39001 matches found
Strapi 3.6.8 Password Disclosure / Insecure Handling Vulnerabilities
Exploit Title: Strapi " Exploit Author: Kitchaphan Singchai idealphase Vendor Homepage: https://strapi.io/ Software Link: https://github.com/strapi/strapi/releases Vulnerable Version: ..SNIP.. Redirecting to /documentation. Perform Base64 decoding and we got plaintext password in “documentation”...
WordPress Stafflist 3.1.2 Cross Site Request Forgery Vulnerability
Exploit Title: WordPress Plugin stafflist 3.1.2 - CSRF Authenticated Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A CSRF vulnerability exists in staff record...
WSO Arbitrary File Upload / Remote Code Execution Exploit
This Metasploit module abuses a vulnerability in certain WSO2 products that allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0,...
Covid 19 Travel Pass Management System v1.0 SQL injection Vulnerability
Title: Covid 19 Travel Pass Management System v1.0 SQLi Author: nu11secur1ty Date: 05.01.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15308/covid-19-travel-pass-management-system-phpoop-free-source-code.html Reference:...
Toll Tax Management System v1.0 SQL injection Vulnerability
Title: Toll Tax Management System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-source-code.html Reference:...
Home Clean Service System v1.0 - 2022 SQL injection Vulnerability
Title: Home Clean Service System v1.0 - 2022 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/acetech Software: https://www.sourcecodester.com/php/15293/home-clean-service-free-source-code.html Reference:...
Prime95 30.7 Build 9 Buffer Overflow Exploit
Exploit Title: Prime95 Version 30.7 build 9 Buffer Overflow RCE Discovered by: Yehia Elghaly Vendor Homepage: https://www.mersenne.org/ Software Link : https://www.mersenne.org/ftproot/gimps/p95v307b9.win32.zip Tested Version: 30.7 build 9 Vulnerability Type: Buffer Overflow RCE Local Tested on O...
WordPress Booking Calendar 9.1 PHP Object Injection / Insecure Deserialization Vulnerabilities
On April 18, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for an Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations. We received a response the same day and sent over our full disclosure early the next...
WordPress Curtain 1.0.2 Cross Site Scripting Vulnerability
Exploit Title: Multiple Stored Cross-Site Scripting vulnerabilities in WordPress curtain plugin 1.0.2 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Contact me: h at spidersilk.com Description Several...
Redis Lua Sandbox Escape Exploit
This Metasploit module exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently sanitized the Lua environment. The maintainers failed to disable the package interface, allowing attackers to load arbitrary...
Zepp 6.1.4-play User Account Enumeration Vulnerability
Zepp 6.1.4-play User Account Enumeration User account enumeration in password reset function Overview Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2108-02 Affected product: Zepp Android mobile application com.huami.watch.hmwatchmanager Tested...
Gitlab 14.9 - Authentication Bypass Vulnerability
Exploit Title: Gitlab 14.9 - Authentication Bypass Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 Tested on:...
GitLab 14.9 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Gitlab Stored XSS Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9...
WordPress WP-Invoice 4.3.1 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin WP-Invoice - Stored Cross Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/WP-Invoice/ Version: 4.3.1 Tested on: Firefox Contact me: email protected Vulnerable Code: wpi.businessname = ''; POC 1. Install th...
WordPress Coru LFMember 1.0.2 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin Coru LFMember - Stored Cross Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/Coru LFMember/ Version: 1.0.2 Tested on: Firefox Contact me: email protected Vulnerable Code: " name="gameimage" / "...
WordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin ScrollReveal.js Effects - Stored Cross Site Scripting Exploit Author: Mariam Tariq - Hunt3rsherlock Vendor Homepage: https://wordpress.org/plugins/scrollrevealjs-effects/ Version: 1.1.1 Tested on: Firefox Contact me: email protected Vulnerable Code: "...
Joomla Sexy Polling 2.1.7 SQL Injection Vulnerability
SexyPolling SQL Injection ==================== | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...
