Petrol Pump Management Software v.1.0 - SQL Injection Vulnerability

Exploit Title: Petrol Pump Management Software v.1.0 - SQL Injection Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested on: Windows, Linux CVE...

AC Repair and Services System v1.0 - Multiple SQL Injection Vulnerability

Exploit Title: AC Repair and Services System v1.0 - Multiple SQL Injection Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/16513/ac-repair-and-services-system-using-php-and-mysql-source-code-free-download.html Software Link:...

Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Vulnerability

Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested...

GL.iNet AR300M v4.3.7 Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting Vulnerability

Exploit Title: IDonate – blood request management system XSS in Recaptcha secret key and in Recaptcha Site key 3- Click on save changes. 4- While clicking on the payload text, XSS will trigger. Vulnerable Code: public function idonaterecaptchasecretkeycallback if isset...

BoidCMS 2.0.0 Command Injection Exploit

This Metasploit module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS versions 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file. This module requires Metasploit:...

WordPress WP Rocket < 2.10.3 - Local File Inclusion Vulnerability

Paulos Yibelo discovered and reported this Local File Inclusion vulnerability in WordPress WP Rocket Plugin. This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could...

Blood Bank v1.0 - Multiple SQL Injection Vulnerability

Exploit Title: Blood Bank v1.0 SQL Injection Vulnerability Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...

WordPress WP Fastest Cache 1.2.2 SQL Injection Vulnerability

WordPress WP Fastest Cache plugin version 1.2.2 suffers from an unauthenticated remote SQL injection vulnerability. Exploit Title: Unauthenticated SQL Injection in WP Fastest Cache 1.2.2 Exploit Author: Meryem Taşkın Vendor Homepage: https://www.wpfastestcache.com/ Software Link:...

Saflok - Key Derication Function Exploit

// Exploit Title: Saflok KDF // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGTH 4 int mainint argc...

WordPress Admin Bar And Dashboard Access Control 1.28 XSS Vulnerability

WordPress Admin Bar and Dashboard Access Control plugin version 1.28 suffers from a persistent cross site scripting vulnerability. Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Exploit Author: Rachi...

TEM Opera Plus FM Family Transmitter 35.45 - XSRF Vulnerability

CSRF Change Forward Power: -------------------------...

Automatic Systems SOC FL9600 FastLine - Backdoor Account Vulnerability

Exploit Title: Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN =...

Dawa pharma 1.0-2022 - Multiple SQL Injection Vulnerabilities

Title: dawa-pharma-1.0-2022 Multiple-SQLi Author: nu11secur1ty Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The email parameter appears t...

Moodle 4.3 - Reflected XSS Vulnerability

Exploit Title: Moodle 4.3 Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3 Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the application with the given credentials USER: teach...

Zoo Management System 1.0 - Unauthenticated Remote Code Execute Vulnerability

Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Exploit Author: Çağatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...

TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution Vulnerability

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...

Ubuntu 22.04 perl2exe < V30.10C - Arbitrary Code Execution Vulnerability

Exploit Title: Executables Created with perl2exe safe.pl user@testing:/example$ ./perl2exe-Linux-x64-5.30.1/perl2exe safe.pl Perl2Exe V30.10C 2020-12-11 Copyright c 1997-2020 IndigoSTAR Software ... Generating safe user@testing:/example$ user@testing:/example$ Check that the program executes as...

Wordpress Canto Plugin < 3.0.5 - Remote File Inclusion and Remote Code Execution Exploit

Exploit Title: Wordpress Plugin Canto " def createadminfilelocaldir, localshell=None: if not os.path.existslocaldir: os.makedirslocaldir If a local shell is p...

Moodle 4.3 - Insecure Direct Object Reference Vulnerability

Exploit Title: Moodle 4.3 'id' Insecure Direct Object Reference IDOR Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3+ Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the application with the...

SuperStoreFinder - Multiple Vulnerabilities

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title SuperStoreFinder - Multiple Vulnerabilities .:. Google Dorks .:. "designed and built by Joe Iz." "Super Store Finder is designed and built by Joe Iz from Highwarden Huntsman." inurl:/superstorefinder/index.php ....

Atlassian Confluence Data Center and Server - Authentication Bypass Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

Automatic Systems SOC FL9600 FastLine - Directory Transversal Vulnerability

Exploit Title: Automatic-Systems SOC FL9600 FastLine - Directory Transversal Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN = 285698a99acbd8d7ea09a57d5fbcb435da5427b3f6b8a CVE :...

Simple Inventory Management System v1.0 - (email) SQL Injection Vulnerability

Exploit Title: Simple Inventory Management System v1.0 - 'email' SQL Injection Application: Simple Inventory Management System Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Flashcard Quiz App v1.0 - (card) SQL Injection Vulnerability

Exploit Title: Flashcard Quiz App v1.0 - 'card' SQL Injection Application: Flashcard Quiz App Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/17160/flashcard-quiz-app-using-php-and-mysql-source-code.htm...

