39001 matches found
AgentTesla Builder Web Panel SQL Injection Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7B.txt Contact: email protected Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: SQL Injection Description: The AgentTeslaBuilder WebUI uses...
Worktime 10.20 Build 4967 Unquoted Service Path Vulnerability
Exploit Title: WorkTime 10.20 Build Build 4967 Unquoted Service Path Discovery by: Yehia Elghaly Vendor Homepage: https://www.worktime.com/ Software Link: https://www.worktime.com/download/worktimecorporate.exe Tested Version: 10.20 Build Build 4967 Vulnerability Type: Unquoted Service Path Teste...
SB Admin Cross Site Request Forgery / SQL Injection Vulnerabilities
Credits & Authors: ================== Taurus Omar - @TaurusOmar email protected taurusomar.com Document Title: =============== SB Admin Bootstrap CSRF / Sqli Vulnerability / Bypasss Login Access Severity Level: =============== High Google & Bing Dorks =================== intitle:SB Admin - login...
OpenBMCS 2.4 Remote Privilege Escalation Vulnerability
OpenBMCS 2.4 Create Admin / Remote Privilege Escalation Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your business, the OpenBMCS software has the ability to expand to hundreds of...
Chaos Ransomware Builder 4 Insecure Permissions Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8b855e56e41a6e10d28522a20c1e0341.txt Contact: email protected Media: twitter.com/malvuln Threat: Chaos Ransomeware Builder v4 Vulnerability: Insecure Permissions Description: The malware writes an .EXE...
Worktime 10.20 Build 4967 DLL Hijacking Vulnerability
/ Description: A vulnerability exists in windows that allows other applications dynamic link libraries to execute malicious code without the users consent, in the privelage context of the targeted application. Exploit Title: Worktime 10.20 Build 4967 DLL Hijacking Exploit Date: 15/01/2022 Author:...
Hospitals Patient Records Management System 1.0 - (room_list) Stored XSS Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomlist' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Hospitals Patient Records Management System 1.0 - (room_types) Stored XSS Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomtypes' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Crestron HD-MD4X2-4K-E 1.0.0.2159 Credential Disclosure Vulnerability
Crestron HD-MD4X2-4K-E version 1.0.0.2159 suffers from a credential disclosure vulnerability. When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid to authenticate to the web interface. Credential Disclosure...
Log4Shell HTTP Header Injection Exploit
This Metasploit module will exploit an HTTP end point with the Log4Shell vulnerability by injecting a format message that will trigger an LDAP connection to Metasploit and load a payload. The Automatic target delivers a Java payload using remote class loading. This requires Metasploit to run an...
Online Diagnostic Lab Management System 1.0 - SQL Injection Vulnerability
Exploit Title: Online Diagnostic Lab Management System 1.0 - SQL Injection Unauthenticated Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...
SonicWall SMA 100 Series Authenticated Command Injection Exploit
This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are 10.2.1.2-24sv and below, 10.2.0.8-37sv and below, and 9.0.0.11-31sv and below. This module...
WordPress Core 5.8.2 - (WP_Query) SQL Injection Vulnerability
Exploit Title: WordPress Core 5.8.2 - 'WPQuery' SQL Injection Exploit Author: Aryan Chehreghani Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/download/releases Version: &nonce=a85a0c3bfa&...
RLM 14.2 Cross Site Scripting Vulnerability
Product: RLM 14.2 Vendor: Reprise Software CVE ID: CVE-2021-45422 Vulnerability Title: Reflected Cross-Site Scripting Severity: Medium Authors: Giulia Melotti Garibaldi Introduction: An issue was discovered in Reprise License Manager 14.2, Reprise License Manager 14.2 is affected by a reflected...
Online Diagnostic Lab Management System 1.0 - Account Takeover Vulnerability
Exploit Title: Online Diagnostic Lab Management System 1.0 - Account Takeover Unauthenticated Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...
Hospitals Patient Records Management System 1.0 - (doctors) Stored XSS Vulnerability
Exploit Title: Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
SalonERP 3.0.1 - (sql) SQL Injection Vulnerability
Exploit Title: SalonERP 3.0.1 - 'sql' SQL Injection Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://salonerp.sourceforge.io/ Software Link: https://sourceforge.net/projects/salonerp/files/latest/download Version: SalonERP v3.0.1 Tested on: Ubuntu Mate 20.04 Vulnerable...
Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting Vulnerability
Exploit Title: Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting XSS Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...
