Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.660 views

VestaCP 0.9.8-26 - 'backup' Information Disclosure

Exploit Title: VestaCP 0.9.8-26 - 'backup' Information Disclosure Date: 2020-11-25 Exploit Author: Vulnerability-Lab Vendor Homepage: https://vestacp.com/ Software Link: https://vestacp.com/install/ Version: 0.9.8-26 Document Title: =============== VestaCP v0.9.8-26 - Insufficient Session...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/09 12:0 a.m.658 views

Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)

Exploit Title: Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting XSS Date: 08/07/2021 Exploit Author: Subhadip Nag Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/zoo-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Server: XAMPP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.658 views

Barcodes generator 1.0 - 'name' Stored Cross Site Scripting

Exploit Title: Barcodes generator 1.0 - 'name' Stored Cross Site Scripting Date: 10/12/2020 Exploit Author: Nikhil Kumar Vendor Homepage: http://egavilanmedia.com/ Software Link: http://egavilanmedia.com/barcodes-generator-using-php-mysql-and-jsbarcode-library/ Version: 1.0 Tested On: Ubuntu 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/14 12:0 a.m.658 views

Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)

CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48216.zip Usage ./CVE-2020-0796.py servername This script connects to the target host, and compresses the authentication request with a bad offset field set in t...

10CVSS9.1AI score0.9981EPSS
Exploits125
Exploit DB
Exploit DB
added 2019/11/28 12:0 a.m.658 views

WordPress Core 5.3 - User Disclosure

Exploit Title : Wordpress 5.3 - User Disclosure Author: SajjadBnd Date: 2019-11-17 Software Link: https://wordpress.org/download/ version : wp ' vuln = url + "/wp-json/wp/v2/users/" while True: try: r = requests.getvuln,verify=False content = json.loadsr.text datacontent except...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/29 12:0 a.m.657 views

Umbraco v8.14.1 - 'baseUrl' SSRF

Exploit Title: Umbraco v8.14.1 - 'baseUrl' SSRF Date: July 5, 2021 Exploit Author: NgoAnhDuc Vendor Homepage: https://our.umbraco.com/ Software Link: https://our.umbraco.com/download/releases/8141 Version: v8.14.1 Affect: Umbraco CMS v8.14.1, Umbraco Cloud Vulnerable code:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/19 12:0 a.m.657 views

Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)

Exploit Title: Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow PoC Date: November 18, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: http://www.internetdownloadmanager.com/ Software Link: http://www.internetdownloadmanager.com/download.html Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/07 12:0 a.m.656 views

grocy 2.7.1 - Persistent Cross-Site Scripting

Exploit Title: grocy 2.7.1 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://berrnd.de/ Software Link: https://github.com/grocy/grocy Version: 2.7.1 Tested on: Kali Linux 2020.3 Proof Of Concept: grocy household management solution...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/27 12:0 a.m.655 views

GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse

Exploit Title: GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse Date: 2019-08-29 Exploit Author: LiquidWorm Software Link: https://www.embedthis.com Version: 5.1.1 !/usr/bin/env python3 -- coding: utf-8 -- EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture...

8.8CVSS8.8AI score0.04039EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.655 views

NoMachine < 5.3.27 - Remote Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NOMACHINE-TROJAN-FILE-REMOTE-CODE-EXECUTION.txt + ISR: ApparitionSec Greetz: Greetz: indoushka | Eduardo Vendor www.nomachine.com Product NoMachine / hyp3rlinx / / gcc -c -m32...

7.8CVSS7.9AI score0.04554EPSS
Exploits5
Exploit DB
Exploit DB
added 2016/12/29 12:0 a.m.655 views

PHPMailer < 5.2.18 - Remote Code Execution

""" Exploit Title: PHPMailer Exploit v1.0 Date: 29/12/2016 Exploit Author: Daniel aka anarc0der Version: PHPMailer 3 - Open other terminal and run the exploit: python3 anarcoder.py Video PoC: https://www.youtube.com/watch?v=DXeZxKr-qsU Full Advisory:...

