Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/02/03 12:0 a.m.208 views

Jira 8.3.4 - Information Disclosure (Username Enumeration)

Exploit Title: Jira 8.3.4 - Information Disclosure Username Enumeration Date: 2019-09-11 Exploit Author: Mufeed VH Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira Version: 8.3.4 Tested on: Pop!OS 19.10 CVE : CVE-2019-8449 CVE-2019-8449 Exploit fo...

5.3CVSS5.4AI score0.84771EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.208 views

Rukovoditel Project Management CRM 2.5.2 - 'reports_id' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'reportsid' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.208 views

TextCrawler Pro3.1.1 - Denial of Service (PoC)

Exploit Title: TextCrawler Pro3.1.1 - Denial of Service PoC Date: 2020-05-01 Vendor Homepage:https://www.digitalvolcano.co.uk/index.html Software Link: https://www.digitalvolcano.co.uk/download/TextCrawlerPro=setup.exe Exploit Author: Achilles Tested Version: 3.1.1 Tested on: Windows 7 x64 1.- Ru...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/24 12:0 a.m.208 views

DeviceViewer 3.12.0.1 - 'creating user' Denial of Service

!/usr/bin/python Exploit Title: DeviceViewer 3.12.0.1 - 'creating user' DOS buffer overflow Date: 9/23/2019 Exploit Author: x00pwn Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Tested on: Windows 7 Steps to reproduce: ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/30 12:0 a.m.208 views

Easy MP3 Downloader 4.7.8.8 - 'Unlock Code' Denial of Service

!/usr/bin/python SWAMI KARUPASAMI THUNAI print""" Exploit Title: Easy MP3 Downloader Denial of Service Date: 2019-08-29 Exploit Author: Mohan Ravichandran & Snazzy Sanoj Organization : StrongBox IT Vulnerable Software: Easy MP3 Downloader Version: 4.7.8.8 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.208 views

Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticket.php' Arbitrary File Deletion

Exploit Title: Joomla! component comjssupportticket - Authenticated Arbitrary File Deletion Dork: inurl:"index.php?option=comjssupportticket" Date: 10.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/46/download/1.html Version: 1.1.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/30 12:0 a.m.208 views

Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Redis Unauthenticated Code Execution', 'Description' = %q This module can be used to leverage the extension functionality added by Redis 4.x and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/11 12:0 a.m.208 views

phpMyAdmin 4.8 - Cross-Site Request Forgery

Exploit Title: Cross Site Request Forgery CSRF Date: 11 June 2019 Exploit Author: Riemann Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: 4.8 Tested on: UBUNTU 16.04 LTS -Installed Docker image - docker pull phpmyadmin/phpmyadmin:4.8 CVE ...

6.5CVSS8.1AI score0.19184EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/05/21 12:0 a.m.208 views

Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free

See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR operation could cause garbage collection GC during its execution 1. With this, it is then possible for the compiler to determine whether there...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/07 12:0 a.m.208 views

Apache mod_rewrite (Windows x86) - Off-by-One Remote Overflow

!/bin/sh Exploit for Apache modrewrite off-by-oneWin32. by axis http://www.ph4nt0m.org 2007-04-06 Tested on Apache 2.0.58 Win32 Windows2003 CN SP1 Vulnerable Apache Versions: 1.3 branch: 1.3.28 and 2.0.46 and 2.2.0 and 2006-08-20 http://www.milw0rm.com/exploits/2237 to successfully exploit the...

7.6CVSS7.6AI score0.96436EPSS
Exploits20
Exploit DB
Exploit DB
added 2006/10/15 12:0 a.m.208 views

AROUNDMe 0.5.2 - 'templatePath' Remote File Inclusion

--------------------------------------------------------------------------- AROUNDMe = 0.5.2 templatePath Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/30 12:0 a.m.208 views

Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation

/ Linux kernel ptrace/kmod local root exploit This code exploits a race condition in kernel/kmod.c, which creates kernel thread in insecure manner. This bug allows to ptrace cloned process, allowing to take control over privileged modprobe binary. Should work under all current 2.2.x and 2.4.x...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.207 views

Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.207 views

e107 v2.3.2 - Reflected XSS

Exploit Title: e107 v2.3.2 - Reflected XSS Date: 11/05/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 2.3.2 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64 OpenSSL/1.1.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.207 views

CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)

Exploit Title: CKEditor 5 35.4.0 - Cross-Site Scripting XSS Google Dork: N/A Date: February 09, 2023 Exploit Author: Manish Pathak Vendor Homepage: https://cksource.com/ Software Link: https://ckeditor.com/ckeditor-5/download/ Version: 35.4.0 Tested on: Linux / Web CVE : CVE-2022-48110 CKSource...

6.1CVSS6.6AI score0.02097EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/01 12:0 a.m.207 views

GeoVision Camera GV-ADR2701 - Authentication Bypass

Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Date: 26 December , 2020 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.207 views

WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Date: 06-08-2021 Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...