Microsoft Windows Defender - Detections Bypass Vulnerability
Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERDETECTIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSec Vendor...
WordPress Frontend Uploader 1.3.2 Plugin - Stored Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin Frontend Uploader 1.3.2 - Stored Cross Site Scripting XSS Unauthenticated Exploit Author: Veshraj Ghimire Vendor Homepage: https://wordpress.org/plugins/frontend-uploader/ Software Link: https://plugins.trac.wordpress.org/browser/frontend-uploader/ Version: 1.3.2...
Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass Vulnerability
Exploit Title: Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSREGFILEDIALOGSPOOFMITIGATIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSe...
Online Railway Reservation System 1.0 - Admin Account Creation Vulnerability
Exploit Title: Online Railway Reservation System 1.0 - Admin Account Creation Unauthenticated Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...
Online Railway Reservation System 1.0 - (id) SQL Injection Vulnerability
Exploit Title: Online Railway Reservation System 1.0 - 'id' SQL Injection Unauthenticated Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...
Open-AudIT Community 4.2.0 - Cross-Site Scripting Vulnerability
Exploit Title: Open-AudIT Community 4.2.0 - Cross-Site Scripting XSS Authenticated Exploit Author: Dominic Clark parzival Vendor Homepage: https://opmantek.com/ Software Link: https://www.open-audit.org/downloads.php Category: WebApps Version: = 4.2.0 Tested on: Windows 10 CVE: CVE-2021-44916 1...
Online Railway Reservation System 1.0 - (Multiple) Stored Cross Site Scripting Vulnerability
Exploit Title: Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting XSS Unauthenticated Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...
Online Railway Reservation System 1.0 - Remote Code Execution Vulnerability
Exploit Title: Online Railway Reservation System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...
Online Examination System Project 1.0 SQL Injection Vulnerability
Title: Online Examination System Project 1.0 SQL - Injections Author: nu11secur1ty Vendor: https://projectworlds.in/free-projects/php-projects/ Software: https://projectworlds.in/free-projects/php-projects/online-examination/ Description: The eid parameter in account.php from Online Examination...
VUPlayer 2.49 - (.wax) Local Buffer Overflow (DEP Bypass) Exploit
Exploit Title: VUPlayer 2.49 - '.wax' Local Buffer Overflow DEP Bypass Exploit Author: Bryan Leong Vendor Homepage: http://www.vuplayer.com/ Software Link: Null Version: VUPlayer 2.49 Tested on: Windows 7 x64 CVE : CVE-2009-0182 VUPlayer 2.49 Local Buffer Overflow to Arbitrary Code Execution...
WordPress Contact Form Entries Cross Site Scripting Vulnerability
WordPress Contact Form Entries plugin versions prior to 1.2.4 suffer from an unauthenticated persistent cross site scripting vulnerability. Exploit Title: Contact Form Entries Vulnerability Discovery: Gaetano Perrone aka gx1 Vendor Homepage: https://www.crmperks.com/ Software Link:...
HTTP Commander 3.1.9 - Stored Cross Site Scripting Vulnerability
Exploit Title: HTTP Commander 3.1.9 - Stored Cross Site Scripting XSS Exploit Author: Oscar Sandén Vendor Homepage: https://www.element-it.com Software Link: https://www.element-it.com/downloads.aspx Version: 3.1.9 Tested on: Windows Server 2016 Description There is a stored XSS in the 'Zip...
CoreFTP Server build 725 - Directory Traversal (Authenticated) Vulnerability
Exploit Title: CoreFTP Server build 725 - Directory Traversal Authenticated Exploit Author: LiamInfosec Vendor Homepage: http://coreftp.com/ Version: build 725 and below Tested on: Windows 10 CVE : CVE-2022-22836 Description: CoreFTP Server before 727 allows directory traversal for file creation ...
Online Resort Management System 1.0 SQL Injection Vulnerability
Title: Online Resort Management System 1.0 SQL - Injections Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15126/online-resort-management-system-using-phpoop-free-source-code.html Description: The id parameter appears to be...
Microsoft Windows SMB Direct Session Takeover Exploit
This Metasploit module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. T...
Online Veterinary Appointment System 1.0 - (Multiple) SQL Injection Vulnerability
Exploit Title: Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15119/online-veterinary-appointment-system-using-phpoop-free-source-code.html Software Link:...
