39001 matches found
FoF Pretty Mail 1.1.2 Local File Inclusion Vulnerability
Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Local File Inclusion LFI Exploit Author: Chokri Hammedi Vendor Homepage: https://flarum.org/ Software Link: https://github.com/FriendsOfFlarum/pretty-mail Version: 1.1.2 Tested on: Windows XP CVE: N/A Description: The FoF Pretty Mail...
Clcknshop 1.0.0 SQL Injection Vulnerability
Exploit Title: Clcknshop 1.0.0 - SQL Injection Exploit Author: CraCkEr Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Tested on: Windows 10 Pro Impact: Database Access...
Joomla HikaShop 4.7.4 - Reflected XSS Vulnerability
Exploit Title: Joomla HikaShop 4.7.4 - Reflected XSS Exploit Author: CraCkEr Vendor: Hikari Software Team Vendor Homepage: https://www.hikashop.com/ Software Link: https://demo.hikashop.com/index.php/en/ Joomla Extension Link:...
Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://security.paloaltonetworks.com/CVE-2022-0020 Version: 6.5.0 - 6.2.0 - 6.1.0 Tested on: relevant os CVE : CVE-2022-0020 Author Web: https://www.justsecnow.com Author Socia...
NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit
Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage: https://notrinos.com/ Version: 0...
rconfig 3.9.7 - Sql Injection (Authenticated) Exploit
Exploit Title: rconfig 3.9.7 - Sql Injection Authenticated Exploit Author: azhen Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: " sys.exit1 host=sys.argv1 Enter the hostname def getdatahost: print"+ Get db data..." vulurl =...
WordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin ScrollReveal.js Effects - Stored Cross Site Scripting Exploit Author: Mariam Tariq - Hunt3rsherlock Vendor Homepage: https://wordpress.org/plugins/scrollrevealjs-effects/ Version: 1.1.1 Tested on: Firefox Contact me: email protected Vulnerable Code: "...
Cyclades Serial Console Server 3.3.0 Privilege Escalation Vulnerability
Exploit Title: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Exploit Author: @ibby Vendor Homepage: https://www.vertiv.com/en-us/ Software Link: https://downloads2.vertivco.com/SerialACS/ACS/ACSv3.3.0-16/FL0536-017.zip Version: Legacy Versions V1.0.0 to V3.3.0-16 Tested on:...
WordPress Fitness Calculators 1.9.5 Plugin - Cross-Site Request Forgery Vulnerability
Exploit Title: WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery CSRF Author: 0xB9 Software Link: https://wordpress.org/plugins/fitness-calculators/ Version: 1.9.5 Tested on: Windows 10 CVE: CVE-2021-24272 1. Description: The plugin add calculators for Water intake, BMI...
ECOA Building Automation System Hidden Backdoor Accounts Vulnerability
ECOA Building Automation System Hidden Backdoor Accounts and backdoor Function Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA RiskBuster Terminator - E6L45 ECOA RiskBuster System - RB 3.0.0 ECOA RiskBuster...
Git LFS Clone Command Execution Exploit
Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of...
Gantt-Chart For Jira 5.5.4 Cross Site Scripting Vulnerability
Exploit for multiple platform in category web applications Product: Jira module "Gantt-Chart for Jira" Manufacturer: Frank Polscheit - Solutions & IT-Consulting Affected Versions: alert'XSS'" can be chosen as the name of a filter and is then d...
SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: SuperMicro IPMI 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.supermicro.com/ Software Link:...
TP-Link Archer C50 3 - Denial of Service Exploit
Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...
AVAST SecureLine 5.5.522.0 - (SecureLine) Unquoted Service Path Vulnerability
Exploit Title: AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path Discovery by: Roberto Piña Vendor Homepage:https://www.avast.com/ Software Link :https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version: 5.5.522.0 Vulnerability Type: Unquoted Servic...
Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit
Exploit Title: Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2019-12-03 Version Software : 10.0.30319.1 RTMRel Vendor Homepage : https://www.microsoft.com/ Software Link:...
Studio 5000 Logix Designer 30.01.00 - (FactoryTalk Activation Service) Unquoted Service Path
Exploit Title: Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.rockwellautomation.com/enNA/overview.page Software Link :...
Huawei Router HG532e - Command Execution Exploit
Exploit for hardware platform in category web applications !/bin/python ''' Author : Rebellion Github : @rebe11ion Twitter : @rebellion ''' import urllib2,requests,os,sys from requests.auth import HTTPDigestAuth DEFAULTHEADERS = "User-Agent": "Mozilla", DEFAULTTIMEOUT = 5 def fetchurlurl: global...
