Lucene search
K

1376 matches found

Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.372 views

GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 3.216 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

9.8CVSS9.7AI score0.24725EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.307 views

A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc

!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/02/20 12:0 a.m.272 views

Tourism Management System 2.0 Shell Upload Vulnerability

Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/tourism-management-system-free-download/ Version: 2.0 Tested on: Windows 10 Pro Impact: Allows admin to upload all files to t...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/20 12:0 a.m.261 views

Savsoft Quiz 6.0 Enterprise Cross Site Scripting

Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting Date: 2024-01-03 Exploit Author: Eren Sen Vendor: SAVSOFT QUIZ Vendor Homepage: https://savsoftquiz.com Software Link: https://savsoftquiz.com/web/index.php/online-demo/ Version: 6.0 CVE-ID: N/A Tested on: Kali Linux /...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.281 views

User Registration And Login And User Management System 3.1 SQL Injection

Exploit Title: User Registration & Login and User Management System With admin panel 3.1 - SQL injection Application: User Registration & Login and User Management System Date: 17.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.290 views

PHPJabbers Car Park Booking System 3.0 Missing Rate Limiting

Exploit Title: PHPJabbers Car Park Booking System v3.0 - Missing Rate Limiting Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-park-booking/sectionDemo Version: v3.0 Tested on:...

7.4AI score0.00461EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.520 views

PHPJabbers Time Slots Booking Calendar 4.0 Missing Rate Limiting

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - No Rate Limit in Email Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested...

7.4AI score0.01051EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.371 views

PHPJabbers Time Slots Booking Calendar 4.0 HTML Injection

Exploit Title: PHPJabbers Time Slots Booking Calendar v4.0 - HTML Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/time-slots-booking-calendar/ Version: v4.0 Tested on:...

7.4AI score0.00465EPSS
Exploits2
0day.today
0day.today
added 2023/12/03 12:0 a.m.239 views

WBCE CMS 1.6.1 Shell Upload Vulnerability

Exploit Title: WBCE CMS Version : 1.6.1 Remote Command Execution Exploit Author: tmrswrr Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.1.zip Version: 1.6.1 Tested on: https://www.softaculous.com/apps/cms/WBCECMS POC: 1 Login with admin...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/11/28 12:0 a.m.366 views

PopojiCMS 2.0.1 Remote Command Execution Vulnerability

Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Date: 27/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/11/28 12:0 a.m.316 views

CSZ CMS 1.3.0 Remote Command Execution Exploit

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 17/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/09/04 12:0 a.m.181 views

NVClient v5.0 - Stack Buffer Overflow Exploit

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual: http://download.eyemaxdvr.com/DVST%20ST%20SERIES/CMS/Video%20Surveillance%20Management%20SoftwareV5.0.pdf...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.374 views

CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')

Exploit Title: CSZ CMS 1.3.0 - Stored Cross-Site Scripting Plugin 'Gallery' Date: 2023/08/18 CVE: CVE-2023-38911 Exploit Author: Daniel González Vendor Homepage: https://www.cszcms.com/ Software Link: https://github.com/cskaza/cszcms Version: 1.3.0 Tested on: CSZ CMS 1.3.0 Description: CSZ CMS...

5.4CVSS5.8AI score0.00468EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/08/01 12:0 a.m.308 views

Uvdesk 1.1.3 Shell Upload

Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...

7.1AI score0.01091EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/07/31 12:0 a.m.393 views

Keeper Security Desktop 16.10.2 / Browser Extension 16.5.4 Password Dumper

Exploit Title: Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping Google Dork: NA Date: 22-07-2023 Exploit Author: H4rk3nz0 Vendor Homepage: https://www.keepersecurity.com/enGB/ Software Link: https://www.keepersecurity.com/enGB/get-keeper.html Version: Desktop App...

5.5CVSS7.1AI score0.00839EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.305 views

CMS Made Simple 2.2.17 Server-Side Template Injection

Exploit Title: CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection SSTI Application: CmsMadeSimple Version: v2.2.17 Bugs: SSTI Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 13-07-2023...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/07/19 12:0 a.m.184 views

CmsMadeSimple v2.2.17 - Remote Code Execution Exploit

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.278 views

CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/17 12:0 a.m.247 views

News Portal 4.0 SQL Injection

Exploit Title: News Portal v4.0 - SQL Injection Unauthorized Date: 09/07/2023 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://phpgurukul.com/news-portal-project-in-php-and-mysql/c Software Link:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/11 12:0 a.m.224 views

Spring Cloud 3.2.2 - Remote Command Execution (RCE)

Exploit Title: Spring Cloud 3.2.2 - Remote Command Execution RCE Date: 07/07/2023 Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://spring.io/projects/spring-cloud-function/ Description: Exploit to execute commands exploiting CVE-2022-22963 Software Link:...

9.8CVSS7AI score0.99939EPSS
Exploits36
Rows per page
Query Builder