39001 matches found
60CycleCMS - (news.php) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: 60CycleCMS 2.5.2 - 'news.php' SQL Injection Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...
WordPress WooCommerce CardGate Payment Gateway 3.1.15 Plugin - Payment Process Bypass Exploit
Exploit for php platform in category web applications Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...
QNAP Netatalk < 3.1.12 - Authentication Bypass Exploit
Exploit Title: QNAP Netatalk Authentication Bypass Original Exploit Author: Jacob Baines Modifications for QNAP devices: Mati Aharoni Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 CVE : CVE-2018-1160...
SonyPlaystation 4 (PS4) < 6.20 - WebKit Code Execution Exploit
Exploit for hardware platform in category local exploits...
phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql...
OpenSSL - Padding Oracle in AES-NI CBC MAC Check
Exploit for multiple platform in category dos / poc Source: http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html TLS-Attacker: https://github.com/RUB-NDS/TLS-Attacker https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39768.zip Y...
Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (Python)
Exploit for linux platform in category remote exploits =============================================================== Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit Python =============================================================== !/bin/python This program is free software; you can...
JLex GuestBook 1.6.4 - Reflected XSS Vulnerability
Exploit Title: JLex GuestBook 1.6.4 - Reflected XSS Exploit Author: CraCkEr Vendor: JLexArt Vendor Homepage: https://jlexart.com/ Software Link: https://extensions.joomla.org/extension/contacts-and-feedback/guest-book/jlex-guestbook/ Demo: https://jlexguestbook.jlexart.com/ Version: 1.6.4 Tested...
October CMS v3.4.4 - Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Okan Kurtulus Vendor Homepage: https://octobercms.com Version: v3.4.4 Tested on: Ubuntu 22.04 CVE : N/A Proof of Concept: 1– Install the system through the website and log in with any user with file...
Admidio v4.2.10 - Remote Code Execution Vulnerability
Exploit Title: Admidio v4.2.10 - Remote Code Execution RCE Application: Admidio Version: 4.2.10 Bugs: RCE Technology: PHP Vendor URL: https://www.admidio.org/ Software Link: https://www.admidio.org/download.php Date of found: 10.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical...
ProjeQtOr Project Management System v10.4.1 - Multiple XSS Vulnerabilities
Exploit Title: ProjeQtOr Project Management System V10.4.1 - Multiple XSS Version: V10.4.1 Bugs: Multiple XSS Technology: PHP Vendor URL: https://www.projeqtor.org Software Link: https://sourceforge.net/projects/projectorria/files/projeqtorV10.4.1.zip/download Date of found: 09.07.2023 Author:...
Icinga Web 2.10 - Authenticated Remote Code Execution Exploit
!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Authenticated Remote Code Execution Exploit Author: Dante CoronaAka. cxdxnt Software Link: https://github.com/Icinga/icingaweb2 Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2....
KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution Vulnerability
Title: KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution RCE Author: nu11secur1ty Vendor: https://kodcloud.com/ Software: https://github.com/kalcaddle/KodExplorer/releases/tag/4.51.03 Reference: https://portswigger.net/web-security/file-upload Description: By using this...
AVS Audio Converter 10.3 - Stack Overflow (SEH) Exploit
Exploit Title: AVS Audio Converter 10.3 - Stack Overflow SEH Discovered by: Yehia Elghaly - Mrvar0x Tested Version: 10.3.1.633 Tested on OS: Windows 7 Professional x86 pop+ret Address=005154E6 Message= 0x005154e6 : pop ecx pop ebp ret 0x04 | startnull PAGEEXECUTEREAD AVSAudioConverter.exe ASLR:...
Arunna 1.0.0 - (Multiple) Cross-Site Request Forgery Vulnerability
Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...
SmarterTools SmarterTrack 7922 - (Multiple) Information Disclosure Vulnerability
Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure Google Dork: intext:"Powered by SmarterTrack" Date: 23/01/2020 Exploit Author: Andrei Manole Vendor Homepage: https://www.smartertools.com/ Software Link: https://www.smartertools.com/smartertrack Version: TESTED ON...
openSIS 7.4 Local File Inclusion Vulnerability
Exploit for php platform in category web applications -------------------------------------------------------------- openSIS = 7.4 Bottom.php Local File Inclusion Vulnerability -------------------------------------------------------------- - Software Link: https://opensis.com/ - Affected Versions...
EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 XSS / SQL Injection Vulnerabilities
EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne version 7.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Exploit Title : EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 XSS SQL Injection Author Discovered By : KingSkrupellos Vendor Homepages ...
Comtrend VR-3033 - Command Injection Exploit
Exploit for hardware platform in category web applications Title: Comtrend VR-3033 - Authenticated Command Injection Author: Author : Raki Ben Hamouda Vendor: https://us.comtrend.com Product link: https://us.comtrend.com/products/vr-3030/ CVE: N/A The Comtrend VR-3033 is prone to Multiple...
Liferay CE Portal 6.0.2 - Remote Command Execution Vulnerability
Exploit for java platform in category web applications Exploit Title: Liferay CE Portal 6.0.2 - Remote Command Execution Exploit Author: Berk Dusunur Vendor Homepage: https://www.liferay.com/ Software Link: https://sourceforge.net/projects/lportal/files/Liferay%20Portal/6.0.2/...
VMware Workstation 15.1.0 - DLL Hijacking Exploit
Exploit for windows platform in category local exploits --------------------------------------------------------- Title: VMware Workstation DLL hijacking DLLIMPORT void SHGetFolderPathW MessageBox0, "s1kr10s", "VMWare-Poc", MBICONINFORMATION; exit0; --------------------------...
Loytec LGATE-902 XSS / Traversal / File Deletion Vulnerabilities
Loytec LGATE-902 versions prior to 6.4.2 suffer from cross site scripting, arbitrary file deletion, and directory traversal vulnerabilities. Loytec LGATE-902 XSS / Traversal / File Deletion Vulnerabilities INFORMATION Product: Loytec LGATE-902 https://www.loytec.com/ Affected versions: 6.4.2 test...
Magic ISO Maker 5.5(build 281) - Serial Code Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Magic Iso Maker 5.5build 281 - "Serial Code" Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.magiciso.com Software Link: http://www.magiciso.com/SetupMagicISO.exe Version: 5.5build 281 Tested on: Windows 10 Proof of Concept: 1.- Run t...
HeidiSQL 9.5.0.5196 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: HeidiSQL 9.5.0.5196 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.heidisql.com/ Software Link: https://www.heidisql.com/download.php Tested Version: 9.5.0.5196 Tested on: Windows 10 Single...
CentOS Web Panel Root Account Takeover <= v0.9.8.740 Remote Command Execution Exploit
CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote code execution. + Title: CentOS Web Panel Root Account Takeover + Remote Command Execution var url =...
Quest DR Series Disk Backup Software 4.0.3 Code Execution Vulnerability
Exploit for windows platform in category remote exploits Quest DR Series Disk Backup Multiple Vulnerabilities 1. Advisory Information Title: Quest DR Series Disk Backup Multiple Vulnerabilities Advisory ID: CORE-2018-0002 Advisory URL:...
GoAutoDial 3.3 Authentication Bypass / Command Injection Exploit
This Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database...
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
Exploit for linux platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 3.13.1 Recvmmsg Privilege Escalation', 'Description' = %q Th...
PHPJabbers Cinema Booking System 2.0 SQL Injection Vulnerability
CVE-2024-57430 An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database...
Helpdeskz v2.0.2 - Stored XSS Vulnerability
Exploit Title: Stored XSS Vulnerability via File Name Exploit Author: Md. Sadikul Islam Vendor Homepage: https://www.helpdeskz.com/ Software Link: https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip Version: v2.0.2 Tested on: Kali Linux / Firefox 115.1.0esr 64-bit CVE : N/A Payload: "...
T-Soft E-Commerce 4 - (UrunAdi) Stored Cross-Site Scripting Vulnerability
Exploit Title: T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting XSS Exploit Author: Alperen Ergel alpernae IG/TW Web Site: https://alperenae.gitbook.io/ Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux Category: WebApp Google Dork: N/A CVE :N/A Descriptio...
Auto Spare Parts Management 1.0 SQL Injection Vulnerability
Title: Auto-Spare-Parts-Management v1.0 remote SQL-Injections Author: nu11secur1ty Vendor: https://github.com/pavanpatil45 Software: https://github.com/pavanpatil45/Auto-Spare-Parts-Management Description: The Referer HTTP header on Auto-Spare-Parts-Management v1.0 system appears to be vulnerable...
Online Reviewer System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Reviewer System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...
ECOA Building Automation System Missing Encryption Vulnerability
ECOA building automation systems suffer from missing encryption of sensitive information. Many versions are affected. ECOA Building Automation System Missing Encryption Of Sensitive Information Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS...
Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution
Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...
Avian JVM 1.2.0 Integer Overflow Exploit
Vulnerability title: Avian JVM vm::arrayCopy Multiple Integer Overflows Author: Pietro Oliva CVE: CVE-2020-17360 Vendor: ReadyTalk Product: Avian JVM Affected version: 1.2.0 Description: The issue is located in the vm::arrayCopy method defined in classpath-common.h, where multiple boundary checks...
Microsoft Windows Win32k Privilege Escalation Exploit
Microsoft Windows Win32k privilege escalation exploit. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. Exploit Title:...
Microsoft VSCode Python Extension - Code Execution Exploit
VSCode Python Extension Code Execution This repository contains the Proof-of-Concept of a code execution vulnerability discovered in the Visual Studio Code Python extension. TL;DR: VScode may use code from a virtualenv found in the project folders without asking the user, for things such as...
HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Akıcı Vendor Homepage: http://hrsale.com/ Software Link : http://demo.hrsale.com/ Software : HRSALE v1.1.8 Product Version: v1.1.8 Vulnerability Type :...
Linux - userfaultfd Bypasses tmpfs File Permissions Exploit
Using the userfaultfd API, it is possible to first register a userfaultfd region for any VMA that fulfills vmacanuserfault: It must be an anonymous VMA -vmops==NULL, a hugetlb VMA VMHUGETLB, or a shmem VMA -vmops==shmemvmops. This means that it is, for example, possible to register userfaulfd...
Microsoft Windows Shell SMB LNK Code Execution Exploit
This Metasploit module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be...
Oracle Java jp2launcher.exe Privilege Escalation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of path...
Wordpress (install.php) Any Version
Exploit for php platform in category web applications =================================== Wordpress install.php Any Version =================================== + : Author : ThE DarK + : e-Mail : email protected + : Sites : Arab-Hack.net , Sa-Hacker.Com , Gaza-Hack.net , error-y.com + : Software...
WP-Forum <= 2.3 SQL Injection & Blind SQL Injection vulnerabilities
Exploit for unknown platform in category web applications =================================================================== WP-Forum = 5.0 III. DESCRIPTION ------------------------- WP-Forum fails to sanitized user supplied input and is vulnerable to SQL Injection and Blind SQL Injection. An...
Xtreme/Ditto News <= 1.0 (post.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ===================================================================== Xtreme/Ditto News = 1.0 post.php Remote File Include Vulnerability ===================================================================== $$$$$$$$$$$$$$$ DEVIL TEAM THE...
Gleamtech FileVista 9.2.0.0 Directory Traversal Vulnerability
Exploit Title: Gleamtech FileVista 9.2.0.0 - Directory Traversal Leading to Unrestricted File Upload Date: Feb 6, 2025 Exploit Author: Suthiwat Thepsorn , Theerachai Chanwiroon , Pongtorn Angsuchotmetee , Manich Koomsusi Vendor Homepage: https://www.gleamtech.com/ Software Link:...
dhtmlxFileExplorer 8.4.6 Local File Inclusion / Traversal Vulnerabilities
Exploit Title: dhtmlxFileExplorer 8.4.6 - Local File Inclusion in the Download Function of File Explorer Exploit Author: Nutchaya Augkanavitayakul, Nattachai Wanmak, Pongtorn Angsuchotmetee Vendor Homepage: https://dhtmlx.com Software Link: https://dhtmlx.com Version: 8.4.6 Tested on: macOS CVE :...
OCLS MSMS-PHP 1.0 Shell Upload Vulnerability
OCLS MSMS-PHP version 1.0 suffers from a remote shell upload vulnerability. Titles: OCLS MSMS-PHP by: oretnom23 v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Date: 01/15/2025 Vendor: https://github.com/oretnom23...
ABB Cylon Aspect 4.00.00 factorySetSerialNum.php Remote Code Execution Vulnerability
ABB Cylon Aspect version 4.00.00 suffers from an unauthenticated blind command injection vulnerability. Input passed to the serial and ManufactureDate POST parameters is not properly sanitized, allowing attackers to execute arbitrary shell commands on the system. While factory test scripts includ...
Asterisk AMI Originate Authenticated Remote Code Execution Exploit
On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with write=originate may change all configuration files in the /etc/asterisk/ directory. Writing a new extension can be created which performs a system command to...