39001 matches found
TP-Link TL-WR940N V4 - Buffer OverFlow Exploit
Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow country: Iran Exploit Author: Amirhossein Bahramizadeh Category : hardware Dork : /userRpm/WanDynamicIpV6CfgRpm Tested on: Windows/Linux CVE : CVE-2023-36355 import requests Replace the IP address with the router's IP routerip = '192.168.0.1'...
Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected XSS Vulnerabilities
Exploit Title: Yahoo User Interface library YUI2 TreeView v2.8.2 - Multiple Reflected Cross Site Scripting XSS Exploit Author: Rian Saaty Vendor Homepage: https://yui.github.io/yui2/ Software Link: https://yui.github.io/yui2/ Version: 2.8.2 Tested on: MacOS, WindowsOS, LinuxOS CVE : CVE-2022-4819...
EQ Enterprise management system v2.2.0 - SQL Injection Vulnerability
Exploit Title: EQ Enterprise management system v2.2.0 - SQL Injection Exploit Author: TLF Vendor Homepage: https://www.yiquantech.com/pc/about.html Software Link漏洞影响应用下载链接:...
TCQ - ITeCProteccioAppServer.exe - Unquoted Service Path Vulnerability
Exploit Title: TCQ - 'ITeCProteccioAppServer.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea - https://twitter.com/ecarrilloeg Vendor Homepage: https://itec.es/programas/ Vulnerability Type: Unquoted Service Path Privilege Escalation Tested on OS: Microsoft Windows 11 Home To properl...
Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Vulnerability
Exploit Title: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Exploit Author: @ibby Vendor Homepage: https://www.vertiv.com/en-us/ Software Link: https://downloads2.vertivco.com/SerialACS/ACS/ACSv3.3.0-16/FL0536-017.zip Version: Legacy Versions V1.0.0 to V3.3.0-16 Tested on:...
Backdrop CMS 1.20.0 - Multiple Cross-Site Request Forgery Vulnerability
Exploit Title: Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery CSRF Exploit Author: V1n1v131r4 Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.20.0/backdrop.zip Version: 1.20.0 Tested On: Kali Linux, Ubuntu 20.04...
WordPress Modern Events Calendar Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by...
Fire Web Server 0.1 - Remote Denial of Service Exploit
Exploit Title: Fire Web Server 0.1 - Remote Denial of Service PoC Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alpha Tested on: Windows 7 , Windows Vista...
10Strike LANState 9.32 - (Force Check) Buffer Overflow (SEH) Exploit
Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601 Description: - Exploits th...
Cisco Data Center Network Manager 11.2.1 - (LanFabricImpl) Command Injection Exploit
Exploit for java platform in category web applications !/usr/bin/python """ Cisco Data Center Network Manager LanFabricImpl createLanFabric Command Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 ISO Virtual Appliance for VMWare, KVM and Bare-metal servers - Release:...
Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Exploit
Exploit for hardware platform in category web applications Exploit Title: Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Date: 2018-08-01 Exploit Author: Cosmin Craciun Vendor Homepage: https://www.se.com Version: = 1.3.4 Tested on: Delivered Virtual Appliance running...
FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit
Exploit for hardware platform in category web applications Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/ Software Link:...
Iperius Backup 6.1.0 - Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Author: bzyo Twitter: @bzyo Exploit Title: Iperius Backup 6.1.0 - Privilege Escalation Date: 04-24-19 Vulnerable Software: Iperius Backup 6.1.0 Vendor Homepage: https://www.iperiusbackup.com/ Version: 6.1.0 Software Link:...
Royal TSX Information Disclosure Vulnerability
Exploit for jsp platform in category web applications Title: Royal TS/X - Information Disclosure Author: Jakub Palaczynski CVE: CVE-2018-18865 Affected product: ============= Royal TS/X RoyalTS/X Exploit var wsUri = "ws://127.0.0.1:54890/"; var output; function init output =...
Veritas Netbackup 8.0 - Multiple Vulnerabilities
Veritas Netbackup version 8.0 suffers from remote command execution, file write, and DNS bypass vulnerabilities. Veritas Netbackup 8.0 - Multiple Vulnerabilities ------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in Veritas Netback...
OpenText Documentum D2 - Remote Code Execution Exploit
Exploit for java platform in category remote exploits / CVE Identifier: CVE-2017-5586 Vendor: OpenText Affected products: Documentum D2 version 4.x Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Description: Document D2 contains...
