PHPJabbers Service Booking Script 1.0 - Reflected XSS Vulnerability

...

Ozeki SMS Gateway 10.3.208 - Arbitrary File Read Vulnerability

Exploit Title: Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read Unauthenticated Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://ozeki-sms-gateway.com Software Link: https://ozeki-sms-gateway.com/attachments/702/installwindows1689352737OzekiSMSGateway10.3.208.zip Version: 10.3.208...

Wordpress EventON Calendar 4.4 Plugin - Unauthenticated Post Access via IDOR Vulnerability

Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-3219 1. Description The plugin does not validate that t...

Wordpress EventON Calendar 4.4 Plugin - Unauthenticated Event Access Vulnerability

Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-2796 1. Description The plugin lacks authentication and...

Webedition CMS v2.9.8.8 - Stored XSS Vulnerability

Exploit Title: Webedition CMS v2.9.8.8 - Stored XSS Application: Webedition CMS Version: v2.9.8.8 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 03.08.2023 Author: Mirabbas...

PHPJabbers Rental Property Booking 2.0 - Reflected XSS Vulnerability

Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/ Version: 2.0 Tested on: Windows 10 Pro Impact: Manipulate the...

ReyeeOS 1.204.1614 - MITM Remote Code Execution Exploit

Exploit Title: ReyeeOS 1.204.1614 - MITM Remote Code Execution RCE Google Dork: None Exploit Author: Riyan Firmansyah of Seclab Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/support/documents/slideEW1200G-PRO-Firmware-B11P204 Version: ReyeeOS 1.204.1614...

Shelly PRO 4PM v0.11.0 - Authentication Bypass Exploit

!/bin/bash Exploit Title: Shelly PRO 4PM v0.11.0 - Authentication Bypass Google Dork: NA Date: 2nd August 2023 Exploit Author: The Security Team exploitsecurity.io Exploit Blog: https://www.exploitsecurity.io/post/cve-2023-33383-authentication-bypass-via-an-out-of-bounds-read-vulnerability Vendor...

Checkpoint Gaia Portal R81.10 Remote Command Execution Vulnerability

========================= Exploit Title: Hostname injection leads to Remote Code Execution RCE Authenticated Product: Gaia Portal Vendor: Checkpoint Vulnerable Versions: R81.20 Take 14, R81.10 Take 95, R81 Take 82 and R80.40 Take 198 Tested Version: R81.10 take 335 Advisory Publication: July 27,...

Online Diagnostic Lab Management 1.0 SQL Injection Vulnerability

Title: Online-Diagnostic-Lab-Management v1.0 Multiple-SQLi Author: nu11secur1ty Vendor: https://www.youtube.com/watch?v=0nA5xfQ5G0g Vendor: https://www.youtube.com/@MayuriK Software:...

WordPress Stripe Payment Plugin For WooCommerce 3.7.7 Authentication Bypass Vulnerability

WordPress Stripe Payment Plugin for WooCommerce plugin versions 3.7.7 and below suffer from an authentication bypass vulnerability. Affected Plugin: Stripe Payment Plugin for WooCommerce Plugin Slug: payment-gateway-stripe-and-woocommerce-integration Affected Versions: = 3.7.7 CVE ID: CVE-2023-31...

Eramba 3.19.1 Remote Command Execution Exploit

Authenticated remote code execution in Eramba Overview Advisory ID: TRSA-2303-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2303-01 Affected product: Eramba Affected version: 3.19.1 Enterprise and Community edition Vendor: Eramba Limited,...

Western Digital MyCloud Unauthenticated Command Injection Exploit

This Metasploit module exploits authentication bypass CVE-2018-17153 and command injection CVE-2016-10108 vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user. The module first performs a check to see if the target i...

Rudder Server SQL Injection / Remote Code Execution Exploit

This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform CDP. The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may le...

Uvdesk v1.1.3 - File Upload Remote Code Execution (Authenticated) Exploit

Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python3 CVE-2023-39147....

General Device Manager 2.5.2.2 - Buffer Overflow (SEH) Exploit

Exploit Title: General Device Manager 2.5.2.2 - Buffer Overflow SEH Software Link: https://download.xm030.cn/d/MDAwMDA2NTQ= Software Link 2: https://www.maxiguvenlik.com/uploads/importfiles/GeneralDeviceManager.zip Exploit Author: Ahmet Ümit BAYRAM Tested Version: 2.5.2.2 Tested on: Windows 10...

Joomla iProperty Real Estate 4.1.1 - Reflected XSS Vulnerability

Exploit Title: Joomla iProperty Real Estate 4.1.1 - Reflected XSS Exploit Author: CraCkEr Vendor: The Thinkery LLC Vendor Homepage: http://thethinkery.net Software Link: https://extensions.joomla.org/extension/vertical-markets/real-estate/iproperty/ Demo: https://iproperty.thethinkery.net/ Versio...

