Google Chrome 81.0.4044 V8 - Remote Code Execution Exploit

Exploit Title: Google Chrome 81.0.4044 V8 - Remote Code Execution Exploit Author: Tobias Marcotto Tested on: Kali Linux x64 Version: 83.0.4103.106 Description: Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a...

Simple Food Website 1.0 - Authentication Bypass Vulnerability

Exploit Title: Simple Food Website 1.0 - Authentication Bypass Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Software Link:...

Basic Shopping Cart 1.0 - Authentication Bypass Vulnerability

Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html Software Link:...

Mini Mouse 9.2.0 - Remote Code Execution Exploit

Exploit Title: Mini Mouse 9.2.0 - Remote Code Execution Author: gosh Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 !/usr/bin/python3 import requests import json import jsonargpars...

Rockstar Service - Insecure File Permissions Vulnerability

Exploit Title: Rockstar Service - Insecure File Permissions Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability Description:...

OpenEMR 4.1.0 - (u) SQL Injection Exploit

Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection Exploit Author: Michael Ikua Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v410.zip Version: 4.1.0 Original Advisory:...

Mini Mouse 9.2.0 - Path Traversal Vulnerability

Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...

Company Crime Tracking Software 1.0 Cross Site Scripting Vulnerability

Exploit Title: Company Crime Tracknig Software | 'fname,surname,email' Stored Cross Site Scripting Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/12644/company-crime-tracking-system.html Version: 1.0 Tested On:...

School Registration And Fee System 1.0 SQL Injection Vulnerability

Exploit Title: School Registration and Fee System | 'username ' Blind SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0 Tested On: Windows 10 Hom...

School Registration And Fee System 1.0 Cross Site Scripting Vulnerability

Exploit Title: School Registration and Fee System | Multiple Stored Cross Site Scripting Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0 Tested On: Windows 1...

F5 iControl Server-Side Request Forgery / Remote Command Execution Exploit

This Metasploit module exploits a pre-authentication server-side request forgery vulnerability in the F5 iControl REST API's /mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that can be used to execute root commands on an affected BIG-IP or BIG-IQ device. This module requires...

F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated) Exploit

Exploit Title: F5 BIG-IP 16.0.x - iControl REST Remote Code Execution Unauthenticated Exploit Author: Al1ex Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5....

ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Vulnerability

Exploit Title: ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Exploit Author: LiquidWorm Vendor Homepage: http://www.zblchina.com http://www.wd-thailand.com Vendor: Zhejiang BC&TV Technology Co., Ltd. ZBL | W&D Corporation WAD TECHNOLOGY THAILAND Product web page:...

SaltStack Salt API Unauthenticated Remote Command Execution Exploit

This Metasploit module leverages an authentication bypass and directory traversal vulnerabilities in Saltstack Salt's REST API to execute commands remotely on the master as the root user. Every 60 seconds, salt-master service performs a maintenance process check that reloads and executes all the...

phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated) Vulnerability

Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution Authenticated Exploit Author: Valerio Severini Vendor Homepage: Software Link: https://github.com/phppgadmin/phppgadmin/releases/tag/REL7-13-0 Version: 7.13.0 or lower Tested on: Debian 10 and Ubuntu Description: phpPgAdmin...

ScadaBR 1.0 - Arbitrary File Upload (Authenticated) Exploit (1)

Exploit Title: ScadaBR 1.0 - Arbitrary File Upload Authenticated 1 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Windows7, Windows10 !/usr/bin/python import requests,sys,time if lensys.argv...

Latrix 0.6.0 - (txtaccesscode) SQL Injection Vulnerability

Exploit Title: Latrix 0.6.0 – 'txtaccesscode' SQL Injection Exploit Author: cptsticky Vendor Homepage: https://sourceforge.net/projects/latrix Software Link: https://sourceforge.net/projects/latrix/files/latest/download Version: 0.6.0 Tested on: Ubuntu 20.04 POST /latrix/inandout.php HTTP/1.1 Hos...

ScadaBR 1.0 - Arbitrary File Upload (Authenticated) Exploit (2)

Exploit Title: ScadaBR 1.0 - Arbitrary File Upload Authenticated 2 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Debian9,10Ubuntu16.04 !/usr/bin/python import requests,sys,time if lensys.argv...

