39001 matches found
Tryton 5.4 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Tryton 5.4 - Persistent Cross-Site Scripting Vendor Homepage: https://www.tryton.org/ Version: 5.4 Software Link: https://www.tryton.org/download Document Title: =============== Tryton v5.4 - Name Persistent Cross Site...
Phase Botnet - Blind SQL Injection Exploit
Exploit for linux platform in category web applications...
WordPress ChopSlider 3 3.4 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://idangero.us/ Software Link: https://github.com/idangerous/Plugins Version: getrow'SELECT FROM '...
qdPM 9.1 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: qdPM 9.1 - Arbitrary File Upload Author: Besim ALTINOK Vendor Homepage: https://sourceforge.net/projects/qdpm/ Software Link: https://sourceforge.net/projects/qdpm/ Version: v9.1 Maybe it affect other versions Tested on: Xampp...
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation Exploit
Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.5.2 and prior do not validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested...
LanSend 3.2 - Buffer Overflow (SEH) Exploit
Exploit Title: LanSend 3.2 - Buffer Overflow SEH Exploit Author: gurbanli Vulnerable Software: LanSend 3.2 Vendor Homepage: https://lizardsystems.com Version: 3.2 Software Link: https://lizardsystems.com/download/lansendsetup.exe Tested on: Windows 7 x86 f = file'payload.txt','w' """ PoC 1. Run...
MacOS 320.whatis Script - Privilege Escalation
Exploit Title: MacOS 320.whatis Script - Privilege Escalation Exploit Author: Csaba Fitzl Vendor Homepage: https://support.apple.com/en-us/HT210722 Version: macOS Labelcom.sample.LoadProgramArguments /Applications/Scripts/sample.shRunAtLoad!-- """ shquickcontent = """...
CuteNews 2.1.2 - Authenticated Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: CuteNews 2.1.2 - Authenticated Arbitrary File Upload Author: Vigov5 - SunCSR Team Vendor Homepage: https://cutephp.com Software Link: https://cutephp.com/click.php?cutenewslatest Version: v2.1.2 Tested on: Ubuntu 18.04 / Kali...
Netsweeper WebAdmin unixlogin.php Python Code Injection Exploit
This Metasploit module exploits a Python code injection in the Netsweeper WebAdmin component's unixlogin.php script, for versions 6.4.4 and prior, to execute code as the root user. Authentication is bypassed by sending a random whitelisted Referer header in each request. Tested on the CentOS...
Orchard Core RC1 - Persistent Cross-Site Scripting Vulnerability
Exploit for asp platform in category web applications Exploit Title: Orchard Core RC1 - Persistent Cross-Site Scripting Google Dork: "Orchardcms" Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: http://www.orchardcore.net/ Software Link: https://github.com/OrchardCMS/OrchardCor...
SaltStack Salt Master/Minion Unauthenticated Remote Code Execution Exploit
This Metasploit module exploits unauthenticated access to the runner and sendpub methods in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to execute code as root on either the master or on select minions. VMware vRealize Operations...
TylerTech Eagle 2018.3.11 - Remote Code Execution Exploit
Exploit for java platform in category web applications Exploit Title: TylerTech Eagle 2018.3.11 - Remote Code Execution Exploit Author: Anthony Cole Vendor Homepage: https://www.tylertech.com/products/eagle Version: 2018.3.11 Tested on: Windows 2012 CVE: N/A Category: webapps Eagle is a software...
Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications Exploit Title: Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting Exploit Author: Dylan Garnaud & Benoit Malaboeuf - Pentesters from Orange Cyberdefense France Vendor Homepage:...
MikroTik RouterOS Denial Of Service / Memory Corruption Vulnerability
MikroTik RouterOS suffers from two vulnerabilities. The cerm process suffers from an uncontrolled resource consumption issue. By sending a crafted packet, an authenticated remote user can cause a high cpu load, which may make the device respond slowly or unable to respond. Versions until stable...
Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting Vendor: http://www.sentrifugo.com/ Link: http://www.sentrifugo.com/download Version: 3.2 Product & Service Introduction: ===============================...
OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting Vendor: https://www.openz.de/ https://www.openz.de/download.html Document Title: =============== OpenZ v3.6.60 ERP - Employee Persistent XSS Vulnerability Product & Service...
Complaint Management System 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: complaint management system 1.0 - Authentication Bypass Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...