Joomla Solidres 2.13.3 - Reflected XSS Vulnerability

Exploit Title: Joomla Solidres 2.13.3 - Reflected XSS Exploit Author: CraCkEr Vendor: Solidres Team Vendor Homepage: http://solidres.com/ Software Link: https://extensions.joomla.org/extension/vertical-markets/booking-a-reservations/solidres/ Demo: http://demo.solidres.com/joomla Version: 2.13.3...

Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)

import ctypes, struct from keystone import Shellcode Author: Senzee Shellcode Title: Windows/x64 - PIC Null-Free Calc.exe Shellcode 169 Bytes Date: 07/26/2023 Platform: Windows x64 Tested on: Windows 11 Home/Windows Server 2022 Standard/Windows Server 2019 Datacenter OS Version respectively:...

October CMS v3.4.4 - Stored Cross-Site Scripting (Authenticated) Vulnerability

Exploit Title: October CMS v3.4.4 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Okan Kurtulus Vendor Homepage: https://octobercms.com Version: v3.4.4 Tested on: Ubuntu 22.04 CVE : N/A Proof of Concept: 1– Install the system through the website and log in with any user with file...

Availability Booking Calendar v1.0 - Multiple Cross-site scripting Vulnerability

Exploit Title: Availability Booking Calendar v1.0 - Multiple Cross-site scripting XSS Exploit Author: Andrey Stoykov Tested on: Ubuntu 20.04 Blog: http://msecureltd.blogspot.com XSS 1: Steps to Reproduce: 1. Browse to Bookings 2. Select All Bookings 3. Edit booking and select Promo Code 4. Enter...

WordPress AN_Gradebook 5.0.1 Plugin - SQL injection Vulnerability

!/usr/bin/python3 Exploit Title: WordPress Plugin ANGradebook = 5.0.1 - Subscriber+ SQLi Date: 2023-07-26 Exploit Author: Lukas Kinneberg Github: https://github.com/lukinneberg/CVE-2023-2636 Vendor Homepage: https://wordpress.org/plugins/an-gradebook/ Software Link:...

Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping Exploit

Exploit Title: Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping Google Dork: NA Date: 22-07-2023 Exploit Author: H4rk3nz0 Vendor Homepage: https://www.keepersecurity.com/enGB/ Software Link: https://www.keepersecurity.com/enGB/get-keeper.html Version: Desktop App...

Zomplog 3.9 - Remote Code Execution Exploit

Exploit Title: zomplog 3.9 - Remote Code Execution RCE Application: zomplog Version: v3.9 Bugs: RCE Technology: PHP Vendor URL: http://zomp.nl/zomplog/ Software Link: http://zomp.nl/zomplog/downloads/zomplog/zomplog3.9.zip Date of found: 22.07.2023 Author: Mirabbas Ağalarov Tested on: Linux impor...

Zomplog 3.9 - Cross site scripting Vulnerability

Exploit Title: Zomplog 3.9 - Cross-site scripting XSS Application: Zomplog Version: v3.9 Bugs: XSS Technology: PHP Vendor URL: http://zomp.nl/zomplog/ Software Link: http://zomp.nl/zomplog/downloads/zomplog/zomplog3.9.zip Date of found: 22.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS Vulnerability

Exploit Title: Joomla VirtueMart Shopping-Cart 4.0.12 - Reflected XSS Exploit Author: CraCkEr Vendor: VirtueMart Team Vendor Homepage: https://www.virtuemart.net/ Software Link: https://demo.virtuemart.net/ Joomla Extension Link:...

mooDating 1.2 - Reflected Cross-site scripting Vulnerability

Exploit Title: mooDating 1.2 - Reflected Cross-site scripting XSS Exploit Author: CraCkEr aka skalvin Vendor: mooSocial Vendor Homepage: https://moodatingscript.com/ Software Link: https://demo.moodatingscript.com/home Version: 1.2 Tested on: Windows 10 Pro Impact: Manipulate the content of the...

copyparty v1.8.6 - Reflected Cross Site Scripting Vulnerability

Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting XSS Exploit Author: Vartamtezidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6 Version: =1.8.6 Tested on: Debian Linux CVE :...

RosarioSIS 10.8.4 - CSV Injection Vulnerability

Exploit Title: RosarioSIS 10.8.4 - CSV Injection Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://www.rosariosis.org/ Software Link: https://gitlab.com/francoisjacquet/rosariosis/-/archive/v10.8.4/rosariosis-v10.8.4.zip Affected Version: 10.8.4 Category: WebApps Tested on: Windows 10 1...

GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution Vulnerability

Exploit Title: GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution Exploit Author: p4r4bellum Vendor Homepage: https://getgreenshot.org Software Link: https://getgreenshot.org/downloads/ Version: 1.2.6.10 Tested on: windows 10.0.19045 N/A build 19045 CVE : CVE-2023-34634 GreenSho...

