Lucene search
+L

4149 matches found

Packet Storm
Packet Storm
added 2023/11/25 12:0 a.m.282 views

CE Phoenix 1.0.8.20 Cross Site Scripting

Exploit Title: CE Phoenix Version 1.0.8.20 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://phoenixcart.org/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/ecommerce/CEPhoenix POC: 1-Login admin panel , go to this url :...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.59 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2023-390)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-390 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References4
Packet Storm
Packet Storm
added 2023/10/12 12:0 a.m.312 views

Lost And Found Information System 1.0 Insecure Direct Object Reference

Exploit Title: Lost and Found Information System v1.0 - idor leads to Account Take over Date: 2023-12-03 Exploit Author: OR4NG.M4N Category : webapps CVE : CVE-2023-38965 Python p0c : import argparse import requests import time parser = argparse.ArgumentParserdescription='Send a POST request to t...

7.1AI score0.01264EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/10/10 12:0 a.m.354 views

Cacti 1.2.24 Command Injection

Exploit Title: Cacti 1.2.24 - Authenticated command injection when using SNMP options Date: 2023-07-03 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/info/downloads Version: Cacti 1.2.24 Tested on: Cacti 1.2.24 installed on...

7.2CVSS7.1AI score0.82186EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.340 views

Wordpress Sonaar Music Plugin 4.7 - Stored XSS

Exploit Title: Wordpress Sonaar Music Plugin 4.7 - Stored XSS Date: 2023-09-05 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/wp/wordpress/wp-comments-post.php Version: 4.7 REQUIRED Tested on: Windows/Linux...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/22 12:0 a.m.256 views

Dolibarr 17.0.1 Cross Site Scripting

Exploit Title: Dolibarr Version 17.0.1 - Stored XSS Dork: Date: 2023-08-09 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php Version: 17.0.1 REQUIRED Tested on: Windows/Linux CVE :...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/08/21 12:0 a.m.159 views

Dolibarr Version 17.0.1 - Stored XSS Vulnerability

Exploit Title: Dolibarr Version 17.0.1 - Stored XSS Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php Version: 17.0.1 REQUIRED Tested on: Windows/Linux CVE :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.340 views

Dolibarr Version 17.0.1 - Stored XSS

Exploit Title: Dolibarr Version 17.0.1 - Stored XSS Dork: Date: 2023-08-09 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php Version: 17.0.1 REQUIRED Tested on: Windows/Linux CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/06 12:0 a.m.338 views

Lost and Found Information System v1.0 - SQL Injection

Exploit Title: Lost and Found Information System v1.0 - SQL Injection Date: 2023-06-30 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Dork : /php-lfis/admin/?page=systeminfo/contactinformation Tested on: Windows/Linux CVE : CVE-2023-33592 import requests URL of the...

9.8CVSS9.7AI score0.03832EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.191 views

Sales of Cashier Goods v1.0 - Cross Site Scripting (XSS)

Exploit Title: Sales of Cashier Goods v1.0 - Cross Site Scripting XSS Date: 2023-06-23 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Dork : /print.php?nmmember= Vendor Homepage:...

6.1CVSS6.3AI score0.05295EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/06/27 12:0 a.m.288 views

Xenforo 2.2.13 Cross Site Scripting

Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS Date: 2023-06-24 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: https://x.com/admin.php?smilies Version: 2.2.12 REQUIRED Tested on: Windows/Linux CVE :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.361 views

Windows 11 22h2 - Kernel Privilege Elevation

// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...

7.8CVSS8.8AI score0.02866EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.481 views

Xenforo Version 2.2.13 - Authenticated Stored XSS

Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS Date: 2023-06-24 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: https://x.com/admin.php?smilies Version: 2.2.12 REQUIRED Tested on: Windows/Linux CVE :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.334 views

WordPress Theme Medic 1.0.0 Weak Password Recovery Mechanism

Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...

8.1CVSS7.1AI score0.13625EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.375 views

WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password

Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...

8.1CVSS8.3AI score0.13625EPSS
Exploits3
0day.today
0day.today
added 2023/06/12 12:0 a.m.358 views

WordPress Workreap 2.2.2 Shell Upload Exploit

Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author: Mohammad Hossei...

9.8CVSS9.3AI score0.60113EPSS
Exploits9
Packet Storm
Packet Storm
added 2023/06/12 12:0 a.m.481 views

WordPress Workreap 2.2.2 Shell Upload

Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Date: 2023-06-01 Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author...

9.8CVSS7.1AI score0.60113EPSS
Exploits9
Exploit DB
Exploit DB
added 2023/06/09 12:0 a.m.426 views

WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution

Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Date: 2023-06-01 Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author...

9.8CVSS9.6AI score0.60113EPSS
Exploits9
Packet Storm
Packet Storm
added 2023/05/15 12:0 a.m.329 views

Online Clinic Management System 2.2 Cross Site Scripting

Exploit Title: Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting XSS Date: 27-06-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Version : 2.2...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.347 views

Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)

Exploit Title: Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting XSS Date: 27-06-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Version : 2.2...

7AI score
Exploits0
Rows per page
Query Builder