Kartris 1.6 - Arbitrary File Upload Vulnerability
Exploit for asp platform in category web applications Exploit Title: Kartris 1.6 - Arbitrary File Upload Exploit Author: Nhat Ha - Sun CSR Vendor Homepage: https://www.cactusoft.com/ Software Link: https://www.kartris.com/ Version: 1.6 Category: Webapps Tested on: WiN10x64/KaLiLinuXx64 CVE: N/A...
Pi-hole < 4.4 - Remote Code Execution / Privileges Escalation Exploit
Exploit for linux platform in category web applications !/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard...
Online AgroCulture Farm Management System 1.0 - (uname) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online AgroCulture Farm Management System 1.0 - 'uname' SQL Injection Exploit Author: Tarun Sehgal Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Victor CMS 1.0 - (post) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Victor CMS 1.0 - 'post' SQL Injection Exploit Author: BKpatron Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: v1.0 Tested on: Win 10 CV...
CuteNews 2.1.2 - Arbitrary File Deletion Vulnerability
Exploit for php platform in category web applications Exploit Title: CuteNews 2.1.2 - Arbitrary File Deletion Author: Besim ALTINOK Vendor Homepage: https://cutephp.com Software Link: https://cutephp.com/click.php?cutenewslatest Version: v2.1.2 Maybe it affect other versions Tested on: Xampp...
Pi-hole < 4.4 - Remote Code Execution Exploit
Exploit for linux platform in category web applications !/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard...
LibreNMS 1.46 - (search) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: LibreNMS 1.46 - 'search' SQL Injection Google Dork:unknown Exploit Author: Punt Vendor Homepage: https://www.librenms.org Software Link: https://www.librenms.org Version:1.46 and less Tested on:Linux and Windows CVE: N/A Affecte...
WebTareas 2.0p8 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WebTareas v2.0p8 - Login Portal - Reflected Cross Site Scripting XSS Exploit Author: Bobby Cooke Vendor Homepage: http://webtareas.sf.net/ Software Link:...
ManageEngine DataSecurity Plus Authentication Bypass Vulnerability
ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffer from an authentication bypass vulnerability. ManageEngine DataSecurity Plus Authentication Bypass Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3...
Create-Project Manager 1.07 Cross Site Scripting / HTML Injection Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Create-Project Manager 1.07 Multi XSS /HTML injection Vunlerabilities Exploit Author: @ThelastVvV Vendor Homepage: https://codecanyon.net/item/create-project-manager-with-authenticator/20483329?srank=3 Version: 1.6 Tested on:...
ManageEngine Asset Explorer Windows Agent Remote Code Execution Vulnerability
Exploit for php platform in category web applications ManageEngine Asset Explorer Windows Agent Remote Code Execution Vulnerability Identifiers ------------------------------------------------- CVE-2020-8838 XL-20-003 CVSSv3 score ------------------------------------------------- 7.5...
Service Tracing Privilege Escalation Exploit
This Metasploit module leverages a trusted file overwrite with a dll hijacking vulnerability to gain SYSTEM-level access on vulnerable Windows 10 x64 targets. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...
WordPress Dosimple Theme 2.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Document Title: =============== Wordpress Theme Dosimple v2.0 - XSS Web Vulnerability Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a cross site web vulnerability in...
WordPress ChopSlider 3 SQL Injection Vulnerability
Exploit for php platform in category web applications ---------------------------------------------------------------- ChopSlider3 Wordpress Plugin SQL Injection ---------------------------------------------------------------- - Software Link: https://idangero.us/...
Linux 5.6 IORING_OP_MADVISE Race Condition
Linux 5.6 has an issue with IORINGOPMADVISE racing with coredumping. Linux 5.6: IORINGOPMADVISE races with coredumping Last year, I noticed that core dumping iterates over current-mm's VMA list without proper locking, under the assumption that the VMA list can not be modified externally. This...
ManageEngine DataSecurity Plus Path Traversal / Code Execution Vulnerabilities
ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffers from a path traversal vulnerability that can lead to remote code execution. ManageEngine DataSecurity Plus Path Traversal / Code Execution Vulnerabilities Identifiers...
Microsoft Windows NtUserMNDragOver Local Privilege Escalation Exploit
This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex, which is reachable via a NtUserMNDragOver system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint function does not effectively check the validity of the tagPOPUPMENU...
SolarWinds MSP PME Cache Service Insecure File Permissions / Code Execution Exploit
SolarWinds MSP PME Cache Service versions prior to 1.1.15 suffer from insecure file permission and code execution vulnerabilities. Title: SolarWinds MSP PME Cache Service - Insecure File Permissions / Code Execution Author: Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG GitHub:...