4.8CVSS5.1AI score0.05432EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.207 views

Budget and Expense Tracker System 1.0 - Authenticated Bypass

Exploit Title: Budget and Expense Tracker System 1.0 - Authenticated Bypass Exploit Author: Prunier Charles-Yves Date: September 20, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/15 12:0 a.m.207 views

Aruba Instant (IAP) - Remote Code Execution

import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def racepapimessageip: global CONTINUERACE payload =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/03 12:0 a.m.207 views

FUDForum 3.1.0 - 'author' Reflected XSS

Exploit Title: FUDForum 3.1.0 - 'author' Reflected XSS Exploit Author: Piyush Patil Vendor Homepage: http://fudforum.org/ Software Link: https://sourceforge.net/projects/fudforum/files/FUDforum3.1.0.zip/download Version: FUDForum 3.1.0 Tested on: Windows 10 and Kali CVE : CVE-2021-27520...

6.1CVSS6.3AI score0.06396EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/20 12:0 a.m.207 views

Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution)

Exploit Title: Voting System 1.0 - File Upload RCE Authenticated Remote Code Execution Date: 19/01/2021 Exploit Author: Richard Jones Vendor Homepage:https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/06 12:0 a.m.207 views

CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path

Exploit Title: CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2020-08-05 Vendor Homepage: https://www.wibu.com/us/products/codemeter/runtime.html Tested Version: 6.60 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/04 12:0 a.m.207 views

Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)

Exploit Title: Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2020-08-03 Vendor Homepage: https://apps.apple.com/us/app/telnet-lite/id286893976 Software Link: App Store for iOS devices Tested Version: 4.2 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.207 views

PHPKB Multi-Language 9 - Authenticated Directory Traversal

Exploit Title: PHPKB Multi-Language 9 - Authenticated Directory Traversal Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version: Multi-Language v9 Tested on:...

4.9CVSS5.2AI score0.07844EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/29 12:0 a.m.207 views

Liferay CE Portal 6.0.2 - Remote Command Execution

Exploit Title: Liferay CE Portal 6.0.2 - Remote Command Execution Google Dork: N/A Date: 2020-01-29 Exploit Author: Berk Dusunur Vendor Homepage: https://www.liferay.com/ Software Link: https://sourceforge.net/projects/lportal/files/Liferay%20Portal/6.0.2/...

9AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/10 12:0 a.m.207 views

Pandora 7.0NG - Remote Code Execution

Exploit Title: Pandora 7.0NG - Remote Code Execution Date: 2019-11-14 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2019-20224 Vendor Homepage: https://pandorafms.org/ Software link: https://pandorafms.org/features/free-download-monitoring-software/ Version: v7.0NG Tested on: CentOS 7.3 / PHP...

9CVSS7.9AI score0.4968EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.207 views

SpotIE 2.9.5 - 'Key' Denial of Service (PoC)

Exploit Title: SpotIE 2.9.5 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotiesetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.207 views

Crystal Live HTTP Server 6.01 - Directory Traversal

Title: Crystal Live HTTP Server 6.01 - Directory Traversal Date of found: 2019-11-17 Author: Numan Türle Vendor Homepage: https://www.genivia.com/ Version : Crystal Quality 6.01.x.x Software Link : https://www.crystalrs.com/crystal-quality-introduction/ POC --------- GET...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.207 views

WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path

Exploit Title : WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Softalk Version : 7.5.1 Software: http://html.tucows.com/preview/195580/WorkgroupMail-Mail-Server?q=pop3 Tested on Windows 10 CVE : N/A c:\sc qc WorkgroupMail SC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.207 views

Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticketreply.php' SQL Injection

Exploit Title: Joomla! component comjssupportticket - Authenticated SQL Injection Dork: inurl:"index.php?option=comjssupportticket" Date: 10.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/46/download/1.html Version: 1.1.6 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.207 views

dotCMS 5.1.1 - HTML Injection

Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML Injection and Cross-site...

6.1CVSS6.3AI score0.00998EPSS
Exploits5
Exploit DB
Exploit DB
added 2016/08/19 12:0 a.m.207 views

Cisco ASA / PIX - 'EPICBANANA' Local Privilege Escalation

Exploit Title: Cisco ASA / PIX - Privilege Escalation EPICBANANA Date: 19-08-2016 Exploit Author: Shadow Brokers Vendor Homepage: http://www.cisco.com/ Full Exploit: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40271.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/01/08 12:0 a.m.207 views

IBM Cognos - 'tm1admsd.exe' Remote Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'IBM Cognos...

