One Church Management System 1.0 SQL Injection Vulnerability

Exploit Title: One Church Management System 1.0 - attendancy.php search2 SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church...

Microfinance Management System 1.0 SQL Injection Vulnerability

Microfinance Management System version suffers from multiple remote SQL injection vulnerabilities including one that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Hejap Zairy in March of 2022. Exploit Title: Microfinance Management System 1...

One Church Management System 1.0 Cross Site Scripting Vulnerability

Exploit Title: One Church Management System 1.0 - Multiple Cross-site Scripting Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church Management...

Royale Event Management System 1.0 Cross Site Scripting Vulnerability

Exploit Title: Royale Event Management System 1.0 - Cross-site Scripting Stored unauthenticated Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ Royale...

Online Student Admission v1.0 SQL injection Vulnerability

Title: Online Student Admission v1.0 SQLi Author: nu11secur1ty Date: 03.28.2022 Vendor: https://www.sourcecodester.com/users/walterjnr1 Software: https://www.sourcecodester.com/php/14874/online-student-admission-system.html Reference:...

Online Banking System v1.0 SQL injection Vulnerability

Title: Online Banking System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Reference:...

Online Sports Complex Booking v1.0 SQL injection Vulnerability

Title: Online Sports Complex Booking v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Reference:...

Trend Micro Virtual Mobile Infrastructure 6.0.1278 Denial Of Service Vulnerability

Exploit Title: Trend Micro Virtual Mobile Infrastructure TMVMI version 6 - Denial of Service PoC Date: 24/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.trendmicro.com/ Software Link: App Store for iOS devices Version: 6.0.1278 Tested: iPhone 6 iOS 12.4.7 Vulnerability Type:...

Sports Complex Booking System 1.0 SQL Injection Vulnerability

Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code. Title: Sports Complex Booking System 1.0 Blind SQLi To Rce Author: Hejap Zairy Vendor:...

Microfinance Management System 1.0 SQL Injection Vulnerability

Microfinance Management System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code. Title: Microfinance Management System 1.0 SQLi To Rce Author: Hejap Zairy Vendor:...

Online Sports Complex Booking System 1.0 SQL Injection Vulnerability

Exploit Title: Online Sports Complex Booking System - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Version: 1.0...

Online Sports Complex Booking System 1.0 Account Takeover Vulnerability

Exploit Title: Online Sports Complex Booking System - Account Takeover Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Version:...

Foxit PDF Editor 11.3.1 Arbitrary File Upload Vulnerability

Exploit Title: Foxit PDF Editor Arbitrary File Upload Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.foxit.com Software Link: https://apps.apple.com/us/app/foxit-pdf-editor/id507040546 Version: 11.3.1 Tested: iPhone 6 iOS 12.4.7 Contact: https://twitter.com/dmaral3noz -...

containerd Image Volume Insecure Handling Exploit

containerd: Insecure handling of image volumes containerd's cri plugin handles image volumes containing path traversals insecurely. This can be used to copy arbitrary host directories to a container-mounted path. OCI images contain a JSON config file described in...

Sports Complex Booking System 1.0 Shell Upload Vulnerability

Title: Sports Complex Booking System 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...

Event Management System 1.0 Shell Upload Vulnerability

Title: Event Management System 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip Reference:...

WordPress amministrazione-aperta 3.7.3 Plugin - Local File Read - Unauthenticated Vulnerability

Exploit Title: WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated Google Dork: inurl:/wp-content/plugins/amministrazione-aperta/ Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/amministrazione-aperta/ Version: 3.7.3...

ImpressCMS 1.4.2 Authentication Bypass Vulnerability

----------------------------------------------------------------------- ImpressCMS stripSlashesGPC$autologinName; 46. $pass = $myts-stripSlashesGPC$autologinPass; 47. if empty$uname || isnumeric$pass 48. $user = false ; 49. else 50. // V3 51. $uname4sql = addslashes$uname; 52. $criteria = new...

ImpressCMS 1.4.2 SQL Injection Vulnerability

--------------------------------------------------------------- ImpressCMS getUserCountByGroupLink@$POST"groups", $criteria; 282. 283. $validsort = array"uname", "email", "lastlogin", "userregdate", "posts"; 284. $sort = !inarray$POST'usersort', $validsort ? "uname" : $POST'usersort'; 285. $order...

Poultry Farm Management System 1.0 Shell Upload Vulnerability

Title: Poultry Farm Management System 1.0 Remote Code Execution RCE Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15230/poultry-farm-management-system-free-download.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/Redcock-Farm.zip Reference:...

