39001 matches found
Hestia Control Panel 1.3.2 - Arbitrary File Write Vulnerability
Title: Hestia Control Panel 1.3.2 - Arbitrary File Write Author: Numan Türle Vendor Homepage: https://hestiacp.com/ Software Link: https://github.com/hestiacp/hestiacp Version: 1.3.3 Tested on: HestiaCP Version 1.3.2 curl --location --request POST 'https://TARGET:8083/api/index.php' \ --form...
FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER (BitCount) Stack Based Buffer Overflow Exploit
Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...
VFS for Git 1.0.21014.1 - (GVFS.Service) Unquoted Service Path Vulnerability
Exploit Title: VFS for Git 1.0.21014.1 - 'GVFS.Service' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://vfsforgit.org/ Software Link: https://github.com/microsoft/VFSForGit/releases/download/v1.0.21014.1/SetupGVFS.1.0.21014.1.exe Version: 1.0.21014.1 Tested on:...
VestaCP 0.9.8 - (v_interface) Add IP Stored XSS Vulnerability
Title: VestaCP 0.9.8 - 'vinterface' Add IP Stored XSS Author: Numan Türle Vendor Homepage: https://vestacp.com Software Link: https://myvestacp.com alert1&vshared=on&vowner=admin&vname=&vnat=&ok=Add 0day.today 2021-09-28...
Microsoft Windows Containers DP API Cryptography Flaw Vulnerability
PRODUCT : Windows Containers VENDOR : Microsoft SEVERITY : High AFFECTED VERSION : Windows 10, Windows Server IDENTIFIERS : CVE-2021-1645 PATCH VERSION : KB4598229, KB4598230, KB4598242, KB4598243 FOUND BY : Marc Nimmerrichter, Certitude Lab Introduction ------------ Windows containers is a featu...
VestaCP 0.9.8 - File Upload CSRF Vulnerability
Exploit Title: VestaCP 0.9.8 - File Upload CSRF Exploit Author: Fady Othman Vendor Homepage: https://vestacp.com/ Software Link: https://github.com/myvesta/vesta Version: Vesta Control Panel aka VestaCP through 0.9.8-27 and myVesta through 0.9.8-26-39 CVE ID: CVE-2021-28379 Patch:...
WoWonder Social Network Platform 3.1 - (event_id) SQL Injection Vulnerability
Exploit Title: WoWonder Social Network Platform 3.1 - 'eventid' SQL Injection Vendor Homepage: https://www.wowonder.com/ Software Link: https://codecanyon.net/item/wowonder-the-ultimate-php-social-network-platform/13785302 Version: 3.1 Tested on: Linux/Windows DESCRIPTION In WoWonder 3.1, remote...
SolarWinds TFTP Server 11.0.4.101 Remote Unauthenticated Reconfiguration Vulnerability
SolarWinds TFTP Server version 11.0.4.101 suffers from a remote unauthenticated reconfiguration vulnerability that could result in code execution. Older versions of SolarWinds' TFTP Server, which could have been installed from a standalone download or bundled with certain paid products, may have...
Windows Server 2012 SrClient DLL Hijacking Exploit
All editions of Windows Server 2012 but not 2012 R2 are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This issue can be leveraged for privilege escalation if %PATH% includes directories that are...
VoIPmonitor WEB GUI 24.55 Cross Site Scripting Exploit
VoIPmonitor WEB GUI vulnerable to Cross-Site Scripting via SIP messages - Fixed versions: VoIPmonitor WEB GUI 24.56 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-02-voipmonitor-gui-xss - VoIPmonitor Security Advisory: none, changelog references fixes ...
Online News Portal 1.0 SQL Injection Vulnerability
Exploit Title: Online News Portal | 'searchtitle' SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...
GeoGebra Classic 5.0.631.0-d - Denial of Service Exploit
Exploit Title: GeoGebra Classic 5.0.631.0-d - Denial of Service PoC Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 5.0.631.0-d Tested on: Windows 8.1 Pro STEPS Open the program GeoGebra Run the python exploit...
GeoGebra Graphing Calculator 6.0.631.0 - Denial Of Service Exploit
Exploit Title: GeoGebra Graphing Calculator 6.0.631.0 - Denial Of Service PoC Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 6.0.631.0-offlinegraphing Tested on: Windows 8.1 Pro STEPS Open the program Graficado...
GeoGebra 3D Calculator 5.0.511.0 - Denial of Service Exploit
Exploit Title: GeoGebra 3D Calculator 5.0.511.0 - Denial of Service PoC Author: Brian Rodríguez Software Site: https://www.geogebra.org/download Download Link:...
Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution Exploit
Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution File Upload + SQL injection Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11676/alphaware-simple-e-commerce-system.html...
VoIPmonitor 27.5 Missing Memory Protections Exploit
Static binaries provided for VoIPmonitor version2 7.5 are built without any memory corruption protection in place. VoIPmonitor static builds are compiled without any standard memory corruption protection - Fixed versions: N/A - Enable Security Advisory:...