9.8CVSS10AI score0.99714EPSS
Exploits58
Exploit DB
Exploit DB
added 2006/09/02 12:0 a.m.655 views

TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $co...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.654 views

Openfire 4.6.0 - 'path' Stored XSS

Exploit Title: Openfire 4.6.0 - 'path' Stored XSS Date: 20201209 Exploit Author: j5s Vendor Homepage: https://github.com/igniterealtime/Openfire Software Link: https://www.igniterealtime.org/downloads/ Version: 4.6.0 POST /plugins/nodejs/nodejs.jsp HTTP/1.1 Host: 192.168.137.137:9090 User-Agent:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/26 12:0 a.m.654 views

WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution

Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.654 views

gSOAP 2.8 - Directory Traversal

Title: gSOAP 2.8 - Directory Traversal Author: Numan Türle Date: 2019-11-13 Vendor Homepage: https://www.genivia.com/ Version : gSOAP 2.8 Software Link : https://www.genivia.com/products.htmlgsoap POC --------- GET /../../../../../../../../../etc/passwd HTTP/1.1 Host: 10.200.106.101 Accept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.654 views

R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)

!/usr/bin/python Exploit Title: R 3.4.4 Windows 10 x64 - Buffer Overflow SEHDEP/ASLR Bypass Date: 2019-07-15 Exploit Author: blackleitus Vendor Homepage: https://www.r-project.org/ Tested on: Windows 10 Home Single Language 64-bit Social: https://twitter.com/blackleitus Website:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/07/19 12:0 a.m.654 views

Linux - BPF Sign Extension Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux BPF Sign Extension Local Privilege Escalation', 'Description' = %q Linux kernel prior to 4.14.8 utilizes the Berkeley Packet Filter BPF whi...

7.8CVSS7.8AI score0.30052EPSS
Exploits16
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.653 views

Zabbix 5.0.17 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Zabbix 5.0.17 - Remote Code Execution RCE Authenticated Date: 9/3/2022 Exploit Author: Hussien Misbah Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/rn/rn5.0.17 Version: 5.0.17 Tested on: Linux Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.652 views

Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)

Exploit Title: Keycloak 12.0.1 - 'requesturi ' Blind Server-Side Request Forgery SSRF Unauthenticated Date: 2021-10-09 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.keycloak.org/ Software Link: https://www.keycloak.org/archive/downloads-12.0.1.html Version: versions 192.168.0.1:444...

5.3CVSS5.2AI score0.69724EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.652 views

WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation (Unauthenticated)

Exploit Title: WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation Unauthenticated Google Dork: inurl:/plugins/pie-register/ Date: 08.10.2021 Exploit Author: Lotfi13-DZ Vendor Homepage: https://wordpress.org/plugins/pie-register/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/28 12:0 a.m.652 views

TripSpark VEO Transportation - Blind SQL Injection

Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.652 views

October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)

Exploit Title: October CMS Build 465 - Arbitrary File Read Exploit Authenticated Date: 2020-03-31 Exploit Author: Sivanesh Ashok Vendor Homepage: https://octobercms.com/ Version: Build 465 and below Tested on: Windows 10 / XAMPP / October CMS Build 465 CVE: CVE-2020-5295 echo ''' Authenticated...

4.9CVSS5.1AI score0.07371EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/11/30 12:0 a.m.651 views

ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure

Exploit Title: ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure Date: 2020-11-20 Exploit Author: Zagros Bingol Vendor Homepage: http://www.atx.com Software Link: https://atx.com/products/commercial-services-gateways/minicmts200a-broadband-gateway/ Version: 2.0 and earlier Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/16 12:0 a.m.650 views

RiteCMS 2.2.1 - Remote Code Execution

Exploit Title: RiteCMS 2.2.1 - Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux 1- Go to following url. http://CHANGE-THIS/ritecms/cms/ 2- Default username and password is admin:admin. 3- Go "Filemanager" and...

Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.649 views

IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path

Exploit Title: IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path Discovery by: Isabel Lopez Software link: https://www.pconlife.com/download/otherfile/20566/098185e9b7c417cf7480bb9f839db652/ Discovery Date: 2020-11-07 Tested Version: 1.0.6425.0 Vulnerability Type: Unquoted Service Path...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/23 12:0 a.m.649 views

InputMapper 1.6.10 - Denial of Service

Exploit Title: InputMapper 1.6.10 Local Denial of Service Date: 20.09.2019 Vendor Homepage: https://inputmapper.com/ Software Link: https://inputmapper.com/downloads/category/2-input-mapper Exploit Author: elkoyote07 Tested Version: 1.6.10 Tested on: Windows 10 x64 1.- Start Input Mapper 2.- Clic...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/20 12:0 a.m.648 views

Wordpress Plugin WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure

Exploit Title: WP Courses 2.0.29 - Broken Access Controls leading to Courses Content Disclosure Exploit Author: Stefan Broeder, Marco Ortisi redtimmysec Authors blog: https://www.redtimmy.com Vendor Homepage: https://wpcoursesplugin.com/ Version Vulnerable: 2.0.29 CVE: requested but not assigned...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.647 views

Solaris 11.4 - xscreensaver Privilege Escalation

@Mediaservice.net Security Advisory 2019-02 last updated on 2019-10-16 Title: Local privilege escalation on Solaris 11.x via xscreensaver Application: Jamie Zawinski's xscreensaver 5.39 distributed with Solaris 11.4 Jamie Zawinski's xscreensaver 5.15 distributed with Solaris 11.3 Other versions...

8.8CVSS9AI score0.13399EPSS
Exploits8
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.647 views

Microsoft Windows 7/2008 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)

!/usr/bin/python from impacket import smb from struct import pack import sys import socket ''' EternalBlue exploit for Windows 7/2008 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten EDB Note: Shellcode - x64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.646 views

PHPMyAdmin 3.0 - Bruteforce Login Bypass

""" Exploit-Title: PHPMyAdmin 3.0 - Bruteforce Login Bypass Author: Nikola Markovic [email protected] Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: 3.0 & 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 Tested on: win/linux/unix Python-Version: 3.0 CVE...

5CVSS7.4AI score0.0979EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/08/31 12:0 a.m.646 views

Fuel CMS 1.4.8 - 'fuel_replace_id' SQL Injection (Authenticated)

Exploit Title: Fuel CMS 1.4.8 - 'fuelreplaceid' SQL Injection Authenticated Date: 2020-08-19 Exploit Author: c0mpu7er(@ymbank.cn) Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.8.zip Version: 1.4.7 Tested on: PHP 5.4.45, Apache...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/27 12:0 a.m.646 views

Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting

Exploit Title: Kuicms Php EE 2.0 - Persistent Cross-Site Scripting Date: 2020-05-27 Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd. Vendor Homepage: https://kuicms.com Software Link: https://kuicms.com/kuicms.zip Version: Kuicms Php EE 2.0 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.646 views

Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion', 'Description' = %q This module exploits a type confusion on Adobe Flash Player,...

10CVSS9.8AI score0.94354EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/06/23 12:0 a.m.645 views

Code Blocks 20.03 - Denial Of Service (PoC)

Exploit Title: Code Blocks 20.03 - Denial Of Service PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/20.03/Windows/codeblocks-20.03-setup.exe/download Exploit Author: Paras Bhatia Discovery Date: 2020-06-23...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/08 12:0 a.m.643 views

SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/29 12:0 a.m.642 views

opencart 3.0.3.8 - Sessjion Injection

Exploit Title: opencart 3.0.3.8 - Sessjion Injection Date: 28/11/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/ Version: 3.0.3.8 Testeted on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.642 views

php-fusion 9.03.50 - Persistent Cross-Site Scripting

Exploit Title: php-fusion 9.03.50 - Persistent Cross-Site Scripting Google Dork: "php-fusion" Date: 2020-04-30 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/infusions/downloads/downloads.php?catid=30...

