39001 matches found
IPCop 2.1.9 - Remote Code Execution (Authenticated) Exploit
Exploit Title: IPCop 2.1.9 - Remote Code Execution RCE Authenticated Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipcop.org/ Software Link: https://sourceforge.net/projects/ipcop/files/IPCop/IPCop%202.1.8/ipcop-2.1.8-install-cd.i486.iso -...
Cockpit CMS 0.11.1 - (Username Enumeration & Password Reset) NoSQL Injection Exploit
Exploit Title: Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection Exploit Author: Brian Ombongi Vendor Homepage: https://getcockpit.com/ Version: Cockpit 0.11.1 Tested on: Ubuntu 16.04.7 CVE : CVE-2020-35847 & CVE-2020-35848 !/usr/bin/python3 import json import re import...
Riak Insecure Default Configuration / Remote Command Execution Vulnerabilities
Riak runs as an Erlang service configured with a default cookie of riak that allows for remote command execution if not modified before use. Riak KV Insecure Default Cookie RCE ===== Intro ===== Riak is a NoSQL key-value database that is built to maximize data availability and performance,...
Moodle 3.9 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Moodle 3.9 - Remote Code Execution RCE Authenticated Exploit Author: lanz Vendor Homepage: https://moodle.org/ Version: Moodle 3.9 Tested on: FreeBSD !/usr/bin/python3 Moodle 3.9 - RCE Authenticated as teacher Based on PoC and Payload to assign full permissions to manager rol:...
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated) Exploit
Exploit Title: GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload Unauthenticated Exploit Author: Amin Bohio Original Research & Code By: Paul Taylor / Foregenix Ltd Original Exploit: https://github.com/bao7uo/RAUcrypto Vendor Homepage: https://www.gfi.com Software Link:...
CMSuno 1.7 - (tgo) Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno version 1.7 and prior ...
WordPress WP Customize Login 1.1 Plugin - (Change Logo Title) Stored Cross-Site Scripting Vulnerabil
Exploit Title: WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting XSS Exploit Author: Aryan Chehreghani Software Link: https://wordpress.org/plugins/customize-login/ Version: 1.1 Tested on: Windows 10 How to Reproduce this Vulnerability: 1. Install WordPress...
Client Management System 1.1 - (cname) Stored Cross-site scripting Vulnerability
Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841 Version: 1.1 Teste...
qdPM 9.1 - Remote Code Execution (Authenticated) Exploit
Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: http://qdpm.net/ Software Link:...
qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated) Vulnerability
Exploit Title: qdPM 9.2 - DB Connection String and Password Exposure Unauthenticated Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: Ubuntu 20.04 Apache2 Server running PH...
ApacheOfBiz 17.12.01 - Remote Command Execution via Unsafe Deserialization of XMLRPC arguments
Exploit Title: ApacheOfBiz 17.12.01 - Remote Command Execution RCE via Unsafe Deserialization of XMLRPC arguments Exploit Author: Álvaro Muñoz, Adrián Díaz s4dbrd Vendor Homepage: https://ofbiz.apache.org/index.html Software Link: https://archive.apache.org/dist/ofbiz/apache-ofbiz-17.12.01.zip...
Hotel Management System 1.0 - XSS Arbitrary File Upload Remote Code Execution Exploit
Exploit Title: Hotel Management System 1.0 - Cross-Site Scripting XSS Arbitrary File Upload Remote Code Execution RCE Exploit Author: Merbin Russel Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7204 Version: V1.0 Tested on: Linux +...
Neo4j 3.4.18 - RMI based Remote Code Execution Exploit
Exploit Title: Neo4j 3.4.18 - RMI based Remote Code Execution RCE Exploit Author: Christopher Ellis, Nick Gonella, Workday Inc. Vendor Homepage: neo4j.com Software Link: https://neo4j.com/download-thanks/?edition=community&release=3.4.18&flavour=unix Version: 3.4.18 Tested on: Windows, Mac In old...
Men Salon Management System 1.0 - SQL Injection Authentication Bypass Vulnerability
Exploit Title: Men Salon Management System 1.0 - SQL Injection Authentication Bypass Exploit Author: Akshay Khanna ConfusedBot Vendor Homepage: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql/ Software Link:...
Online Hotel Reservation System 1.0 - (Multiple) Cross-site scripting Vulnerability
Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...
