WordPress Motopress Hotel Booking Lite 4.2.4 Plugin - Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting XSS Exploit Author: Sanjay Singh Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4 Tested on:...

WordPress Download Manager 3.2.42 Cross Site Scripting Vulnerability

Description: Reflected Cross-Site Scripting Affected Plugin: Download Manager Plugin Slug: download-manager Plugin Developer: codename065 Affected Versions: = 3.2.42 CVE ID: CVE-2022-1985 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Rafie Muhammad...

Atlassian Confluence Namespace OGNL Injection Exploit

This Metasploit module exploits an OGNL injection in Atlassian Confluence servers. A specially crafted URI can be used to evaluate an OGNL expression resulting in OS command execution. This module requires Metasploit: https://metasploit.com/download Current source:...

Korenix JetPort 5601V3 Backdoor Account Vulnerability

Korenix JetPort 5601V3 with firmware version 1.0 suffers from having default backdoor accounts. The vendor will not address the issue as they claim the secret cannot be cracked in a reasonable amount of time. ======================================================================= title: Backdoor...

Poly Studio X30 / Studio X50 / Studio X70 / G7500 Command Injection Vulnerability

======================================================================= title: Authenticated Command Injection product: Poly Studio X30, Studio X50, Studio X70, G7500 vulnerable version: 3.4.0-292042, 3.5.0-344025, 3.6.0 fixed version: 3.7.0 or higher CVE number: CVE-2022-26481 impact: critical...

Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure Vulnerability

ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published: 2022-06-01 CVSSv3 Score: 7.5...

Confluence OGNL Injection Remote Code Execution Exploit

Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected. !/usr/bin/python3 Exploit Title: Confluence Pre-Auth Remote Code Execution via OGNL Injection Google Dork: N/A Date: 06/006/2022...

Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure Vulnerability

ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published: 2022-06-01 CVSSv3 Score: 5.3...

Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass Vulnerability

======================================================================= title: Multiple Critical Vulnerabilities product: Poly EagleEye Director II vulnerable version: 2.2.1.1 Jul 1, 2021 fixed version: 2.2.2.1 or higher CVE number: CVE-2022-26479, CVE-2022-26482 impact: critical homepage:...

dbus-broker-29 Memory Corruption Exploit

======================================================================= title: Multiple Memory Corruption Vulnerabilities product: dbus-broker vulnerable version: dbus-broker-29 fixed version: dbus-broker-31 CVE number: CVE-2022-31212, CVE-2022-31213 impact: medium homepage:...

Microsoft Office Word MSDTJS Code Execution Exploit

This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code. This module requires Metasploit: https://metasploit.com/download Current source:...

Apache 2.4.50 Remote Code Execution Exploit

include include include include include / Apache 2.4.50 exploit CVE-2021-42013 Author: Vilius Povilaika Website: www.povilaika.com / // compile: $ gcc cve-2021-42013.c -lcurl -o cve-2021-42013 int usagechar prog printf"Usage: %s \n", prog; printf" - %s https://127.0.0.1 "uname -a"\n", prog;...

NVIDIA Data Center GPU Manager Remote Memory Corruption Exploit

NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopback interface, but can also listen on the network for requests coming in on port 5555 remote mgmt. A native client named DCGMI allows users to make...

IIPImage Remote Memory Corruption Exploit

IIPImage is distributed with a server that enables advanced, high-performance image manipulation for web-based streaming and viewing of high resolution images. The server component called iipsrv.fcgi processes requests from users and passes them to command handlers. Several crashes including an...

Microweber CMS 1.2.15 - Account Takeover Vulnerability

Exploit Title: Microweber CMS 1.2.15 - Account Takeover Exploit Author: Manojkumar J Vendor Homepage: https://github.com/microweber/microweber Software Link: https://github.com/microweber/microweber/releases/tag/v1.2.15 Version: =1.2.15 Tested on: Windows10 CVE : CVE-2022-1631 Description:...

Contao 4.13.2 - Cross-Site Scripting Vulnerability

Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-1588 References: -...

Telesquare SDT-CW3B1 1.1.0 - OS Command Injection Exploit

!/usr/bin/python3 Exploit Title: Telesquare SDT-CW3B1 1.1.0 - OS Command Injection Date: 24th May 2022 Exploit Author: Bryan Leong Vendor Homepage: http://telesquare.co.kr/ CVE : CVE-2021-46422 Authentication Required: No import requests import argparse import sys from xml.etree import ElementTre...

