Engineers Online Portal 1.0 - (multiple) Stored Cross-Site Scripting Vulnerability

Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

Jetty 9.4.37.v20210219 - Information Disclosure Vulnerability

Exploit Title: Jetty 9.4.37.v20210219 - Information Disclosure Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.37.v20210219/ Version: 9.4.37.v20210219 and 9.4.38.v20210224 Tested...

Clinic Management System 1.0 - SQL injection to Remote Code Execution Exploit

Exploit Title: Clinic Management System 1.0 - SQL injection to Remote Code Execution Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14243/open-source-clinic-management-system-php-full-source-code.html Software Link:...

Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Exploit

Exploit Title: Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Authenticated Exploit Author: Sam Ferguson @AffineSecurity and Drew Jones @qhum7sec Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

NIMax 5.3.1 - (Remote VISA System) Denial of Service Exploit

Exploit Title: NIMax 5.3.1 - 'Remote VISA System' Denial of Service PoC Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required - https://knowledge.ni.com/KnowledgeArticleDetails?id=kA03q000000YGQwCAO&l=en-...

Small CRM 3.0 - (description) Stored Cross-Site Scripting Vulnerability

Exploit Title: Small CRM 3.0 - 'description' Stored Cross-Site Scripting XSS Exploit Author: Ghuliev Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Tested on: Server: Ubuntu When a user or admin creates a ticket, we can inject javascript...

NIMax 5.3.1f0 - (VISA Alias) Denial of Service Exploit

Exploit Title: NIMax 5.3.1f0 - 'VISA Alias' Denial of Service PoC Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required - https://knowledge.ni.com/KnowledgeArticleDetails?id=kA03q000000YGQwCAO&l=en-GB...

Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read Vulnerability

Exploit Title: Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read Exploit Author: z4nd3r Vendor Homepage: http://www.echatserver.com/ Software Link: http://www.echatserver.com/ Version: 3.1 Tested on: Windows 10 Pro Build 19042, English Description: The web server allows for...

Macro Expert 4.7 - Unquoted Service Path Vulnerability

Exploit Title: Macro Expert 4.7 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 3.11.8 Vendor Homepage: http://www.macro-expert.com/ Tested on: Windows 10 C:\Users\Mertsc qc "Macro Expert" SC QueryServiceConfig SUCCESS SERVICENAME: Macro Expert TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2...

SonicWall SMA 10.2.1.0-17sv - Password Reset Vulnerability

Exploit Title: SonicWall SMA 10.2.1.0-17sv - Password Reset Description: Overwrite the persistent database, resulting in password reset on reboot. Shodan Dork: https://www.shodan.io/search?query=title%3A%22Virtual+Office%22+%22Server%3A+SonicWall%22 Exploit Author: Jacob Baines @JuniorBaines Root...

Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection Exploit

Exploit Title: Online Motorcycle Bike Rental System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Chase ComardelleCASO Vendor Homepage: https://www.sourcecodester.com/php/14989/online-motorcycle-bike-rental-system-phpoop-source-code.html Software Link:...

WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting XSS Google Dork: "inurl:avia-element-paging" Exploit Author: Francisco Díaz-Pache Alonso, Sergio Corral Cristo and David Álvarez Robles Vendor Homepage: https://kriesi.at/ Version: Enfold This URL must include pages show...

Wordpress Duplicator 1.3.26 Plugin - Unauthenticated Arbitrary File Read Exploit

Exploit Title: Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read Exploit Author: nam3lum Vendor Homepage: https://wordpress.org/plugins/duplicator/ Software Link: https://downloads.wordpress.org/plugin/duplicator.1.3.26.zip Version: 1.3.26 Tested on: Ubuntu 16.04 CVE :...

Company's Recruitment Management System 1.0 - (Add New user) CSRF Vulnerability

Exploit Title: Company's Recruitment Management System 1.0 - 'Add New user' Cross-Site Request Forgery CSRF Exploit Author: Aniket Anil Deshmane Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html Software Link:...

Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Vulnerability

Exploit Title: Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16060 PoC Request GET /web HTTP/1.1...

Company's Recruitment Management System 1.0. - (title) Stored XSS Vulnerability

Exploit Title: Company's Recruitment Management System 1.0. - 'title' Stored Cross-Site Scripting XSS Exploit Author: Aniket Deshmane Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html Software Link:...

Mitsubishi Electric & INEA SmartRTU - Reflected Cross-Site Scripting Vulnerability

Exploit Title: Mitsubishi Electric & INEA SmartRTU - Reflected Cross-Site Scripting XSS Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16061 PoC Request POST...

