39001 matches found
xorg-x11-server < 1.20.1 - Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits Exploit Title: xorg-x11-server bolo console opened Building root shell wait 2 minutes crontab overwritten ... cut Xorg output ... Xorg killed II Server terminated successfully 0. Closing log file. Don't forget to cleanup /etc/crontab and /tmp...
Data Center Audit 2.6.2 - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Data Center Audit 2.6.2 - 'username' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/datacenteraudit/ Software Link:...
AZORult Stealer 2 Botnet SQL Injection Vulnerability
Exploit for php platform in category web applications Title: AZORult Stealer v2 Botnet - SQL injection Credit: Bilal KARDADOU URL: https://www.rekings.com/shop/azorult-stealer/ Product: 'AZORult Stealer v2 Botnet' Type: Paid Google Dork: N/A Description: Stealer of stored passwords, cookies,...
CmsMadeSimple v2.2.17 - Remote Code Execution Exploit
Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...
Gila CMS 1.10.9 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Gila CMS 1.10.9 - Remote Code Execution RCE Authenticated Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/ Version: Gila 1.10.9 Tested on: Linux import requests from termcolor import colored from...
Hubstaff 1.6.14-61e5e22e - (wow64log) DLL Search Order Hijacking Vulnerability
Exploit Title: Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking Exploit Author: Ahsan Azad Vendor Homepage: https://hubstaff.com/ Software Link: https://app.hubstaff.com/download Version: 1.6.13, 1.6.14 Tested On: 64-bit operating system, x64-based processor Description Hubstaff i...
NetIQ Performance Endpoint v5.1 - remote root/SYSTEM Exploit
/ Exploit Title: NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit Date: Jun 2007 Exploit Author: mu-b Vendor Homepage: https://www.microfocus.com/en-us/cyberres/identity-access-management Version: All Tested on: Windows / Solaris x86/SPARC CVE : 0day endpoint-pown-uni.c...
Scdbg 1.0 - Buffer overflow DoS Vulnerability
Exploit Title: Scdbg 1.0 - Buffer overflow DoS Discovery by: Rafael Pedrero Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152 Software Link : https://github.com/dzzie/VSLIBEMU Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45 Tested on: Windows 7, 10 CVSS v3: 7.5 CVSS...
Abantecart v1.3.2 - Authenticated Remote Code Execution Vulnerability
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2- Uploading .php files i...
Open Game Panel - Remote Code Execution (Authenticated) Exploit
Exploit Title: Open Game Panel - Remote Code Execution RCE Authenticated Google Dork: intext:"Open Game Panel 2021" Exploit Author: prey Vendor Homepage: https://www.opengamepanel.org/ Software Link: https://github.com/OpenGamePanel/OGP-Website Version: before 14 Aug patch...
Online Leave Management System 1.0 SQL Injection Vulnerability
Online Leave Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: OLMS - PHP by: oretnom23 v1.0 SQL-Injection-Bypass-Authentication in /leavesystem/classes/Login.php. Author: nu11secur1ty Testing and Debugging:...
Altova MobileTogether Server 7.3 - XML External Entity Injection Vulnerability
Exploit Title: Altova MobileTogether Server 7.3 - XML External Entity Injection XXE Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.altova.com/mobiletogether-server Version: 7.3 CVE: 2021-37425 Advisory: XML External Entity Expansion in MobileTogether Server RedTeam Pentestin...
IBM Spectrum LSF 10.1 / 10.2 Hardcoded Eauth Key / Eauth Key Exposure Vulnerability
================================================================================ Multiple IBM Spectrum LSF Authentication Vulnerabilities Eauth - CVE-2020-4983 ================================================================================ Software: Spectrum LSF Vendor: IBM Affected Versions:...
SAIA (Software Gestion Documental) SQL Injection & XSS Vulnerabilities
Exploit for php platform in category web applications Exploit Title: SAIA Software Gestion Documental SQL Injection & XSS Vulnerability D0rk: intext:"Todos los derechos reservados CERO K" Exploit Author: n4pst3r Vendor Homepage: https://www.cerok.co/ Tested on: Windows 10, Debian 9 ...
Convert Video jetAudio 8.1.7 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Convert Video jetAudio 8.1.7 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.jetaudio.com/ Software Link http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/JAD8107BASIC.exe Version: 8.1.7 Tested on: Windo...
WordPress PayPal Checkout Payment Gateway 1.6.8 Plugin - Parameter Tampering Vulnerability
Exploit for php platform in category web applications WordPress PayPal Checkout Payment Gateway 1.6.8 Plugin - Parameter Tampering Exploit Title: cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter...
