39001 matches found
Xen PV Guest Non-SELFSNOOP CPU Memory Corruption Exploit
On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device which grants the domain the ability to set arbitrary cache attributes on all its pages can trick Xen into validating an L2 pagetable that contains a cacheline that is marked as clean in the cache but actually diffe...
Stock Management System 2020 SQL Injection Vulnerability
Title: Stock-Management-System-2020 SQLi Author: nu11secur1ty Vendor: https://github.com/Dav-ee Software: https://github.com/Dav-ee/Stock-Management-System Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Kiprono-Davies/2022/Stock-Management-System-2020 Description: T...
Paymoney 3.3 Cross Site Scripting Vulnerability
Title: paymoney-3.3 XSS-Reflected Author: nu11secur1ty Vendor: https://paymoney.techvill.org/ Software: paymoney-3.3 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3 Description: The parameters firstname and lastname in Users are vulnerable...
DouPHP 1.2 Release 20141027 SQL Injection Vulnerability
==================================================================================================================================== | Title : DouPHP v1.2 Release 20141027 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Stock Management System 2020 SQL injection Vulnerability
Title: Stock-Management-System-2020 SQLi Author: nu11secur1ty Vendor: https://github.com/Dav-ee Software: https://github.com/Dav-ee/Stock-Management-System Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Kiprono-Davies/2022/Stock-Management-System-2020 Description: T...
Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal Vulnerability
Carel pCOWeb HVAC BACnet Gateway version 2.1.0 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the logdownload.cgi bash script is not properly verified before being used to download log files. This can be exploited to...
PHP Library Remote Code Execution Vulnerability
Several PHP compatibility libraries contain a potential remote code execution flaw in their jsondecode function based on having copy pasted existing vulnerable code. Affected components include the WassUp Realtime analytics WordPress plugin, AjaXplorer Core, and more. JAHx221 - RCE in copy/pasted...
BigBlueButton 2.3 / 2.4.7 Cross Site Scripting Vulnerability
CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References ------------------------- Security advisory...
WiFi Mouse 1.7.8.5 - Remote Code Execution Exploit (2)
Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Python 3 port done by RedHatAugust Original exploit:...
TypeORM SQL Injection Vulnerability
typeorm CVE-2022-33171 findOneid, findOneOrFailid The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to S...
Fruits-Bazar 2021 1.0 SQL Injection Vulnerability
Title: Fruits-Bazar 2021 v1.0 SQLi Author: nu11secur1ty Vendor: https://github.com/creativesaiful Software: https://github.com/creativesaiful/Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- Reference:...
Laundry Management System 1.0 SQL Injection Exploit
Exploit Title: Laundry Management System 1.0 - Authenticated SQL Injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-cilaundry.zip Version: 1.0 Tested on: Windows 10 + XAMPP 3.2.4 C...
OpenCart 3.x So Filter Shop By SQL Injection Vulnerability
Exploit Title: OpenCart v3.x So Filter Shop By - Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://codecanyon.net/item/so-filter-shop-by-responsive-opencart-module/13945633 Version: V3.X Tested on: XAMPP, Linux Contact:...
AnyDesk 7.0.9 Arbitrary File Write / Denial Of Service Vulnerabilities
Exploit Title: AnyDesk allow arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine Exploit Author: Erwin Chan Vendor Homepage: https://anydesk.com/en Software Link: https://anydesk.com/en Version: 7.0.9 Tested on: Windows 11 It was found that AnyDesk versi...
WSO2 Management Console (Multiple Products) - Unauthenticated Reflected XSS Exploit
Exploit Title: WSO2 Management Console Multiple Products - Unauthenticated Reflected Cross-Site Scripting XSS Exploit Author: cxosmo Vendor Homepage: https://wso2.com Software Link: API Manager https://wso2.com/api-manager/, Identity Server https://wso2.com/identity-server/, Enterprise Integrator...
