Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.617 views

Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption

Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Date: December 8th 2020 Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/03/25 12:0 a.m.617 views

WeBid 0.7.3 RC9 - 'upldgallery.php' Arbitrary File Upload

----------------------------------------------------------------------------------------- Author : Ahmad Pay Date : March, 25 2009 Location : Bojonegoro, Indonesia Critical : High Impact : System Access Where : From Remote --------------------------------------------------------------------------...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/21 12:0 a.m.617 views

Linux Kernel 2.6.x - Ptrace Privilege Escalation

/ source: https://www.securityfocus.com/bid/25774/info The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers. Versions of Linux kernel prior t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/07 12:0 a.m.616 views

Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution

Title: Microsoft Outlook Microsoft 365 MSO Version 2306 Build 16.0.16529.20100 32-bit - Remote Code Execution Author: nu11secur1ty Date: 07.07.2023 Vendor: https://www.microsoft.com/ Software: https://outlook.live.com/owa/ Reference:...

8.8CVSS8.7AI score0.05718EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/07/22 12:0 a.m.616 views

Docsify.js 4.11.4 - Reflective Cross-Site Scripting

Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...

6.1CVSS6.5AI score0.045EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.616 views

Pulse Secure VPN - Arbitrary Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary Command Execution', 'Description' = %q This module exploits a post-auth command injection in the Pulse Secure VPN serv...

8CVSS7.4AI score0.98617EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/12/07 12:0 a.m.615 views

Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Date: 2020-12-03 Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....

7.8CVSS7.8AI score0.08607EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/09/03 12:0 a.m.615 views

Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting Date: 2020-09-01 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://savsoftquiz.com/ Software Link: https://savsoftquiz.com/web/demo.php Version: 5.0 Tested on: Windows 10/Kali Linux Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/10 12:0 a.m.614 views

Request-Baskets v1.2.1 - Server-side request forgery (SSRF)

Exploit Title: Request-Baskets v1.2.1 - Server-side request forgery SSRF Exploit Author: Iyaad Luqman K init6 Application: Request-Baskets v1.2.1 Tested on: Ubuntu 22.04 CVE: CVE-2023-27163 PoC !/bin/bash if "$" -lt 2 || "$1" = "-h" || "$1" = "--help" ; then help="Usage: exploit.sh \n\n";...

6.5CVSS6.5AI score0.06976EPSS
Exploits29
Exploit DB
Exploit DB
added 2021/05/21 12:0 a.m.614 views

Solaris SunSSH 11.0 x86 - libpam Remote Root (2)

Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root 2 Original Exploit Author: Hacker Fantastic Metasploit Module Author: wvu Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris10-overview.html Version: 10 Tested on: SunOS solaris 10 CVE: CVE-2020-14871 Ported By: legend...

10CVSS9.5AI score0.80291EPSS
Exploits13
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.614 views

SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path

Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path Discovery by: Mara Ramirez Discovery Date: 10-11-2020 Vendor Homepage: https://www.segurazo.com/download.html Software Links : https://www.segurazo.com/download.html Tested Version: 10.0.21.61 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/02 12:0 a.m.614 views

MedDream PACS Server 6.8.3.751 - Remote Code Execution (Authenticated)

!/usr/bin/python Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Exploit Author: bzyo Twitter: @bzyo Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Date: 2020-10-01 Vulnerable Software:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/27 12:0 a.m.614 views

Mida eFramework 2.9.0 - Remote Code Execution

Exploit Title: Mida eFramework 2.9.0 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...

10CVSS9.6AI score0.98239EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/06/22 12:0 a.m.614 views

FileRun 2019.05.21 - Reflected Cross-Site Scripting

Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Date: 2019-07-01 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version: v2019.05.21 Tested on: Windows/Linux CVE: CVE-2019-12905 CVE-2019-12905...

6.1CVSS6.3AI score0.03605EPSS
Exploits7
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.613 views

WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/22 12:0 a.m.613 views

Online Course Registration 1.0 - Blind Boolean-Based SQL Injection (Authenticated)

Exploit Title: Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Authenticated Exploit Author: Sam Ferguson @AffineSecurity and Drew Jones @qhum7sec Date: 2021-10-21 Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/19 12:0 a.m.613 views

Apache - Remote Memory Exhaustion (Denial of Service)

Apache httpd Remote Denial of Service memory exhaustion By Kingcope Year 2011 Will result in swapping memory to filesystem on the remote side plus killing of processes when running out of swap space. Remote System becomes unstable. use IO::Socket; use Parallel::ForkManager; sub usage print "Apach...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/30 12:0 a.m.612 views

Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service

import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.612 views

Mikrotik WinBox 6.42 - Credential Disclosure (golang)

/ Title: Mikrotik WinBox 6.42 - Credential Disclosure golang edition Author: Maxim Yefimenko @slider Date: 2018-08-06 Sotware Link: https://mikrotik.com/download Vendor Page: https://www.mikrotik.com/ Version: 6.29 - 6.42 Tested on: Fedora 28 \ Debian 9 \ Windows 10 \ Android wherever it was...