Plastic SCM 10.0.16.5622 - WebAdmin Server Access Vulnerability

Exploit Title: Plastic SCM 10.0.16.5622 - WebAdmin Server Access Shodan Dork: title:"Plastic SCM" Exploit Author: Basavaraj Banakar Vendor Homepage: https://www.plasticscm.com/ Software Link: https://www.plasticscm.com/download/releasenotes/10.0.16.5622 Version: Plastic SCM 10.0.16.5622 Tested on...

Company's Recruitment Management System 1.0 - (description) Stored XSS Vulnerability

Exploit Title: Company's Recruitment Management System 1.0 - 'description' Stored Cross-Site Scripting XSS Exploit Author: Aniket Anil Deshmane Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html Software Link:...

Support Board 3.3.4 - (Message) Stored Cross-Site Scripting Vulnerability

Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2 LTS, Windows 10 PO...

Yellowfin Cross Site Scripting / Insecure Direct Object Reference Vulnerabilities

Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities. YELLOWFIN 9.6.1 MULTIPLE VULNERABILITIES ---------------------------------------------------- Vulnerability: ============== Stored Cross-Site Scripting Affected...

IFSC Code Finder Project 1.0 SQL Injection Vulnerability

IFSC Code Finder Project 1.0 SQL Injection Vulnerability CVE-2021-42224 Vendor Description: - vulnerability: all or nothing SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php. The searchifsccode parameter appears to be vulnerabl...

TextPattern CMS 4.8.7 - Remote Command Execution Vulnerability

Exploit Title: TextPattern CMS 4.8.7 - Remote Command Execution RCE Authenticated Exploit Author: Mert Daş email protected Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp First of all we should use file...

Moodle SpellChecker Path Authenticated Remote Command Execution Exploit

Moodle allows an authenticated administrator to define spellcheck settings via the web interface. An administrator can update the aspell path to include a command injection. This is extremely similar to CVE-2013-3630, just using a different variable. This Metasploit module was tested against Mood...

Student Quarterly Grading System 1.0 - (grade) Stored Cross-Site Scripting Vulnerability

Exploit Title: Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting XSS Exploit Author: Hüseyin Serkan Balkanli Vendor Homepage: https://www.sourcecodester.com/php/14953/student-quarterly-grading-system-using-php-and-sqlite-free-source-code.html Software Link:...

Sonicwall SonicOS 7.0 - Host Header Injection Vulnerability

Exploit Title: Sonicwall SonicOS 7.0 - Host Header Injection Google Dork: inurl:"auth.html" intitle:"SonicWall" intitle:"SonicWall Analyzer Login" Exploit Author: Ramikan Vendor Homepage:sonicwall.com Affected Devices: All SonicWall Next Gen 6 Devices Tested On: SonicWall NAS 6.2.5 Affected...

Simple Issue Tracker System 1.0 - SQL injection Authentication Bypass Vulnerability

Exploit Title: Simple Issue Tracker System 1.0 - SQLi Authentication Bypass Exploit Author: Bekir Bugra TURKOGLU Vendor Homepage: https://www.sourcecodester.com/php/14938/simple-issue-tracker-system-project-using-php-and-sqlite-free-download.html Software Link:...

Pharmacy Point of Sale System 1.0 - (Add New User) Cross-Site Request Forgery Vulnerability

Exploit Title: Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery CSRF Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

i-Panel Administration System 2.0 - Reflected Cross-site Scripting Vulnerability

Exploit Title: i-Panel Administration System 2.0 - Reflected Cross-site Scripting XSS Exploit Author: Forster Chiu Vendor Homepage: https://www.hkurl.com Version: 2.0 Tested on: Chrome, Edge and Firefox CVE: CVE-2021-41878 Reference: https://cybergroot.com/cvesubmission/2021-1/XSSi-Panel2.0.html ...

SolarWinds Kiwi CatTools 3.11.8 - Unquoted Service Path Vulnerability

Exploit Title: SolarWinds Kiwi CatTools 3.11.8 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 3.11.8 Vendor Homepage: https://www.solarwinds.com/ Tested on: Windows 10 Step to discover Unquoted Service Path : -------------------------------------- C:\Users\Mertsc qc CatTools SC...

Moodle Authenticated Spelling Binary Remote Code Execution Exploit

Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the...