WordPress W-DALIL 2.0 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin W-DALIL - Stored Cross Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/w-dalil/ Version: 2.0 Tested on: Firefox Contact me: email protected Vulnerable Code: " value="" / Steps To Reproduce : 1 - First...
WordPress Simple Page Transition 1.4.1 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin ‘Simple Page Transition’ - Stored Cross Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/simple-page-transition/ Version: 1.4.1 Tested on: Firefox Contact me: email protected Vulnerable code: " / POC: 1-...
Coffee Shop Cashiering System 1.0 SQL Injection Exploit
Exploit Title: Coffee Shop Cashiering System - Authenticated Time Based Sql injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/cscs.zip Version: 1.0 Tested on: Windows 10 + XAMPP 3.2.4...
WordPress Weblizar 8.9 Plugin - Backdoor Vulnerability
Exploit Title: WordPress Plugin Weblizar 8.9 - Backdoor Google Dork: 'wp-json/am-member/license' Exploit Author: Sobhan Mahmoodi Vendor Homepage: https://weblizar.com/plugins/school-management/ Version: 8.9 Tested on: windows/linux Vulnerable code: addaction 'restapiinit', function...
Library Management System With QR Code 1.0 SQL Injection Vulnerability
Title: Library Management System with QR code Attendance 1.0 SQL Injection Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
Library Management System With QR Code 1.0 Cross Site Scripting Vulnerability
Title: Library Management System with QR code Attendance 1.0 Stored Cross-Site Scripting Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
Mailhog 1.0.1 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on: Windows,Linux,Docker CV...
Library Management System With QR Code 1.0 Shell Upload Vulnerability
Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...
Microsoft Office Project Universal Silent Builder Exploit
0day exploit is a program that injects any executable formatted file .exe into the desired project .mpp file. The exe is automatically executed when the project file is opened...
Microsoft Office Visio VSD Silent Builder Exploit
0day exploit is a program that injects any executable formatted file .exe into the desired visio .vsd file. The exe is automatically executed when the file.vsd is opened. Bypasses all antivirus programs...
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting Vulnerability
SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability. ======================================================================= title: Reflected Cross Site Scripting product: SIEMENS-SINEMA Remote Connect vulnerable version:...
Mitel 6800/6900 Series SIP Phones Backdoor Access Vulnerability
Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP MiNet Phones have a flow to spawn a telnet backdoor on the device with a static root password enabled. Affected versions include Rel 5.1 SP8 5.1.0.8016 and earlier, Rel 6.0 6.0.0.368 to 6.1 HF4 6.1.0.165, and MiNet 1.8.0.12...
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization Vulnerability
Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities. ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable...
SoftGuard SNMP Network Management Extension HTML Injection / File Download Vulnerability
======================================================================= title: Multiple vulnerabilities product: SoftGuard SNMP Network Management Extension vulnerable version: SoftGuard Web SGW 5.1.5 fixed version: SoftGuard version 5.1.5 from 2022-06-01 CVE number: CVE-2022-31201, CVE-2022-3120...
Lepin EP-KP001 KP001_V19 Authentication Bypass Vulnerability
When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker to bypass the password-based user authentication. Product: EP-KP001 Manufacturer: Lepin Affected Versions: KP001V19 Tested Versions: KP001V19 Vulnerability...
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor Vulnerability
Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components. ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components...
Warehouse Management System 2022 Multiple SQL injection Vulnerabilities
Title: Warehouse Management System 2022 ML-SQLi Author: nu11secur1ty Date: 06.13.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php-codeigniter-warehouse-management-system-free-source-code Reference:...
Microsoft Office Word DOC Silent Arbitrary Code Execution Builder Exploit
0day exploit is a program that injects any executable formatted file .exe into the desired word .doc file...
Real Player 16.0.3.51 - external::Import() Directory Traversal to Remote Code Execution Exploit
Exploit Title: Real Player 16.0.3.51 - 'external::Import' Directory Traversal to Remote Code Execution RCE Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: ver. 16.00.282, 16.0.3.51, Cloud 17.0.9.17, v.20.0.7.309 Tested on: Windows 7,...
phpIPAM 1.4.5 - Remote Code Execution (Authenticated) Exploit
Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS !/usr/bin/env python3...