Online Shopping System Advanced - Sql Injection Vulnerability

Exploit Title: Online Shopping System Advanced Exploit Author: Furkan Gedik Vendor Homepage: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software Link: https://github.com/PuneethReddyHC/online-shopping-system-advanced Version: 1.0 Tested on: Kali Linux 2020.3 Description...

FAQ Management System v1.0 - (faq) SQL Injection Vulnerability

Exploit Title: FAQ Management System v1.0 - 'faq' SQL Injection Application: FAQ Management System Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

comments-like-dislike < 1.2.0 - Authenticated (Subscriber+) Plugin Setting Reset Exploit

Exploit Title: POC-CVE-2023-3244 Exploit Author: Diaa Hanna Software Link: download link if available Version: = 1.2.0 comments-like-dislike Tested on: 1.1.6 comments-like-dislike CVE : CVE-2023-3244 References https://nvd.nist.gov/vuln/detail/CVE-2023-3244 The Comments Like Dislike plugin for...

taskhub 2.8.7 - SQL Injection Vulnerability

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth Tested on: Windows...

Tosibox Key Service 3.3.0 Local Privilege Escalation / Unquoted Service Path Vulnerabilities

Tosibox Key Service versions 3.3.0 and below suffer from an unquoted search path issue impacting the service Tosibox Key Service for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. Tosibox Key...

QNAP QTS / QuTS Hero Unauthenticated Remote Code Execution Exploit

There exists an unauthenticated command injection vulnerability in the QNAP operating system known as QTS and QuTS hero. QTS is a core part of the firmware for numerous QNAP entry and mid-level Network Attached Storage NAS devices, and QuTS hero is a core part of the firmware for numerous QNAP...

CMS Made Simple 2.2.19 Cross Site Scripting Vulnerability

Exploit Title: CMS Made Simple Version: 2.2.19 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Content File Manager 2 Write in New directory: place payload "...

Dotclear 2.29 Cross Site Scripting Vulnerability

Exploit Title: Dotclear Version : 2.29 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://dotclear.org/ Version : 2.29 Tested on: https://softaculous.com/demos/dotclear 1 Enter admin panel after write search button this payload : " 2...

SitePad 1.8.2 Cross Site Scripting Vulnerability

Exploit Title: SitePad Version : 1.8.2 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://sitepad.com/ Version : 1.8.2 Tested on: https://www.softaculous.com/apps/blogs/SitePad 1 Go to Templates Header Edit Pagelayer Template 2 Write in Name : " 3 After save and refresh page will be se...

CMS Made Simple 2.2.19 Server-Side Template Injection Vulnerability

Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and write SSTI payloa...

CMS Made Simple 2.2.19 Remote Code Execution Vulnerability

Exploit Title: CMS Made Simple Version: 2.2.19 - Remote Code Execution Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Extensions User Defined Tags 2 Write in Code place...

Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit

This Metasploit module chains a server side request forgery SSRF vulnerability CVE-2024-21893 and a command injection vulnerability CVE-2024-21887 to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All current...

WordPress 6.4.3 Username Disclosure Vulnerability

WordPress versions 6.4.3 and below appear to suffer from a REST API related username disclosure vulnerability. Title: wordpress 6.4.3 - Username Disclosure Author: h4shur Vendor Homepage: https://www.wordpress.org Software Link: https://www.wordpress.org/download Version: 6.4.3 and earlier Tested...

WEBIGniter v28.7.23 - Stored Cross Site Scripting Vulnerability

Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE : CVE-2023-46391 Stored...

OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation Vulnerabilities

OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities. ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT Frentix GmbH...

Tourism Management System 2.0 Shell Upload Vulnerability

Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/tourism-management-system-free-download/ Version: 2.0 Tested on: Windows 10 Pro Impact: Allows admin to upload all files to t...

Petrol Pump Management Software 1.0 Shell Upload Vulnerability

Exploit Title: Petrol pump management software - File Upload Remote Code Execution RCE unauthenticated Application: Petrol pump management software Date: 20.02.2024 Bugs: File Upload Remote Code Execution RCE unauthenticated Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/...

Kafka UI 0.7.1 Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...

Microsoft Windows Defender - VBScript Detection Bypass Vulnerability

This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multip...

SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration Exploit

Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp: print"Usage:...

phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit

?php / -------------------------------------------------------------- phpFox = 4.8.13 redirect PHP Object Injection Vulnerability -------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................: n0b0d13satgmaildotcom software...

Microsoft Windows Defender Bypass - Detection Mitigation Bypass Vulnerability

Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this...

Employee Management System v1 - (email) SQL Injection Vulnerability

Exploit Title: Employee Management System v1 - 'email' SQL Injection Application: Employee Management System Date: 19.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

JFrog Artifactory < 7.25.4 - Blind SQL Injection Exploit

Exploit Title: artifactory low-privileged blind sql injection Exploit Author: ardr Vendor Homepage:https://jfrog.com/help/r/jfrog-release-information/cve-2021-3860-artifactory-low-privileged-blind-sql-injection Software Link:...

Wondercms 4.3.2 - XSS to Remote Code Execute Exploit

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...