9.1CVSS8.7AI score0.96087EPSS
Exploits23
Exploit DB
Exploit DB
added 2008/11/01 12:0 a.m.612 views

YourFreeWorld Downline Builder - 'tr.php' SQL Injection

Downline Builder id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/downlinebuilder.php DorK : inurl:tr.php?id= Downline Exploit :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.611 views

ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS TM-AC1900 - Arbitrary Command Execution', 'Description' = %q This module exploits a code execution vulnerability within the ASUS TM-AC1900...

10CVSS9.7AI score0.03613EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/02 12:0 a.m.611 views

Photo Share Website 1.0 - Persistent Cross-Site Scripting

Exploit Title: Photo Share Website 1.0 - Persistent Cross-Site Scripting Date: 2020-09-30 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14478/photo-share-website-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/10/25 12:0 a.m.611 views

Microsoft Windows - OLE Remote Code Execution 'Sandworm' (MS14-060)

!/usr/bin/python Windows OLE RCE Exploit MS14-060 CVE-2014-4114 – Sandworm Author: Mike Czumak Tv3rn1x - @SecuritySift Written: 10/21/2014 Tested Platforms: Windows 7 SP1 w/ exploit script run on Kali Linux You are free to reuse this code in part or in whole with the exception of commercial...

9.3CVSS7AI score0.81628EPSS
Exploits22
Exploit DB
Exploit DB
added 2012/06/10 12:0 a.m.611 views

Microsoft IIS 6.0/7.5 (+ PHP) - Multiple Vulnerabilities

THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass Affected software: Microsoft IIS 6.0 wi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/28 12:0 a.m.610 views

Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting

Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...

5.4CVSS5.6AI score0.14414EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/06/01 12:0 a.m.609 views

LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated)

Exploit Title: LogonTracer 1.2.0 - Remote Code Execution Unauthenticated Date: 29/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.jpcert.or.jp/ Software Link: https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.0 Version: 1.2.0 and earlier Tested on: Version 1.2.0 on Debian...

10CVSS9.6AI score0.74745EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.609 views

IObit Uninstaller 10 Pro - Unquoted Service Path

Exploit Title: IObit Uninstaller 10 Pro - Unquoted Service Path Date: 2020–12–24 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version: 10 Tested on Windows 10 Unquoted Service Path: When a service is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/10 12:0 a.m.608 views

Free School Management Software 1.0 - Remote Code Execution (RCE)

Exploit Title: Free School Management Software 1.0 - Remote Code Execution RCE Exploit Author: fuuzap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/30 12:0 a.m.608 views

Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)

Exploit Title: Moodle 3.6.1 - Persistent Cross-Site Scripting XSS Date: 04/2021 Exploit Author: farisv Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org https://github.com/moodle/moodle/archive/refs/tags/v3.6.1.zip Version: Moodle 3.6.2, 3.5.4, 3.4.7, 3.1.16 CVE:...

6.1CVSS5.5AI score0.13901EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/11/11 12:0 a.m.608 views

Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel

Exploit Title: Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/03 12:0 a.m.607 views

Alfresco 5.2.4 - Persistent Cross-Site Scripting

Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...

5.4CVSS5.5AI score0.0317EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/10/20 12:0 a.m.606 views

WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload

Exploit Title: WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload Date: 2020-10-20 Exploit Author: Net-Hunter Google Dork: N/A Software Link: https://ms.wordpress.org/plugins/hs-brand-logo-slider/ Vendor Homepage: https://www.heliossolutions.co/ Tested on: Linux Apache / Wordpre...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/29 12:0 a.m.606 views

WordPress Core 5.2.4 - Cross-Origin Resource Sharing

Exploit Title: Wordpress 5.2.4 - Cross-Origin Resource Sharing Date: 2019-10-28 Exploit Author: Milad Khoshdel Software Link: https://wordpress.org/download/ Version: Wordpress 5.2.4 Tested on: Linux Apache/2 PHP/7.2 Vulnerable Page: https://Your-Domain/wp-json POC: The web application fails to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/19 12:0 a.m.605 views

myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)

Exploit Title: myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting XSS Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.myfactory.com/ Version: Enfold input NAME="txtUID" VALU...

6.1CVSS6.3AI score0.05832EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/25 12:0 a.m.605 views

Seeddms 5.1.10 - Remote Command Execution (RCE) (Authenticated)

Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...