ProFTPd 1.3.5a Heap Overflow Exploit
ProFTPd version 1.3.5a suffers from heap overflow vulnerabilities. =============================================== Credit: Nicholas Lemonias 0day.today Exploit Market .::PROFTPD v1.3.5a HEAP OVERFLOWS ::. ====================================================== .88888888:. 88888888.88888...
Magento 1.9.2 File Inclusion Vulnerability
Magento versions 1.9.2 and below suffer from an autoloaded file inclusion vulnerability. ------------------------------------------------------------------------------- Magento fault'datainvalid'; 113. 114. 115. $this-checkProductTypeExists$type; 116. $this-checkProductAttributeSet$set; 117. 118....
Time Slot Booking Calendar 1.8 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Time Slot Booking Calendar 1.8 - Stored XSS Exploit Author: CraCkEr Vendor: GZ Scripts Vendor Homepage: https://gzscripts.com/ Software Link: https://gzscripts.com/time-slot-booking-calendar-php.html Version: 1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site...
Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution Vulnerability
Exploit Title: Gin Markdown Editor v0.7.4 Electron - Arbitrary Code Execution Exploit Author: 8bitsec CVE: CVE-2023-31873 Vendor Homepage: https://github.com/mariuskueng/gin Software Link: https://github.com/mariuskueng/gin Version: 0.7.4 Tested on: Mac OS 13 Release Date: 2023-04-24 Product &...
Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Vulnerability
Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction ================= A...
HospitalRun 1.0.0-beta - Local Root Exploit
Exploit Title: HospitalRun 1.0.0-beta - Local Root Exploit for macOS Written by Jean Pereira Date: 2023/03/04 Vendor Homepage: https://hospitalrun.io Software Link: https://github.com/HospitalRun/hospitalrun-frontend/releases/download/1.0.0-beta/HospitalRun.dmg Version: 1.0.0-beta Tested on: macO...
Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting Vulnerability
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Team MarvikShop │ │ Software :...
WordPress WP-UserOnline 2.87.6 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin WP-UserOnline 2.87.6 - Stored Cross-Site Scripting XSS Exploit Author: Steffin Stanly Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link: https://wordpress.org/plugins/wp-useronline/ Version: WP-UserOnline and enter the data into the Users...
Oracle Database Weak NNE Integrity Key Derivation Vulnerability
NNE's integrity protection mechanism deliberately weakens the key used for computing per-packet message authentication codes MACs. Oracle Database versions 19c, 12.2.0.1, and 12.1.0.2 are affected. Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 19c Tested Versions:...
Library System 1.0 - (student_id) SQL injection Vulnerability
Exploit Title: Library System 1.0 - 'studentid' SQL injection Authenticated Google Dork: intitle: "Library System by YahooBaba" Exploit Author: Vinay Bhuria Vendor Homepage: https://www.yahoobaba.net Software Link: https://www.yahoobaba.net/project/library-system-in-php Version: v1.0 Tested on:...
POMS-PHP 1.0 SQL Injection Exploit
Exploit Title: POMS-PHP by: oretnom23 v1.0 is vulnerable to remote SQL-Injection-Bypass-Authentication. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Vendor: https://www.sourcecodester.com/user/257130/activity Link:...
ForgeRock Access Manager / OpenAM 14.6.3 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution RCE Unauthenticated Date: 2021-07-14 Exploit Author: Photubias – tijldotdeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://backstage.forgerock.com/knowledge/kb/article/a47894244 Vendor Homepage:...
Odin Secure FTP Expert 7.6.3 - (Site Info) Denial of Service Exploit
Exploit Title: Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service PoC Discovery by: Ivan Marmolejo Vendor Homepage: https://odin-secure-ftp-expert.jaleco.com/ Software Link Download : http://tr.oldversion.com/windows/odin-secure-ftp-expert-7-6-3 Version : Odin Secure FTP Expert 7.6.3...
Google Chrome 67 / 68 / 69 Object.create Type Confusion Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 67, 68 and 69 Object.create exploit', 'Description' = %q This modules exploits a type confusion in Google Chromes JIT compiler. The...
Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure Exploit
Exploit for jsp platform in category web applications Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/ Software Link :...
OpenSMTPD 6.6.2 - Remote Code Execution Exploit
Exploit Title: OpenSMTPD 6.6.2 - Remote Code Execution Exploit Author: 1F98D Original Author: Qualys Security Advisory Vendor Homepage: https://www.opensmtpd.org/ Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1 Version: OpenSMTPD '.formatsys.argv0 print"E.g. 127.0.0.1 2...
Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free Exploit
Visual Voicemail VVM is a feature of mobile devices that allows voicemail to be read in an email-like format. Carriers set up a Visual Voicemail server that supports IMAP, and the device queries this server for new email. Visual Voicemail is configured over SMS, and carriers inform devices of the...
Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation Exp
Exploit for linux platform in category local exploits / CVE-2017-11176: "mqnotify: double sockput" by LEXFO 2018. DISCLAIMER: The following code is for EDUCATIONAL purpose only. Do not use it on a system without authorizations. WARNING: The exploit WILL NOT work on your target, it requires...
Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076) Exploit
Exploit for windows platform in category local exploits Source: https://github.com/monoxgas/Trebuchet Trebuchet MS15-076 CVE-2015-2370 Privilege Escalation Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory Usage: trebuchet.exe...
PHP 5.x - Bypass Disable Functions Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP 5.x Shellshock Exploit bypass disablefunctions Google Dork: none Date: 10/31/2014 Exploit Author: Ryan King Starfall Vendor Homepage: http://php.net Software Link: http://php.net/get/php-5.6.2.tar.bz2/from/a/mirror Version: ...
Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory Traversal Vulnerability
Exploit for multiple platform in category remote exploits ================================================================== Ruby 1.8.6 Webrick Httpd 1.3.1 Directory Traversal Vulnerability ==================================================================...
PHPNuke-Clan <= 4.2.0 (mvcw_conver.php) RFI Vulnerability
Exploit for unknown platform in category web applications ========================================================= PHPNuke-Clan = 4.2.0 mvcwconver.php RFI Vulnerability ========================================================= '/ -.- --------------------------oOO------OOo------------------------...
CubeCart <= 3.0.6 Remote Command Execution Exploit
Exploit for unknown platform in category web applications ================================================== CubeCart All rights reserved. 1. example email protected:/research$ perl ./cijfer-ccxpl.pl -h www.xxx.com -d email protected /$ id;uname -a uid=48apache gid=48apache...
Quick Cart 6.7 Shell Upload Vulnerability
Quick Cart version 6.7 suffers from a remote shell upload vulnerability provided you have administrative privileges. Title : Authenticated Remote Code Execution & Shell Upload Product : Quick Cart Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window ...
MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path (MTAgentService) Vulnerability
Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path Exploit Author: Idan Malihi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.7 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36164 PoC C:\Userswm...
Beauty Salon Management System v1.0 - SQL injection Vulnerability
Exploit Title: Beauty Salon Management System v1.0 - SQLi Exploit Author: Fatih Nacar Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://www.campcodes.com Software Link: https://www.campcodes.com/projects/beauty-salon-management-system-in-php-and-mysqli/ CWE: CWE-89 Vulnerability...
Millhouse Project 1.414 thrsrossi - Remote Code Execution Exploit
sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...
Lucee Scheduled Job v1.0 - Command Execution Exploit
Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref :...
ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting Vulnerability
Exploit Title: ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting XSS Exploit Author: Rob, CTRL Group Vendor Homepage: marigroup.com Version: V3.3.3 and under Tested on: Windows IIS all versions CVE : CVE-2022-35543 “Stored Cross-Site Scripting” Vulnerability within the Elsi Smart Floor...
OPSWAT Metadefender Core - Privilege Escalation Exploit
Exploit Title: OPSWAT Metadefender Core - Privilege Escalation Exploit Author: Ulascan Yildirim Vendor Homepage: https://www.opswat.com/ Version: Metadefender Core 4.21.1 Tested on: Windows / Linux CVE : CVE-2022-32272 =============================================================================...
Canteen Management v1.0 - XSS Reflected Vulnerability
Exploit Title: Canteen-Management v1.0 - XSS-Reflected Exploit Author: nu11secur1ty Vendor: Free PHP Projects & Ideas with Source Codes for Students | mayurik Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayurik/2022/Canteen-Management/Docs Reference:...
PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS Vulnerability
Exploit Title: PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS Exploit Author: Prasheek Kamble Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/ Version: V 1.2 Vulnerable endpoint:...
MiniDVBLinux 5.4 Remote Root Command Injection Exploit
!/usr/bin/env python3 MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based o...
Multix 2.4 Cross Site Request Forgery Vulnerability
Exploit Title: Multix - Multipurpose Website CMS with Codeigniter Cross Site Request Forgery Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/multix-multipurpose-website-cms-with-codeigniter/23537596 Version: Version 2.4 Tested on Ubuntu...