Lucene search
K

21 matches found

Exploit DB
Exploit DB
added 2023/06/20 12:0 a.m.1252 views

SPIP v4.2.0 - Remote Code Execution (Unauthenticated)

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: SPIP v4.2.1 - Remote Code Execution Unauthenticated Google Dork: inurl:"/spip.php?page=login" Date: 19/06/2023 Exploit Author: nuts7 https://github.com/nuts7/CVE-2023-27372 Vendor Homepage: https://www.spip.net/ Software Link:...

9.8CVSS9.8AI score0.99637EPSS
Exploits23
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.481 views

phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Date: 2022-04-10 Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.356 views

Atom CMS 2.0 - Remote Code Execution (RCE)

Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...

9.8CVSS9.6AI score0.54766EPSS
Exploits4
Huntr
Huntr
added 2022/03/22 9:22 a.m.12 views

Use After Free in new_object

Description Heap use after free in newobject function. ASAN report: ================================================================= ==2514600==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020000401d0 at pc 0x00000230a00e bp 0x7ffcfdbe1dd0 sp 0x7ffcfdbe1dc8 READ of size 2 at...

7.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2022/03/16 12:0 a.m.305 views

Pluck CMS 4.7.16 Shell Upload

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Date: 13.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.p...

0.1AI score0.37716EPSS
Exploits4
0day.today
0day.today
added 2022/03/16 12:0 a.m.1025 views

Pluck CMS 4.7.16 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.py 127.0.0.1 80...

7.2CVSS0.37716EPSS
Exploits4
Huntr
Huntr
added 2022/03/03 7:29 a.m.19 views

Use After Free in r_reg_get_name_idx

Description heap use after free in rreggetnameidx. ASAN report: ================================================================= ==1710816==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020001dff50 at pc 0x7fa7c085d87c bp 0x7ffc21731ac0 sp 0x7ffc21731ab0 READ of size 1 at...

4.3CVSS0.3AI score0.0065EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2022/01/29 7:59 p.m.259 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PwnKit Vulnerability - Local Privilege Escalation - Title:...

7.8CVSS7.6AI score0.94921EPSS
Exploits151
GithubExploit
GithubExploit
added 2022/01/28 2:54 a.m.446 views

Exploit for Incomplete Cleanup in Linux Linux_Kernel

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

7.8CVSS7.5AI score0.94921EPSS
Exploits152
GithubExploit
GithubExploit
added 2022/01/28 2:54 a.m.239 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

7.8CVSS7.5AI score0.94921EPSS
Exploits152
GithubExploit
GithubExploit
added 2022/01/26 8:52 p.m.272 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

pkexec-lpe-poc POC for CVE-2021-4034 Original Write...

7.8CVSS7.5AI score0.94921EPSS
Exploits151
GithubExploit
GithubExploit
added 2022/01/26 6:53 p.m.227 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 Exploit Usage bash $ git clone https:...

7.8CVSS7.5AI score0.94921EPSS
Exploits151
Huntr
Huntr
added 2021/11/29 2:7 p.m.9 views

None in fcambus/logswan

Description Good morning, I hope you're doing well today. Whilst testing logswan built with Clang12 + ASan on Ubuntu 20.04.3 LTS from commit bcfd41, we discovered a heap-use-after-free situation during a strcmp operation on line 259 of logswan/src/logswan.c. Proof of Concept First... echo...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/15 12:0 a.m.521 views

KONGA 0.14.9 Privilege Escalation

Exploit Title: KONGA 0.14.9 - Privilege Escalation Date: 10/11/2021 Exploit Author: Fabricio Salomao & Paulo Trindade @paulotrindadec Vendor Homepage: https://github.com/pantsel/konga Software Link: https://github.com/pantsel/konga/archive/refs/tags/0.14.9.zip Version: 0.14.9 Tested on: Linux -...

7.1AI score
Exploits0
Huntr
Huntr
added 2021/09/27 1:4 p.m.36 views

Heap-based Buffer Overflow in hoene/libmysofa

Description There are some heap-buffer-overflows in mysofa2json of libmysofa. They are in function loudness, mysofacheck and readOHDRHeaderMessageDataLayout. System info Ubuntu 20.04.3 LTS clang 12.0.1 libmysofa github master branch commit 0cb89cb Command to Reproduce build libmysofa with...

7.5CVSS1.5AI score0.01035EPSS
Exploits1
Hacker One
Hacker One
added 2021/09/24 9:19 p.m.22 views

Kubernetes: Tokenless GUI Authentication

Report Submission Form Summary: A person has the ability to bypass the login screen using the 401 error code produced from a failed token login. The user is given the privileges of an system:anonymous user. Kubernetes Version: kubectl, kubeadm, kubelet 1.22.2 Ubuntu 20.04.3 - 64bit Component...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/07 12:0 a.m.224 views

Patient Appointment Scheduler System 1.0 Shell Upload

Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/07 12:0 a.m.148 views

Patient Appointment Scheduler System 1.0 Cross Site Scripting

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/09/06 12:0 a.m.144 views

Patient Appointment Scheduler System 1.0 - Persistent / Stored XSS Exploit

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link: https://www.sourcecodester.com/download-code?nid=1492...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/09/06 12:0 a.m.179 views

Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution

Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

0.1AI score
Exploits0
Rows per page
Query Builder