Openlitespeed 1.7.9 - (Notes) Stored Cross-Site Scripting Vulnerability

Exploit Title: Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting Exploit Author: cmOs Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.9 Tested on Ubuntu 20.04 Step 1: Log in to the dashboard using the Administrator...

DD-WRT 45723 - UPNP Buffer Overflow Exploit

Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...

Zabbix 3.4.7 - Stored XSS Vulnerability

Exploit Title: Zabbix 3.4.7 - Stored XSS Exploit Author: Radmil Gazizov Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/rn/rn3.4.7 Version: 3.4.7 Tested on: Linux Reference - https://github.com/GloryToMoon/POCcodes/blob/main/zabbixstoredxss347.txt 1- Go to...

GetSimple CMS 3.3.16 - Reflected XSS to RCE Exploit

Exploit Title: GetSimple CMS 3.3.16 - Reflected XSS to RCE Exploit Author: Bobby Cooke boku Discovery Credits: Bobby Cooke boku & Adeeb Shah @hyd3sec CVE ID: CVE-2020-23839 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23839 Vendor Homepage: http://get-simple.info Software Link:...

CourseMS 2.1 - (name) Stored XSS Vulnerability

Exploit Title: CourseMS 2.1 - 'name' Stored XSS Exploit Author: cptsticky Vendor Homepage: http://sourceforge.net/projects/coursems Software Link: https://sourceforge.net/projects/coursems/files/latest/download Version: 2.1 Tested on: Ubuntu 20.04 POST /coursems/admin/addjobs.php HTTP/1.1 Host:...

Budget Management System 1.0 - (Budget title) Stored XSS Vulnerability

Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html Version: 1 Tested on Windows 10 + Xampp 8.0.3 XSS...

vsftpd 3.0.3 - Remote Denial of Service Exploit

Exploit Title: vsftpd 3.0.3 - Remote Denial of Service Exploit Author: xynmaps Vendor Homepage: https://security.appspot.com/vsftpd.html Software Link: https://security.appspot.com/downloads/vsftpd-3.0.3.tar.gz Version: 3.0.3 Tested on: Parrot Security OS 5.9.0 -------------------------------...

SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow Exploit

Exploit Title: SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow Author: Filipe Oliveira - filipecenturiaoathotmail.com Rafael Machado - nnszsatprotonmail.com Vendor: https://www.syncbreeze.com/ Software Link: https://www.4shared.com/file/57pE4sZfiq/syncbreezesetupv10116.html Version:...

Health Center Patient Record Management System 1.0 Cross Site Scripting Vulnerability

Exploit Title: Health Center Patient Record Management System | 'address' param Stored Cross Site Scripting Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11058/health-center-patient-record-management-system.html Software Link:...

Health Center Patient Record Management System 1.0 SQL Injection Vulnerability

Exploit Title: Health Center Patient Record Management System | Admin Login Bypass SQLi Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11058/health-center-patient-record-management-system.html Software Link:...

Project Expense Monitoring System 1.0 Authentication Bypass Vulnerability

Exploit Title: Project expense Monitoring System | Create Admin Account Unauthorised Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14001/project-expense-monitoring-system-project-php-source-code-2020.html Software Link:...

Novel Boutique House-plus 3.5.1 - Arbitrary File Download Vulnerability

Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerable code:...

Project Expense Monitoring System 1.0 SQL Injection Vulnerability

Exploit Title: Project Expense Monitoring System | SQL Login Bypass Multiple Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14001/project-expense-monitoring-system-project-php-source-code-2020.html Software Link:...

WordPress WP Super Cache 1.7.1 Plugin - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution Authenticated Google Dork: inurl:/wp-content/plugins/wp-super-cache/ Exploit Author: m0ze Version: Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be...

Equipment Inventory System 1.0 - (multiple) Stored XSS Vulnerability

Exploit Title: Equipment Inventory System 1.0 - 'multiple' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/php/11327/equipment-inventory.html Software Link:...

FortiLogger Arbitrary File Upload Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...

GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS Vulnerability

Exploit Title: GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS Exploit Author: Abhishek Joshi Vendor Homepage: http://get-simple.info/extend/plugin/custom-js/1267 / http://get-simple.info/download Software Link: http://get-simple.info/extend/export/5260/1267/custom-js.zip Version: 0.1...

