Showing 1 - 25 of 305

Files

Easy Address Book Web Server 1.6 Buffer Overflow / Cross Site Scripting: Posted Aug 31, 2023; Authored by Rafael Pedrero; Easy Address Book Web Server version 1.6 suffers from buffer overflow and cross site scripting vulnerabilities.; tags | exploit, web, overflow, vulnerability, xss; advisories | CVE-2023-4491, CVE-2023-4492, CVE-2023-4493, CVE-2023-4494, CVE-2023-4495, CVE-2023-4496, CVE-2023-4497; SHA-256 | b6befe65e6a55c3b27e84899d0f0cc67abbdb0aab6f0e18d3b97d7670e1e7542; Download | Favorite | View

PHP JABBERS PHP Review Script 1.0 Cross Site Scripting: Posted Aug 31, 2023; Authored by nu11secur1ty; PHP JABBERS PHP Review Script version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, php, xss; SHA-256 | b9b98b4a795bf346b16b6fba859f15dc9f9da7740340375a350eddf3a8d1d69f; Download | Favorite | View

Innovins CMS 4.7 SQL Injection: Posted Aug 31, 2023; Authored by indoushka; Innovins CMS version 4.7 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 9251132594eafa9a14d75a8dd4e9c897b37bff7230ae650ecc0a5f52c0c0f607; Download | Favorite | View

Online ID Generator 1.0 SQL Injection / Shell Upload: Posted Aug 31, 2023; Authored by nu11secur1ty; Online ID Generator version 1.0 suffers from remote SQL injection that allows for login bypass and remote shell upload vulnerabilities.; tags | exploit, remote, shell, vulnerability, sql injection; SHA-256 | fe94ca18f12e1c64358556d8bd0cbb12f811c2f0176232b8d7dcb632b99ee17f; Download | Favorite | View

Islam CMS 1.0 Code Injection: Posted Aug 31, 2023; Authored by indoushka; Islam CMS version 1.0 suffers from a remote PHP code injection vulnerability.; tags | exploit, remote, php; SHA-256 | 39b07aef1fa1c0862a22398b5f20aabeb8f16190e023159d1c613e4cc63eef60; Download | Favorite | View

Invasor Diagonal CMS 1.0 Cross Site Scripting: Posted Aug 31, 2023; Authored by indoushka; Invasor Diagonal CMS version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | ec4be6aa3028ea8d49f16f286f88453f74d01789614ef1b86bf92de74bc6bea4; Download | Favorite | View

InterPhoto 2.3.0 Shell Upload: Posted Aug 31, 2023; Authored by indoushka; InterPhoto version 2.3.0 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 5ca35c1825dc45f42cd3a28e602eb0a3285956fa6a3c4b1d41e2cdcc78f49cce; Download | Favorite | View

IQ-Medya CMS 2.0 Cross Site Scripting: Posted Aug 30, 2023; Authored by indoushka; IQ-Medya CMS version 2.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | ab1e62fc2de79708c62ff8ba7205592a862ce474915df4ff25b9a691573bdc26; Download | Favorite | View

Apache NiFi H2 Connection String Remote Code Execution: Posted Aug 30, 2023; Authored by h00die, Matei Mal Badanoiu | Site metasploit.com; The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. This exploit will result in several shells (5-7). Successfully tested against Apache nifi 1.17.0 through 1.21.0.; tags | exploit, shell, code execution; advisories | CVE-2023-34468; SHA-256 | 0160a2622a4649020abd8fb0d476ca59d2c4968c668499c8167e44d6c9276020; Download | Favorite | View

Juniper JunOS SRX / EX Remote Code Execution: Posted Aug 30, 2023; Authored by watchTowr Labs Team | Site github.com; A proof of concept exploit for chaining four CVEs to achieve remote code execution in Juniper JunOS within SRX and EX Series products.; tags | exploit, remote, code execution, proof of concept; systems | juniper; advisories | CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847; SHA-256 | ab0b70a7cc6a4a947d8faceced29674fb6ad7bf45e8a329120e642cb825e3c05; Download | Favorite | View

Grawlix 1.5.1 Cross Site Scripting: Posted Aug 29, 2023; Authored by nu11secur1ty; Grawlix version 1.5.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 5dd35beba6ac582cc601ed4251101a93d1171a9e46150ab3b18106ee7ac0779c; Download | Favorite | View

GOM Player 2.3.90.5360 MITM / Remote Code Execution: Posted Aug 29, 2023; Authored by M. Akil Gundogan; GOM Player version 2.3.90.5360 man-in-the-middle proof of concept remote code execution exploit.; tags | exploit, remote, code execution, proof of concept; SHA-256 | f2826517a53fda0ce64b48c45b78c7b264d5e4695963f36c0f2cda3c61797dce; Download | Favorite | View