Pharmacy Management System 1.0 SQL Injection Vulnerability
Exploit Title: Pharmacy management system - 'email' SQL injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Version: 1.0 Tested on: XAMPP,...
ManageEngine ADSelfService Plus Custom Script Execution Exploit
This Metasploit module exploits the "custom script" feature of ADSelfService Plus. The feature was removed in build 6122 as part of the patch for CVE-2022-28810. For purposes of this module, a "custom script" is arbitrary operating system command execution. This module uses an attacker provided...
Pharmacy Management System 1.0 Shell Upload Vulnerability
Exploit Title: Pharmacy management system - Remote Code Execution RCE Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Version: 1.0 Tested on:...
Linux Kernel watch_queue Out-Of-Bounds Write Exploit
This Metasploit module exploits a vulnerability in the Linux Kernel's watchqueue event notification system. It relies on a heap out-of-bounds write in kernel memory. The exploit may fail on the first attempt so multiple attempts may be needed. Note that the exploit can potentially cause a denial ...
Online Restaurant Table Reservation System 1.0 SQL Injection Vulnerability
Exploit Title: Online Restaurant Table Reservation System v1.0 Exploit Author: segf0lt Vendor Homepage: https://www.sourcecodester.com/php/15286/online-restaurant-table-reservation-system-phpoop-free-source-code.html Software Link:...
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Exploit
The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the device. Affected versions include 1.0.36 and 1.2.7. !/usr/bin/env python...
Torrent Video Cutter V1.93 Build 114 Denial of Service Exploit
Exploit Title: Torrent Video Cutter V1.93 Build 114 Denial of Service Exploit Date: 20.4.2022 Vendor Homepage:http://www.torrentrockyou.com Software Link: https://down10.software/download-torrent-video-cutter/post-download/ Exploit Author: Achilles Tested Version: V1.93 Build 114 Tested on: Windo...
Audio Conversion Wizard V2.01 Denial of Service Exploit
Exploit Title: Audio Conversion Wizard V2.01 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.litexmedia.com Software Link: https://www.litexmedia.com/acwizard.exe Exploit Author: Achilles Tested Version: V2.01 Tested on: Windows 7 x64 1.- Run python code :Audio.py 2.- Open...
Multi Language-Pharmacy Management System v1.0 SQL injection Vulnerability
Title: Multi Language-Pharmacy Management System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/mayurik Software: https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html Reference:...
ALLPlayer ALLMediaServer V1.6 SEH Exploit
Exploit Title: ALLPlayer ALLMediaServer V1.6 SEH Exploit Version:ALLMediaServer V1.6 Exploit Author: Achilles Vendor Homepage: http://www.allmediaserver.org/ Downlod Link:http://www.allmediaserver.org/LiveUpdate/ALLMediaServer.exe Tested on: Windows 7 Sp1 x86 Original Dos Author: Yehia Elghaly...
Fast CD Ripper V1.8rc1 Denial of Service Exploit
Exploit Title: Fast CD Ripper V1.8rc1 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.litexmedia.com Software Link: https://en.softonic.com/download/fast-cd-ripper/windows/post-download Exploit Author: Achilles Tested Version: V1.7-V1.8rc1 Tested on: Windows 7 x64 1.- Run...
Joomla! 4.1.2 Shell Upload 0day Exploit
...
Karaoke Video Creator V2.5.6.3 Denial of Service Exploit
Exploit Title: Karaoke Video Creator V2.5.6.3 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.powerkaraoke.com Software Link: https://www.powerkaraoke.com/download/karaoke-video-creator-setup.exe?v=2.5.6.3 Exploit Author: Achilles Tested Version: V2.5.6.3 Tested on: Windows...
WordPress Motopress Hotel Booking Lite 4.2.4 Plugin - SQL Injection Vulnerability
Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection Exploit Author: Mohsen Dehghani aka 0xProfessional Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4 Tested on:...
WordPress Videos sync PDF 1.7.4 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...