Online News Portal 1.0 Cross Site Scripting Vulnerability
Online News Portal version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version was made by Parshwa Bhavsar in December of 2020. Exploit Title: Online News Portal | Stored Cross-Site Scripting Exploit Author: Richa...
VoIPmonitor 27.6 Buffer Overflow Exploit
A buffer overflow was identified in the VoIPmonitor live sniffer feature. The description variable in the function savepacketsql is defined as a fixed length array of 1024 characters. The description is set to the value of a SIP request or response line. By setting a long request or response line...
GeoGebra CAS Calculator 6.0.631.0 - Denial of Service Exploit
Exploit Title: GeoGebra CAS Calculator 6.0.631.0 - Denial of Service PoC Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 6.0.631.0-offlinecas Tested on: Windows 8.1 Pro STEPS Open the program Calculadora CAS Run...
ExpressionEngine 6.0.2 PHP Code Injection Vulnerability
---------------------------------------------------------------------------- ExpressionEngine security-sanitizefilename$file; 366. 367. $destdir = $this-languagesdir . $language . '/'; 368. $filename = $file . 'lang.php'; 369. $destloc = $destdir . $filename; 370. 371. $str = 'lang-loadfile$file;...
eBeam education suite 2.5.0.9 - (eBeam Device Service) Unquoted Service Path Vulnerability
Exploit Title: eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.luidia.com Tested Version: 2.5.0.9 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover Unquoted Service...
QNAP QVR Client 5.0.0.13230 - (QVRService) Unquoted Service Path Vulnerability
Exploit Title: QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.qnap.com Tested Version: 5.0.0.13230 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover Unquoted Service Path: C:\wm...
MagpieRSS 0.72 - (url) Command Injection and Server Side Request Forgery Vulnerability
Exploit Title: MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery Exploit Author: bl4ckh4ck5 Vendor Homepage: http://magpierss.sourceforge.net/ Software Link: https://sourceforge.net/projects/magpierss/files/magpierss/magpierss-0.72/magpierss-0.72.tar.gz/download Version:...
Interactive Suite 3.6 - (eBeam Stylus Driver) Unquoted Service Path Vulnerability
Exploit Title: Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.luidia.com Software Link: http://down.myequil.com/dn/setup/ScrapBookwin/down.html Tested Version: 3.6 Tested on OS: Windows 10 Pro x64 es Step to discover...
Zenario CMS 8.8.53370 - (id) Blind SQL Injection Vulnerability
Exploit Title: Zenario CMS 8.8.53370 - 'id' Blind SQL Injection Exploit Author: Balaji Ayyasamy Vendor Homepage: https://zenar.io/ Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8 Version: 8.8.53370 Tested on: Windows 10 Pro 19041 x6486 + XAMPP 7.4.14 Reference -...
Realtek Wireless LAN Utility 700.1631 - (Realtek11nSU) Unquoted Service Path Vulnerability
Exploit Title: Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.realtek.com/en/ Tested Version: 700.1631 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover Unquoted...
SonLogger 4.2.3.3 - Unauthenticated Arbitrary File Upload Exploit
This Metasploit module exploits an unauthenticated arbitrary file upload via an insecure POST request in SonLogger. It has been tested on version less than 6.4.1 in Windows 10 Enterprise. This module requires Metasploit: https://metasploit.com/download Current source:...
rConfig 3.9.6 - (path) Local File Inclusion (Authenticated) Vulnerability
Exploit Title: rConfig 3.9.6 - 'path' Local File Inclusion Authenticated Exploit Author: 5a65726f Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.6.zip Version: rConfig v3.9.6 Install scripts :...
openMAINT 2.1-3.3-b - (Multiple) Persistent Cross-Site Scripting Vulnerability
Exploit Title: openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting Exploit Author: Hosein Vita Vendor Homepage: https://www.openmaint.org/ Software Link: https://sourceforge.net/projects/openmaint/files/2.1/Core%20updates/openmaint-2.1-3.3.1/ Version: 2.1-3.3 Tested on: Lin...
Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Vulnerabilities
Exploit Title: Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Exploit Author: Berkan Er Vendor Homepage: https://www.sonlogger.com/ Version: 4.2.3.3 Tested on: Windows 10 Enterprise x64 Version 1803 A remote attacker can be create an user with SuperAdmin profile...
D-Link DIR-3060 1.11b04 Command Injection Vulnerability
title: Authenticated Command Injection in D-Link DIR-3060 Web Interface vendor/product: D-Link DIR-3060 https://www.dlink.com/ vulnerable version: v1.11b04 & Below fixed version: v1.11b04 Hotfix 2 CVE number: CVE-2021-28144 impact: 8.8 high CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Vendor...