TPLink #TLWR840N / #TLWR841N - Authenticaton Bypass Vulnerability
Exploit for hardware platform in category web applications Title: TP-Link Multiple RouterTL-WR840N and TL-WR841N Unauthenticated Router Access Vulnerability Author: BlackFog Team Website: SecureLayer7.net Contact: email protected Version: 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n Hardware:...
Nginx 1.13.10 Accept-Encoding Line Feed Injection Exploit
Exploit for linux platform in category remote exploits // UndergroundAgency UA - koa, bacL, g3kko, Dostoyevsky // trigger nginx 1.13.10 latest logic flaw / bug // 2018 // Tested on Ubuntu 17.10 x86 4.13.0-21-generic include include include include include include include int mainint argc, char ar...
Oracle E-Business Suite 12.2.3 SQL Injection Vulnerability
Exploit for windows platform in category remote exploits Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017...
Linux Kernel - TCP Related Read Use-After-Free Exploit
Exploit for linux platform in category dos / poc // Source: https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html // to build clang derp4.c -o derp4 -static include include include include include include ifndef SYSmmap define SYSmmap 9 endif ifndef...
LTL Freight Quotes – ABF Freight Edition 3.3.7 SQL Injection Vulnerability
CVE-2024-13485 LTL Freight Quotes – ABF Freight Edition = 5.6 AND error-bas...
ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path Vulnerability
Exploit Title: ESET NOD32 Antivirus 17.1.11.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-04-27 Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor : https://www.eset.com Version : 17.1.11.0 Tested on OS: Microsoft Windows 10 p...
Microsoft Windows Defender Bypass - Detection Mitigation Bypass Vulnerability
Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this...
CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin Gallery) Vulnerability
Exploit Title: CSZ CMS 1.3.0 - Stored Cross-Site Scripting Plugin 'Gallery' CVE: CVE-2023-38911 Exploit Author: Daniel González Vendor Homepage: https://www.cszcms.com/ Software Link: https://github.com/cskaza/cszcms Version: 1.3.0 Tested on: CSZ CMS 1.3.0 Description: CSZ CMS 1.3.0 is affected b...
Ateme TITAN File 3.9 - SSRF File Enumeration Vulnerability
Exploit Title: Ateme TITAN File 3.9 - SSRF File Enumeration Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD,...
Epson Stylus SX510W Printer Remote Power Off - Denial of Service Vulnerability
Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service PoC Discovery by: Rafael Pedrero Vendor Homepage: https://www.epson.es/ Software Link : https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w Tested Version: EPSONLinux UPnP/1.0 Epson UPn...
Jedox 2022.4.2 - Remote Code Execution via Directory Traversal Vulnerability
Exploit Title: Jedox 2022.4.2 - Remote Code Execution via Directory Traversal Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47875 Introduction ===============...
Splashtop 8.71.12001.0 - Unquoted Service Path Vulnerability
Exploit Title: Splashtop 8.71.12001.0 - Unquoted Service Path Exploit Author: A.I. hernandez Version: 8.71.12001.0 Vendor Homepage: https://www.splashtop.com Version: current version Tested on: Windows 10 21H2 Step to discover Unquoted Service Path: C:\wmic service get...
Tunnel Interface Driver - Denial of Service Exploit
// Exploit Title: Tunnel Interface Driver - Denial of Service // Exploit Author: ExAllocatePool2 // Vendor Homepage: https://www.microsoft.com/ // Software Link: https://www.microsoft.com/en-us/software-download/windows10 // Version: Windows 10 Pro Version 21H2 OS Build 19044.1288 // Tested on:...
FlatCore CMS 2.1.1 - Stored Cross-Site Scripting Vulnerability
Exploit Title: FlatCore CMS 2.1.1 -Stored Cross Site Scripting Exploit Author: Sinem Şahin Vendor Homepage: https://flatcore.org/ Version: 2.1.1 Tested on: Windows & XAMPP == Tutorial http://HOST/install/index.php 2- Write XSS Payload into the username of the user account. 3- Press "Save" button...
Judging Management System 1.0 Shell Upload Exploit
Exploit Title: Judging Management System v1.0 - Remote Code Execution RCE Date: 12/11/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.ht...
Emby Media Server 4.7.0.60 Cross Site Scripting Vulnerability
Exploit Title: Emby Media Server 4.7.0.60 Cross Site Scripting Exploit Author: Yehia Elghaly Vendor Homepage: https://emby.media/ Software Link: https://emby.media/windows-server.html Version: 4.7.0.60 Tested on: Windows 7 / 10 Summary: Emby formerly Media Browser is a media server designed to...