TP-Link Router AX50 firmware 210730 - Remote Code Execution (Authenticated) Exploit
Exploit Title: TP-Link Router AX50 firmware 210730 - Remote Code Execution RCE Authenticated Exploit Author: Tomas Melicher Technical Details: https://github.com/aaronsvk/CVE-2022-30075 Vendor Homepage: https://www.tp-link.com/ Tested On: Tp-Link Archer AX50 Vulnerability Description: Remote Code...
Marval MSM v14.19.0.12476 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed blog:...
Virtua Software Cobranca 12S - SQL injection Vulnerability
Exploit Title: Virtua Software Cobranca 12S - SQLi Shodan Query: http.favicon.hash:876876147 Exploit Author: Luca Regne Vendor Homepage: https://www.virtuasoftware.com.br/ Software Link: https://www.virtuasoftware.com.br/downloads/Cobranca12S1308.exe Version: 12S Tested on: Windows Server 2019 CV...
Real Player v.20.0.8.310 G2 Control - DoGoToURL() Remote Code Execution Exploit
Exploit Title: Real Player v.20.0.8.310 G2 Control - 'DoGoToURL' Remote Code Execution RCE Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: v.20.0.8.310 Tested on: Windows 7, 8.1, 10 CVE : N/A Full PoC:...
ChurchCRM 4.4.5 - SQL injection Vulnerability
Exploit Title: ChurchCRM 4.4.5 - SQLi Exploit Author: nu11secur1ty Vendor: https://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 Description: There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via...
Old Age Home Management System 1.0 - SQL injection Authentication Bypass Vulnerability
Exploit Title: Old Age Home Management System 1.0 - SQLi Authentication Bypass Exploit Author: twseptian Vendor Homepage: https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/Old-Age-Home-MS-using-PHP.zip Version: v1.0 Tested on...
Algo 8028 Control Panel - Remote Code Execution (Authenticated) Exploit
Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...
Marval MSM v14.19.0.12476 - Cross-Site Request Forgery Vulnerability
Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery CSRF Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows PoCs:...
SolarView Compact 6.00 - (pow) Cross-Site Scripting Vulnerability
Exploit Title: SolarView Compact 6.00 - 'pow' Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29301 Tested on: Windows Proof Of Concept:...
Pandora FMS v7.0NG.742 - Remote Code Execution Exploit
Exploit Title: Pandora FMS v7.0NG.742 - Remote Code Execution RCE Authenticated Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pandorafms.com/ Software Link:...
SolarView Compact 6.00 - (time_begin) Cross-Site Scripting Vulnerability
Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...
HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path
Exploit Title: HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path Exploit Author: Ali Alipour Vendor Homepage: https://support.hp.com/us-en/document/c01998934 Software Link:...
Sourcegraph Gitserver 3.36.3 - Remote Code Execution Exploit
Exploit Title: Sourcegraph Gitserver 3.36.3 - Remote Code Execution RCE Exploit Author: Altelus Vendor Homepage: https://about.sourcegraph.com/ Version: 3.63.3 Tested on: Linux CVE : CVE-2022-23642 Docker Container: sourcegraph/server:3.36.3 Sourcegraph prior to 3.37.0 has a remote code execution...
ChurchCRM 4.4.5 SQL injection session hijacking Vulnerability
Title: ChurchCRM 4.4.5 SQLi session hijacking L2 Author: nu11secur1ty Date: 05.11.2022 Vendor: https://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 Description: There is a SQL Injection hijacking sessio...
Confluence Data Center 7.18.0 - Remote Code Execution Exploit
Exploit Title: Confluence Data Center 7.18.0 - Remote Code Execution RCE Exploit Author: h3v0x Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: All 7.4.17 versions before 7.18.1 Tested on: - CVE : CVE-2022-26134...