Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

6 matches found

0day.today
0day.todayā€¢added 2024/07/09 12:0 a.m.ā€¢184 views

Ivanti EPM RecordGoodApp SQL Injection / Remote Code Execution Exploit

Ivanti Endpoint Manager EPM 2022 SU5 and prior versions are susceptible to an unauthenticated SQL injection vulnerability which can be leveraged to achieve unauthenticated remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

8.8CVSS9.4AI score0.93975EPSS
Exploits5
Exploit DB
Exploit DBā€¢added 2024/04/02 12:0 a.m.ā€¢590 views

Elementor Website Builder < 3.12.2 - Admin+ SQLi

EXPLOIT Elementor Website Builder Replace URL page. On the Replace URL page, enter any random string as the "New URL" and the following malicious payload as the "Old URL": code : http://localhost:8080/?test',metakey='key4'where+metaid=SLEEP2; Press "Replace URL" on the Replace URL page. Burp...

7.2CVSS7AI score0.09142EPSS
Exploits7
Tenable Nessus
Tenable Nessusā€¢added 2024/02/06 12:0 a.m.ā€¢40 views

Amazon Linux AMI : cacti (ALAS-2024-1915)

The version of cacti installed on the remote host is prior to 1.1.19-6.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1915 advisory. Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerabili...

8.8CVSS7.9AI score0.32076EPSS
Exploits1References4
wpexploit
wpexploitā€¢added 2022/11/07 12:0 a.m.ā€¢136 views

HTML Forms < 1.3.25 - Admin+ SQLi

The plugin does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users Access the submission page on https://example.com/wp-admin/admin.php?page=html-forms&view=edit&formid=formID&tab=submissions Capture the...

7.2CVSS0.4AI score0.40298EPSS
Exploits2
0day.today
0day.todayā€¢added 2022/09/08 12:0 a.m.ā€¢263 views

SACCO 2022 SQL injection Vulnerability

Title: SACCO-2022 SQLi Author: nu11secur1ty Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/SACCO/docs/saccoshield.zip?raw=true Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayurik/2022/SAC...

7.1AI score
Exploits0
0day.today
0day.todayā€¢added 2021/09/02 12:0 a.m.ā€¢163 views

OpenSIS Community 8.0 - (cp_id_miss_attn) SQL Injection Vulnerability

Exploit Title: OpenSIS Community 8.0 - 'cpidmissattn' SQL Injection Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux A SQL injection vulnerability exists in the Take Attendance functionality of...

0.4AI score
Exploits0
Rows per page
Query Builder