ChatBot Application With A Suggestion Feature 1.0 SQL Injection Vulnerability
Exploit Title: ChatBot Application with a Suggestion Feature 1.0 - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html Version: 1.0 Tested...
Air Cargo Management System v1.0 remote SQL Injection Vulnerability
Title: Air Cargo Management System v1.0 remote SQL-Injections Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15188/air-cargo-management-system-php-oop-free-source-code.html CVE - Air Cargo Management Systemv1.0 Description: Th...
Cosmetics And Beauty Product Online Store 1.0 SQL Injection Vulnerability
Title: Cosmetics-and-Beauty-Product-Online-Store v1.0 remote SQL-Injections Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15181/cosmetics-and-beauty-product-online-store-phpoop-free-source-code.html CVE-Medical Store Manageme...
Croogo 3.0.2 - Unrestricted File Upload Vulnerability
Exploit Title: Croogo 3.0.2 - Unrestricted File Upload Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 == 'setting-43' Unrestricted File Upload...
Cyberfox Web Browser 52.9.1 - Denial of Service Exploit
Exploit Title: Cyberfox Web Browser 52.9.1 - Denial-of-Service PoC Exploit Author: Aryan Chehreghani Vendor Homepage: https://cyberfox.8pecxstudios.com Software Link: https://www.techspot.com/downloads/6568-cyberfox-web-browser.html Version: v52.9.1 Possibly all versions Tested on: windows About ...
TYPO3 6.2.1 SQL Injection Exploit
Exploit Title: TYPO3 6.2.1 allows SQL Injection via a backend user on backend.php Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Vendor: https://typo3.org/ Link: https://get.typo3.org/version/6.2.1 CVE: CVE-2021-31777 Proof: https://streamable.com/8v7v4i + Exploit Source:...
Documalis Free PDF Editor 5.7.2.26 / Documalis Free PDF Scanner 5.7.2.122 Buffer Overflow Exploit
Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the us...
Barangay Management System 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Barangay Management System 1.0 - Authentication Bypass Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/13484/barangay-management-system.html Software Link:...
ClearPass Policy Manager Unauthenticated Remote Command Execution Exploit
!/usr/bin/env bash ClearPass Policy Manager Unauthenticated Remote Command Execution in the WebUI CVE-2020-7115 For best results use OpenSSL/libcrypto shipped with RHEL/CentOS 7.x. Questions? Contact email protected. if "$" -ne 4 ; then echo "Usage: basename $0 remote host remote port local host...
Inductive Automation Ignition Remote Code Execution Exploit
This Metasploit module exploits a Java deserialization vulnerability in the Inductive Automation Ignition SCADA product, versions 8.0.0 to and including 8.0.7. This exploit was tested on versions 8.0.0 and 8.0.7 on both Linux and Windows. The default configuration is exploitable by an...
Lansweeper 7.2 - Incorrect Access Control Vulnerability
Exploit Title: Lansweeper 7.2 - Incorrect Access Control SHODAN DORK : title:"Lansweeper - Login" Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.lansweeper.com/ Software Link: https://www.lansweeper.com Version: 6.0.x through 7.2.x Tested on: Windows CVE : CVE-2020-14011 Title...
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit
Exploit for php platform in category web applications Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...
Remote Desktop Gateway - (BlueGate) Denial of Service Exploit
include "BlueGate.h" / EDB Note: - Download Binary https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47964-1.exe - Download Source https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47964-2.zip / void errorconst char msg printf"ERRO...
Petraware pTransformer ADC < 2.1.7.22827 - Login Bypass Vulnerability
Exploit Title: Petraware pTransformer ADC before 2.1.7.22827 allows SQL Injection via the User ID parameter to the login form. Date: 28-05-2019 Exploit Author: Faudhzan Rahman Website: https://faudhzanrahman.blogspot.com/ Vendor Homepage: http://www.petraware.com Version: 2.0 CVE : CVE-2019-12372...
WebVet 0.1a - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WebVet 0.1a - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://webvet.exreality.net/ Software Link: https://netix.dl.sourceforge.net/project/webvet/webvet20130708.zip Version: 0.1a Category: Webapps Tested...
Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution Vulnerabilities
Exploit for windows platform in category remote exploits I have recently been playing with Apache ActiveMQ, and came across a simple but interesting directory traversal flaw in the fileserver upload/download functionality. I have only been able to reproduce this on Windows, i.e. where "" is a pat...