Zyxel USG FLEX 5.21 - OS Command Injection Exploit

Exploit Title: Zyxel USG FLEX 5.21 - OS Command Injection Shodan Dork: title:"USG FLEX 100" title:"USG FLEX 100W" title:"USG FLEX 200" title:"USG FLEX 500" title:"USG FLEX 700" title:"USG20-VPN" title:"USG20W-VPN" title:"ATP 100" title:"ATP 200" title:"ATP 500" title:"ATP 700" title:"ATP 800"...

GtkRadiant 1.6.6 Buffer Overflow Exploit

===== Intro ===== GtkRadiant is a cross-platform level editor software for idtech game engines such as Quake. It comes with data authoring tools and a BSP map compiler called q3map2 which parses MAP files. The code has been around for a long time and uses unsafe string copy and format functions. ...

Avantune Genialcloud ProJ 10 Cross Site Scripting Vulnerability

Exploit Title: Avantune Genialcloud ProJ 10 - Reflected XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.avantune.com Software Link: https://www.genialcloud.com - https://www.genialcloud.com/discover-genialcloud-proj - https://store.genialcloud.com Version:...

dotCMS Shell Upload Exploit

When files are uploaded into dotCMS via the content API, but before they become content, dotCMS writes the file down in a temporary directory. In the case of this vulnerability, dotCMS does not sanitize the filename passed in via the multipart request header and thus does not sanitize the tempora...

Product Show Room Site 1.0 Cross Site Scripting Vulnerability

Product Show Room Site - 'Telephone' Stored Cross-Site ScriptingXSS Exploit Title: Product Show Room Site - 'Telephone' Stored Cross-Site ScriptingXSS Exploit Author: email protected inc Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html...

libMeshb Buffer Overflow Exploit

libMeshb suffers from a buffer overflow vulnerability. Version 7.62 has been released to address this issue. ===== Intro ===== libMeshb is a library which supports moving between data types for the Gamma Mesh Format. A buffer overflow was found when parsing the MESH format and specially crafted...

libxml2 xmlBufAdd Heap Buffer Overflow Exploit

libxml2: heap-buffer-overflow in xmlBufAdd libxml2 is vulnerable to a heap-buffer-overflow when xmlBufAdd is called on a very large buffer: int xmlBufAddxmlBufPtr buf, const xmlChar str, int len unsigned int needSize; .. needSize = buf-use + len + 2; A if needSize buf-size .. if !xmlBufResizebuf,...

Fast Food Ordering System 1.0 SQL Injection Vulnerability

Title: Fast Food Ordering System 1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15366/fast-food-ordering-system-phpoop-free-source-code.html Reference:...

Ingredient Stock Management System 1.0 Account Takeover Vulnerability

Exploit Title: Ingredient Stock Management System v1.0 - Account Takeover Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html Version:...

Ingredient Stock Management System 1.0 SQL Injection Vulnerability

Exploit Title: Ingredient Stock Management System v1.0 - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html Version: 1.0...

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root Exploit

Schneider Electric C-Bus Automation Controller 5500SHAC version 1.10 suffers from an authenticated arbitrary command execution vulnerability. An attacker can abuse the Start-up init script editor and exploit the script POST parameter to insert malicious Lua script code and execute commands with...

WordPress User Meta Lite / Pro 2.4.3 Path Traversal Vulnerability

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: User Meta Vendor URL: https://wordpress.org/plugins/user-meta Type: Relative Path Traversal CWE-23 Date found: 2022-02-28 Date published: 2022-05-24 CVSSv3 Score: 4.3...

MyBB (prior 1.8.30) Admin Control Remote Code Execution Exploit

This Metasploit module exploits an improper input validation vulnerability in MyBB versions prior to 1.8.30 to execute arbitrary code in the context of the user running the application. The MyBB Admin Control setting page calls the PHP eval function with unsanitized user input. The exploit adds a...

qdPM 9.1 - Remote Code Execution (Authenticated) Exploit

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 https://www.exploit-db.com/exploits/47954 Exploit Author: Leon Trappett thepcn3rd Vendor...

CLink Office 2.0 SQL Injection Vulnerability

Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console Exploit Author: Erwin Chan, Stephen Tsoi Vendor Homepage: https://www.communilink.net/ Softwar: CLink Office Version: 2.0 Tested on: CLink Office 2.0 Anti-Spam management console...

OpenCart v3.x Newsletter Module - Blind SQL injection Vulnerability

Exploit Title: OpenCart v3.x Newsletter Module - Blind SQLi Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=marketplace/extension/info&extensionid=32750&filtermember=Zemez Version: v.3.0.2.0 Tested on: XAMPP, Linux...

m1k1o Blog v.10 - Remote Code Execution Exploit

Exploit Title: m1k1o's Blog v.10 - Remote Code Execution RCE Authenticated Exploit Author: Malte V Vendor Homepage: https://github.com/m1k1o/blog Software Link: https://github.com/m1k1o/blog/archive/refs/tags/v1.3.zip Version: 1.3 and below Tested on: Linux CVE : CVE-2022-23626 import argparse...

