CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

268 matches found

0day.today•added 2020/08/11 12:0 a.m.•222 views

House Rental 1.0 SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: House Rental v1.0 - PDO Bypass SQL Injection - Unauthenticated Code Execution - Change Admin Password Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Vendor Homepage: https://projectworlds.in Software Link:...

Exploits0

Packet Storm•added 2020/08/04 12:0 a.m.•133 views

Car Rental Management System 1.0 Remote Code Execution

Exploit Title: Car Rental Management System v1.0 - Unauthenticated RCE Exploit Author: Adeeb Shah @hyd3sec Shout out: Bobby Cooke boku Date: August 3, 2020 Vendor Homepage: https://projectworlds.in Software Link:...

Exploits0

Packet Storm•added 2020/08/03 12:0 a.m.•149 views

Stock Management System 1.0 Cross Site Scripting

Exploit Title: Stock Management System v1.0 - Cross-Site Scripting Credential Harvester Login-Portal Exploit Author: Bobby Cooke Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

7.4AI score

Exploits0

Amazon•added 2020/07/29 12:0 a.m.•87 views

Medium: python27, python34, python35, python36

Issue Overview: Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic...

7.1CVSS7.5AI score0.02954EPSS

Exploits1

Amazon•added 2020/07/29 12:0 a.m.•102 views

Medium: python26

7.1CVSS8AI score0.02954EPSS

Exploits1

Tenable Nessus•added 2020/06/04 12:0 a.m.•41 views

Amazon Linux AMI : python27 (ALAS-2020-1375)

The version of python27 installed on the remote host is prior to 2.7.18-1.137. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1375 advisory. http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly valida...

6.1CVSS7.1AI score0.0991EPSS

Exploits2References5

Exploit DB•added 2020/05/22 12:0 a.m.•1452 views

Gym Management System 1.0 - Unauthenticated Remote Code Execution

Exploit Title: Gym Management System 1.0 - Unauthenticated Remote Code Execution Exploit Author: Bobby Cooke Date: 2020-05-21 Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/gym-management-system-project-in-php/ Version: 1.0 Tested On:...

7.4AI score

Exploits0

Oracle linux•added 2020/05/05 12:0 a.m.•55 views

python27:2.7 security, bug fix, and enhancement update

...

9.8CVSS7.3AI score0.01665EPSS

Exploits4

RedHat Linux•added 2020/04/28 4:6 p.m.•84 views

Moderate: Red Hat Security Advisory: python27:2.7 security, bug fix, and enhancement update

An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.6AI score0.02456EPSS

Exploits5References10

OSV•added 2020/04/28 8:55 a.m.•25 views

RLSA-2020:1605 Moderate: python27:2.7 security, bug fix, and enhancement update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

7.5CVSS7.3AI score0.02456EPSS

Exploits5References9

Rockylinux•added 2020/04/28 8:55 a.m.•25 views

python27:2.7 security, bug fix, and enhancement update

An update is available for python-pymongo, python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-docs, python-requests, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet,...

9.8CVSS7.6AI score0.02456EPSS

Exploits5

GithubExploit•added 2020/04/22 9:10 a.m.•171 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Working Exploit PoC CVE-202...

10CVSS9.1AI score0.94424EPSS

Exploits124

Kitploit•added 2020/03/22 12:0 p.m.•75 views

Astra - Automated Security Testing For REST API's

REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically...

8.2AI score

Exploits0References1

UbuntuCve•added 2020/01/30 7:15 p.m.•32 views

CVE-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...

7.1CVSS6.8AI score0.02954EPSS

Exploits1References9

Kitploit•added 2020/01/28 8:26 p.m.•16 views

PythonAESObfuscate - Obfuscates A Python Script And The Accompanying Shellcode

Pythonic way to load shellcode. Builds an EXE for you too! Usage Place a payload.bin raw shellcode file in the same directory. Default Architecture is x86 run python obfuscate.py Default output is out.py Requirements Windows Python 2.7 Pyinstaller PyCrypto PyCryptodome didn't seem to work Downloa...

7.2AI score

Exploits0References1

exploitpack•added 2020/01/23 12:0 a.m.•44 views

qdPM 9.1 - Remote Code Execution

qdPM 9.1 - Remote Code Execution Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-managemen...

6.5CVSS9AI score0.90442EPSS

Exploits16

Exploit DB•added 2020/01/23 12:0 a.m.•239 views

qdPM 9.1 - Remote Code Execution

Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...

8.8CVSS8.7AI score0.90442EPSS

Exploits16

Packet Storm•added 2020/01/23 12:0 a.m.•329 views

qdPM 9.1 Remote Code Execution

8.7AI score0.90442EPSS

Exploits16

Packet Storm•added 2019/12/26 12:0 a.m.•70 views

Domain Quester Pro 6.02 Stack Overflow

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...

1AI score

Exploits0

exploitpack•added 2019/12/13 12:0 a.m.•28 views

FTP Commander Pro 8.03 - Local Stack Overflow

FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...

0.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by