Showing 1 - 25 of 50,722

Exploit Files

SolarWinds Information Service (SWIS) Remote Command Execution: Posted Mar 28, 2023; Authored by Spencer McIntyre, Piotr B, Justin Hong, Lucas Miller | Site metasploit.com; The SolarWinds Information Service (SWIS) is vulnerable to remote code execution by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command execution as NT AUTHORITY\SYSTEM.; tags | exploit, remote, code execution; advisories | CVE-2022-38108; SHA-256 | fbc6c5c5be944eb52ce167a061f21875f137dc6101b3184bad8a0d10c9afd154; Download | Favorite | View

rukovoditel 3.2.1 Cross Site Scripting: Posted Mar 28, 2023; Authored by nu11secur1ty; rukovoditel version 3.2.1 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 898fcd6c42cf09cbd7ec5b6dc7da4c9a70126592c5acdb55261bfd7df9acfbaf; Download | Favorite | View

iBooking 1.0.8 Remote Shell Upload: Posted Mar 28, 2023; Authored by d1z1n370, oPty; iBooking version 1.0.8 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 1d1a7039b4955d7dc4e5a704e51e320587047865279cc2297bb299611ef05245; Download | Favorite | View

ReQlogic 11.3 Cross Site Scripting: Posted Mar 28, 2023; Authored by Okan Kurtulus; ReQlogic version 11.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2022-41441; SHA-256 | 5227ba88f59a5d4cccd1b7cd664927cd29c2794c9b0bb18836fe0f6ab3662551; Download | Favorite | View

Optergy Proton And Enterprise BMS 2.0.3a Command Injection: Posted Mar 28, 2023; Authored by h00die-gr3y, Gjoko Krstic | Site metasploit.com; This Metasploit module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System (BMS) applications. Versions 2.0.3a and below are vulnerable. Attackers can exploit this issue by directly navigating to an undocumented backdoor script called Console.jsp in the tools directory and gain full system access. Successful exploitation results in root command execution using sudo as user optergy.; tags | exploit, root; advisories | CVE-2019-7276; SHA-256 | 33babb5810832b13a94e71c123fd7427e2dfe9cd4f92a96b062b362c7592affd; Download | Favorite | View

Hashicorp Consul 1.0 Remote Command Execution: Posted Mar 28, 2023; Authored by GatoGamer1155, 0bfxgh0st; Hashicorp Consul version 1.0 suffers from a remote command execution vulnerability.; tags | exploit, remote; SHA-256 | cf1a6442030a5c5f6fd07b5a99052472a0dae35ed2b518c1ce2625d5f2fdf42b; Download | Favorite | View

Moodle LMS 4.0 Cross Site Scripting: Posted Mar 28, 2023; Authored by Saud Alenazi; Moodle LMS version 4.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | e7721c0aa0560a87ed3a181e9975e3a660308037ece1716c759931eaf08ced82; Download | Favorite | View

Tunnel Interface Driver Denial Of Service: Posted Mar 28, 2023; Authored by ExAllocatePool2; Tunnel Interface Driver suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | f7f2b8b68d017bf58a7d55306d242543aa84752d90337934f157a2539d4cadd4; Download | Favorite | View

OPSWAT Metadefender Core 4.21.1 Privilege Escalation: Posted Mar 28, 2023; Authored by Ulascan Yildirim; OPSWAT Metadefender Core version 4.21.1 suffers from a privilege escalation vulnerability.; tags | exploit; advisories | CVE-2022-32272; SHA-256 | 67ed76b4c862c969209c71ff4568ff584d8233722adbde52ad8523f8fddff6cd; Download | Favorite | View

Label Studio 1.5.0 Server-Side Request Forgery: Posted Mar 28, 2023; Authored by DeveloperNinja; Label Studio versions 1.5.0 and below suffer from a server-side request forgery vulnerability.; tags | exploit; advisories | CVE-2022-36551; SHA-256 | 71c7c7e58dfd4fd19b14de8fbc71ae94220ca39129c624221250b9a297da7930; Download | Favorite | View

X-Skipper-Proxy 0.13.237 Server-Side Request Forgery: Posted Mar 28, 2023; Authored by Milad Fadavvi, Hosein Vita; X-Skipper-Proxy version 0.13.237 suffers from a server-side request forgery vulnerability.; tags | exploit; advisories | CVE-2022-38580; SHA-256 | 876aed8ac1af7db0f1e7042dc3e6263dc7ae9ca1429d89517aef860913ece9e7; Download | Favorite | View

Subrion CMS 4.2.1 Cross Site Scripting: Posted Mar 28, 2023; Authored by Sinem Sahin; Subrion CMS version 4.2.1 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 2522ffebb3f430ee0af9c8551dc7b1c7ccd8d38777900a80d1fb438938e478fa; Download | Favorite | View

