CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can access a php script called...

7.4AI score

Exploits0

GithubExploit•added 2024/10/05 12:5 p.m.•120 views

Exploit for Code Injection in Getgrav Grav

EN GenGravSSTIExploit is a PoC Python script that exploits...

8.8CVSS7.8AI score0.62168EPSS

Exploits4

GithubExploit•added 2024/08/27 3:43 a.m.•246 views

Exploit for Improper Validation of Specified Type of Input in Servicenow

Jelly Template Injection Vulnerability in ServiceNow | POC CVE...

9.8CVSS7.6AI score0.94349EPSS

Exploits8

GithubExploit•added 2024/08/14 4:41 p.m.•404 views

Exploit for CVE-2024-4956

CVE-2024-4956 All information is provided for informational...

7.5CVSS6.7AI score0.94028EPSS

Exploits16

GithubExploit•added 2024/05/25 3:49 a.m.•290 views

Exploit for Unrestricted Upload of File with Dangerous Type in Hashthemes Hash_Form

Wordpress Hash Form – Drag & Drop Form Builder = 1.1.0 - Unau...

9.8CVSS10AI score0.9323EPSS

Exploits19

0day.today•added 2024/04/15 12:0 a.m.•318 views

BMC Compuware iStrobe Web - 20.13 - Pre-auth Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...

7.2AI score

Exploits0

Packet Storm•added 2024/03/28 12:0 a.m.•462 views

Asterisk AMI 18.20.0 File Content / Path Disclosure

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.4AI score0.17085EPSS

Exploits3

GithubExploit•added 2024/03/20 9:49 a.m.•356 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397-PoW Proof of Work of CVE-2023-23397 for vulnera...

9.8CVSS10AI score0.93375EPSS

Exploits18

Exploit DB•added 2024/03/12 12:0 a.m.•250 views

OSGi v3.7.2 (and below) Console - RCE

!/usr/bin/python Exploit Title: OSGi v3.7.2 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...

7.4AI score

Exploits0

GithubExploit•added 2024/03/09 10:24 p.m.•304 views

Exploit for CVE-2024-27697

FuguHub 8.4 Authenticated RCE Fuguhub is a Cloud Media Serve...

8.8CVSS8.7AI score0.6714EPSS

Exploits9

Packet Storm•added 2024/01/29 12:0 a.m.•434 views

Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read

python poc.py usage: python poc.py http://127.0.0.1:8888/ /etc/passwd import threading import http.client import time import uuid import urllib.parse import sys if lensys.argv != 3: print' usage: python poc.py http://127.0.0.1:8888/ /etc/passwd' exit databytes =...

6.6AI score0.94466EPSS

Exploits45

GithubExploit•added 2023/11/04 11:58 a.m.•743 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 This repository contains an exploit script and...

10CVSS9.4AI score0.94436EPSS

Exploits30

Gitee•added 2023/09/08 9:54 a.m.•7 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone_Os

CVE-2018-4407 is a heap buffer overflow vulnerability in the XNU operating system kernel, affecting both iOS and macOS. The vulnerability can lead to a denial-of-service DOS attack. The exploit is a simple and fast BOF Buffer Overflow attack that can be launched using the provided Python script...

8.8CVSS7.3AI score0.90832EPSS

Exploits11

Packet Storm•added 2023/05/05 12:0 a.m.•287 views

Online Pizza Ordering System 1.0 Shell Upload

Exploit Title: Online Pizza Ordering System 1.0 - Unauthenticated File Upload Date: 03/05/2023 Exploit Author: URGAN Vendor Homepage: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Link:...

9.8CVSS7.1AI score0.05897EPSS

Exploits4

Packet Storm•added 2023/04/10 12:0 a.m.•283 views

pfsenseCE 2.6.0 Protection Bypass

!/usr/bin/python3 Exploit Title: pfsenseCE v2.6.0 - Anti-brute force protection bypass Google Dork: intitle:"pfSense - Login" Date: 2023-04-07 Exploit Author: FabDotNET Fabien MAISONNETTE Vendor Homepage: https://www.pfsense.org/ Software Link:...

9.8CVSS9.4AI score0.03048EPSS

Exploits5

GithubExploit•added 2023/04/06 3:40 a.m.•418 views

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer

This exploit is a Python script designed to exploit the CVE-2023...

7.2CVSS7.8AI score0.94378EPSS

Exploits12

GithubExploit•added 2023/02/06 4:18 a.m.•465 views

Exploit for Missing Authentication for Critical Function in Oracle E-Business_Suite

CVE-2022-21587-POC- CVE-2022-21587 POC file exploit.py w...

9.8CVSS9.7AI score0.94397EPSS

Exploits7