Inventory Management System 1.0 Cross Site Scripting Vulnerability

Title: Inventory Management System 1.0 XSS Stored Author: Hejap Zairy Vendor: https://www.vetbossel.in/inventory-management-system-php/ Software: https://cutt.ly/lOZ8lrr Reference: https://github.com/Matrix07ksa Tested on: ArchLinux, MySQL, Apache Description: Stored XSS, also known as persistent...

Xlight FTP 3.9.3.2 Buffer Overflow Exploit

Exploit Title: Xlight FTP v3.9.3.2 - Buffer Overflow SEH Egghunter + ROP Exploit Author: Hejap Zairy Software Link: http://www.xlightftpd.com/download/setup.exe Tested Version: v3.9.3.22022-1-5 Tested on: Windows 10 64bit 1.- Run python code : 0day-HejapZairy.py 2.- Open 0dayHejap.txt and copy Al...

ImpressCMS 1.4.2 Incorrect Access Control Vulnerability

-------------------------------------------------------------------------- ImpressCMS validateToken$REQUEST'token', false 22. $denied = false; 23. 24. elseif isobjecticms::$user && icms::$user-isAdmin 25. $denied = false; 26. 27. if $denied 28. icmscoreMessage::errorNOPERM; 29. exit; 30. This...

Home Owners Collection Management System 1.0 SQL Injection Vulnerability

Exploit Title: Home Owners Collection Management System 1.0 - Remote Code Execution Blind SQLi to RCE Exploit Author: Hejap Zairy Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

ImpressCMS 1.4.2 Path Traversal Vulnerability

----------------------------------------------------------------- ImpressCMS getVar 'imagename' 162. if @unlink ICMSIMANAGERFOLDERPATH . '/temp/' . $simagetemp 163. $msg = MDAMDBUPDATED; ... 190. else 191. if copy ICMSIMANAGERFOLDERPATH . '/temp/' . $simagetemp, $categpath . $imgname 192. @unlink...

ProtonVPN 1.26.0 - Unquoted Service Path Vulnerability

Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: email protected PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" SC...

Inventory Management System 1.0 SQL Injection Vulnerability

Title: Inventory Management System 1.0 Blind SQLi To Rce Author: Hejap Zairy Vendor: https://www.vetbossel.in/inventory-management-system-php/ Software: https://cutt.ly/lOZ8lrr Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache vulnerability Code php php You have an error...

Amazing CD Ripper 1.2 Buffer Overflow Exploit

Exploit Title: Amazing CD Ripper v1.2 - Buffer Overflow Exploit Author: Hejap Zairy Software Link: http://www.shelltoys.com/cdripper.exe Software Link: https://web.archive.org/web/20160313071152/http://www.shelltoys.com/cdripper.exe Tested Version: v1.2.1 Tested on: Windows 10 64bit 1.- Run pytho...

Online Project Time Management v1.0 SQL injection Vulnerability

Title: Online Project Time Management v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15136/online-project-time-management-system-phpoop-free-source-code.html Reference:...

Ivanti Endpoint Manager 4.6 - Remote Code Execution Vulnerability

Exploit Title: Ivanti Endpoint Manager 4.6 - Remote Code Execution RCE Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 - EOF Aug 2021 Tested on: Linux x8664 CVE :...

ICEHRM 31.0.0.0S - Cross-site Request Forgery to Account Takeover Vulnerability

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Takeover Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 1. About - ICEHRM IceHrm...

ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting Vulnerability

Exploit Title: ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting XSS Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062 App:...

ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure Vulnerability

Exploit Title: ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062...

Sysax FTP Automation 6.9.0 - Privilege Escalation Vulnerability

Exploit Author: bzyo @bzyo Exploit Title: Sysax FTP Automation 6.9.0 - Privilege Escalation Vulnerable Software: Sysax FTP Automation 6.9.0 Vendor Homepage: https://www.sysax.com/ Version: 6.9.0 Software Link: https://www.sysax.com/download/sysaxautosetup.msi Tested on: Windows 10 x64 Details:...

iRZ Mobile Router - CSRF to Remote Code Execution Exploit

Exploit Title: iRZ Mobile Router - CSRF to RCE Google Dork: intitle:"iRZ Mobile Router" Exploit Author: Stephen Chavez & Robert Willis Vendor Homepage: https://en.irz.ru/ Software Link: https://github.com/SakuraSamuraii/ez-iRZ Version: Routers through 2022-03-16 Tested on: RU21, RU21w, RL21, RU41...