ImgHosting 1.2 Cross Site Scripting: Posted Aug 29, 2023; Authored by indoushka; ImgHosting version 1.2 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 3e0de4ff80dc516a1abe50185e5807a1e503d782b2cd24457e01031368191dc0; Download | Favorite | View

imax CMS 1.0 SQL Injection: Posted Aug 29, 2023; Authored by indoushka; imax CMS version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 52f1d50540b76ffc52c7797e885e6908f2e13e1293503d674321d886a7bee4b7; Download | Favorite | View

i-Gallery 3.4 Database Disclosure: Posted Aug 29, 2023; Authored by indoushka; i-Gallery version 3.4 suffers from a database disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 4b8a837753cf89aafb9402b3feaaf42295a6b6cdf0c9c587a99043708662b845; Download | Favorite | View

iBilling CRM 4.5.0 Add Administrator / Insecure Direct Object Reference: Posted Aug 29, 2023; Authored by indoushka; iBilling CRM version 4.5.0 suffers from add administrator and insecure direct object reference vulnerabilities.; tags | exploit, vulnerability; SHA-256 | 760baebd14cdc30ea709aa4ed257510e4dc9b7a598037e6d629a4edd54e2b4aa; Download | Favorite | View

Humhub 1.3.13 Directory Traversal: Posted Aug 29, 2023; Authored by indoushka; Humhub version 1.3.13 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | a273353e5f1cd7fd15cadb49c184f9e3db0f3e65128d11813d0c846dec64278a; Download | Favorite | View

HumbertoCaldas CMS 0.1.3 Cross Site Scripting: Posted Aug 29, 2023; Authored by indoushka; HumbertoCaldas CMS version 0.1.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 75f3197d84cfe8ec38c4b93a47e053a68a01cbb15227d1def7f9370afed8890d; Download | Favorite | View

Human Resource PMS 1.4 Database Disclosure: Posted Aug 29, 2023; Authored by indoushka; Human Resource PMS version 1.4 suffers from a database disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 57bdfb1d2e047a7027d3da9cb5073ca412afeb4304b018eb24ff2852b5d4c72a; Download | Favorite | View

hudaallah Linker CMS 1.0 Cross Site Scripting: Posted Aug 29, 2023; Authored by indoushka; hudaallah Linker CMS version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 20236b2cd9a054f56a31046021ac116fcb9afe5e31221557b3f29af99a622c0e; Download | Favorite | View

HS-booking CMS 2.79 SQL Injection: Posted Aug 29, 2023; Authored by indoushka; HS-booking CMS version 2.79 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 006e624701fd77bd3dfc816e98ea033617cd8a83185a64d2bd0704f4fc7dffda; Download | Favorite | View

Foodiee Online Food Ordering Web Application 1.0.0 Cross Site Scripting: Posted Aug 29, 2023; Authored by indoushka; Foodiee Online Food Ordering Web Application version 1.0.0 suffers from a cross site scripting vulnerability.; tags | exploit, web, xss; SHA-256 | 96eadc880d5704cd06cd57f03a21072ebd146981ad8edb1a75a45baf38e58bd5; Download | Favorite | View

HRM SAAS 2.1.9 Insecure Settings: Posted Aug 29, 2023; Authored by indoushka; HRM SAAS version 2.1.9 suffers from an ignored default credential vulnerability.; tags | exploit; SHA-256 | 47edbfdf093c38073ddca772733e9b6aa685cd9a04baa672a08660a1d1c5957e; Download | Favorite | View

PHPValley Micro Jobs 2.0.1 Insecure Direct Object Reference: Posted Aug 29, 2023; Authored by indoushka; PHPValley Micro Jobs version 2.0.1 suffers from an insecure direct object reference vulnerability.; tags | exploit; SHA-256 | 6db877929839c36e84585a848c61bfcc246d57fdcc0cfe08967d0a3c0727f200; Download | Favorite | View

Hloun 1.0.0 Insecure Settings: Posted Aug 29, 2023; Authored by indoushka; Hloun version 1.0.0 fails to remove the install script post installation allowing an unauthenticated user the ability to reinstall the system.; tags | exploit; SHA-256 | 58b3aa20d6a6dd3e065077eb058059fe1a5d772cb9cedabdfc2cfcb6c91e6ee7; Download | Favorite | View

Page 1 of 13 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 276 files
Ubuntu 65 files
Debian 25 files
Gentoo 16 files
LiquidWorm 10 files
nu11secur1ty 5 files
kai6u 3 files
Adam Gowdiak 3 files
liquidsky 3 files
gabe_k 3 files

Files

Top Authors In Last 30 Days

Recent News