WordPress AAWP 3.16 Plugin - (tab) Reflected Cross Site Scripting Vulnerability
Exploit Title: WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting XSS Authenticated Exploit Author: Andrea Bocchetti Vendor Homepage: https://getaawp.com/ Software Link: https://getaawp.com/ Version: 3.16 Tested on: Windows 10 - Chrome, WordPress 5.8.2 Proof of Concept: 1- Install...
Dixell XWEB 500 - Arbitrary File Write Vulnerability
Exploit Title: Dixell XWEB-500 - Arbitrary File Write Google Dork: inurl:"xweb500.cgi" Exploit Author: Roberto Palamaro Vendor Homepage: https://climate.emerson.com/it-it/shop/1/dixell-electronics-sku-xweb500-evo-it-it Version: XWEB-500 Tested on: Dixell XWEB-500 References:...
Virtual Airlines Manager 2.6.2 - (multiple) SQL Injection Vulnerability
Exploit Title: Virtual Airlines Manager 2.6.2 - 'multiple' SQL Injection Google Dork: Powered by Virtual Airlines Manager v2.6.2 Exploit Author: Milad Karimi Vendor Homepage: http://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net/index.php/vam-releases/ Version: 2.6.2...
Automox Agent 32 - Local Privilege Escalation Exploit
Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...
Projeqtor v9.3.1 - Stored Cross Site Scripting Vulnerability
Exploit Title: Projeqtor v9.3.1 - Stored Cross Site Scripting XSS Exploit Author: Oscar Gutierrez m4xp0w3r Date: January 4, 2021 Vendor Homepage: https://www.projeqtor.org/en/ Software Link: https://www.projeqtor.org/en/product-en/downloads Tested on: Ubuntu, LAAMP Vendor: Projeqtor Version: v9.3...
TermTalk Server 3.24.0.2 - Arbitrary File Read (Unauthenticated) Vulnerability
Exploit Title: TermTalk Server 3.24.0.2 - Arbitrary File Read Unauthenticated Date: 03/01/2022 Exploit Author: Fabiano Golluscio @ Swascan Vendor Homepage: https://www.solari.it/it/ Software Link: https://www.solari.it/it/solutions/other-solutions/access-control/ Version: 3.24.0.2 Fixed Version:...
Terramaster TOS 4.2.15 - Remote Code Execution Exploit
Exploit Title: Terramaster TOS 4.2.15 - Remote Code Execution RCE Unauthenticated Exploit Author: n0tme thatsn0tmysite Full Write-Up: https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/ Vendor Homepage: https://www.terra-master.com/ Version: TOS 4.2.X 4.2.15-2107141517 Tested on: 4.2.15,...
openSIS Student Information System 8.0 - (multiple) SQL Injection Vulnerability
Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...
Vodafone H-500-s 3.5.10 - WiFi Password Disclosure Exploit
Exploit Title: Vodafone H-500-s 3.5.10 - WiFi Password Disclosure Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.vodafone.es/ Software Link: N/A Version: Firmware version Vodafone-H-500-s-v3.5.10 Hardware model: Sercomm VFH500 The WiFi access point password gets disclosed jus...
Gerapy 0.9.7 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to version 0.9.8 is...
AWebServer GhostBuilding 18 - Denial of Service Exploit
Exploit Title: AWebServer GhostBuilding 18 - Denial of Service DoS Exploit Author: Andres Ramos Invertebrado Vendor Homepage: http://sylkat-tools.rf.gd/awebserver.htm Software Link: https://play.google.com/store/apps/details?id=com.sylkat.apache&hl=en Version: AWebServer GhostBuilding 18 Tested o...
Movie Rating System 1.0 - SQL injection to Remote Code Execute (Unauthenticated) Exploit
Exploit Title: Movie Rating System 1.0 - SQLi to RCE Unauthenticated Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Tested on: Ubuntu This exploit only works correctly if...
Siemens S7 Layer 2 - Denial of Service Exploit
Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back, Style from...
RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated) Vulnerability
Exploit Title: RiteCMS 3.1.0 - Arbitrary File Deletion Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0 Google Dork:...
WordPress The True Ranker 2.2.2 Plugin - Arbitrary File Read (Unauthenticated) Exploit
Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Version: versions = 2.2...
Online Admission System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Admission System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/rskoolrash/Online-Admission-System Software Link: https://github.com/rskoolrash/Online-Admission-System Tested on: LAMP Stack Debian 10...