39001 matches found
WordPress All In One SEO Pack 4.2.9 Cross Site Scripting Vulnerability
Affected Plugin: All In One SEO Pack Plugin Slug: all-in-one-seo-pack Affected Versions: = 4.2.9 CVE ID: CVE-2023-0586 CVSS Score: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Researcher/s: Ivan Kuzymchak Fully Patched Version: 4.3.0 The All in One SEO Pack plugin for...
WordPress Real Estate 7 Theme 3.3.4 Cross Site Request Forgery Vulnerability
WordPress Real Estate 7 Theme versions 3.3.4 and below suffer from multiple cross site request forgery vulnerabilities. ==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Multiple Cross-Site Request Forger...
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection Vulnerability
Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the eventFileSelected HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts. Ospr...
Osprey Pump Controller 1.0.1 userName Command Injection Vulnerability
Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...
Osprey Pump Controller 1.0.1 Cross Site Scripting Vulnerability
Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...
WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting Vulnerability
==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz...
Osprey Pump Controller 1.0.1 Cross Site Request Forgery Vulnerability
!-- Osprey Pump Controller 1.0.1 Cross-Site Request Forgery Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...
WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery Vulnerability
WordPress WoodMart Theme versions 7.1.1 and below suffer from a cross site request forgery vulnerability due to missing nonce validation on the processform function. ==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress WoodMart Theme =...
Employee Task Management System 1.0 Privilege Escalation Vulnerability
Employee Task Management System - Broken Authentication leads to compromise of all application accounts by changing the password CVE Assigned: CVE-2023-0905 mitre.org, nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Managemen...
Sales Tracker System 1.0 SQL Injection Vulnerability
Exploit Title: Authenticated SQL Injection on Sales Tracker System Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software Link: download link if available Version: 1.0 Tested on: Windo...
ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root Vulnerability
ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account...
Music Gallery Site 1.0 SQL Injection Vulnerability
Music Gallery Site - SQL Injection on page musiclist.php and parameter cid is vulnerable, application url is ?page=musiclist&cid=?. Any remote attacker can access this page to exploit the vulnerbility. CVE Assigned: CVE-2023-0938 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari...
ABUS Security Camera TVIP 20000-21150 LFI / Remote Code Execution Vulnerability
ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities. When coupled together, they can be leveraged to achieve remote access as root via ssh...
Employee Task Management System 1.0 SQL Injection Vulnerability
Employee Task Management System - SQL Injection on task-details.php?taskid=? with low privilege authentication CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version: ...
Auto Dealer Management System 1.0 SQL Injection Vulnerability
Auto Dealer Management System - SQL Injection on page viewtransaction.php and parameter is id, application url is ?page=vehicles/viewtransaction&id=? with low privilege authentication CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari Author Email:...
Simple Food Ordering System 1.0 Cross Site Scripting Vulnerability
Simple Food Ordering System - Authenticated Reflected Cross Site Scripting CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Author Email: navaidnemail protected Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1.0 What is Reflected Cross-Site...
Device Manager Express 7.8.20002.47752 SQL Injection / XSS / Code Execution / Traversal
Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities. Product Name: Device Manager Express Vendor Homepage: https://www.audiocodes.com Software Link:...
pyLoad js2py Python Execution Exploit
pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request to the flash/addcrypted2 endpoint to leverage this for code execution. pyLoad by default...
Music Gallery Site 1.0 Privilege Escalation / Missing Authentication Vulnerabilities
Music Gallery Site - Broken Access Control leads to compromise of complete application by adding admin user without log-in into the application. CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Music...
Froxlor 2.0.6 Remote Command Execution Exploit
Froxlor versions 2.0.6 and below suffer from a bug that allows authenticated users to change the application logs path to any directory on the OS level which the user www-data can write without restrictions from the backend which leads to writing a malicious Twig template that the application wil...
Yoga Class Registration System 1.0 SQL Injection Vulnerability
Exploit Title: Authenticated POST based SQL Injection when delete user on Yoga Class Registration System Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html Software Link: download link i...
Auto Dealer Management System 1.0 Privilege Escalation Vulnerability
Auto Dealer Management System - Broken Access Control leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Versio...
Sales Tracker System 1.0 SQL Injection Vulnerability
Exploit Title: Authenticated SQL Injection on Sales Tracker System Google Dork: NA Date: 21/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software Link: download link if availab...
pfBlockerNG 2.1.4_26 - Remote Code Execution Exploit
Exploit Title: pfBlockerNG 2.1.426 - Remote Code Execution RCE Shodan Results: https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22 Date: 5th of September 2022 Exploit Author: IHTeam Vendor Homepage:...
Microsoft Windows Contact File Remote Code Execution Vulnerability
Microsoft Windows Contact file / Remote Code Execution Resurrected 2022 / CVE-2022-44666 + John Page aka hyp3rlinx + twitter.com/hyp3rlinx + ISR: ApparitionSec Back in 2018 I discovered three related Windows remote code execution vulnerabilities affecting both VCF and Contact files. They were...
Best POS Management System 1.0 Cross Site Scripting Vulnerability
Exploit Title: Stored Cross Site Scripting on Best pos Management System Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link: https://www.sourcecodester.com/sites/default/files/download/mayurik/kruxton.zi...
Best POS Management System 1.0 SQL Injection Vulnerability
Exploit Title: SQL Injection on Best pos Management System Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link: https://www.sourcecodester.com/sites/default/files/download/mayurik/kruxton.zip Version: 1.0...
Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution Vulnerabilities
Kardex Mlog MCC version 5.7.12+0-a203c2a213-master suffers from a file inclusion vulnerability that allows for remote code execution. Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG...
Zabbix Agent 6.2.7 Insecure Permissions / Privilege Escalation Vulnerabilities
Zabbix Agent and Zabbix Agent 2 versions 6.2.7 and below suffer from an issue where it does not secure the permissions on a non-default installation directory, allowing an attacker to place a malicious executable to escalate privileges. Exploit Title: Zabbix agents - Insecure Permissions on...
Atrocore 1.5.25 Shell Upload Exploit
Title: atrocore-1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Date: 02.16.2023 Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The Create...
Microsoft Windows UTF-8 Buffer Overruns Exploit
When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions. Hi @ll, almost 4 years ago, with Windows 10 1903, after more than a year beta-testing in insider previews, Microsoft finally released UTF-8 support for the -A...
Arris Router Firmware 9.1.103 Remote Code Execution Exploit
Arris Router Firmware version 9.1.103 authenticated remote code execution exploit that has been tested against the TG2482A, TG2492, and SBG10 models. Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Exploit Author: Yerodin Richards Vendor Homepage:...
WordPress Quiz And Survey Master 8.0.8 Media Deletion Vulnerability
WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a missing authentication vulnerability that allows an attacker to delete media from the WordPress instance. 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL:...
WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery Vulnerability
WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability. 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Cross-Site Request Forgery CSR...
GitLab GitHub Repo Import Deserialization Remote Code Execution Exploit
An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested defaultbranch. GitLab will cache this object and then deserialize it when...
Monitorr 1.7.6 Shell Upload Exploit
Exploit Title: Monitorr v1.7.6 - Unauthenticated File upload to Remote Code Execution Exploit Author: Achuth V P retrymp3 Vendor Homepage: https://github.com/Monitorr/ Software Link: https://github.com/Monitorr/Monitorr Tested on: Ubuntu Version: v1.7.6 Exploit Description: Monitorr v1.7.6 suffer...
Korenix JetWave Command Injection / Denial Of Service Exploit
Multiple versions of Korenix JetWave suffer from authenticated command injection and denial of service vulnerabilities. ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| JetWave4221 HP-E, JetWave 2212G, JetWave 2212X/2212S, |...
Cisco RV Series Authentication Bypass / Command Injection Exploit
This Metasploit module exploits two vulnerabilities, a session ID directory traversal authentication bypass CVE-2022-20705 and a command injection vulnerability CVE-2022-20707, on Cisco RV160, RV260, RV340, and RV345 Small Business Routers, allowing attackers to execute arbitrary commands with...
Zoho ManageEngine Endpoint Central / MSP 10.1.2228.10 Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP versions 10.1.2228.10 and below CVE-2022-47966. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute...
Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution Exploit
This Metasploit module exploits an object deserialization vulnerability in Fortra GoAnywhere MFT. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unsafe Deserialization...
Nagios XI 5.7.5 Remote Code Execution Exploit
This Metasploit module exploits CVE-2021-25296, CVE-2021-25297, and CVE-2021-25298, which are OS command injection vulnerabilities in the windowswmi, switch, and cloud-vm configuration wizards that allow an authenticated user to perform remote code execution on Nagios XI versions 5.5.6 to 5.7.5 a...
ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine AdSelfService Plus versions 6210 and below. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute arbitrary code by providing a...
CKSource CKEditor5 35.4.0 Cross Site Scripting Vulnerability
Exploit Title: Cross Site Scripting in CKSource's CKEditor5 35.4.0 Google Dork: N/A Exploit Author: Manish Pathak Vendor Homepage: https://cksource.com/ Software Link: https://ckeditor.com/ckeditor-5/download/ Version: 35.4.0 Tested on: Linux / Web CVE : CVE-2022-48110 CKSource CKEditor5 35.4.0 w...
SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow Vulnerability
SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking...
WordPress Metform Elementor Contact Form Builder 3.1.2 Cross Site Scripting Vulnerability
WordPress Metform Elementor Contact Form Builder plugin versions 3.1.2 and below suffer from a persistent cross site scripting vulnerability. Affected Plugin: Metform Elementor Contact Form Builder Plugin Slug: metform Affected Versions: = 3.1.2 CVE ID: CVE-2023-0084 CVSS Score: 7.2 High CVSS...
Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine ServiceDesk Plus versions 14003 and below CVE-2022-47966. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute arbitrary code by...
101news By Mayuri K 1.0 SQL Injection Vulnerability
Title: 101news-by-Mayuri-K-1.0 Multiple-SQLi Author: nu11secur1ty Vendor: https://mayurik.com/ Software: https://mayurik.com/source-code/P4030/news-portal-project-in-php Reference: https://portswigger.net/web-security/sql-injection Description: The comment parameter appears to be vulnerable to SQ...
Apache Tomcat On Ubuntu Log Init Privilege Escalation Exploit
This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account to escalate their privileges from the...
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization Vulnerabilities
On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference,...
Oracle Database 12.1.0.2 Spatial Component Privilege Escalation Vulnerability
Oracle Database version 12.1.0.2 suffers from a privilege escalation vulnerability that achieves DBA access via the Spatial component. Title: Oracle Database Privilege Escalation Through Oracle Spatial Component Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2 Tested Versions:...