Lucene search
K

9 matches found

0day.today
0day.today
added 2021/09/20 12:0 a.m.480 views

WordPress 5.7 - (Media Library) XML External Entity Injection Authenticated Vulnerability

Exploit Title: WordPress 5.7 - 'Media Library' XML External Entity Injection XXE Authenticated Exploit Author: David Utón M3n0sD0n4ld Vendor Homepage: https://wordpress.com Affected Version: WordPress 5.6-5.7 & PHP8 Tested on: Linux Ubuntu 18.04.5 LTS CVE : CVE-2021-29447 !/bin/bash Author:...

7.1CVSS0.7AI score0.85719EPSS
Exploits20
0day.today
0day.today
added 2021/08/30 12:0 a.m.170 views

Strapi 3.0.0-beta.17.7 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Strapi 3.0.0-beta.17.7 - Remote Code Execution RCE Authenticated Date: 29/08/2021 Exploit Author: David Utón M3n0sD0n4ld Vendor Homepage: https://strapi.io/ Affected Version: strapi-3.0.0-beta.17.7 and earlier Tested on: Linux Ubuntu 18.04.5 LTS CVE : CVE-2019-19609 !/usr/bin/pytho...

9CVSS0.4AI score0.54081EPSS
Exploits11
Packet Storm
Packet Storm
added 2021/08/30 12:0 a.m.275 views

Strapi 3.0.0-beta.17.7 Remote Code Execution

Exploit Title: Strapi 3.0.0-beta.17.7 - Remote Code Execution RCE Authenticated Date: 29/08/2021 Exploit Author: David Utón M3n0sD0n4ld Vendor Homepage: https://strapi.io/ Affected Version: strapi-3.0.0-beta.17.7 and earlier Tested on: Linux Ubuntu 18.04.5 LTS CVE : CVE-2019-19609 !/usr/bin/pytho...

9CVSS0.1AI score0.54081EPSS
Exploits11
Hacker One
Hacker One
added 2021/01/12 1:44 p.m.24 views

Brave Software: Brave Browser Tor Window leaks user's real IP to the external DNS server

Summary: When a user navigates to a URL in Tor Window, the DNS requests are sent directly without using the Tor proxy, which leaks the user's real IP address and the requested domain name to the user's ISP and the DNS server. Products affected: OS: Ubuntu 18.04.5 LTS x8664 Brave: Version 1.18.78...

4.3CVSS6.3AI score0.0123EPSS
Exploits0
Exploit DB
Exploit DB
added 2020/10/12 12:0 a.m.492 views

Online Students Management System 1.0 - 'username' SQL Injections

Title: Online Students Management System 1.0 - 'username' SQL Injections Exploit Author: George Tsimpidas Date: 2020-10-09 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/studentrecord0.zip Version : 1.0 Tested on: Ubuntu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/12 12:0 a.m.484 views

Liman 0.7 - Cross-Site Request Forgery (Change Password)

Exploit Title: Liman 0.7 - Cross-Site Request Forgery Change Password Date: 2020-10-07 Exploit Author: George Tsimpidas Software Link : https://github.com/salihciftci/liman/releases/tag/v0.7 Version: 0.7 Tested on: Ubuntu 18.04.5 LTS Bionic Beaver Category: Webapp Description: There is no CSRF...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/10 12:0 a.m.300 views

Online Student's Management System SQL Injection

Title: Online Student's Management System - Unauthenticated Multiple SQL Injections Exploit Author: George Tsimpidas Date: 2020-10-09 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/studentrecord0.zip Tested on: Ubuntu...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/08 12:0 a.m.549 views

Seat Reservation System 1.0 Cross Site Scripting

Exploit Title: Seat Reservation System 1.0 Persistent Cross-Site Scripting Date: 10-08-2020 Exploit Author: George Tsimpidas Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/seat-reservation-system-using-php0.zip Version:...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2020/08/27 3:14 a.m.121 views

Nextcloud: Stored XSS in collabora via user name

Affected: collabora and nextcloud Ubuntu 18.04.5 LTS Nextcloud 19.0.1 snap version collabora CODE The name of the user is displayed when him joins to edit the document allowing the attacker trigger xss. Impact Set the name of the attacker account to Create a new document → share the document with...

2.6AI score
Exploits0
Rows per page
Query Builder