SAP Solution Manager 7.2 Remote Command Execution Exploit

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information abou...

Regis Inventory And Monitoring System 1.0 - (Item List) Stored XSS Vulnerability

Title: Regis Inventory And Monitoring System 1.0 - 'Item List' Stored XSS Exploit Author: George Tsimpidas Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/regisinventory.zip Version : 1.0.0 Tested on: Kali Linux 2020.4...

Moodle 3.10.3 - (label) Persistent Cross Site Scripting Vulnerability

Exploit Title: Moodle 3.10.3 - 'label' Persistent Cross Site Scripting Author: Vincent666 ibn Winnie Software Link: https://moodle.org/ Tested on: Windows 10 Web Browser: Mozilla Firefox Google Dorks: inurl:/lib/editor/atto/plugins/managefiles/ or calendar/view.php?view=month Choose a role :...

Development Kamel KCFinder 1.7 Shell Upload Vulnerability

Exploit Title : Development Kamel - KCFinder Shell Upload Vulnerability + Date : 25/03/2021 + Exploit Author : RAYAN ALi + Home : http://kamel.tech/ + Discovered By : RAYAN + Vendor Homepage : http://kamel.tech/ + Exploit: + http://localhost/resources/admin/Editor/kcfinder/browse.php?type=files +...

Genexis Platinum-4410 P4410-V2-1.31A - (start_addr) Persistent Cross-Site Scripting Vulnerability

Exploit Title: Genexis Platinum-4410 P4410-V2-1.31A - 'startaddr' Persistent Cross-Site Scripting Exploit Author: Jithin KS Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: Platinum-4410 Software version - P4410-V2-1.31A Tested on: Windows 10 Author Contact:...

Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Exploit

Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE : CVE-2020-14209...

Ovidentia 6 - (id) SQL injection (Authenticated) Vulnerability

Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...

Magento 2.4.0 / 2.3.5p1 (and earlier) Arbitrary Code Execution 0day Exploit

Magento versions 2.4.0 and 2.3.5p1 and earlier are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components...

Ext2Fsd v0.68 - (Ext2Srv) Unquoted Service Path Vulnerability

Exploit Title: Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path Exploit Author: Mohammed Alshehri Software Link: https://sourceforge.net/projects/ext2fsd/files/latest/download Version: 0.68 Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763 Service info: C:\Users\m507sc qc...

Intel RST User Interface / Driver Privilege Escalation Exploit

Hi @ll, more than 2 years ago I disclosed 2 vulnerabilities leading to local escalation of privilege in the Intel® Rapid Storage Technology Intel® RST User Interface and Driver: see and Intel fixed this vulnerability only in their executable installer. Some time later Intel rewrote or rebuilt thi...

TP-Link Devices - (setDefaultHostname) Stored Cross-site Scripting Vulnerability

Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. Affected models include TD-W9977, TL-WA801ND, TL-WA801N, TL-WR802N, and Archer-C3150. ============================================================== Unauthenticated Stored Cross-site Scripting i...

Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Vulnerability

Exploit Title: Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Exploit Author: MiningOmerta Vendor Homepage: https://www.linksys.com/ Version: EA7500 Firmware Version: 2.0.8.194281 CVE: CVE-2012-6708 Tested On: Linksys EA7500 jQuery version 1.7.1 Cross-Site Scripting Vulnerability on modern...

Codiad 2.8.4 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 ​ !/usr/bin/env python encoding: utf-8 ​ import requests...

Elodea Event Collector 4.9.3 - (ElodeaEventCollectorService) Unquoted Service Path Vulnerability

Exploit Title: Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path Discovery by: Alan Mondragon Vendor Homepage: https://eventlogxp.com/ Software Links : https://eventlogxp.com/ Tested Version: Version: 4.9.3 Vulnerability Type: Unquoted Service Path Tested on OS:...

WordPress Mapplic-Lite 1.0 SSRF / Cross Site Scripting Vulnerability

Title : Mapplic-Lite Wordpress Plugins Stored XSS Injection via SSRF Author : Eagle Eye Download : https://wordpress.org/plugins/mapplic-lite/ Vendor Homepage : https://mapplic.com/ Version Affected : Version 1.0 Tested on : Google Chrome XSS Vuln from add/edit Map and bypass with host...