7.5CVSS7.8AI score0.11696EPSS
Exploits9
Exploit DB
Exploit DB
added 2020/08/24 12:0 a.m.605 views

Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass

Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass Date: 2020-08-21 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: =3.8.0 CVE: N/A !/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0 createUser...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.605 views

Bludit 3.9.2 - Directory Traversal

Title: Bludit 3.9.2 - Directory Traversal Author: James Green Date: 2020-07-20 Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.9.2 Tested on: Linux Ubuntu 19.10 Eoan CVE: CVE-2019-16113 Special Thanks to Ali Faraj @InfoSecAli and authors of MSF...

8.8CVSS8.7AI score0.77962EPSS
Exploits16
Exploit DB
Exploit DB
added 2020/06/12 12:0 a.m.605 views

Sysax MultiServer 6.90 - Reflected Cross Site Scripting

Exploit Title: Sysax MultiServer 6.90 - Reflected Cross Site Scripting Google Dork: n.d. Date: 2020-06-02 Exploit Author: Luca Epifanio wrongsid3 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htm Version: MultiServer 6.90 Tested on: Windows 10 x64 CVE :...

6.1CVSS6.3AI score0.03075EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/06/17 12:0 a.m.605 views

Exim 4.87 - 4.91 - Local Privilege Escalation

!/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 This...

10CVSS9.8AI score0.99961EPSS
Exploits27
Exploit DB
Exploit DB
added 2016/11/28 12:0 a.m.605 views

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)

// // This exploit uses the pokemon exploit of the dirtycow vulnerability // as a base and automatically generates a new passwd line. // The user will be prompted for the new password when the binary is run. // The original /etc/passwd file is then backed up to /tmp/passwd.bak // and overwrites t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/15 12:0 a.m.604 views

osCommerce 2.3.4.1 - Remote Code Execution (2)

Exploit Title: osCommerce 2.3.4.1 - Remote Code Execution 2 Vulnerability: Remote Command Execution when /install directory wasn't removed by the admin Exploit: Exploiting the install.php finish process by injecting php payload into the dbdatabase parameter & read the system command output from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/02 12:0 a.m.604 views

F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)

Exploit Title: F5 BIG-IP 16.0.x - iControl REST Remote Code Execution Unauthenticated Exploit Author: Al1ex Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5....

10CVSS9.7AI score0.99898EPSS
Exploits20
Exploit DB
Exploit DB
added 2020/10/30 12:0 a.m.604 views

Citadel WebCit < 926 - Session Hijacking Exploit

Exploit Title: Citadel WebCit 926 - Session Hijacking Exploit Exploit Author: Simone Quatrini Version: 926 !/usr/bin/env python3 import argparse import requests import time import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/16 12:0 a.m.604 views

Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software

Title: Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software Author: John Page aka hyp3rlinx Date: 2020-09-16 Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/WindowsTCPIPFingerCommandC2ChannelandBypassingSecuritySoftware.txt...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/18 12:0 a.m.604 views

Windows x64 - Reverse Shell TCP Shellcode (694 bytes)

Windows x64 - Reverse Shell TCP Shellcode 694 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 Reverse Shell TCP shellcode size : 694 bytes Author: Roziul Hasan Khan Shifat Date : 10-11-2016 Tested on : Windows 7 x64 Professional Email : [email protected] / / Disassembly of...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/12 12:0 a.m.604 views

Joomla! 1.5.x - 'Token' Remote Admin Change Password

Joomla 1.5.x Remote Admin Password Change Author: d3m0n [email protected] Greets: GregStar, gorion, d3d!k Polish "hackers" used this bug to deface turkish sites BUAHAHHA nice 0-day pff File : /components/comuser/controller.php Line : 379-399 function confirmreset // Check for request forgeries...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/29 12:0 a.m.603 views

orangescrum 1.8.0 - 'Multiple' SQL Injection (Authenticated)

Exploit Title: orangescrum 1.8.0 - 'Multiple' SQL Injection Authenticated Date: 28/11/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/22 12:0 a.m.603 views

WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting

Exploit Title: WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version: v1.19.1 Tested on: Windows/Linux CVE-2019-12460...

6.1CVSS6.3AI score0.03833EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/06 12:0 a.m.602 views

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow

Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7...

9.8CVSS9.8AI score0.10746EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/13 12:0 a.m.602 views

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

!/usr/bin/env ruby CVE-2018-7600 Drupal &1' ; " bashcmd = "echo " + Base64.strictencode64bashcmd + " | base64 -d" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Function httprequest type data def httprequesturl, type="get", payload="", cookie="" puts verbose"HTTP -...

9.8CVSS10AI score0.99993EPSS
Exploits46
Total number of security vulnerabilities5000