Joomla HikaShop 4.7.4 - Reflected XSS Vulnerability

Exploit Title: Joomla HikaShop 4.7.4 - Reflected XSS Exploit Author: CraCkEr Vendor: Hikari Software Team Vendor Homepage: https://www.hikashop.com/ Software Link: https://demo.hikashop.com/index.php/en/ Joomla Extension Link:...

mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Exploit

Exploit Title: mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Exploit Author: Maximilian Barz Vendor Homepage: https://mremoteng.org/ Software Link: https://mremoteng.org/download Version: mRemoteNG = v1.77.3.1784-NB Tested on: Windows 11 CVE : CVE-2023-30367 /...

copyparty 1.8.2 - Directory Traversal Vulnerability

Exploit Title: copyparty 1.8.2 - Directory Traversal Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE : CVE-2023-37474 Descriptio...

Perch v3.2 - Persistent Cross Site Scripting Vulnerability

Exploit Title: Perch v3.2 - Persistent Cross Site Scripting XSS Google Dork: N/A Exploit Author: Dinesh Mohanty Vendor Homepage: https://grabaperch.com/ Software Link: https://grabaperch.com/download Version: v3.2 Tested on: Windows CVE : Requested Description: Stored Cross Site Scripting Stored...

VMWare Aria Operations For Networks Remote Command Execution Exploit

VMWare Aria Operations for Networks vRealize Network Insight is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the ro...

WordPress File Manager Advanced Shortcode 2.3.2 Remote Code Execution Exploit

WordPress File Manager Advanced Shortcode plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to remote code execution in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to...

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege / Remote Code Execution

Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE. Author: nu11secur1ty Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference: https://portswigger.net/web-security/access-control CVE-2023-33148...

RWS WorldServer 11.7.3 - Session Token Enumeration

Exploit Title: RWS WorldServer 11.7.3 - Session Token Enumeration Session tokens in RWS WorldServer have a low entropy and can be enumerated, leading to unauthorised access to user sessions. Details ======= Product: WorldServer Affected Versions: 11.7.3 and earlier versions Fixed Version: 11.8.0...

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH) Exploit

Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow SEH Exploit Author: Andre Nogueira Vendor Homepage: https://www.raidenftpd.com/en/ Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe Version: RaidenFTPD 2.4.4005 Tested on: Microsoft Windows 10 Build 19045 1.- Open RaidenFTPD 2...

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Exploit Title: PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities Common Vulnerability Scoring System: ==================================== 5.8 Vulnerability Class: ==================== Cross Site Scripting - Persistent Current Estimated Price: ======================== 500€ - 1.000€ Produ...

Webile v1.0.1 - Multiple Cross Site Scripting Vulnerability

Exploit Title: Webile v1.0.1 - Multiple Cross Site Scripting Common Vulnerability Scoring System: ==================================== 5.5 Vulnerability Class: ==================== Cross Site Scripting - Persistent Current Estimated Price: ======================== 500€ - 1.000€ Product & Service...

Boom CMS v8.0.7 - Cross Site Scripting Vulnerability

Exploit Title: Boom CMS v8.0.7 - Cross Site Scripting Product & Service Introduction: =============================== Boom is a fully featured, easy to use CMS. More than 10 years, and many versions later, Boom is an intuitive, WYSIWYG CMS that makes life easy for content editors and website...

Perch v3.2 - Stored XSS Vulnerability

Exploit Title: Perch v3.2 - Stored XSS Application: Perch Cms Version: v3.2 Bugs: XSS Technology: PHP Vendor URL: https://grabaperch.com/ Software Link: https://grabaperch.com/download Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC ========================================...

Perch v3.2 - Remote Code Execution Exploit

Exploit Title: Perch v3.2 - Remote Code Execution RCE Application: Perch Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://grabaperch.com/ Software Link: https://grabaperch.com/download Date of found: 21.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

pfSense v2.7.0 - OS Command Injection Exploit

Exploit Title: pfSense v2.7.0 - OS Command Injection Exploit Author: Emir Polat CVE-ID : CVE-2023-27253 class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of...

Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection Vulnerability

Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Exploit Author: Ansh Jain @sudoark Author Contact : email protected Vendor Homepage: https://www.wifi-soft.com/ Software Link:...

Aures Booking & POS Terminal - Local Privilege Escalation Vulnerability

Exploit Title: Aures Booking & POS Terminal - Local Privilege Escalation Common Vulnerability Scoring System: ==================================== 7.2 Vulnerability Class: ==================== Privilege Escalation Current Estimated Price: ======================== 3.000€ - 4.000€ Product & Service...

Statamic 4.7.0 - File Inclusion Vulnerability

Title: Statamic 4.7.0 - File-Inclusion Author: nu11secur1ty Vendor: https://statamic.com/ Software: https://demo.statamic.com/ Reference: https://portswigger.net/web-security/file-upload Description: The statamic-4.7.0 suffers from file inclusion - file upload vulnerability. The attacker can uplo...

CmsMadeSimple v2.2.17 - Remote Code Execution Exploit

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

Joomla com_booking component 2.4.9 - Information Leak (Account enumeration) Exploit

Exploit Title: Joomla! combooking component 2.4.9 - Information Leak Account enumeration Google Dork: inurl:"index.php?option=combooking" Exploit Author: qw3rTyTy Vendor Homepage: http://www.artio.net/ Software Link: http://www.artio.net/downloads/joomla/book-it/book-it-2-free/download Version:...