Keycloak 12.0.1 - (request_uri) Blind Server-Side Request Forgery (Unauthenticated) Exploit

Exploit Title: Keycloak 12.0.1 - 'requesturi ' Blind Server-Side Request Forgery SSRF Unauthenticated Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.keycloak.org/ Software Link: https://www.keycloak.org/archive/downloads-12.0.1.html Version: versions 192.168.0.1:4444 '''...

Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution Vulnerabilities

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if $1 == '' ; $2 ==...

Lifestyle Store 1.0 Cross Site Scripting Vulnerability

Lifestyle Store 1.0 Cross Site Scripting Exploit Title: Lifestyle Store Online Shop Store 1.0 - Reflected Cross-Site Scripting XSS Author: Thamer https://twitter.com/thamer9900 Software Link: https://download-media.code-projects.org/2021/07/OnlineShopStoreInPHPWithSourceCode.zip Version: 1.0.0...

myfactory.FMS 7.1-911 Cross Site Scripting Vulnerability

Cross-Site Scripting in myfactory.FMS During a penetration test, a reflected cross-site scripting vulnerability XSS was found in the myfactory.FMS login form. If a user opens an attacker-prepared link to the application, attackers can run arbitrary JavaScript code in the user's browser. Details...

Online Learning System 2.0 - (Multiple) SQL injection Authentication Bypass Vulnerability

Exploit Title: Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass Exploit Author: Oguzhan Kara Vendor Homepage: https://www.sourcecodester.com/php/14929/online-learning-system-v2-using-php-free-source-code.html Software Link:...

Moodle Admin Shell Upload Exploit

This Metasploit module will generate a plugin which can receive a malicious payload request and upload it to a server running Moodle provided valid admin credentials are used. Then the payload is sent for execution, and the plugin uninstalled. You must have an admin account to exploit this...

Alchemy CMS 6.0.0 Arbitrary File Upload Vulnerability

Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux ruby 2.6.8p205 rai...

Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution Exploit

Moodle versions 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12, and earlier unsupported versions allow for a teacher to exploit chain to remote code execution. A bug in the privileges system allows a teacher to add themselves as a manager to their own class. They can then add any other users, and...

Logitech Media Server 8.2.0 - (Title) Cross-Site Scripting Vulnerability

Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting XSS Shodan Dork: Search Logitech Media Server Exploit Author: Mert Das Vendor Homepage: www.logitech.com Version: 8.2.0 Tested on: Windows 10, Linux POC: 1. Go to Settings / Interface tab 2. Add payload to Title section 3...

Simple Payroll System 1.0 - SQL injection Authentication Bypass Vulnerability

Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...

Aviatrix Controller 6.x Path Traversal / Code Execution Exploit

!/usr/bin/env python3 import requests from requests.structures import CaseInsensitiveDict from colorama import Fore, Style import argparse from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning printf""" ░█▀▀█ ░█──░█...

Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root Exploit

Cypress Solutions CTM-200/CTM-ONE suffers from a hard-coded credential remote root vulnerability via telnet and ssh. !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca...

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Exploit

Cypress Solutions CTM-200 wireless gateway version 2.7.1 suffers from an authenticated semi-blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'ctm-config-upgrade.sh' script leveraging the 'fwurl' POST...

Simple Online College Entrance Exam System 1.0 - (Multiple) SQL injection Vulnerability

Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

IFSC Code Finder Project 1.0 - SQL injection (Unauthenticated) Vulnerability

Title: IFSC Code Finder Project 1.0 - SQL injection Unauthenticated Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ifsc-code-finder-project-using-php/ Version: 1 Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=14478 Tested On: Windows 10, XAMPP...

Loan Management System 1.0 - SQL injection Authentication Bypass Vulnerability

Exploit Title: Loan Management System 1.0 - SQLi Authentication Bypass Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

Cmder Console Emulator 1.3.18 - (Cmder.exe) Denial of Service Exploit

Exploit Title: Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial-of-Service PoC Exploit Author: Aryan Chehreghani Vendor Homepage: https://cmder.net Software Link: https://github.com/cmderdev/cmder/releases/download/v1.3.18/cmder.zip Version: v1.3.18 Tested on: Windows 10 About - Cmder Console...

Simple Online College Entrance Exam System 1.0 - Account Takeover Vulnerability

Exploit Title: Simple Online College Entrance Exam System 1.0 - Account Takeover Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

Online Enrollment Management System 1.0 - Authentication Bypass Vulnerability

Exploit Title: Online Enrollment Management System 1.0 - Authentication Bypass Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/12914/online-enrollment-management-system-paypal-payments-phpmysqli.html Software Link:...