SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated) Exploit

!/usr/bin/python3 Exploit Title: SCM Manager 1.60 - Cross-Site Scripting Stored Authenticated Google Dork: intitle:"SCM Manager" intext:1.60 Date: 05-25-2023 Exploit Author: neg0x https://github.com/n3gox/CVE-2023-33829 Vendor Homepage: https://scm-manager.org/ Software Link:...

Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution Exploit

Exploit Title: Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution Metasploit Date: Dec 9 2019 Exploit Author: Ege Balci Vendor Homepage: https://www.seagate.com/de/de/support/external-hard-drives/network-storage/seagate-central/ Version: 2015.0916 CVE : 2020-6627 This...

Ulicms 2023.1 - create admin user via mass assignment Vulnerability

Exploit Title: Ulicms 2023.1 - create admin user via mass assignment Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: create admin user via mass assignment Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution Vulnerability

Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE via subprocessexecute Exploit Author: Iyaad Luqman K Application: Roxy WI = v6.1.0.0 Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Tested on: Ubuntu 22.04 CVE : CVE-2022-31137 P...

WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting Vulnerability

Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting XSS Version: 1.6.1 Bugs: XSS Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical...

SitemagicCMS 4.4.3 - Remote Code Execution Vulnerability

Exploit Title: SitemagicCMS 4.4.3 Remote Code Execution RCE Application: SitemagicCMS Version: 4.4.3 Bugs: RCE Technology: PHP Vendor URL: https://sitemagic.org/Download.html Software Link: https://github.com/Jemt/SitemagicCMS Date of found: 14-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

Webkul Qloapps 1.5.2 - Cross-Site Scripting Vulnerability

Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting XSS Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://qloapps.com/ Software Link: https://github.com/webkul/hotelcommerce Version: 1.5.2 Tested on: Kali Linux 2022.4 CVE : CVE-2023-30256 Description: A Cross Site Scripting XSS...

eScan Management Console 14.0.1400.2281 - SQL Injection Vulnerability

Exploit Title: eScan Management Console 14.0.1400.2281 - SQL Injection Authenticated Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31702 Step of Reproduction/Proof o...

Screen SFT DAB 600/C - Authentication Bypass Account Creation Exploit

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Account Creation Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Screen SFT DAB 600/C - Authentication Bypass Reset Board Config Exploit

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Reset Board Config Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution Vulnerability

Exploit Title: Gin Markdown Editor v0.7.4 Electron - Arbitrary Code Execution Exploit Author: 8bitsec CVE: CVE-2023-31873 Vendor Homepage: https://github.com/mariuskueng/gin Software Link: https://github.com/mariuskueng/gin Version: 0.7.4 Tested on: Mac OS 13 Release Date: 2023-04-24 Product &...

PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting Vulnerability

Exploit Title: PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting XSS Application: PodcastGenerator Version: v3.2.9 Bugs: Stored Xss Technology: PHP Vendor URL: https://podcastgenerator.net/ Software Link: https://github.com/PodcastGenerator/PodcastGenerator Date of found: 14-05-2023...

Screen SFT DAB 600/C - Authentication Bypass Erase Account Exploit

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Erase Account Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Trend Micro OfficeScan Client 10.0 - ACL Service Local Privilege Escalation Vulnerability

Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client" C:\Program Files...

Screen SFT DAB 600/C - Authentication Bypass Admin Password Change Exploit

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Admin Password Change Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Smart School v1.0 - SQL Injection Vulnerability

Exploit Title: Smart School v1.0 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/smart-school-school-management-system/19426018 Demo Site: https://demo.smart-school.in Tested on: Kali Linux CVE: N/A Request POST /course/filterRecords/ HTTP/1.1 Host: localhost...

Optoma 1080PSTX Firmware C02 - Authentication Bypass Vulnerability

Exploit Title: Optoma 1080PSTX Firmware C02 - Authentication Bypass Exploit Author: Anthony Cole Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Vendor Homepage: http://optoma.com Version: Optoma 1080PSTX Firmware C02 Tested on: N/A CVE : CVE-2023-27823 Details By default...

Prestashop 8.0.4 - CSV injection Vulnerability

Exploit Title: Prestashop 8.0.4 - CSV injection Application: prestashop Version: 8.0.4 Bugs: CSV Injection Technology: PHP Vendor URL: https://prestashop.com/ Software Link: https://prestashop.com/prestashop-edition-basic/ Date of found: 14.05.2023 Author: Mirabbas Ağalarov Tested on: Windows 2...