5.4CVSS6.1AI score0.02897EPSS
Exploits2
Exploit DB
Exploit DB
added 2012/01/14 12:0 a.m.642 views

phpMyAdmin 3.3.x/3.4.x - Local File Inclusion via XML External Entity Injection (Metasploit)

Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link: http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/ Tested on: Windows and Linux - phpmyadmin versions: 3.3.6, 3.3.10, 3.4.0...

6.5CVSS6.5AI score0.1267EPSS
Exploits7
Exploit DB
Exploit DB
added 2024/06/01 12:0 a.m.641 views

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access

Exploit Title: ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution RCE & SSH Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM Firmware = 1.14.51 probably others Tested on: Linux...

9.8CVSS7.1AI score0.17399EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/04/08 12:0 a.m.641 views

DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147 input type="...

8.8CVSS7AI score0.0352EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/12/03 12:0 a.m.641 views

Sony BRAVIA Digital Signage 1.7.8 - Unauthenticated Remote File Inclusion

Exploit Title: Sony BRAVIA Digital Signage 1.7.8 - Unauthenticated Remote File Inclusion Date: 20.09.2020 Exploit Author: LiquidWorm Vendor Homepage: https://pro-bravia.sony.net Version: 1.7.8 Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion Vendor: Sony Electronics Inc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/27 12:0 a.m.641 views

Tableau - XML External Entity

Exploit Title: Tableau XXE Google Dork: N/A Date: Reported to vendor July 2019, fix released August 2019. Exploit Author: Jarad Kopf Vendor Homepage: https://www.tableau.com/ Software Link: Tableau Desktop downloads: https://www.tableau.com/products/desktop/download Version/Products: See Tableau...

8.1CVSS7.8AI score0.14314EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.641 views

Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution

Exploit Title: Citrix SD-WAN Appliance 10.2.2 Auth Bypass and Remote Command Execution Date: 2019-07-12 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.citrix.com Product: Citrix SD-WAN Software Link: https://www.citrix.com/downloads/citrix-sd-wan/ Version: Tested against 10.2.2...

9.8CVSS9.5AI score0.94046EPSS
Exploits6
Exploit DB
Exploit DB
added 2010/02/15 12:0 a.m.641 views

blog ink - Bypass Setting

======================================================================================== | Title : blog ink By Pass Setting Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Script Home : powered by blog ink | Dork : Powered by PHP Melody 1.5.3 | Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/13 12:0 a.m.640 views

Huawei HG630 2 Router - Authentication Bypass

Title: Huawei HG630 2 Router - Authentication Bypass Date: 2020-04-13 Author: Eslam Medhat Vendor Homepage: www.huawei.com Version: HG630 V2 HardwareVersion: VER.B CVE: N/A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/01 12:0 a.m.640 views

SSH (x2) - Remote Command Execution

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/349.tgz x2.tgz milw0rm.com 2002-05-01...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/05 12:0 a.m.639 views

GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)

Exploit Title: GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload Unauthenticated Date: 21/03/2021 Exploit Author: Amin Bohio Original Research & Code By: Paul Taylor / Foregenix Ltd Original Exploit: https://github.com/bao7uo/RAUcrypto Vendor Homepage: https://www.gfi.com Softwa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/02 12:0 a.m.639 views

Student Record System 4.0 - 'cid' SQL Injection

Exploit Title: Student Record System 4.0 - 'cid' SQL Injection Date: 2/2/2021 Exploit Author: Jannick Tiger Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/wp-content/uploads/2019/05/schoolmanagement.zip Version: V 4.0 Tested on: Windows、XAMPP Identify the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.639 views

Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)

Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload Authenticated Date: 2020-07-15 Exploit Author: v1n1v131r4 Vendor Homepage: http://koken.me/ Software Link: https://www.softaculous.com/apps/cms/Koken Version: 0.22.24 Tested on: Linux PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/10 12:0 a.m.639 views

YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting

Exploit Title: YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-03-10 Exploit Author: En Vendor Homepage: https://github.com/yzmcms/yzmcms Software Link: https://github.com/yzmcms/yzmcms Version: V5.5 Category: Web Application Patched Version: unpatched Tested on:...

7.4AI score
Exploits0
Total number of security vulnerabilities5000