Lucene search
K

18 matches found

Exploit DB
Exploit DB
added 2023/06/20 12:0 a.m.1258 views

SPIP v4.2.0 - Remote Code Execution (Unauthenticated)

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: SPIP v4.2.1 - Remote Code Execution Unauthenticated Google Dork: inurl:"/spip.php?page=login" Date: 19/06/2023 Exploit Author: nuts7 https://github.com/nuts7/CVE-2023-27372 Vendor Homepage: https://www.spip.net/ Software Link:...

9.8CVSS9.8AI score0.99637EPSS
Exploits23
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.481 views

phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Date: 2022-04-10 Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.356 views

Atom CMS 2.0 - Remote Code Execution (RCE)

Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...

9.8CVSS9.6AI score0.54766EPSS
Exploits4
Huntr
Huntr
added 2022/03/22 9:22 a.m.12 views

Use After Free in new_object

Description Heap use after free in newobject function. ASAN report: ================================================================= ==2514600==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020000401d0 at pc 0x00000230a00e bp 0x7ffcfdbe1dd0 sp 0x7ffcfdbe1dc8 READ of size 2 at...

7.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2022/03/16 12:0 a.m.305 views

Pluck CMS 4.7.16 Shell Upload

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Date: 13.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.p...

0.1AI score0.37716EPSS
Exploits4
0day.today
0day.today
added 2022/03/16 12:0 a.m.1055 views

Pluck CMS 4.7.16 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.py 127.0.0.1 80...

7.2CVSS0.37716EPSS
Exploits4
GithubExploit
GithubExploit
added 2022/01/29 7:59 p.m.262 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PwnKit Vulnerability - Local Privilege Escalation - Title:...

7.8CVSS7.6AI score0.94921EPSS
Exploits152
GithubExploit
GithubExploit
added 2022/01/28 2:54 a.m.249 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

7.8CVSS7.5AI score0.94921EPSS
Exploits153
GithubExploit
GithubExploit
added 2022/01/28 2:54 a.m.481 views

Exploit for Incomplete Cleanup in Linux Linux_Kernel

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

7.8CVSS7.5AI score0.94921EPSS
Exploits153
GithubExploit
GithubExploit
added 2022/01/26 8:52 p.m.273 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

pkexec-lpe-poc POC for CVE-2021-4034 Original Write...

7.8CVSS7.5AI score0.94921EPSS
Exploits152
GithubExploit
GithubExploit
added 2022/01/26 6:53 p.m.229 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 Exploit Usage bash $ git clone https:...

7.8CVSS7.5AI score0.94921EPSS
Exploits152
Huntr
Huntr
added 2021/11/29 2:7 p.m.9 views

None in fcambus/logswan

Description Good morning, I hope you're doing well today. Whilst testing logswan built with Clang12 + ASan on Ubuntu 20.04.3 LTS from commit bcfd41, we discovered a heap-use-after-free situation during a strcmp operation on line 259 of logswan/src/logswan.c. Proof of Concept First... echo...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/15 12:0 a.m.523 views

KONGA 0.14.9 Privilege Escalation

Exploit Title: KONGA 0.14.9 - Privilege Escalation Date: 10/11/2021 Exploit Author: Fabricio Salomao & Paulo Trindade @paulotrindadec Vendor Homepage: https://github.com/pantsel/konga Software Link: https://github.com/pantsel/konga/archive/refs/tags/0.14.9.zip Version: 0.14.9 Tested on: Linux -...

7.1AI score
Exploits0
Huntr
Huntr
added 2021/09/27 1:4 p.m.36 views

Heap-based Buffer Overflow in hoene/libmysofa

Description There are some heap-buffer-overflows in mysofa2json of libmysofa. They are in function loudness, mysofacheck and readOHDRHeaderMessageDataLayout. System info Ubuntu 20.04.3 LTS clang 12.0.1 libmysofa github master branch commit 0cb89cb Command to Reproduce build libmysofa with...

7.5CVSS1.5AI score0.01035EPSS
Exploits1
Packet Storm
Packet Storm
added 2021/09/07 12:0 a.m.224 views

Patient Appointment Scheduler System 1.0 Shell Upload

Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/07 12:0 a.m.149 views

Patient Appointment Scheduler System 1.0 Cross Site Scripting

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/09/06 12:0 a.m.146 views

Patient Appointment Scheduler System 1.0 - Persistent / Stored XSS Exploit

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link: https://www.sourcecodester.com/download-code?nid=1492...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.139 views

Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload

Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7AI score
Exploits0
Rows per page
Query Builder