Easy Appointments 1.4.2 - Information Disclosure Exploit
Exploit Title: Easy Appointments 1.4.2 - Information Disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2022-0482 Vendor Homepage: https://easyappointments.org/ Software Link...
WordPress Popup Maker 1.16.5 Plugin - Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...
PKP Open Journals System 3.3 - Cross-Site Scripting Vulnerability
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References: https://youtu.be/v8-9evO2oVg XSS via...
7-zip - Code Execution / Local Privilege Escalation Exploit
Exploit Title: 7-zip - Code Execution / Local Privilege Escalation Exploit Author: Kağan Çapar Vendor homepage: https://www.7-zip.org/ Software link: https://www.7-zip.org/a/7z2107-x64.msi Version: 21.07 and all versions Tested On: Windows 10 Pro x64 References:...
REDCap 11.3.9 - Stored Cross Site Scripting Vulnerability
Exploit Title: REDCap 11.3.9 - Stored Cross-Site Scripting Exploit Author: Kendrick Lam References: https://github.com/KCL04/XSS-PoCs/blob/main/CVE-2021-42136.js Vendor Homepage: https://projectredcap.org Software Link: https://projectredcap.org Version: Redcap before 11.4.0 Tested on: 11.2.5 CVE...
Fuel CMS 1.5.0 - Cross-Site Request Forgery Vulnerability
Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce: 1. Login with us...
Microsoft Exchange Mailbox Assistants 15.0.847.40 - Unquoted Service Path Vulnerability
Exploit Title: Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC : ============== C:\sc qc...
PTPublisher v2.3.4 - Unquoted Service Path Vulnerability
Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path Discovery by: bios Vendor Homepage: https://www.primera.com/ Tested Version: 2.3.4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic service get...
Windows/x86 - XOR/DEC/NOT/ROR encrypted / encoded + null free reverse tcp Shellcode (840 bytes)
Windows/x86 - XOR/DEC/NOT/ROR XDNR encrypted / encoded + null free reverse tcp 192.168.201.11:4444 Shellcode 840 bytes / \ / /\ \ \ \ \ \ / | | \ / | | / / \ | / | \ | \ //\ / /| /| / / / / / X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion Author: @xen0vas / include...
WordPress Elementor 3.6.2 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: WordPress Plugin Elementor 3.6.2 - Remote Code Execution RCE Authenticated Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://elementor.com/ Software Link: https://wordpress.org/plugins/elementor/advanced/ scroll down to select the version Version:...
Scriptcase 9.7 - Remote Code Execution Exploit
Exploit Title: Scriptcasr 9.7 arbitrary file upload getshell Exploit Author: luckyt0mat0 Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 9.7 Tested on: Windows Server 2019 Proof of Concept: POST...
EaseUS Data Recovery - (ensserver.exe) Unquoted Service Path Vulnerability
Exploit Title: EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path Discovery by: bios Vendor Homepage: https://www.easeus.com/ Tested Version: 15.1.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic...
Microsoft Exchange Active Directory Topology 15.0.847.40 - Unquoted Service Path Vulnerability
Exploit Title: Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC : ============== C:\sc qc...
Zyxel NWA-1100-NH - Command Injection Vulnerability
Exploit Title: Zyxel NWA-1100-NH - Command Injection Exploit Author: Ahmed Alroky Vendor Homepage: https://www.zyxel.com/homepage.shtml Version: ALL BEFORE 2.12 Tested on: Linux CVE : CVE-2021-4039 References : https://download.zyxel.com/NWA1100-NH/firmware/NWA1100-NH2.12AASI.3C02.pdf ,...
ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit
Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...
TikTok reset account password Exploit
Exploit can reset password and get full control any TikTok account. You can change target mobile phone without any problems, because exploit use bypass 2fa vulnerability...
Delta Controls enteliTOUCH 3.40.3935 Cross Site Scripting Vulnerability
enteliTouch XSS alertdocument.cookie" / input type="hidden" n...
Delta Controls enteliTOUCH 3.40.3935 Cross Site Request Forgery Vulnerability
enteliTouch CSRF CSRF Add User: input type=...