Car Park Management System 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Car Park Management System 1.0 - Authentication Bypass Exploit Author: Tarun Sehgal Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion Vulnerability
Exploit for php platform in category web applications Exploit Title: i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion Author: Besim ALTINOK Vendor Homepage: https://www.i-doit.org/ Software Link: https://sourceforge.net/projects/i-doit/ Version: v1.14.1 Tested on: Xampp Credit: İsmail...
IBM Data Risk Manager 2.0.3 Default Password Exploit
This Metasploit module abuses a known default password in IBM Data Risk Manager. The a3user has the default password idrm and allows an attacker to log in to the virtual appliance via SSH. This can be escalate to full root access, as a3user has sudo access with the default password. At the time o...
Draytek VigorAP 1000C - Persistent Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Title: Draytek VigorAP 1000C - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-05-07 Vendor: https://www.draytek.com/ Software: https://www.draytek.com/products/vigorap-903/ Product & Service Introduction:...
Linux/x64 Anti-Debug Trick INT3 Trap Shellcode (113 bytes)
113 bytes small Linux/x64 anti-debug trick INT3 trap with execve"/bin/sh" shellcode that is NULL free. / Shellcode Title: linux/x64 anti-debug trick INT3 trap + execve"/bin/sh" - NULL Free - 113 bytes Shellcode Author: Dario Castrogiovanni Tested on: LXLE Linux 18.04 x64 Description: This shellco...
webTareas 2.0.p8 - Arbitrary File Deletion Vulnerability
Exploit for php platform in category web applications Exploit Title: webTareas 2.0.p8 - Arbitrary File Deletion Author: Besim ALTINOK Vendor Homepage: https://sourceforge.net/projects/webtareas/files/ Software Link: https://sourceforge.net/projects/webtareas/files/ Version: v2.0.p8 Tested on: Xam...
Online Clothing Store 1.0 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Clothing Store 1.0 - Persistent Cross-Site Scripting Exploit Author: Sushant Kamble Vendor Homepage: https://www.sourcecodester.com/php/14185/online-clothing-store.html Software Link:...
Kentico CMS 12.0.14 Remote Command Execution Exploit
This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML inp...
GitLab 12.9.0 - Arbitrary File Read Exploit
Exploit for ruby platform in category web applications Exploit Title: GitLab 12.9.0 - Arbitrary File Read Exploit Author: KouroshRZ Vendor Homepage: https://about.gitlab.com Software Link: https://about.gitlab.com/install Version: tested on gitlab version 12.9.0 Tested on: Ubuntu 18.04 but it's O...
TrixBox CE 2.8.0.4 Command Execution Exploit
This Metasploit module exploits an authenticated OS command injection vulnerability found in Trixbox CE versions 1.2.0 through 2.8.0.4 inclusive in the network POST parameter of the /maint/modules/endpointcfg/endpointdevicemap.php page. Successful exploitation allows for arbitrary command executi...
IBM Data Risk Manager 2.0.3 Remote Code Execution Exploit
IBM Data Risk Manager IDRM contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. Thi...
Extreme Networks Aerohive HiveOS 11.x Denial Of Service Exploit
Extreme Networks Aerohive HiveOS versions 11.x and below remote denial of service exploit. An unauthenticated malicious user can trigger a denial of service DoS attack when sending specific application layer packets towards the Aerohive NetConfig UI. This proof of concept exploit renders the...
YesWiki cercopitheque 2020.04.18.1 - (id) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection Exploit Author: coiffeur Vendor Homepage: https://yeswiki.net/ Software Link: https://yeswiki.net/, https://github.com/YesWiki/yeswiki Version: YesWiki cercopitheque...
MPC Sharj 3.11.1 - Arbitrary File Download Exploit
Exploit for php platform in category web applications Exploit title : MPC Sharj 3.11.1 - Arbitrary File Download Exploit Author : SajjadBnd Date : 2020-05-02 Software Link : http://dl.nuller.ir/mpc-sharj-vr3.11.1betawww.nuller.ir.zip Tested on : Ubuntu 19.10 Version : 3.11.1 Beta DESCRIPTION MPC...
WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Product: WordPress WooCommerce - Advanced Order Export plugin. Vendor Homepage: https://algolplus.com/plugins/downloads/advanced-order-export-for-woocommerce-pro/ Vulnerable Version: 3.1.3 Fixed Version: 3.1.4 CVE Number: CVE-2020-11727 Author...