeamSpeak Client / 0x6FB30B11 my pgp keyid Vendor Homepage: https://www.teamspeak.com/ Application: TeamSpeak 3 Version: TeamSpeak3 Client 3.0.0 - 3.0.18.1 Platforms: Windows, Mac OS X and Linux...
Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass Vulnerability
Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...
Fingerprint Attendance 1.0 Account Takeover Vulnerability
Title: Fingerprint Attendance 1.0 Account Takeover Author: Hejap Zairy Vendor: https://www.vetbossel.in/fingerprint-attendance-project-php/ Software: https://app.box.com/s/xlyqalhvayq8oi25tqykcbouzrrjytqy Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache Fingerprint...
Foxit PDF Reader 11.0 - Unquoted Service Path Vulnerability
Exploit Title: Foxit PDF Reader 11.0 - Unquoted Service Path Date: 05/03/2022 Exploit Author: Hejap Zairy Vendor Homepage: https://www.foxit.com/pdf-reader/ Software Link: https://www.foxit.com/downloads/Foxit-Reader/ Version: 11.0.1.49938 Tested: Windows 10 Pro x64 es C:\Users\Hejapsc qc...
Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Vulnerability
Exploit Title: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Exploit Author: @ibby Vendor Homepage: https://www.vertiv.com/en-us/ Software Link: https://downloads2.vertivco.com/SerialACS/ACS/ACSv3.3.0-16/FL0536-017.zip Version: Legacy Versions V1.0.0 to V3.3.0-16 Tested on:...
Cab Management System 1.0 - (id) SQL injection (Authenticated) Vulnerability
Exploit Title: Cab Management System 1.0 - 'id' SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html Version : 1.0 Tested on: windows 10 xammp | Kali linux Category:...
Projeqtor 9.3.1 Cross Site Scripting Vulnerability
Exploit Title: Projeqtor v9.3.1 Stored XSS / Privilege Escalation Exploit Author: Oscar Gutierrez m4xp0w3r Vendor Homepage: https://www.projeqtor.org/en/ Software Link: https://www.projeqtor.org/en/product-en/downloads Tested on: Ubuntu, LAAMP Vendor: Projeqtor Version: v9.3.1 Exploit Description...
WordPress TranslatePress 2.0.8 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...
WebsiteBaker 2.13.0 - Remote Code Execution (Authenticated) Exploit
Exploit Title: WebsiteBaker 2.13.0 - Remote Code Execution RCE Authenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://websitebaker.org/ Software Link: http://wiki.websitebaker.org/doku.php/en/downloads Version: 2.13.0 Category: Webapps Tested on: Linux/Windows WebsiteBaker...
VestaCP 0.9.8 - File Upload CSRF Vulnerability
Exploit Title: VestaCP 0.9.8 - File Upload CSRF Exploit Author: Fady Othman Vendor Homepage: https://vestacp.com/ Software Link: https://github.com/myvesta/vesta Version: Vesta Control Panel aka VestaCP through 0.9.8-27 and myVesta through 0.9.8-26-39 CVE ID: CVE-2021-28379 Patch:...
WordPress Sell Photo 1.0.5 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Sell Photo Wordpress Plugin v1.0.5 - Persistent Cross-Site Scripting Vendor Homepage: https://noorsplugin.com/ Vendor Changelog: https://wordpress.org/plugins/sell-photo/developers Exploit Author: Melbin K Mathew @melbinkm Autho...
rauLink Software Domotica Web 2.0 SQL Injection Vulnerability
Exploit for php platform in category web applications rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass Vendor: rauLink Software raulsoria Product web page: N/A Affected version: 2.0 Summary: Smart home automation software. Desc: The application suffers from an SQL Injection...
Fire Web Server 0.1 - Remote Denial of Service Exploit
Exploit Title: Fire Web Server 0.1 - Remote Denial of Service PoC Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alpha Tested on: Windows 7 , Windows Vista...
Soluzione Globale Ecommerce CMS 1 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Soluzione Globale Ecommerce cms v1 SQL Injection Vulnerability Google Dork: intext:" Soluzione Globale s.r.l.s. " +inurl:/.php?id= Exploit Author: @ThelastVvV Vendor Homepage: https://www.soluzioneglobale.com/ Version: v1 Tested...
UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read Vulnerability
Exploit for php platform in category web applications Exploit Title: UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Exploit Author: NgoAnhDuc Vendor Homepage:...
Ajenti 2.1.31 Command Injection Exploit
This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned. This module requires Metasploit: https://metasploit.com/download Current source:...
iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
During processing of incoming iMessages, attacker controlled data is deserialized using the NSUnarchiver API. One of the classes that is allowed to be decoded from the incoming data is NSDictionary. However, due to the logic of NSUnarchiver, all subclasses of NSDictionary that also implement secu...
UliCMS 2019.1 Spitting Lama - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: UliCMS 2019.1 "Spitting Lama" - Stored Cross-Site Scripting Google Dork: intext:"by UliCMS" Exploit Author: Unk9vvN Vendor Homepage: https://en.ulicms.de Software Link:...
Vignette Content Management 6 Security Bypass Vulnerability
Exploit for php platform in category web applications 0day.today 2018-11-12...
Fantastic Blog CMS 1.0 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Fantastic Blog CMS 1.0 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/ronald-ronniem/ Software Link:...
tnftp (savefile) Arbitrary Command Execution Exploit
This Metasploit module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the las...
Windows 7/8 and WS2012 RDP Remote Code Execution Exploit 0day
The vulnerability could allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system with the Remote Desktop Protocol RDP server service enabled. By default, the RDP server service is not enabled on any Windows operating system. Systems that do not...
OpenCart 1.5.6.4 PHP Object Injection Vulnerability
Exploit for php platform in category web applications OpenCart session-data'cart' as $key = $quantity $product = explode':', $key; $productid = $product0; $stock = true; // Options if !empty$product1 $options = unserializebase64decode$product1; else $options = array; The vulnerability exists...
Zen Cart v.1.5.0 Remote Shell Upload
Exploit for php platform in category web applications Remote Shell Upload Vulnerability DaTe : 5.3.2012 Version : 1.5.0 Tested on: Linux " Ubuntu " , "win 7" Author : Mr.ExiT OrPh4n Email : email protected Site : sh4ck.com + v99x.com Dork : "Powered by Zen Cart" Software Link:...
Hospital Management System SQL Injection / Authentication Bypass Vulnerabilities
Title: Hospital Management System - Authentication Bypass With SQLi Description: HMS with MYSQL authentication bypass Source URL: https://kj5.scriptsterraa.com/hms/admin/ Source Name/Email: Mehmet Can Kadıoğlu a.k.a mao7un CVEs: N/A Software URL:...
Microweber 2.0.9 Cross Site Scripting Vulnerability
Microweber versions 2.0.9 and below suffer from multiple persistent cross site scripting vulnerabilities. CVE-2024-33298 Stored Cross Site Scripting vulnerability in Microweber .jpg on /media/default/ 6. Go back to the endpoint /admin/module/view?type=adminbackup and click on "Upload file" 7...
Wordpress Media Library Assistant Plugin - Remote Code Execution / Local File Inclusion Exploit
Exploit Title: Media Library Assistant Wordpress Plugin - RCE and LFI CVE: CVE-2023-4634 Exploit Author: Florent MONTEL / Patrowl.io / @Pepitoh / Twitter @Pepitooh Exploitation path: https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/ Exploit:...
Online ID Generator 1.0 - Remote Code Execution Vulnerability
Title: Online ID Generator 1.0 - Remote Code Execution RCE Author: nu11secur1ty Vendor: https://www.youtube.com/watch?v=JdB9po5DTc Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/idgenerator0.zip Reference: https://portswigger.net/web-security/sql-injection...
PHPJabbers Taxi Booking 2.0 - Reflected XSS Vulnerability
Exploit Title: PHPJabbers Taxi Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/taxi-booking-script/ Version: 2.0 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE:...