Pi-Hole Remove Commands Linux Privilege Escalation Exploit
Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since...
ObjectPlanet Opinio 7.13 / 7.14 XML Injection Vulnerability
Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26564 Exploit Title: ObjectPlanet Opinio version 7.13/7.14 allows XXE injection Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Timothy Tan ...
ObjectPlanet Opinio 7.13 Expression Language Injection Vulnerability
Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26565 Exploit Title: ObjectPlanet Opinio version 7.13 allows expression language injection Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors:...
ObjectPlanet Opinio 7.13 Shell Upload Vulnerability
Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26806 Exploit Title: ObjectPlanet Opinio version 7.13 allows unrestricted file upload Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Timoth...
Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery Vulnerability
Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privilege...
Denver IP Camera SHO-110 - Unauthenticated Snapshot Vulnerability
Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 Version: Denver SHO-110 all firmware versions Tested on: Denver SHO-110 Backdoor was found ...
CloverDX 5.9.0 - Cross-Site Request Forgery to Remote Code Execution Exploit
Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x, 5.4.x Tested on:...
Oracle Fatwire 6.3 - Multiple Vulnerabilities
Exploit Title: Oracle Fatwire 6.3 - Multiple Vulnerabilities Exploit Author: J. Francisco Bolivar @Jfrancbit Vendor Homepage: https://www.oracle.com/index.html Version: 6.3 Tested on: CentOS 1. Xss Adt parameter is vulnerable to Xss: https://IPADDRESS/cs/Satellite?c=Page&cid=xxxx&pagename=xxxx&ad...
Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download Vulnerability
Exploit Title: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download Exploit Author: LiquidWorm Vendor Homepage: http://www.ljkj2012.com Longjing Technology BEMS API 1.21 Remote Arbitrary File Download Vendor: Longjing Technology Product web page: http://www.ljkj2012.com Affected...
Care2x Integrated Hospital Info System 2.7 - (Multiple) SQL Injection Vulnerability
Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers : Security For...
IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Vulnerability
Exploit Title: IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Exploit Author: LiquidWorm Vendor Homepage: https://www.eforcesoftware.com IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page: https://www.eforcesoftware.com...
Event Registration System with QR Code 1.0 - Authentication Bypass / Remote Code Execution Exploit
Exploit Title: Event Registration System with QR Code 1.0 - Authentication Bypass & RCE Exploit Author: Javier Olmedo Vendor: Sourcecodester Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/event0.zip Affected Version: 1.0 Category: WebApps Platform: PHP Tested...
eGain Chat 15.5.5 Cross Site Scripting Vulnerability
Exploit Title: eGain Chat 15.5.5 Cross-Site Scripting Vendor Homepage: https://www.egain.com/ Software Link: https://www.egain.com/chat-software/ Exploit Authors: Brandon Ming Yang Ho https://www.linkedin.com/in/minhobrandon/, Hassy Vinod Eshan https://www.linkedin.com/in/hassy-vinod/ CVE:...
Denver Smart Wifi Camera SHC-150 - (Telnet) Remote Code Execution Vulnerability
Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested on: Denver SHC-150...
TripSpark VEO Transportation - Blind SQL Injection Vulnerability
Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link: https://www.tripspark.com/resourcefiles/veo-transportation.pdf...
PHP 7.3.15-3 - (PHP_SESSION_UPLOAD_PROGRESS) Session Data Injection Exploit
Exploit Title: PHP 7.3.15-3 - 'PHPSESSIONUPLOADPROGRESS' Session Data Injection Exploit Author: SiLvER | Faisal Alhadlaq Tested on: PHP Version is 7.3.15-3 This poc will abusing PHPSESSIONUPLOADPROGRESS then will trigger race condition to get remote code execution, the script will return a revers...
WordPress Social Warfare 3.5.2 Remote Code Execution Exploit
WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019. Author = Raed Ahsan Vulnerability : SocialWarfare 3.5.2 plugin wordpress Remote Code Execution...
Customer Relationship Management System (CRM) 1.0 Sql Injection Authentication Bypass Vulnerability
Exploit Title: Customer Relationship Management System CRM 1.0 - Sql Injection Authentication Bypass Exploit Author: ShafiqueWasta Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Zabbix 5.x SQL Injection / Cross Site Scripting Vulnerabilities
Exploit Title: Zabbix all version / Multiple Vulnerabilities Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com CVSS: 3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L Version: Zabbix 1.x, 2.x, 3.x, 4,x 5.x Risk: High 9.0 Vendor Homepage: https://www.zabbix.com/ Tested on: Arch Linux...