Affiliate Me Version 5.0.1 - SQL Injection Vulnerability

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version: 5.0.1 Vendor:...

WordPress Backup Migration 1.2.8 Plugin - Unauthenticated Database Backup Vulnerability

Exploit Title: WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup Google Dork: intitle:"Index of /wp-content/plugins/backup-backup" AND inurl:"plugins/backup-backup/" Exploit Author: Wadeek Vendor Homepage: https://backupbliss.com/ Software Link:...

Best POS Management System v1.0 - Unauthenticated Remote Code Execution Exploit

Exploit Title: Best POS Management System v1.0 - Unauthenticated Remote Code Execution Google Dork: NA Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

TinyWebGallery v2.5 - Remote Code Execution Vulnerability

Exploit Title: TinyWebGallery v2.5 - Remote Code Execution RCE Application: TinyWebGallery Version: v2.5 Bugs: RCE Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023 Author: Mirabbas...

LeadPro CRM v1.0 - SQL Injection Vulnerability

Exploit Title: LeadPro CRM v1.0 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/leadifly-lead-call-center-crm/43485578 Demo Site: https://demo.leadifly.in Tested on: Kali Linux CVE: N/A Request GET...

Quicklancer v1.0 - SQL Injection Vulnerability

Exploit Title: Quicklancer v1.0 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/quicklancer-freelance-marketplace-php-script/39087135 Demo Site: https://quicklancer.bylancer.com Tested on: Kali Linux CVE: N/A Request POST /php/user-ajax.php HTTP/1.1...

PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Vulnerability

Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...

e107 v2.3.2 - Reflected XSS Vulnerability

Exploit Title: e107 v2.3.2 - Reflected XSS Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 2.3.2 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64 OpenSSL/1.1.1l PHP/7.4.23 XSS Reflect...

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution Vulnerability

Exploit Title: Yank Note v3.52.1 Electron - Arbitrary Code Execution Exploit Author: 8bitsec CVE: CVE-2023-31874 Vendor Homepage: yank-note.com Software Link: https://github.com/purocean/yn Version: 3.52.1 Tested on: Ubuntu 22.04 | Mac OS 13 Release Date: 2023-04-27 Product & Service Introduction...

Stackposts Social Marketing Tool v1.0 - SQL Injection Vulnerability

Exploit Title: Stackposts Social Marketing Tool v1.0 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/stackposts-social-marketing-tool/21747459 Demo Site: https://demo.stackposts.com Tested on: Kali Linux CVE: N/A Request POST /spmo/auth/login HTTP/1.1...

GetSimple CMS v3.3.16 - Remote Code Execution Exploit

Exploit Title: GetSimple CMS v3.3.16 - Remote Code Execution RCE Exploit Author : Youssef Muhammad Vendor: Get-simple Software Link: Version app: 3.3.16 Tested on: linux CVE: CVE-2022-41544 import sys import hashlib import re import requests from xml.etree import ElementTree from threading import...

Screen SFT DAB 600/C - Authentication Bypass Password Change Exploit

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Password Change Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Apache Superset 2.0.0 - Authentication Bypass Exploit

Exploit Title: Apache Superset 2.0.0 - Authentication Bypass Exploit Author: MaanVader Vendor Homepage: https://superset.apache.org/ Version: Apache Superset= 1.4.1 b'thisISaSECRET1234', deployment template b'YOUROWNRANDOMGENERATEDSECRETKEY', documentation b'TESTNONDEVSECRET' docker compose def...

PaperCut NG/MG 22.0.4 - Remote Code Execution Exploit

Exploit Title: PaperCut NG/MG 22.0.4 - Remote Code Execution RCE Exploit Author: Mohin Paramasivam Shad0wQu35t and MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests import argparse Grouppayload =...

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title Vulnerability

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Software Link:...

FusionInvoice 2023-1.0 - Cross-Site Scripting Vulnerability

Exploit Title: FusionInvoice 2023-1.0 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.squarepiginteractive.com Software Link: https://www.fusioninvoice.com/store Version: 2023-1.0 Tested on: Latest Version of Desktop Web Browsers ATTOW: Firefox...