ForkCMS PHP Object Injection Vulnerability
ForkCMS PHP Object Injection ========================= | Target: | ForkCMS | | Vendor: | ForkCMS | | Version: | all versions below version 5.8.3 | | CVE: | CVE-2020-24036 | | Accessibility: | Remote | | Severity: | Medium | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technology |...
QCubed 3.1.1 Cross Site Scripting Vulnerability
QCube Cross-Site-Scripting ====================== | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24912 | | Accessibility: | Remote | | Severity: | High | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technology | SUMMAR...
Apache OFBiz XML-RPC Java Deserialization Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache OFBiz XML-RPC Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in Apache OFBiz's...
QCubed 3.1.1 PHP Object Injection Vulnerability
QCubed PHP Object Injection =========================== | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...
QCubed 3.1.1 SQL Injection Vulnerability
QCubed SQL Injection ================== | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24913 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technology | SUMMARY...
Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths Vulnerability
Exploit Title: Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.vembu.com/ Software Link: https://sg-build-release.s3.amazonaws.com/BDRSuite/V420/4202020051312/VembuBDRBackupServerSetup4201U1GA.exe Version: Version 4.2.0.1 U1...
Monitoring Of Students Cyber Accounts System 1.0 SQL Injection Vulnerability
Exploit Title: Monitoring of Students Cyber Accounts System | 'un' SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11743/monitoring-students-cyber-accounts.html Software Link:...
Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated) Exploit
Exploit Title: Monitoring System Dashboard 1.0 - File Upload RCE Authenticated Exploit Author: Richard Jones Date: 2021-03-11 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
Monitoring System (Dashboard) 1.0 - uname SQL Injection Vulnerability
Exploit Title: Monitoring System Dashboard 1.0 - 'uname' SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
F5 Big IP TMM uri_normalize_host Information Disclosure / Out-Of-Bounds Write Vulnerability
Big IP's Traffic Management Microkernels TMM URI normalization incorrectly handles invalid IPv6 hostnames allowing for information disclosure and an out-of-bounds write condition. F5 Big IP - TMM urinormalizehost infoleak and out-of-bounds write Big IP's Traffic Management Microkernels TMM URI...
MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Vulnerability
Exploit Title: MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1220 Version: 1.8.22 Tested on: Windows 10 CVE: CVE-2021-28115 1. Description: This plugin adds a feedback...
NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation Vulnerability
NuCom 11N Wireless Router version 5.07.90 suffers from a remote privilege escalation vulnerability. The non-privileged default user user:user can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint and disclose the http super password admin credentials in...
Nsasoft Hardware Software Inventory 1.6.4.0 - (multiple) Denial of Service Exploit
Exploit Title: Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service PoC Exploit Author : Enes Özeser Vendor Homepage : https://www.nsauditor.com/ Link Software : https://www.nsauditor.com/downloads/nhsisetup.exe Version: 1.6.4.0 Tested on: Windows 10 Steps: 1- Run the python...
Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit
Exploit Title: Microsoft Exchange 2019 - SSRF to Arbitrary File Write Proxylogon Date: 2021-03-10 Exploit Author: testanull Vendor Homepage: https://www.microsoft.com Version: MS Exchange Server 2013, 2016, 2019 CVE: 2021-26855, 2021-27065 import requests from urllib3.exceptions import...
Atlassian JIRA 8.11.1 - User Enumeration Exploit
Title: Atlassian JIRA 8.11.1 - User Enumeration Author: Dolev Farhi Vulnerable versions: version ' print'e.g. python3 script.py https://jiratarget.com usernames.txt' sys.exit if lensys.argv 3: help server = sys.argv1 usernames = sys.argv2 randomuser = '0x00001' try: os.path.existsusernames except...
QBOT Botnet C2 Panel - Authentication Bypass Vulnerability
A vulnerability exists in the Qbot botnet C2, in the code that performs the login. A remote attacker can exploit it to bypass the authentication, having the ability to control the botnet and perform action as an authenticated user, like taking control of the botnet. This Botnet has a lot of...
WEBIM 10.2.55 Cross Site Scripting Vulnerability
Exploit Title: XSS in WEBIM web application Exploit Author: ASCII Vendor Homepage: HTTPS://WEBIM.RU Version: 10.2.55 Tested on: 10.2.55 Webim messanger XSS POC https://location.webim.ru/webim/iframe-sample.php?historyjs=1%27"%26%25alert1&location=test&redirected=0&webim-visitor=2&webimVisitor=1...
Microsoft Windows Containers Privilege Escalation Vulnerability
The standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user. Windows Containers: ContainerUser has Elevated Privileges Windows Containers: ContainerUser has...
bVPN 2.5.1 - (waselvpnserv) Unquoted Service Path Vulnerability
Exploit Title: bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://carolcoral.github.io/no-freevpn/ Software Link: https://github.com/carolcoral/no-freevpn/releases/download/BVPN%4020190225/bVPN251setup.exe Version: Version 2.5.1 Tested on:...