CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5327 matches found

RedHat Linux•added 2021/08/05 3:5 p.m.•3 views

rubygem-rdoc: Command injection vulnerability in RDoc

An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...

7CVSS7.5AI score0.00351EPSS

Exploits0References5

OSV•added 2021/08/03 2:44 a.m.•10 views

GSD-2021-1001449 watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()

watchdog: sc520wdt: Fix possible use-after-free in wdtturnoff This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.276 by commit...

7.2AI score

Exploits0

wpexploit•added 2021/07/27 12:0 a.m.•130 views

uListing < 2.0.6 - Authenticated IDOR

An Authenticated User IDOR vulnerability was discovered in the plugin. Important: userid and listingid values are dependent on each other, that is, if the author ID == 4, the data can only be modified for those ADs and pages that relate to this particular ID. You can find out the author of the...

6.5CVSS0.4AI score0.01005EPSS

Exploits1

Ivan 'd0znpp' Novikov•added 2021/07/25 4:17 p.m.•190 views

White Box Testing What Is, Types, Techniques, Example

White Box Testing is programming trying, or rather inner center and foundation. Get familiar with about this strategy in this article. What is White Box Testing? White Box Testing can be depicted as a program-testing methodology in which a product’s interior construction, plan and coding are trie...

7AI score

Exploits0

NVD•added 2021/07/14 12:15 p.m.•11 views

CVE-2021-33667

Under certain conditions, SAP Business Objects Web Intelligence BI Launchpad versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted...

4.3CVSS0.00156EPSS

Exploits0References2

0day.today•added 2021/07/08 12:0 a.m.•72 views

Exam Hall Management System 1.0 - Unrestricted File Upload + Remote Command Execution Exploit

Exploit Title: Exam Hall Management System 1.0 - Unrestricted File Upload + RCE Unauthenticated Exploit Author: Davide 'yth1n' Bianchin Contacts: davide dot bianchin at dedagroup dot it Vendor Homepage: https://www.sourcecodester.com Software Link:...

0.3AI score

Exploits0

Kitploit•added 2021/07/07 12:30 p.m.•514 views

GitDump - A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled

GitDump dumps the source code from .git when thedirectory traversal is disabled Requirements Python3 Tested on Windows Kali Linux What it does Dump source code from website/.git directory when directory traversal is disabled. How it works Fetch all common files .git/index, .git/HEAD, .git/ORIGHEA...

7.6AI score

Exploits0References2

0day.today•added 2021/07/06 12:0 a.m.•100 views

Billing System Project 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import requests import...

0.5AI score

Exploits0

Exploit DB•added 2021/07/06 12:0 a.m.•408 views

Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated)

Exploit Title: Exam Hall Management System 1.0 - Unrestricted File Upload Unauthenticated Date: 06/07/2021 Exploit Author: Thamer Almohammadi @Thamerz88 Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score

Exploits0

Packet Storm•added 2021/07/06 12:0 a.m.•316 views

Exam Hall Management System 1.0 Shell Upload

7.4AI score

Exploits0

Exploit DB•added 2021/07/06 12:0 a.m.•372 views

Phone Shop Sales Managements System 1.0 - Arbitrary File Upload

Exploit Title: Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution Date: 2021-07-06 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score

Exploits0

Packet Storm•added 2021/07/06 12:0 a.m.•314 views

Billing System Project 1.0 Shell Upload

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Date: 06.07.2021 Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import...

Exploits0

Exploit DB•added 2021/07/06 12:0 a.m.•368 views

Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)

7.4AI score

Exploits0

ThreatPost•added 2021/07/01 2:11 p.m.•42 views

Babuk Ransomware Builder Mysteriously Appears in VirusTotal

The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened. According to a Wednesday posting from Malwarebytes, the operators of the ransomware – perhaps best-known for hitting t...

7.2AI score

Exploits0References10

Securelist•added 2021/07/01 12:0 p.m.•41 views

Do cybercriminals play cyber games in quarantine? A look one year later

Last year, we decided to take a look at how the pandemic influenced the gaming industry and what new threats gamers could be facing. What we found was that, with the transition to remote work and remote learning, the number of blocked attempts to visit malicious game-related websites or follow...

8AI score

Exploits0

GithubExploit•added 2021/07/01 9:0 a.m.•128 views

Exploit for CVE-2021-1675

CVE-2021-1675-LPE-EXP Simple LPE Exploit of CVE-2021-1675...

9.3CVSS8.9AI score0.94314EPSS

Exploits75

Packet Storm•added 2021/07/01 12:0 a.m.•296 views

Online Voting System 1.0 Remote Code Execution

Exploit Title: Online Voting System 1.0 - Remote Code Execution Authenticated Exploit Author: deathflash1411 Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on: Ubuntu 20.04 Proof of...

0.2AI score

Exploits0

0day.today•added 2021/06/28 12:0 a.m.•45 views

Personnel Record Management System 1.0 Authentication Bypass / XSS Vulnerabilities

Personnel Record Management System version 1.0 unauthenticated administrator addition exploit that also adds a stored cross site scripting payload. Exploit Title: Personnel Record Management System | Unauthenticated Add Admin Account plus Stored XSS Exploit Author: Richard Jones Vendor Homepage:...

Exploits0

Packet Storm•added 2021/06/23 12:0 a.m.•199 views

Online Library Management System 1.0 Shell Upload

Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution Unauthenticated Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2021/06/22 12:0 a.m.•485 views

Responsive Tourism Website 3.1 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Responsive Tourism Website 3.1 - Remote Code Execution RCE Unauthenticated Date: 22.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14838/simple-responsive-tourism-website-using-php-free-source-code.html Version: V 3.1 Tested on: MacOS &...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by