Statamic 4.7.0 - File Inclusion Vulnerability
Title: Statamic 4.7.0 - File-Inclusion Author: nu11secur1ty Vendor: https://statamic.com/ Software: https://demo.statamic.com/ Reference: https://portswigger.net/web-security/file-upload Description: The statamic-4.7.0 suffers from file inclusion - file upload vulnerability. The attacker can uplo...
Game Jackal Server v5 - Unquoted Service Path (GJServiceV5) Vulnerability
Exploit Title: Game Jackal Server v5 - Unquoted Service Path Exploit Author: Idan Malihi Vendor Homepage: https://www.allradiosoft.ru Software Link: https://www.allradiosoft.ru/en/ss/index.htm Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36166 PoC C:\Userswmic service get...
Wondershare Dr Fone 12.9.6 - Privilege Escalation Vulnerability
Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window 10 10.0.19045.2604 C...
HospitalRun 1.0.0-beta - Local Root Exploit
Exploit Title: HospitalRun 1.0.0-beta - Local Root Exploit for macOS Written by Jean Pereira Date: 2023/03/04 Vendor Homepage: https://hospitalrun.io Software Link: https://github.com/HospitalRun/hospitalrun-frontend/releases/download/1.0.0-beta/HospitalRun.dmg Version: 1.0.0-beta Tested on: macO...
TCQ - ITeCProteccioAppServer.exe - Unquoted Service Path Vulnerability
Exploit Title: TCQ - 'ITeCProteccioAppServer.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea - https://twitter.com/ecarrilloeg Vendor Homepage: https://itec.es/programas/ Vulnerability Type: Unquoted Service Path Privilege Escalation Tested on OS: Microsoft Windows 11 Home To properl...
Pay Slip PDF Generator System 1.0 Shell Upload Vulnerability
Title: Pay Slip PDF Generator System 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15242/employees-pay-slip-pdf-generator-system-email-using-phpoop-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/pess0.zip...
RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated) Vulnerability
Exploit Title: RiteCMS 3.1.0 - Arbitrary File Deletion Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0 Google Dork:...
Movie Rating System 1.0 - Broken Access Control (Admin Account Creation) Exploit
Exploit Title: Movie Rating System 1.0 - Broken Access Control Admin Account Creation Unauthenticated Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Tested on: Windows...
Cisco RV130W 1.0.3.44 - Inject Counterfeit Routers Exploit
Exploit Title: Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers Exploit Author: Michael Alamoot Vendor Homepage: https://www.cisco.com/ Version: RV130W 1.0.3.44 Tested on: Kali linux ! /usr/bin/env python3 from scapy.contrib.eigrp import EIGRPAuthData from scapy.contrib.eigrp...
WordPress SP Project And Document Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php,...
ForgeRock Access Manager / OpenAM 14.6.3 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution RCE Unauthenticated Date: 2021-07-14 Exploit Author: Photubias – tijldotdeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://backstage.forgerock.com/knowledge/kb/article/a47894244 Vendor Homepage:...
ERPNext 12.18.0 / 13.0.0 SQL Injection Vulnerability
Authenticated SQL injection in ERPNext 13.0.0/12.18.0 Overview Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2103-01 Affected product: ERPNext Tested versions: 12.18.0 and 13.0.0 beta Vendor: Frappé Technologies https://frappe.io Credits: Trovent...
CMS Made Simple 2.2.14 - Authenticated Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Exploit Author: Roel van Beurden Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/14793/cmsms-2.2.14-install.zip...
Newsportal 3 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Newsportal v3 - 'uname' - SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/news-portal-project-in-php-and-mysql/ Software...
DiskBoss 7.7.14 - Denial of Service Exploit
Exploit Title: DiskBoss 7.7.14 - Denial of Service PoC Exploit Author: Paras Bhatia Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Vulnerable Software: DiskBoss Version: 7.7.14 Vulnerability Typ...
Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure Exploit
Exploit for jsp platform in category web applications Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/ Software Link :...
Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Exploit
Exploit for hardware platform in category web applications Exploit Title: Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Date: 2018-08-01 Exploit Author: Cosmin Craciun Vendor Homepage: https://www.se.com Version: = 1.3.4 Tested on: Delivered Virtual Appliance running...