Lucene search
+L

403 matches found

GithubExploit
GithubExploit
added 2025/03/15 4:20 a.m.627 views

Exploit for CVE-2024-51788

💀 CVE-2024-51788 - WordPress The Novel Design Store Directory...

10CVSS8.3AI score0.01457EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/03/14 12:0 a.m.218 views

Application Accounts Manager 1.0 Cross Site Scripting

Application Accounts Manager version 1.0 suffers from a persistent cross site scripting vulnerability. Exploit Title: Stored XSS on application-accounts-manager 1.0 Date: 03.14.2025 Exploit Author: Ümit AYAZ Vendor Homepage: www.sourcecodester.com Software Link:...

6.6AI score
Exploits0
GithubExploit
GithubExploit
added 2025/03/08 11:25 p.m.3869 views

Exploit for CVE-2024-27398

CVE-2024-27398 CVE-2024-27398 POC Dmesg Output !PoC Screen...

7.2AI score0.00757EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/03/06 12:0 a.m.314 views

OpenAdmin 0.3.4 Cross Site Request Forgery

Cross site request forgery in the Users and Change Root Password functions in OpenAdmin version 0.3.4 allows remote attackers to perform attacks enabling unauthorized actions that could lead to privilege escalation. Exploit Title: OpenAdmin 0.3.4 - Multiple CSRF Vulnerabilities Date: Nov 8, 2024...

7.4AI score0.00164EPSS
Exploits2
0day.today
0day.today
added 2025/03/06 12:0 a.m.338 views

OpenPanel 0.3.4 Remote Code Execution Vulnerability

Exploit Title: OpenPanel 0.3.4 - Remote Code Execution via Fix Permission Exploit Author: Punthat Siriwan, Korn Chaisuwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2025-25872 POST /fix-permissio...

5.5CVSS7.2AI score0.00253EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/05 12:0 a.m.315 views

OpenPanel 0.3.4 Remote Code Execution

OpenPanel version 0.3.4 suffers from a remote code execution vulnerability via /fix-permissions. Exploit Title: OpenPanel 0.3.4 - Remote Code Execution via Fix Permission Date: Nov 7, 2024 Exploit Author: Punthat Siriwan, Korn Chaisuwan, Pongtorn Angsuchotmetee Vendor Homepage:...

8.3AI score0.00253EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/05 12:0 a.m.212 views

Teachers Record Management System 2.1 Cross Site Scripting

Teachers Record Management System version 2.1 suffers from a cross site scripting vulnerability. Exploit Title: Teachers Record Management System v2.1 | Unauthenticated Cross-Site Scripting XSS Date: 2025-03-04 Exploit Author: Mehmet Can Kadıoğlu a.k.a mao7un Vendor:...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2025/03/04 12:0 a.m.183 views

Teachers Record Management System 2.1 SQL Injection

Teachers Record Management System version 2.1 suffers from a remote SQL injection vulnerability. Exploit Title: Teachers Record Management System v2.1 | Authenticated Time-Based SQLi Date: 2025-03-04 Exploit Author: Mehmet Can Kadıoğlu a.k.a mao7un Vendor:...

8.5AI score
Exploits0
GithubExploit
GithubExploit
added 2025/02/13 6:39 a.m.684 views

Exploit for Missing Authentication for Critical Function in Paloaltonetworks Pan-Os

Disclaimer: The vulnerabilities described in this article, alo...

9.1CVSS7.4AI score0.98417EPSS
Exploits8
0day.today
0day.today
added 2025/02/09 12:0 a.m.179 views

dhtmlxFileExplorer 8.4.6 Local File Inclusion / Traversal Vulnerabilities

Exploit Title: dhtmlxFileExplorer 8.4.6 - Local File Inclusion in the Download Function of File Explorer Exploit Author: Nutchaya Augkanavitayakul, Nattachai Wanmak, Pongtorn Angsuchotmetee Vendor Homepage: https://dhtmlx.com Software Link: https://dhtmlx.com Version: 8.4.6 Tested on: macOS CVE :...

6.5CVSS6.8AI score0.00538EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/02/06 12:0 a.m.396 views

Gleamtech FileVista 9.2.0.0 Missing Authorization

A vulnerability exists in Gleamtech FileVista version 9.2.0.0 that allows unauthorized access to image files, even after the HTTP cookie associated with the session is deleted. The issue arises due to insufficient validation of session or authentication tokens on the server side. Exploit Title:...

7.4AI score0.00481EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/02/06 12:0 a.m.355 views

dhtmlxFileExplorer 8.4.6 Directory Traversal

dhtmlxFileExplorer version 8.4.6 is susceptible to a path traversal attack, enabling unauthorized access to system files. Exploit Title: dhtmlxFileExplorer 8.4.6 - Access Sensitive Floder via Directory Traversal in DHX File Exlploer Date: Feb 6, 2025 Exploit Author: Nutchaya Augkanavitayakul,...

7.3AI score0.00739EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/01/29 12:0 a.m.419 views

OpenPanel 0.3.4 Command Injection

OpenPanel version 0.3.4 suffers from a remote command injection vulnerability via the timezone parameter. Exploit Title: OpenPanel 0.3.4 - OS Command Injection via The Timezone Parameter Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage:...

7.7AI score0.04108EPSS
Exploits4
GithubExploit
GithubExploit
added 2025/01/22 2:40 p.m.606 views

Exploit for Protection Mechanism Failure in 7-Zip

7-Zip Mark-of-the-Web Bypass Vulnerability CVE-2025-0411 - P...

7CVSS8.3AI score0.67071EPSS
Exploits8
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.8 views

PT-2025-3240 · Unknown · Poll Maker

Name of the Vulnerable Software and Affected Versions: Poll Maker affected versions not specified Description: The issue is related to improper encoding or escaping of output in Poll Maker Team Poll Maker. This can potentially lead to security issues, but specific details about exploitation, such...

5.3CVSS9.4AI score0.00273EPSS
Exploits0References5
PyPA
PyPA
added 2024/09/17 7:15 p.m.7 views

PYSEC-2024-93

A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...

7.5CVSS7.4AI score0.01006EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.7 views

PT-2024-23598 · Unknown · Ros Kinetic Kame

Name of the Vulnerable Software and Affected Versions: ROS Kinetic Kame affected versions not specified Description: The issue is related to an unauthorized node injection vulnerability. The estimated number of potentially affected devices and details about real-world incidents are not provided...

7.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.4 views

PT-2023-33066 · Birdcage · Birdcage

Name of the Vulnerable Software and Affected Versions: birdcage affected versions not specified Description: The issue allows environment variables to be read from procfs unless a new process is started. This can be demonstrated through a proof of concept that shows how a secret environment...

4CVSS6.7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/20 12:0 a.m.5 views

PT-2023-26227 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System

Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A critical issue has been discovered, affecting the /App Resource/UEditor/server/upload.aspx file, where the manipulation of the file argument leads to...

9.8CVSS5.8AI score0.00775EPSS
Exploits1References4
0day.today
0day.today
added 2023/05/23 12:0 a.m.248 views

WordPress Backup Migration 1.2.8 Plugin - Unauthenticated Database Backup Vulnerability

Exploit Title: WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup Google Dork: intitle:"Index of /wp-content/plugins/backup-backup" AND inurl:"plugins/backup-backup/" Exploit Author: Wadeek Vendor Homepage: https://backupbliss.com/ Software Link:...

7.1AI score
Exploits0
Rows per page
Query Builder