Sudoedit Extra Arguments Privilege Escalation Exploit

This exploit takes advantage of a vulnerability in sudoedit, part of the sudo package. The sudoedit aka sudo -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of...

Hubstaff 1.6.14-61e5e22e - (wow64log) DLL Search Order Hijacking Vulnerability

Exploit Title: Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking Exploit Author: Ahsan Azad Vendor Homepage: https://hubstaff.com/ Software Link: https://app.hubstaff.com/download Version: 1.6.13, 1.6.14 Tested On: 64-bit operating system, x64-based processor Description Hubstaff i...

eScan Management Console 14.0.1400.2281 - Cross Site Scripting Vulnerability

Exploit Title: eScan Management Console 14.0.1400.2281 - Cross Site Scripting Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31703 Step of Reproduction/ Proof of...

Screen SFT DAB 600/C - Unauthenticated Information Disclosure Vulnerability

Exploit Title: Screen SFT DAB 600/C - Unauthenticated Information Disclosure userManager.cgx Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Millhouse Project 1.414 thrsrossi - Remote Code Execution Exploit

sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...

WBiz Desk 1.2 SQL Injection Vulnerability

Exploit Title: WBiz Desk 1.2 - SQL Injection CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: WBiz Desk Application Version: 1.2 Link:...

Bludit CMS 3.14.1 Cross Site Scripting Vulnerability

Exploit Title: Bludit CMS v3.14.1 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/releases/tag/3.14.1 Version: 3.14.1 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE:...

ChurchCRM 4.5.4 Cross Site Scripting Vulnerability

Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: http://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM/releases/tag/4.5.4 Version: 4.5.4 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE: CVE-2023-31699 Step...

WordPress Core 6.2 XSS / CSRF / Directory Traversal Vulnerability

On May 16, 2023, the WordPress core team released WordPress 6.2.1, which contains patches for 5 vulnerabilities, including a Medium Severity Directory Traversal vulnerability, a Medium-Severity Cross-Site Scripting vulnerability, and several lower-severity vulnerabilities. These patches have been...

CiviCRM 5.59.alpha1 Cross Site Scripting Vulnerability

Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: https://civicrm.org Software Link: https://civicrm.org/download Version: 5.59.alpha1, 5.58.0 and earlier, 5.57.3 and earlier Tested on: Latest Version of Desktop Web Browsers...

Ivanti Avalanche FileStoreConfig Shell Upload Exploit

Ivanti Avalanche versions prior to 6.4.0.186 permits MS-DOS style short names in the configuration path for the Central FileStore. Because of this, an administrator can change the default path to the web root of the applications, upload a JSP file, and achieve remote command execution as NT...

SEO Friendly Blog CMS 1.0 Cross Site Scripting Vulnerability

Title: SEO-friendly-blog-CMS-system-in-PHP-with-MYSQL-database-1.0-2023 XSS-Reflected Vulnerability Author: nu11secur1ty Vendor: https://technosmarter.com/ Software: https://github.com/technosmarter/SEO-friendly-blog-CMS-system-in-PHP-with-MYSQL-database Reference XSS:...

Textpattern 4.8.8 Session Token Disclosure Vulnerability

Textpattern version 4.8.8 logs the session token in a GET request where it may end up getting disclosed in logs or via a referer. Title: textpattern-4.8.8 Session token in URL Vulnerability Author: nu11secur1ty Vendor: https://textpattern.com/ Software:...

IBM AIX 7.2 inscout Privilege Escalation Exploit

This Metasploit module exploits a command injection vulnerability in IBM AIX invscout set-uid root utility present in AIX 7.2 and earlier. The undocumented -rpm argument can be used to install an RPM file; and the undocumented -o argument passes arguments to the rpm utility without validation,...

WordPress Elementor Lite 5.7.1 Arbitrary Password Reset Vulnerability

On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level...

Filmora 12 Build 1.0.0.7 Unquoted Service Path Vulnerability

Vendor Name: Filmora Product Name: Filmora 12 version Build 1.0.0.7 Vendor Home Page: https://filmora.wondershare.com/ Affected Versions: Filmora 12 version Build 12.2.1.2088 Vulnerability Type: Unquoted Service Path Vulnerability CWE-428 CVE Reference: CVE-2023-31747 Security Researcher: Thurein...