Online Fire Reporting System 1.0 SQL injection Vulnerability

Title: Online Fire Reporting System 1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15346/online-fire-reporting-system-phpoop-free-source-code.html Reference:...

Blockchain AltExchanger 1.2.1 SQL Injection Vulnerability

Information Vulnerability Name : Multiple Remote SQL Injections in Inout Blockchain AltExchanger Product : Inout Blockchain AltExchanger version : 1.2.1 Vendor Site : https://www.inoutscripts.com/products/inout-blockchain-altexchanger/ Exploit Detail :...

iTop Remote Command Execution Exploit

!/usr/bin/env ruby Exploit Title: iTop p...

Blockchain FiatExchanger 2.2.1 SQL Injection Vulnerability

Information Vulnerability Name : Remote Blind SQL Injections in Inout Blockchain FiatExchanger Product : Inout Blockchain FiatExchanger version : 2.2.1 Vendor Site : https://www.inoutscripts.com/products/inout-blockchain-fiatexchanger/ Exploit Detail :...

Emby Media Server 4.7.0.60 Cross Site Scripting Vulnerability

Exploit Title: Emby Media Server 4.7.0.60 Cross Site Scripting Exploit Author: Yehia Elghaly Vendor Homepage: https://emby.media/ Software Link: https://emby.media/windows-server.html Version: 4.7.0.60 Tested on: Windows 7 / 10 Summary: Emby formerly Media Browser is a media server designed to...

LiquidFiles 3.4.15 Cross Site Scripting Vulnerability

LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeline of disclosure Thanks & Acknowledgements References ===== Vulnerability...

PHPIPAM 1.4.4 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents ================================================== Overview Detailed description Timeline of disclosure Thanks & Acknowledgements References ===== Vulnerability...

SolarView Compact 6.0 - OS Command Injection Vulnerability

Exploit Title: SolarView Compact 6.0 - OS Command Injection Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29303 Tested on: Windows Exploit HTTP Request : POST /confmail.php HTTP/1.1...

OpenCart So Listing Tabs 2.2.0 Unsafe Deserialization Vulnerability

Affected Versions: Version 2.2.0 is affected, and prior versions are likely affected too. - Vulnerabilities Description: Vulnerable component is switching to another tab. To exploit vulnerability, an attacker may send a POST request with application/x-www-form-urlencoded content-type to AJAX...

Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting XSS Exploit Author: Pankaj Kumar Thakur Vendor Homepage: https://surveysparrow.com/ Software Link: https://surveysparrow.com/enterprise-survey-software/ Version: 2022 Tested on: Windows CVE : CVE-2022-2972...

Showdoc 2.10.3 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

SDT-CW3B1 1.1.0 - OS Command Injection Vulnerability

Exploit Title: SDT-CW3B1 1.1.0 - OS command injection Exploit Author: Ahmed Alroky Author Company : AIactive Version: 1.0.0 Vendor home page : http://telesquare.co.kr/ Authentication Required: No CVE : CVE-2021-46422 Tested on: Windows HTTP Request GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=id...

T-Soft E-Commerce 4 - SQL injection (Authenticated) Vulnerability

Exploit Title: T-Soft E-Commerce 4 - SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux Category: WebApp Google Dork: N/A CVE: 2022-28132 Description Step-1: Login as Admin or with privilage use...

T-Soft E-Commerce 4 - (UrunAdi) Stored Cross-Site Scripting Vulnerability

Exploit Title: T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting XSS Exploit Author: Alperen Ergel alpernae IG/TW Web Site: https://alperenae.gitbook.io/ Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux Category: WebApp Google Dork: N/A CVE :N/A Descriptio...

WordPress WP Event Manager 3.1.27 Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin WP Event Manager - Stored Cross Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/wp-event-manager/ Version: 3.1.27 Tested on: Firefox Contact me: email protected Steps To Reproduce : 1 - First Install the...

HighCMS / HighPortal 12.x SQL Injection Vulnerability

Exploit Title: HighCMS/HighPortal v12.x SQL Inj Type : WEBAPPS "HighCMS/HighPortal" Platform : ASP.NET Exploit Author : E1.Coders Software Link : https://aryanic.com/page/portal Version : v12.x Category : Webapps Tested on: Linux/Windows Google Dork:...