Lucene search
K

18 matches found

0day.today
0day.today
added 2021/07/28 12:0 a.m.137 views

Event Registration System with QR Code 1.0 - Authentication Bypass / Remote Code Execution Exploit

Exploit Title: Event Registration System with QR Code 1.0 - Authentication Bypass & RCE Exploit Author: Javier Olmedo Vendor: Sourcecodester Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/event0.zip Affected Version: 1.0 Category: WebApps Platform: PHP Tested...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.236 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...

5.4CVSS5.6AI score0.03566EPSS
Exploits5
exploitpack
exploitpack
added 2020/03/02 12:0 a.m.64 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched...

4.3CVSS5.3AI score0.03566EPSS
Exploits5
exploitpack
exploitpack
added 2020/01/29 12:0 a.m.82 views

XMLBlueprint 16.191112 - XML External Entity Injection

XMLBlueprint 16.191112 - XML External Entity Injection Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-14 Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version:...

5.5CVSS0.2AI score0.04512EPSS
Exploits5
0day.today
0day.today
added 2020/01/29 12:0 a.m.130 views

XMLBlueprint 16.191112 - XML External Entity Injection Vulnerability

Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version: 16.191112 and before Patched Version: unpatched Category: Local Platform: XML...

8.1CVSS0.7AI score0.04512EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/29 12:0 a.m.153 views

XMLBlueprint 16.191112 - XML External Entity Injection

Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-14 Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version: 16.191112 and before Patched Version: unpatched Category:...

8.1CVSS8.2AI score0.04512EPSS
Exploits5
exploitpack
exploitpack
added 2020/01/20 12:0 a.m.24 views

Easy XML Editor 1.7.8 - XML External Entity Injection

Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched...

5.5CVSS0.05163EPSS
Exploits5
0day.today
0day.today
added 2020/01/20 12:0 a.m.167 views

Easy XML Editor 1.7.8 - XML External Entity Injection Vulnerability

Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Tested on: Windows 10...

8.1CVSS0.05163EPSS
Exploits5
0day.today
0day.today
added 2018/12/03 12:0 a.m.20 views

PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Exploit Author: Javier Olmedo Website: https://www.sidertia.com Google Dork: N/A Vendor: https://www.phpservermonitor.org/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/11/26 12:0 a.m.35 views

Ticketly 1.0 - kind_id SQL Injection

Ticketly 1.0 - kindid SQL Injection Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

7.5CVSS0.4AI score0.03213EPSS
Exploits8
0day.today
0day.today
added 2018/11/26 12:0 a.m.32 views

Ticketly 1.0 - kind_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

0.03213EPSS
Exploits8
0day.today
0day.today
added 2018/11/21 12:0 a.m.25 views

Ticketly 1.0 - name SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql...

7.1AI score0.03213EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/11/21 12:0 a.m.34 views

Ticketly 1.0 - 'name' SQL Injection

Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql Affected Version: 1...

9.8CVSS9.8AI score0.03213EPSS
Exploits8
exploitpack
exploitpack
added 2018/11/20 12:0 a.m.74 views

Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)

Ticketly 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: Ticketly 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

5CVSS0.3AI score0.02426EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/11/20 12:0 a.m.263 views

Ticketly 1.0 Cross Site Request Forgery

Exploit Title: Ticketly 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql...

0.5AI score0.02426EPSS
Exploits5
Patchstack
Patchstack
added 2018/09/01 12:0 a.m.21 views

WordPress Export Users to CSV plugin <= 1.1.1 - CSV Injection vulnerability

CSV Injection vulnerability found by Javier Olmedo in WordPress Export Users to CSV plugin versions = 1.1.1. Solution 2018.09.01 - we were unable to find a patched version of this plugin...

8.6CVSS3.2AI score0.01498EPSS
Exploits1References1Affected Software1
0day.today
0day.today
added 2018/08/28 12:0 a.m.82 views

Sentrifugo HRMS 3.2 - deptid SQL Injection Vulnerability

Exploit for windows platform in category web applications Exploit Title: Sentrifugo HRMS 3.2 - 'deptid' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly...

0.1AI score0.01135EPSS
Exploits5
Patchstack
Patchstack
added 2018/07/18 12:0 a.m.19 views

WordPress All In One Favicon plugin <= 4.6 - Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities

Multiple Stored Authenticated Cross-Site Scripting XSS vulnerabilities found by Javier Olmedo in WordPress All In One Favicon plugin versions = 4.6. Solution This plugin was closed on July 13, 2018 and is no longer available for download. Deactivate and delete asap...

4.8CVSS2.7AI score0.02003EPSS
Exploits6References1Affected Software1
Rows per page
Query Builder