Wordpress iQ Block Country 1.2.13 Plugin - Arbitrary File Deletion via Zip Slip Vulnerability

Exploit Title: Wordpress Plugin iQ Block Country 1.2.13 - Arbitrary File Deletion via Zip Slip Authenticated Exploit Author: Ceylan Bozoğullarından Blog Post: https://bozogullarindan.com/en/2022/01/wordpress-iq-block-country-1.2.13-admin-arbitray-file-deletion-via-zip-slip/ Software Link:...

Windows SpoolFool Privilege Escalation Exploit

The Windows Print Spooler has a privilege escalation vulnerability that can be leveraged to achieve code execution as SYSTEM. The SpoolDirectory, a configuration setting that holds the path that a printer's spooled jobs are sent to, is writable for all users, and it can be configured via...

Instagram bypass Access Account Private Method Exploit

With this method you can hack almost any Instagram Account...

Moodle 3.11.5 - SQL injection (Authenticated) Exploit

Exploit Title: Moodle 3.11.5 - SQLi Authenticated Date: 2/3/2022 Exploit Author: Chris Anastasio @mufinnnnnnn Vendor Homepage: https://moodle.com/ Software Link: https://github.com/moodle/moodle/archive/refs/tags/v3.11.5.zip Write Up: https://muffsec.com/blog/moodle-2nd-order-sqli/ Tested on:...

Hikvision IP Camera - Backdoor Vulnerability

Exploit Title: Hikvision IP Camera - Backdoor Exploit Author: Sobhan Mahmoodi Reference: https://ipvm.com/reports/hik-exploit GitHub: https://github.com/bp2008/HikPasswordHelper/ Hikvision included a magic string that allowed instant access to any camera, regardless of what the admin password was...

Laravel Media Library Pro 2.1.6 Shell Upload Vulnerability

Exploit Title: Laravel Media Library Pro Vendor Homepage: https://spatie.be/ Software Link: https://spatie.be/products/media-library-pro Version: =1.17.10 & =2.1.6 Tested on: Laradock PHP 8.0 inside Ubuntu 20.04 CVE : CVE-2021-45040 Description: The Spatie media-library-pro library through 1.17.1...

Apache APISIX 2.12.1 - Remote Code Execution Exploit

Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT = '\3335m' NOTICE =...

Pluck CMS 4.7.16 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.py 127.0.0.1 80...

College Website Management System 1.0 SQL Injection Vulnerability

Exploit Title: College Website Management System 1.0 - SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux Title: ================ College Website...

Tiny File Manager 2.4.6 - Remote Code Execution Exploit

Exploit Title: Tiny File Manager 2.4.6 - Remote Code Execution RCE Exploit Author: FEBIN MON SAJI Software Link: https://github.com/prasathmani/tinyfilemanager Version: Tiny File Manager Example: $0 http://files.ubuntu.local/index.php admin "email protected" " log-in URL=$1 admin=$2 pass=$3...

Hades RAT Web Panel Insecure Credential Storage Vulnerability

Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24.txt Contact: email protected Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Insecure Credential Storage Family: Hades Type: WebUI MD5: c4cc1317aea42f7dd4a1b786c5278a24 MD5:...

RedLine.MainPanel Insecure Permissions Vulnerability

Original source: https://malvuln.com/advisory/baf102927947289e4d589028620ce291.txt Contact: email protected Media: twitter.com/malvuln Threat: RedLine.MainPanel - cracked.exe Vulnerability: Insecure Permissions Description: The malware writes PE files with insecure permissions to c drive granting...

Hades RAT Web Panel Information Disclosure Vulnerability

Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24B.txt Contact: email protected Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Information Disclosure Description: The Hades Rat web-panel listens on Port 80. There is no authentication check or...

WordPress Core 5.9.0 / 5.9.1 Cross Site Scripting Vulnerability

Contributor+ Stored Cross Site Scripting Vulnerability Description: Contributor+ Stored XSS Affected Versions: WordPress Core 5.9.0-5.9.1 CVE ID: Pending CVSS Score: 8.0 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Fully Patched Version: 5.9.2 Researcher/s: Ben Bidner WordPress...

Hades RAT Web Panel Cross Site Scripting Vulnerability

Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24C.txt Contact: email protected Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Remote Persistent XSS Family: Hades Type: WebUI MD5: c4cc1317aea42f7dd4a1b786c5278a24 MD5:...