BoxBilling 4.22.1.5 Remote Code Execution: Posted Mar 28, 2023; Authored by zetc0de; BoxBilling versions 4.22.1.55 and below suffer from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2022-3552; SHA-256 | 6e59fbe468fead5a4191e76bf74361a19de1ba2b8e6b5604dcfb35095342aea9; Download | Favorite | View

Tapo C310 RTSP Server 1.3.0 Unauthorized Video Stream Access: Posted Mar 28, 2023; Authored by dsclee1; Tapo C310 RTSP server version 1.3.0 suffers from an unauthorized video stream access vulnerability.; tags | exploit, bypass; advisories | CVE-2022-37255; SHA-256 | 170c044bd6bcf23ff4b350fe2720d26d25aed6bdfb18705b917219f671e010bf; Download | Favorite | View

SugarSync 4.1.3 Unquoted Service Path: Posted Mar 28, 2023; Authored by Jorge Manuel Lozano Gomez; SugarSync version 4.1.3 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | 55037f9fc378999b0dd446661454b26aeb67331ad993ac4257ddc722d63c67ad; Download | Favorite | View

HDD Health 4.2.0.112 Unquoted Service Path: Posted Mar 28, 2023; Authored by Jorge Manuel Lozano Gomez; HDD Health version 4.2.0.112 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | 8393ec9706e83a38f5916ad915dd9562d1746a32ea7f14558160f4963089113e; Download | Favorite | View

WordPress Jetpack 11.4 Cross Site Scripting: Posted Mar 28, 2023; Authored by Behrouz Mansoori; WordPress Jetpack plugin version 11.4 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 3ceaf797647de4108f92a76d5b936b7c111f3523b7c04d5ea66e199a17b6c652; Download | Favorite | View

Online Shopping System Advanced 1.0 XSS / SQL Injection / Code Execution: Posted Mar 28, 2023; Authored by Rafael Pedrero; Online Shopping System Advanced version 1.0 suffers from code execution, cross site scripting, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, code execution, xss, sql injection; SHA-256 | d016e73da19bd9b2b318eea4c377983be13ee45418a1cb5e83aed5c8218cce71; Download | Favorite | View

SuperMailer 11.20 Buffer Overflow / Denial Of Service: Posted Mar 28, 2023; Authored by Rafael Pedrero; SuperMailer version 11.20 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | fce09fe1e664b145fb82d4610710f0b790baf06694c3c787181354d57cf07c1b; Download | Favorite | View

YouPHPTube 7.8 Local File Inclusion / Directory Traversal: Posted Mar 28, 2023; Authored by Rafael Pedrero; YouPHPTube versions 7.8 and below suffer from local file inclusion and directory traversal vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | fb3e42eecf910a2436823c9d614a4b6500e8b3b9637e0652a2e73e9fc8287070; Download | Favorite | View

Beauty Salon 1.0 Remote Shell Upload: Posted Mar 28, 2023; Authored by nu11secur1ty; Beauty Salon version 1.0 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 83176cdbc6fac7bfcb64ea33d5b87412f89dd2c6fd208487f141a3594ec380e1; Download | Favorite | View

Suprema BioStar 2 2.8.16 SQL Injection: Posted Mar 27, 2023; Authored by Yuriy Tsarenko; Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2023-27167; SHA-256 | d4430e30903a9db88dc6330e948ac08547e1622d7051cf8fedc3868bf8e104d1; Download | Favorite | View

WebTareas 2.4 SQL Injection: Posted Mar 27, 2023; Authored by Hubert Wojciechowski; WebTareas version 2.4 suffers from a remote blind SQL injection vulnerability. Original discovery of this issue in this version is attributed to Behrad Taher in May of 2022. Related CVE number: CVE-2021-43481.; tags | exploit, remote, sql injection; SHA-256 | 227f751b494a8526993c807c6a09642bdde18c4570a2c251b1b157fa94d369f3; Download | Favorite | View

WebTareas 2.4 Cross Site Scripting: Posted Mar 27, 2023; Authored by Hubert Wojciechowski; WebTareas version 2.4 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 813491c88e8a5846d163a6f81ec121117f5e924631af78f81671e4d9e87dce95; Download | Favorite | View

WebTareas 2.4 Remote Shell Upload: Posted Mar 27, 2023; Authored by Hubert Wojciechowski; WebTareas version 2.4 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | eda323c318ad8fffa94b89ae2c95e9b9d5f2357f04e724bc7eabff0037f403b2; Download | Favorite | View

Page 1 of 2,029 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 145 files
Ubuntu 108 files
Debian 16 files
Rafael Pedrero 11 files
LiquidWorm 10 files
Google Security Research 9 files
Apple 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,714)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,137)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,925)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,453)
UNIX (9,208)
UnixWare (185)
Windows (6,532)
Other

Exploit Files

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems