39001 matches found
PHP Melody 3.0 - (Multiple) Cross-Site Scripting Vulnerability
Exploit Title: PHP Melody 3.0 - 'Multiple' Cross-Site Scripting XSS Vendor Homepage: https://www.phpsugar.com/phpmelody.html Version: v3 Product & Service Introduction: =============================== Upload, import, stream or embed any media. The smart way to manage audio & video. Comes with all...
RDP Manager 4.9.9.3 - Denial of Service Vulnerability
Exploit Title: RDP Manager 4.9.9.3 - Denial-of-Service PoC Vendor Homepage: https://www.cinspiration.de/uebersicht4.html Software Link: https://www.cinspiration.de/download.html Version: 4.9.9.3 Product & Service Introduction: =============================== RDP-Manager is a program for the bette...
WordPress Popup Anything 2.0.3 Plugin - (Multiple) Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting XSS Exploit Author: Luca Schembri Vendor Homepage: https://www.essentialplugin.com/ Software Link: https://wordpress.org/plugins/popup-anything-on-click/ Version: 2.0.4 Summary A user with a low privileg...
Simplephpscripts Simple CMS 2.1 - (Multiple) SQL Injection Vulnerability
Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Product & Service Introduction: =============================== The system could be used only in already existing websites to control their page...
PHP Melody 3.0 - Persistent Cross-Site Scripting Vulnerability
Exploit Title: PHP Melody 3.0 - Persistent Cross-Site Scripting XSS Vendor Homepage: https://www.phpsugar.com/phpmelody.html Document Title: =============== PHP Melody v3.0 - Editor Persistent XSS Vulnerability References Source: ====================...
i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Vulnerability
Exploit Title: i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Exploit Author: LiquidWorm Vendor Homepage: https://www.i3international.com i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page:...
Ericsson Network Location MPS GMPC21 - Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Privilege Escalation Meow Variant', 'Description' = %q This module exploits privilege escalation vulnerability in...
Dynojet Power Core 2.3.0 - Unquoted Service Path Vulnerability
Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path Exploit Author: Pedro Sousa Rodrigues https://www.0x90.zone/ / @PedroSECR Version: 2.3.0 Build 303 Vendor Homepage: https://www.dynojet.com/ Software Link: https://docs.dynojet.com/Document/18762 Tested on: Windows 10 Version 21H1 OS...
10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH) Exploit
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 10 x64 Education...
Employee Record Management System 1.2 - (empid) SQL injection Vulnerability
Title: Employee Record Management System 1.2 - 'empid' SQL injection Unauthenticated Exploit Author: Anubhav Singh Vendor Homepage: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/ Version: 1.2 Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=8967...
WordPress Pie Register 3.7.1.4 Authentication Bypass / Remote Code Execution Exploit
This Metasploit module uses an authentication bypass vulnerability in Wordpress Pie Register plugin versions 3.7.1.4 and below to generate a valid cookie. With this cookie, hopefully of the admin, it will generate a plugin, pack the payload into it and upload it to a server running WordPress. Thi...
Codiad 2.8.4 - Remote Code Execution Exploit (4)
Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...
Ericsson Network Location MPS GMPC21 - Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...
YouTube Video Grabber v1.9.9.1-Buffer Overflow (SEH) Exploit
Exploit Title: YouTube Video Grabber v1.9.9.1-Buffer Overflow SEH Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to Clipboard 3.- Open YouTu...
CODESYS 2.4.7.0 Denial Of Service Exploit
======================================================================= title: CODESYS V2 Denial of Service product: CODESYS Runtime Toolkit 32-bit, CODESYS PLCWinNT vulnerable version: V2.4.7.56 fixed version: V2.4.7.56 CVE number: CVE-2021-34593 impact: High homepage: https://www.codesys.com/...
Microsoft OMI Management Interface Authentication Bypass Exploit
By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. This module requires Metasploi...
Sophos UTM WebAdmin SID Command Injection Exploit
This Metasploit module exploits an SID-based command injection in Sophos UTM's WebAdmin interface to execute shell commands as the root user. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS Vulnerability
WordPress NextScripts: Social Networks Auto-Poster plugin versions 4.3.20 and below suffer from a cross site scripting vulnerability. Description: Reflected Cross-Site ScriptingXSS Affected Plugin: NextScripts: Social Networks Auto-Poster Plugin Slug: social-networks-auto-poster-facebook-twitter-...
Kingdia CD Extractor 3.0.2 - Buffer Overflow (SEH) Exploit
Exploit Title: Kingdia CD Extractor 3.0.2 - Buffer Overflow SEH Software Link: https://en.softonic.com/download/kingdia-cd-extractor/windows/post-download Exploit Author: Achilles Tested Version: 3.0.2 Tested on: Windows 7 64bit 1.- Run python code : Kingdia.py 2.- Open EVIL.txt and copy All...
WebCTRL OEM 6.5 - (locale) Reflected Cross-Site Scripting Vulnerability
Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the Automated Logic...
Movable Type 7 r.5002 - XMLRPC API OS Command Injection Exploit
class MetasploitModule "Movable Type XMLRPC API Remote Command Injection", 'Description' = %q This module exploit Movable Type XMLRPC API Remote Command Injection. , 'License' = MSFLICENSE, 'Author' = 'Etienne Gervais', author & msf module, 'Charl-Alexandre Le Brun' author & msf module ,...
Mini-XML 3.2 - Heap Overflow Exploit
Exploit Title: Mini-XML 3.2 - Heap Overflow Google Dork: mxml Mini-xml Mini-XML Exploit Author: LIWEI Vendor Homepage: https://www.msweet.org/mxml/ Software Link: https://github.com/michaelrsweet/mxml Version: v3.2 Tested on: ubuntu 18.04.2 1.- compile the Mini-XML code to a library use compile...
Umbraco v8.14.1 - (baseUrl) SSRF Vulnerability
Exploit Title: Umbraco v8.14.1 - 'baseUrl' SSRF Exploit Author: NgoAnhDuc Vendor Homepage: https://our.umbraco.com/ Software Link: https://our.umbraco.com/download/releases/8141 Version: v8.14.1 Affect: Umbraco CMS v8.14.1, Umbraco Cloud Vulnerable code:...
WordPress Supsystic Contact Form 1.7.18 Plugin - (label) Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.18 - 'label' Stored Cross-Site Scripting XSS Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://supsystic.com/ Software Link: https://wordpress.org/plugins/contact-form-by-supsystic/ Version: 1.7.18 Tested on : Window...
PHPGurukul Hostel Management System 2.1 - CSRF to Cross-site Scripting Vulnerability
Exploit Title: PHPGurukul Hostel Management System 2.1 - Cross-site request forgery CSRF to Cross-site Scripting XSS Exploit Author: Anubhav Singh Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Vulnerable endpoint:...
Linux SELinux PTRACE_TRACEME Handler Use-After-Free Exploit
Linux suffers from a use-after-free read in the SELinux handler for PTRACETRACEME. Linux: UAF read in SELinux handler for PTRACETRACEME There's a UAF read in the SELinux handler for PTRACETRACEME, selinuxptracetraceme. The bug was introduced in commit eb1231f73c4d7 "selinux: clarify task...
FreeSWITCH 1.10.6 SRTP Packet Denial Of Service Vulnerability
FreeSWITCH susceptible to Denial of Service via invalid SRTP packets - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-09-freeswitch-srtp-dos - Vendor Security Advisory:...
Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 CVE-2021-41773. If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary...
FreeSWITCH 1.10.6 Missing SIP MESSAGE Authentication Exploit
FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-07-freeswitch-SIP-MESSAGE-without-auth - Vendor Security Advisory:...
GridPro Request Management For Windows Azure Pack 2.0.7905 Directory Traversal Vulnerability
GridPro Request Management for Windows Azure Pack versions 2.0.7905 and below suffer from a traversal vulnerability that can allow for arbitrary execution of Powershell scripts. PRODUCT : GridPro Request Management for Windows Azure Pack VENDOR : GridPro Software SEVERITY : Critical AFFECTED...
FreeSWITCH 1.10.6 SIP Flooding Denial Of Service Exploit
FreeSWITCH susceptible to Denial of Service via SIP flooding - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-06-freeswitch-flood-dos - Vendor Security Advisory:...
FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication Exploit
FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-08-freeswitch-SIP-SUBSCRIBE-without-auth - Vendor Security Advisory:...
WordPress Filterable Portfolio Gallery 1.0 Plugin - (title) XSS Vulnerability
Exploit Title: WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting XSS Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.filterable-portfolio.com/ Software Link: https://wordpress.org/plugins/fg-gallery/ Version: 1.0 Tested on : Windows...
FreeSWITCH 1.10.6 SIP Digest Leak Vulnerability
FreeSWITCH versions 1.10.6 and below suffer from a SIP digest leak vulnerability. An attacker can perform a SIP digest leak attack against FreeSWITCH and receive the challenge response of a gateway configured on the FreeSWITCH server. This is done by challenging FreeSWITCH's SIP requests with the...
OpenClinic GA 5.194.18 - Local Privilege Escalation Vulnerability
Exploit Title: OpenClinic GA 5.194.18 - Local Privilege Escalation Author: Alessandro Salzano Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Homepage: https://sourceforge.net/projects/open-clinic/ Software Link:...
Build Smart ERP 21.0817 - (eidValue) SQL Injection Vulnerability
Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 R2 or 8.1 &...
Gestionale Open 11.00.00 - Local Privilege Escalation Vulnerability
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...
Engineers Online Portal 1.0 - (multiple) Authentication Bypass Vulnerability
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Authentication Bypass Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
Engineers Online Portal 1.0 - (multiple) Stored Cross-Site Scripting Vulnerability
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
Engineers Online Portal 1.0 - File Upload Remote Code Execution Vulnerability
Exploit Title: Engineers Online Portal 1.0 - File Upload Remote Code Execution RCE Exploit Author: SadKris Venor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Version: 1.0 Tested on: XAMPP, Windows 11...
Hikvision Web Server Build 210702 - Command Injection Exploit
Exploit Title: Hikvision Web Server Build 210702 - Command Injection Exploit Author: bashis Vendor Homepage: https://www.hikvision.com/ Version: 1.0 CVE: CVE-2021-36260 Reference: https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html All credit to WatchfulIP...
Online Event Booking and Reservation System 1.0 - (reason) Stored Cross-Site Scripting Vulnerability
Exploit Title: Online Event Booking and Reservation System 1.0 - 'reason' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html Software Link:...
Apache HTTP Server 2.4.50 - Remote Code Execution Exploit (2)
Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo 'PoC CVE-2021-420...
Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Vulnerability
Exploit Title: Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Unauthenticated Exploit Author: blockomat2100 Vendor Homepage: https://www.balbooa.com/ Version: 2.0.6 Tested on: Docker An example request to trigger the SQL-Injection: POST /index.php?option=combaforms HTTP/1.1 Host: localhost...
WordPress TaxoPress 3.0.7.1 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Akash Rajendra Patil Vendor Homepage: Software Link: https://wordpress.org/plugins/simple-tags/ Tested on Windows CVE: CVE-2021-24444...
Engineers Online Portal 1.0 - (id) SQL Injection Vulnerability
Exploit Title: Engineers Online Portal 1.0 - 'id' SQL Injection Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) Exploit
Exploit Title: Wordpress 4.9.6 - Arbitrary File Deletion Authenticated 2 Exploit Author: samguy Vulnerability Discovery By: Slavco Mihajloski & Karim El Ouerghemmi Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/wordpress-4.9.6.tar.gz Version: 4.9.6 Tested on: Linux -...
WordPress Media-Tags 3.2.0.2 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on Windows How to...
Netgear Genie 2.4.64 - Unquoted Service Path Vulnerability
Exploit Title: Netgear Genie 2.4.64 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 2.4.64 Vendor Homepage: https://www.netgear.com/ Tested on: Windows 10 C:\Users\Mertsc qc NETGEARGenieDaemon SC QueryServiceConfig SUCCESS SERVICENAME: NETGEARGenieDaemon TYPE : 10 WIN32OWNPROCESS...
WordPress Ninja Tables 4.1.7 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting XSS Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/ninja-tables/ Software Link: https://wpmanageninja.com/downloads/ninja-tables-pro-add-on/ Version: 4.1.7 Tested on Windows How t...