Leawo Prof. Media 11.0.0.1 - Denial of Service Exploit
Exploit Title: Leawo Prof. Media 11.0.0.1 - Denial of Service DoS PoC Vendor Homepage:https://www.leawo.org Software Link: https://www.leawo.org/downloads/total-media-converter-ultimate.html Exploit Author: Achilles Tested Version: 11.0.0.1 Tested on: Windows 7 x64 1.- Run python code : 2.- Open...
NoteBurner 2.35 - Denial Of Service Exploit
Exploit Title: NoteBurner 2.35 - Denial Of Service DoS PoC Vendor Homepage:https://www.noteburner.com/ Software Link: https://anonfiles.com/13h9Hb82ub/noteburnerexe Exploit Author: Achilles Tested Version: 2.35 Tested on: Windows 7 x64 1.- Run python code : 2.- Open EVIL.txt and copy content to...
WordPress Modern Events Calendar Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by...
WordPress SP Project And Document Remote Code Execution Exploit
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php,...
XOS Shop 1.0.9 - (Multiple) Arbitrary File Deletion (Authenticated) Vulnerability
Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on: Windows 10, XAMP...
Elasticsearch ECE 7.13.3 - Anonymous Database Dump Exploit
Exploit Title: Elasticsearch ECE 7.13.3 - Anonymous Database Dump Exploit Author: Joan Martinez @magichk Vendor Homepage: https://www.elastic.co/ Software Link: https://www.elastic.co/ Version: = 7.10.0 to = 7.13.3 Tested on: Elastic ECE Cloud CVE : CVE-2021-22146 Reference:...
WordPress Simple Post 1.1 Plugin - (Text field) Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting XSS Exploit Author: Vikas Srivastava Software Link: https://wordpress.org/plugins/simple-post/ Version: 1.1 Category: Web Application Tested on Mac How to Reproduce this Vulnerability: 1. Install WordPress...
ElasticSearch 7.13.3 - Memory disclosure Exploit
Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import ArgumentParser...
Microsoft SharePoint Server 2019 - Remote Code Execution Exploit (2)
Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution 2 Google Dork: inurl:quicklinks.aspx Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 20...
Microsoft Exchange Server Unpublished Pre-Authentication Remote Code Execution Exploit
Description First, IT'S NOT PROXYLOGON. IT'S NOT PROXYLOGON. IT'S NOT PROXYLOGON. It's an unpublished vulnerability found by myself. It's not exploited in the wild and there's no exploit code on the Internet. About The Vulnerability It's a exploit chain utilizing pre-auth SSRF + post-auth EoP +...
Ampache 4.4.2 Cross Site Scripting Vulnerability
Information -------------------- Advisory by Netsparker Name: Cross-site Scripting vulnerability in Ampache 4.4.2 Affected Software: Ampache Affected Versions: 4.4.2 Homepage: http://ampache.org/ Vulnerability: Cross-Site Scripting Severity: High Status: Fixed CVSS Score 3.0: 7.4 High Netsparker...
Vehicle Parking Management System 1.0 Cross Site Scripting Vulnerability
Vehicle Parking Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Tushar Vaidya in February of 2021. Exploit Title: Vehicle Parking Management System - Stored...
Vehicle Parking Management System 1.0 SQL Injection Vulnerability
Vehicle Parking Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to gh1mau in July of 2020. Exploit Title: Vehicle Parking Management System - Multiple time-based SQL Injection Exploit Author:...
CSZ CMS 1.2.9 - (Multiple) Arbitrary File Deletion Vulnerability
...
Sage X3 Administration Service Authentication Bypass / Command Execution Exploit
This Metasploit module leverages an authentication bypass exploit within Sage X3 AdxSrv's administration protocol to execute arbitrary commands as SYSTEM against a Sage X3 Server running an available AdxAdmin service. This module requires Metasploit: https://metasploit.com/download Current source...
KevinLAB BEMS 1.0 Undocumented Backdoor Account Vulnerability
KevinLAB BEMS version 1.0 has an undocumented backdoor account and the sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with...