Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

405 matches found

Packet Storm
Packet Stormadded 2022/06/28 12:0 a.m.438 views

OpenCart 3.x So Filter Shop By SQL Injection

Exploit Title: OpenCart v3.x So Filter Shop By - Blind SQL Injection Date: 28/06/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://codecanyon.net/item/so-filter-shop-by-responsive-opencart-module/13945633 Version: V3.X Tested on: XAMPP, Linux...

0.1AI score
Exploits0
0day.today
0day.todayadded 2021/12/20 12:0 a.m.380 views

Signup PHP Portal 2.1 Shell Upload Vulnerability

-- Exploit Title: Signup Php Portal Arbitrary File Upload Exploit Author: Sohel Yousef - email protected Software Link: https://codecanyon.net/item/signup-php-portal/23066564 Software Demo :https://ocsolutions.co.in/signupcustomscript/customerregister.php Category: webapps Version: 2.1 1...

Exploits0
0day.today
0day.todayadded 2021/10/18 12:0 a.m.313 views

Support Board 3.3.4 - (Message) Stored Cross-Site Scripting Vulnerability

Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2 LTS, Windows 10 PO...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/11/12 12:0 a.m.1253 views

Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection

Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection Software Link: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850 Version: prefix . 'gdlrpayment '; 688- $sql .= 'WHERE id=' . $POST'id' . ' AND '; 689- $sql .=...

7.4AI score
Exploits0
0day.today
0day.todayadded 2020/06/08 12:0 a.m.213 views

NeonLMS Learning Management System PHP Laravel Script 4.6 Shell Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: NeonLMS - Learning Management System PHP Laravel Script -Authenticated Arbitrary File Upload Exploit Author: th3d1gger Vendor Homepage: https://www.neonlms.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2019/08/26 12:0 a.m.356 views

WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting

Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept: https://domain.tld/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&errordescription=...

6.1CVSS6.5AI score0.82962EPSS
Exploits6
0day.today
0day.todayadded 2019/07/07 12:0 a.m.456 views

Karenderia CMS 5.3 SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Karenderia CMS 5.3 - Multiple SQL Vuln. Exploit Author: Mehmet EMIROGLU Vendor Homepage: email protected Software Link:...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2019/07/01 12:0 a.m.11 views

CiuisCRM 1.6 - eventType SQL Injection

CiuisCRM 1.6 - eventType SQL Injection =========================================================================================== Exploit Title: CiuisCRM 1.6 - 'eventType' SQL Inj. Dork: N/A Date: 27-05-2019 Exploit Author: Mehmet EMİROĞLU Vendor Homepage:...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2019/05/14 12:0 a.m.19 views

PasteShr 1.6 - Multiple SQL Injection

PasteShr 1.6 - Multiple SQL Injection =========================================================================================== Exploit Title: PasteShr - SQL İnj. Dork: N/A Date: 14-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

0.7AI score
Exploits0
CVE
CVEadded 2019/05/09 5:6 p.m.54 views

CVE-2017-12761

CVE-2017-12761 affects WebFile Explorer 1.0. The vulnerability arises from using the GET parameter in download.php (component: $file = $_GET['id']), enabling SQL Injection that leads to Arbitrary File Download (remote) via the attack vector download.php?id=WebExplorer/../config.php. Affected soft...

7.5CVSS7.8AI score0.02533EPSS
Exploits1References4Affected Software1
0day.today
0day.todayadded 2019/05/03 12:0 a.m.461 views

Instagram Auto Follow - Authentication #Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: Instagram Auto Follow - Autobot Instagram - Authentication Bypass Exploit Author: Veyselxan Vendor Homepage: https://codecanyon.net/item/instagram-auto-follow-autobot-instagram/23720743?srank=4 Tested on: Linux...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2019/02/21 12:0 a.m.29 views

EI-Tube 3 SQL Injection

Exploit Title: PHP EI-Tube Script - Sql Injection Date: 2019-02-21 Exploit Author: Meisam Monsef - [email protected] Vendor Homepage: https://codecanyon.net/item/eitube-youtube-api-v3-site-builder/22722912?srank=17 Version: 3 Tested on: ubuntu special thanks : Alireza Noorkazemi - A-H - Akhzari...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2019/02/21 12:0 a.m.16 views

EI-Tube 3 - SQL Injection

EI-Tube 3 - SQL Injection Exploit Title: PHP EI-Tube Script - Sql Injection Date: 2019-02-21 Exploit Author: Meisam Monsef - [email protected] Vendor Homepage: https://codecanyon.net/item/eitube-youtube-api-v3-site-builder/22722912?srank=17 Version: 3 Tested on: ubuntu special thanks : Alireza...

8.6AI score
Exploits0
0day.today
0day.todayadded 2019/02/20 12:0 a.m.30 views

Zuz Music 2.1 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Zuz Music 2.1 - 'zuzconsole/contact ' Persistent Cross-site Scripting Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage: https://zuz.host/ Software Link:...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2019/02/19 12:0 a.m.19 views

Find a Place CMS Directory 1.5 - assetsexternaldata_2.php cate SQL Injection

Find a Place CMS Directory 1.5 - assetsexternaldata2.php cate SQL Injection Exploit Title: Find a Place CMS Directory 1.5 - 'assets/external/data2.php cate' SQL Injection Google Dork: inurl:"assets/external/data.php" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa....

0.4AI score
Exploits0
Packet Storm
Packet Stormadded 2019/02/16 12:0 a.m.374 views

Find A Place CMS Directory 1.5 SQL Injection

Exploit Title: Find a Place CMS Directory 1.5 - 'assets/external/data2.php cate' SQL Injection Google Dork: inurl:"assets/external/data.php" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage: https://themerig.com/...

0.6AI score
Exploits0
exploitpack
exploitpackadded 2019/01/29 12:0 a.m.24 views

PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)

PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution via Cross-Site Request Forgery Cookie Exploit Title: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie Dork: N/A Date: 2019-01-28 Exploit Author: dd [email protected] Vendor Homepage:...

1.4AI score
Exploits0
Packet Storm
Packet Stormadded 2019/01/28 12:0 a.m.70 views

WordPress Snax 4.9.x SQL Injection

Exploit Title : WordPress Snax Plugins 4.9.x SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : snax.bringthepixel.com Software Information Link : codecanyon.net/item/snax-viral-frontend-uploader/16540363 Software Version ...

0.3AI score
Exploits0
exploitpack
exploitpackadded 2019/01/21 12:0 a.m.18 views

PHP Uber-style GeoTracking 1.1 - SQL Injection

PHP Uber-style GeoTracking 1.1 - SQL Injection Exploit Title: PHP Uber-style GeoTracking 1.1 - SQL Injection Dork: N/A Date: 2019-01-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-uberstyle-geotracking/20320021 Version: 1.1...

0.4AI score
Exploits0
exploitpack
exploitpackadded 2019/01/21 12:0 a.m.16 views

Reservic 1.0 - id SQL Injection

Reservic 1.0 - id SQL Injection Exploit Title: Reservic - Reserves Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-20 Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/reservic-reserves-management-system/11736786 Version: 1.0...

Exploits0
Rows per page
Query Builder