Kubernetes - (Authenticated) Arbitrary Requests Exploit
!/usr/bin/env python3 import argparse from ssl import wrapsocket from socket import createconnection from secrets import base64, tokenbytes def requeststage1namespace, pod, method, target, token: stage1 = "" with open'stage1', 'r' as stage1fd: stage1 = stage1fd.read return stage1.formatnamespace,...
GPS Tracking System 2.12 - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: GPS Tracking System 2.12 - 'username' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/gpstracking/ Software Link: https://kent.dl.sourceforge.net/project/gpstracking/gps.zip Version:...
The Don 1.0.1 - login SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: The Don 1.0.1 - 'login' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://thedon.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/thedon/thedon-1.0b.rar Version: 1.0.1 Category: Webapps...
LiquidVPN For macOS 1.3.7 Privilege Escalation Vulnerability
LiquidVPN for macOS versions 1.3.7 and below suffer from privilege escalation vulnerabilities. ======================================================================= Title: Multiple Privilege Escalation Vulnerabilities Product: LiquidVPN for MacOS Vulnerable versions: 1.37, 1.36 and earlier CVE...
HP iMC Plat 7.2 - Remote Code Execution Exploit (2)
Exploit for windows platform in category remote exploits !/opt/local/bin/python2.7 Exploit Title: HP iMC Plat 7.2 dbman Opcode 10008 Command Injection RCE Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...
Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit
Exploit for windows platform in category remote exploits Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WS...
dompdf 0.6.0 Arbitrary File Read Vulnerability
Exploit for php platform in category web applications Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is...
Clansys v.1.1 (showid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================== Clansys v.1.1 showid Remote SQL Injection Exploit =================================================== Internet Security |...
creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
Exploit for unknown platform in category web applications =================================================== creLoaded Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. Can specify: User-defined...
CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting Vulnerability
Exploit Title: CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting XSS Application: CmsMadeSimple Version: v2.2.17 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Author: Mirabbas Ağalarov Tested on: Linux 2...
Prestashop 8.0.4 - Cross-Site Scripting Vulnerability
Exploit Title: Prestashop 8.0.4 - Cross-Site Scripting XSS Application: prestashop Version: 8.0.4 Bugs: Stored XSS Technology: PHP Vendor URL: https://prestashop.com/ Software Link: https://prestashop.com/prestashop-edition-basic/ Date of found: 30.06.2023 Author: Mirabbas Ağalarov Tested on: Lin...
Rukovoditel 3.3.1 - Remote Code Execution Vulnerability
Exploit Title: Rukovoditel 3.3.1 - Remote Code Execution RCE Version: 3.3.1 Bugs: rce via jpeg file upload Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 12-03-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...
Explorer32++ v1.3.5.531 - Buffer overflow Vulnerability
Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...
Atom CMS v2.0 - SQL Injection (no auth) Vulnerability
Exploit Title: Atom CMS v2.0 - SQL Injection no auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Windows 10 using XAMPP, Apache/2.4.48...
Prime95 30.7 Build 9 Buffer Overflow Exploit
Exploit Title: Prime95 Version 30.7 build 9 Buffer Overflow RCE Discovered by: Yehia Elghaly Vendor Homepage: https://www.mersenne.org/ Software Link : https://www.mersenne.org/ftproot/gimps/p95v307b9.win32.zip Tested Version: 30.7 build 9 Vulnerability Type: Buffer Overflow RCE Local Tested on O...
Orion Application Server 1.5.2b Cross Site Scripting Vulnerability
Exploit for multiple platform in category web applications Orion Application Server - Cross Site Scripting Tested on: Orion Application Server 1.5.2b Date: Ago 09, 2020 Informer: Pablo Rebolini - Cross Site Scripting Poc: GET http://x.x.x.x/%3Cscript%3Ealert%22xss'ed%22%3C/script%3E Dork: "Orion...
Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password) Exploit
Exploit for php platform in category web applications Exploit Title: Warehouse Inventory System 1.0 - Cross-Site Request Forgery Change Admin Password Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Vendor Homepage: https://oswapp.com Software Link:...
e-learning Php Script 0.1.0 - (search) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: e-learning Php Script 0.1.0 - 'search' SQL Injection Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script Version...
WordPress Postie 1.9.40 Plugin - Persistent Cross-Site Scripting Exploit
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link:...
Moxa EDR-810 - Command Injection / Information Disclosure Vulnerabilities
During an engagement for a client, RandoriSec found 2 vulnerabilities on Moxa EDR-810 Series Secure Routers. The first one is a command injection vulnerability found on the CLI allowing an authenticated user to obtain root privileges. And the other one is an improper access control found on the w...
winrar 5.80 64bit - Denial of Service Exploit
Exploit Title: winrar 5.80 64bit - Denial of Service Exploit Author: alblalawi Vendor Homepage: https://win-rar.com/fileadmin/winrar-versions/winrar-x64-58b2.exe Version: 5.80 Tested on: Microsoft Windows Version 10.0.18362.418 64bit 1- open winrar or any file.rar 2- help 3- help topics 4- Drag t...
Opencart 3.0.3.2 - (extension/feed/google_base) Denial of Service Exploit
Exploit for php platform in category web applications !/bin/bash Opencart PoC exploit, just for test... Tested on store with added more than 1000 products Usage: ./cartkiller.sh storeurl threads sleep Example: ./cartkiller.sh https://storename 50 5 Disclaimer: This or previous programs is for...
jetCast Server 2.0 - Denial of Service Exploit
Exploit Title: jetCast Server 2.0 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.jetaudio.com/ Software Link: http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/Download/jetCast/build/JCS2000.exe Tested Version: 2.0 Tested on: Window...
Wordpress Media File Manager 1.4.2 Plugin - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://wordpress.org/plugins/media-file-manager/ Software Link:...
Morris Worm sendmail Debug Mode Shell Escape Exploit
This Metasploit module exploits sendmail's well-known historical debug mode to escape to a shell and execute commands in the SMTP RCPT TO command. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently only...
Jelastic 5.4 - host SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Jelastic 5.4 - 'host' SQL injection Exploit Author: Procode701 Vendor Homepage: https://jelastic.com/ Software Link: https://jelastic.com/ Version: 5.4 Tested on: Kali Linux CVE : N/A POC: The application...
NuCom NC-WR644GACV Unauthenticated Configuration File Download Vulnerability
NuCom NC-WR644GACV with software versions STA 005 and below suffer from a configuration file download vulnerability that allows for extraction of the administrative credentials. Overview ======== Researchers of NVEL4 Cybersecurity company have discovered that it is possible to access to the confi...
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - Drupalgeddon2 Remote Code Execution Exploit
Exploit for php platform in category web applications !/usr/bin/env import sys import requests print '' print ' Proof-Of-Concept for CVE-2018-7600' print ' by Vitalii Rudnykh' print ' Thanks by AlbinoDrought, RicterZ, FindYanot, CostelSalanders' print ' https://github.com/a2u/CVE-2018-7600' print...
Adobe Flash - Transform.colorTranform Getter Info Leak
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=845 There is an info leak in the Transform.colorTranform getter. If the constructor for ColorTransform is overwritten with a getter using addProperty, this getter will execute whe...
articleFR CMS 3.0.5 Arbitrary File Upload Vulnerability
articleFR CMS version 3.0.5 suffers from a remote shell upload vulnerability. Vulnerability title: Arbitrary File Upload in articleFR CMS 3.0.5 Product: articleFR CMS Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed...
DIY-CMS blog mod SQL Injection
Exploit for php platform in category web applications Exploit Title: DIY-CMS blog mod SQL Injection Author: snup Contact: email protected Site: http://e-o-u.org SQL Injection: DORK: inurl:"mod.php?mod=blog" intext:"powered by DIY-CMS" inurl:"mod.php?mod=blog" BUG:...
Leads Manager Tool SQL Injection / Cross Site Scripting Vulnerabilities
x========================================================================================================================================x | Title : Leads Manager Tool SQL & XSSstored Vulnerabilities | Software : Leads Manager Tool Using PHP and MySQL with Source Code | Create By :...
TP-LINK TL-WR740N - Multiple HTML Injection Vulnerability
Exploit Title: TP-LINK TL-WR740N - Multiple HTML Injection Vulnerabilities Exploit Author: Shujaat Amin ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: Windows 10 ---------------------------POC----------------------------- 1 G...
Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS Vulnerability
Exploit Title: Joomla VirtueMart Shopping-Cart 4.0.12 - Reflected XSS Exploit Author: CraCkEr Vendor: VirtueMart Team Vendor Homepage: https://www.virtuemart.net/ Software Link: https://demo.virtuemart.net/ Joomla Extension Link:...