10CVSS7AI score0.5485EPSS
Exploits8
Exploit DB
Exploit DB
added 2011/11/24 12:0 a.m.207 views

Apache 7.0.x mod_proxy - Reverse Proxy Security Bypass

source: https://www.securityfocus.com/bid/50802/info Apache HTTP Server is prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and obtain sensitive information about running web applications. The following example patterns are...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/04/04 12:0 a.m.207 views

SCO UnixWare Merge - 'mcd' Local Privilege Escalation

/ 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local Root Exploit By qaaz / include include include include include include define TARGET "/usr/lib/merge/mcd" define DIR "/proc/%d/object", getpid define BIN "a.out" define LNK "hrc;"...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/22 12:0 a.m.207 views

Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting

source: https://www.securityfocus.com/bid/27409/info Apache 'modnegotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/02 12:0 a.m.207 views

Weblogicnet - 'files_dir' Multiple Remote File Inclusions

Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website : www.solpotcrew.org/adv/homeedition2001-adv-02.txt Greetz:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/07 12:0 a.m.207 views

PHP-Nuke Module PostGuestbook 0.6.1 - 'tpl_pgb_moddir' Remote File Inclusion

PostGuestbook 0.6.1tplpgbmoddirRemote File Include Expliot D.Script: http://sourceforge.net/projects/postguestbook/ Dork: "Powered by: PostGuestbook 0.6.1" Discovered by GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code include...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/17 12:0 a.m.207 views

Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)

!/usr/bin/perl Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability Took Damian Put's poc and shortened it just a little. All credits to Damian Put pucikatgazeta.pl [email protected] www.overflow.pl /str0ke my $clam =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/15 12:0 a.m.207 views

MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection

!/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific: "Powered By MyBB" "2006 MyBB Group"\n\n"; / works...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/15 12:0 a.m.207 views

RSA ClearTrust 4.6/4.7 - Login Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/7108/info A cross-site scripting vulnerability has been discovered in ClearTrust. Specifically, the login page for the management application is not properly sanitized of some user-supplied values. An attacker can exploit this vulnerability by creating a...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/30 12:0 a.m.207 views

OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow Vulnerability 2

OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability 2. CVE-2002-0656. Remote exploit for unix platform source: http://www.securityfocus.com/bid/5363/info A buffer-overflow vulnerability has been reported in some versions of OpenSSL. The issue occurs in the handling of the clie...

7.5CVSS0.2AI score0.8982EPSS
Exploits2
Exploit DB
Exploit DB
added 2026/03/03 12:0 a.m.206 views

WordPress Backup Migration 1.3.7 - Remote Command Execution

Exploit Title: WordPress Backup Migration 1.3.7 - Remote Command Execution Date: 2025-10-26 Exploit Author: DANG Vendor Homepage: https://backupbliss.com/ Software Link: https://wordpress.org/plugins/backup-backup/ Version: Backup Migration ≤1.3.7 Tested on: LINUX CVE : CVE-2023-6553 This module...

9.8CVSS5.9AI score0.97846EPSS
Exploits14
Exploit DB
Exploit DB
added 2025/04/15 12:0 a.m.206 views

Cacti 1.2.26 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Cacti 1.2.26 - Remote Code Execution RCE Authenticated Date: 06/01/2025 Exploit Author: D3Ext Vendor Homepage: https://cacti.net/ Software Link: https://github.com/Cacti/cacti/archive/refs/tags/release/1.2.26.zip Version: 1.2.26 Tested on: Kali Linux 2024 CVE: CVE-2024-25641...

9.1CVSS7AI score0.86303EPSS
Exploits17
Exploit DB
Exploit DB
added 2023/03/28 12:0 a.m.206 views

Online shopping system advanced 1.0 - Multiple Vulnerabilities

Exploit Title: Online shopping system advanced 1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2020-09-24 Vendor Homepage: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software Link :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.206 views

Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)

Exploit Title: Oracle WebLogic Server 14.1.1.0 - RCE Authenticated Date: 2021-01-21 Exploit Author: Photubias Vendor Advisory: 1 https://www.oracle.com/security-alerts/cpujan2021.html Vendor Homepage: https://www.oracle.com Version: WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.3, 12.2.1.4, 14.1.1.0 fixed ...

7.2CVSS7.2AI score0.70241EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/05/13 12:0 a.m.206 views

Sellacious eCommerce 4.6 - Persistent Cross-Site Scripting

Exploit Title: Sellacious eCommerce 4.6 - Persistent Cross-Site Scripting Exploit Author: gurbanli Date: 2020-05-13 Vendor Homepage: https://www.sellacious.com Version: 4.6 Software Link: https://www.sellacious.com/free-open-source-ecommerce-software Document Title: =============== Sellacious...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.206 views

Nsauditor 3.1.8.0 - 'Key' Denial of Service (PoC)

Exploit Title: Nsauditor 3.1.8.0 - 'Key' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerability Type: Denial of Service DoS Local Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.206 views

SpotAuditor 5.3.1.0 - Denial of Service

Exploit Title: SpotAuditor 5.3.1.0 - Denial of Service Author: Sanjana Shetty Date: 2019-10-13 Version: SpotAuditor 5.3.1.0 Vendor Homepage: http://www.nsauditor.com Software link: http://spotauditor.nsauditor.com/ Steps 1 Install the SpotAuditor software 2 Access the register functionality 3 In...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.206 views

Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting

Exploit Title: Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-13 Vendor Homepage: https://www.nchsoftware.com/ Source: https://www.nchsoftware.com/invoice/index.html Version: Express Invoice v7.12 CVE : N/A Tested on: Windows 7 SP132bi...

7.4AI score
Exploits0
Total number of security vulnerabilities5000