CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1195 matches found

Gitee•added 2021/10/09 2:52 p.m.•5 views

Exploit for Path Traversal in Microsoft

This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The repository contains a Python script exploit.py that generates a malicious docx document, a Windows DLL calc.dll that pops a calc.exe when executed, and a server script...

8.8CVSS8.4AI score0.94332EPSS

Exploits38

GithubExploit•added 2021/10/09 11:33 a.m.•470 views

Exploit for Path Traversal in Apache Http_Server

cve-2021-41773 and cve-2021-42013 Batch verification of Pyth...

9.8CVSS7.3AI score0.9441EPSS

Exploits169

GithubExploit•added 2021/10/09 4:52 a.m.•4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

Usage Make sure Python and ncat are installed...

10CVSS9.5AI score0.94424EPSS

Exploits124

GithubExploit•added 2021/10/07 3:13 p.m.•541 views

Exploit for Path Traversal in Apache Http_Server

masscve-2021-41773 MASS CVE-2021-41773 Screenshot...

7.5CVSS8.4AI score0.94391EPSS

Exploits145

GithubExploit•added 2021/10/06 9:37 p.m.•262 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Path Traversal for Apache 2.4.49 Affected b...

7.5CVSS9.4AI score0.94391EPSS

Exploits145

Exploit DB•added 2021/09/30 12:0 a.m.•242 views

Cmsimple 5.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Cmsimple 5.4 - Remote Code Execution RCE Authenticated Date: 29.09.2021 Exploit Author: pussycat0x Vendor Homepage: https://www.cmsimple.org/ Version: 5.4 Tested on: ubuntu-20.04.1 import argparse from bs4 import BeautifulSoup from argparse import ArgumentParser import requests...

7.4AI score

Exploits0

Packet Storm•added 2021/09/30 12:0 a.m.•315 views

Cmsimple 5.4 Remote Code Execution

7.4AI score

Exploits0

Packet Storm•added 2021/09/27 12:0 a.m.•200 views

Simple Attendance System 1.0 Authentication Bypass

Exploit Title: Simple Attendance System v1.0 - Unauthenticated Add Admin Account Exploit Author: Richard Jones Date: September 26, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

0.6AI score

Exploits0

GithubExploit•added 2021/09/25 7:19 a.m.•114 views

Exploit for Path Traversal in Vmware Cloud_Foundation

CVE-2021-22005 – Batch validation of Python...

9.8CVSS7.3AI score0.94445EPSS

Exploits11

0day.today•added 2021/09/15 12:0 a.m.•193 views

AlphaWeb XE - File Upload Remote Code Execution (Authenticated) Exploit

Exploit Title: AlphaWeb XE - File Upload Remote Code Execution RCE Authenticated Exploit Author: Ricardo Ruiz @ricardojoserf Vendor website: https://www.zenitel.com/ Product website: https://wiki.zenitel.com/wiki/AlphaWeb Example: python3 CVE-2021-40845.py -u "http://$ip:80/" -c "whoami" Referenc...

8.8CVSS8.8AI score0.26958EPSS

Exploits7

Packet Storm•added 2021/09/14 12:0 a.m.•249 views

Purchase Order Management System 1.0 Shell Upload

Exploit Title: Purchase Order Management System 1.0 - Remote File Upload Date: 2021-09-14 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html...

7.4AI score

Exploits0

Packet Storm•added 2021/09/07 12:0 a.m.•179 views

SmartFTP Client 10.0.2909.0 Denial Of Service

Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service Date: 9/5/2021 Exploit Author: Eric Salario Vendor Homepage: https://www.smartftp.com/en-us/ Software Link: https://www.smartftp.com/en-us/download Version: 10.0.2909.0 32 and 64 bit Tested on: Microsoft Windows 10 32 bit a...

Exploits0

GithubExploit•added 2021/09/05 9:27 a.m.•184 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084 An OGNL injection vulnerability exists that...

9.8CVSS9.1AI score0.9444EPSS

Exploits45

Gitee•added 2021/08/31 3:36 p.m.•5 views

exprolog

This is a Python script that exploits a vulnerability in Microsoft Exchange Server. The script is designed to target a specific version of the server and exploit a vulnerability to gain access to the system. Here is a summary of the script's functionality: 1. The script starts by importing the...

7AI score

Exploits0

GithubExploit•added 2021/08/06 9:19 a.m.•166 views

Exploit for SQL Injection in Agentejo Cockpit

Cockpit CMS NoSQL Injection CVE-2020-35847, CVE-2020-35848...

9.8CVSS9.7AI score0.93971EPSS

Exploits13

GithubExploit•added 2021/07/26 8:1 a.m.•54 views

Exploit for CVE-2021-36934

CVE-2021-36934 !Screenshothttps://github...

7.8CVSS9.2AI score0.90423EPSS

Exploits11

Gitee•added 2021/07/25 4:14 p.m.•24 views

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472 ZeroLogon vulnerability. The target product/service is Windows Domain Controller DC. The vulnerability class/vector is authentication bypass via all-zero challenge. The probable entry point is the Netlogon service, which is accessed via the Impacket library. Notable...

10CVSS7.8AI score0.9438EPSS

Exploits75

GithubExploit•added 2021/07/25 5:5 a.m.•106 views

Exploit for SQL Injection in Agentejo Cockpit

CVE-2020-35846 - Leak Cockpit Usernames PoC John Hammond...

9.8CVSS9.2AI score0.93926EPSS

Exploits10

GithubExploit•added 2021/07/19 6:50 a.m.•127 views

Exploit for SQL Injection in Apache Skywalking

CVE-2020-9483 PoC of SQL Injection vulCVE-2020-9483,Apache...

7.5CVSS8.5AI score0.94091EPSS

Exploits1