Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
•added 2021/02/17 12:0 a.m.•601 views

Billing Management System 2.0 - 'email' SQL injection Auth Bypass

Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass Date: 2021-02-16 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software: Billi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/24 12:0 a.m.•601 views

Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure

Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure Date: 2020-08-21 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: =3.8.0 CVE: N/A Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure Vendor: EIBIZ Co.,Ltd. Product web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/07/17 12:0 a.m.•601 views

Simple Startup Manager 1.17 - 'File' Local Buffer Overflow (PoC)

Exploit Title: Simple Startup Manager 1.17 - 'File' Local Buffer Overflow PoC Exploit Author: PovlTekstTV Date: 2020-07-15 Vulnerable Software: Simple Startup Manager Software Link Download: http://www.ashkon.com/download/startup-manager.exe Version: 1.17 Vulnerability Type: Local Buffer Overflow...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/05/01 12:0 a.m.•601 views

Super Backup 2.0.5 for iOS - Directory Traversal

Title: Super Backup 2.0.5 for iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-30 Software: https://apps.apple.com/us/app/super-backup-export-import/id1052684097 CVE: N/A Document Title: =============== Super Backup v2.0.5 iOS - Directory Traversal Vulnerability References...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/07/16 12:0 a.m.•600 views

Argus Surveillance DVR 4.0 - Weak Password Encryption

Exploit Title: Argus Surveillance DVR 4.0 - Weak Password Encryption Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 12.07.2021 Version: Argus Surveillance DVR 4.0 Tested on: Windows 7 x86 Build 7601 & Windows 10 Reference: https://deathflash1411.github.io/blog/dvr4-hash-crack...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/10/21 12:0 a.m.•598 views

Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read

Exploit Title: Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read Date: 11 October 2021 Exploit Author: z4nd3r Vendor Homepage: http://www.echatserver.com/ Software Link: http://www.echatserver.com/ Version: 3.1 Tested on: Windows 10 Pro Build 19042, English Description: The web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/02/19 12:0 a.m.•598 views

OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting

Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Date: 19/02/2021 Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/06/12 12:0 a.m.•599 views

Avaya IP Office 11 - Password Disclosure

Exploit Title: Avaya IP Office 11 - Password Disclosure Exploit Author: hyp3rlinx Date: 2020-06-09 Vender Homepage: https://downloads.avaya.com Product Link: https://downloads.avaya.com/css/P8/documents/101067493 CVE: CVE-2020-7030 + Credits: John Page aka hyp3rlinx + Website:...

5.5CVSS5.5AI score0.01EPSS
Exploits3
Exploit DB
Exploit DB
•added 2019/11/01 12:0 a.m.•598 views

Nostromo - Directory Traversal Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nostromo Directory Traversal Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in...

9.8CVSS9.8AI score0.99057EPSS
Exploits24
Exploit DB
Exploit DB
•added 2018/01/29 12:0 a.m.•598 views

Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic wls-wsat Component Deserialization RCE', 'Description' = %q The Oracle WebLogic WLS WSAT Component is vulnerable to a XML...

7.5CVSS7.9AI score0.99993EPSS
Exploits45
Exploit DB
Exploit DB
•added 2016/10/03 12:0 a.m.•598 views

Apache Tomcat 8/7/6 (Debian-Based Distros) - Local Privilege Escalation

============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-1240 - Release date: 30.09.2016 - Revision: 1 - Severity: High ============================================= I. VULNERABILITY -------------------------...

7.8CVSS7.8AI score0.09783EPSS
Exploits8
Exploit DB
Exploit DB
•added 2023/08/10 12:0 a.m.•597 views

TP-Link Archer AX21 - Unauthenticated Command Injection

!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...

8.8CVSS9AI score0.99999EPSS
Exploits7
Exploit DB
Exploit DB
•added 2021/02/26 12:0 a.m.•597 views

Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)

!/usr/bin/env python3 -- coding: utf-8 -- standard modules from metasploit import module extra modules DEPENDENCIESMISSING = False try: import base64 import itertools import os import requests except ImportError: DEPENDENCIESMISSING = True Metasploit Metadata metadata = 'name': 'Microsoft RDP Web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/12/16 12:0 a.m.•597 views

GitLab 11.4.7 - Remote Code Execution (Authenticated)

Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution No Interaction Required Date: 15th December 2020 Exploit Author: Mohin Paramasivam Shad0wQu35t Software Link: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested on...

7.7CVSS0.3AI score0.2819EPSS
Exploits5
Exploit DB
Exploit DB
•added 2017/02/03 12:0 a.m.•597 views

ntfs-3g (Debian 9) - Local Privilege Escalation

!/bin/bash echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" echo "@ CVE-2017-0359, PoC by Kristian Erik Hermansen @" echo "@ ntfs-3g local privilege escalation to root @" echo "@ Credits to Google Project Zero @" echo "@ Affects: Debian 9/8/7, Ubuntu, Gentoo, others @" echo "@ Tested:...

10CVSS7.8AI score0.02277EPSS
Exploits10
Exploit DB
Exploit DB
•added 2020/10/28 12:0 a.m.•596 views

Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)

Exploit Title: Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection Authenticated Date: 10-27-2020 Vulnerability Discovery: Chris Lyne Vulnerability Details: https://www.tenable.com/security/research/tra-2020-58 Exploit Author: Matthew Aberegg Vendor Homepage:...

9CVSS7AI score0.78632EPSS
Exploits7
Exploit DB
Exploit DB
•added 2019/07/17 12:0 a.m.•596 views

MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow

Exploit Title: MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow Author: hyp3rlinx Discovery Date: 2019-07-17 Vendor Homepage: www.computerlab.com Software Link: https://www.computerlab.com/index.php/downloads/category/27-device-manager Software Link:...

9.8CVSS9.8AI score0.24403EPSS
Exploits5
Exploit DB
Exploit DB
•added 2022/02/23 12:0 a.m.•594 views

Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution (RCE)

Exploit Title: Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution RCE Google Dork: intext:"adobe coldfusion 11" Date: 2022-22-02 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•594 views

PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting XSS Date: May 3rd 2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/12/07 12:0 a.m.•594 views

Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow

Dup Scout Enterprise 10.0.18 - 'onlineregistration' Remote Buffer Overflow Requires web service to be enabled. Tested on Windows 10 Pro x64 Based on: https://www.exploit-db.com/exploits/43145 and https://www.exploit-db.com/exploits/40457 Credits: Tulpa and SICKNESS for original exploits Modified:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/10/23 12:0 a.m.•594 views

Gym Management System 1.0 - Stored Cross Site Scripting

Exploit Title: Gym Management System 1.0 - Stored Cross Site Scripting Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/06/26 12:0 a.m.•594 views

OpenEMR 5.0.1 - 'controller' Remote Code Execution

Exploit Title: OpenEMR 5.0.1 - 'controller' Remote Code Execution Date: 2020-06-22 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.open-emr.org/ Software Link: https://www.open-emr.org/wiki/index.php/OpenEMRDownloads Version: v5.0.1 Tested on: Linux Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/05/20 12:0 a.m.•594 views

BIND - 'TSIG' Denial of Service

!/usr/bin/python coding:utf-8 from scapy.all import DNS, DNSQR, IP, sr1, UDP, DNSRRTSIG, DNSRROPT tsig = DNSRRTSIGrrname="local-ddns", algoname="hmac-sha256", rclass=255, maclen=0, macdata="", timesigned=0, fudge=300, error=16 dnsreq = IPdst='127.0.0.1'/UDPdport=53/DNSrd=1, ad=1,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/01/04 12:0 a.m.•593 views

MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path

Exploit Title: MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path Discovery by: Thalia Nieto Discovery Date: 02/01/21 Vendor Homepage: https://www.minitool.com Software Link: https://www.minitool.com/backup/thanks-download.html?v=sm-free&r=download-center/ Tested Version: 3.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/12/22 12:0 a.m.•593 views

Webmin 1.962 - 'Package Updates' Escape Bypass RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...

8.7AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/10/16 12:0 a.m.•593 views

aaPanel 6.6.6 - Privilege Escalation & Remote Code Execution (Authenticated)

Exploit Title: aaPanel 6.6.6 - Authenticated Privilege Escalation Google Dork: Date: 04.05.2020 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.aapanel.com/ Software Link: https://github.com/aaPanel/aaPanel Version: 6.6.6 REQUIRED Tested on: Linux ubuntu 4.4.0-131-gener...

9CVSS7.1AI score0.0597EPSS
Exploits5
Exploit DB
Exploit DB
•added 2020/08/27 12:0 a.m.•593 views

Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload (Authenticated)

Exploit Title: Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload Authenticated Date: 2020-08-24 Software Link: https://wordpress.org/plugins/autoptimize/ Author : SunCSR Team Version: v2.7.6 Tested on Ubuntu 18.04 / Kali Linux Reference: https://wpvulndb.com/vulnerabilities/10372...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2019/09/20 12:0 a.m.•593 views

LayerBB < 1.1.4 - Cross-Site Request Forgery

Exploit Title: LayerBB 1.1.3 - Multiple CSRF Date: 4/7/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=30 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-16531 1. Description: LayerBB is a free open-source forum...

8.8CVSS9AI score0.02549EPSS
Exploits5
Exploit DB
Exploit DB
•added 2021/01/21 12:0 a.m.•592 views

Online Documents Sharing Platform 1.0 - 'user' SQL Injection

Exploit Title: Online Documents Sharing Platform 1.0 - 'user' SQL Injection Date: 21.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://www.sourcecodester.com/php/14653/online-documents-sharing-platform-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/14 12:0 a.m.•592 views

RAD SecFlow-1v SF_0290_2.3.01.26 - Persistent Cross-Site Scripting

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...

9.3CVSS7.4AI score0.04663EPSS
Exploits7
Exploit DB
Exploit DB
•added 2020/05/28 12:0 a.m.•591 views

NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection

Exploit Title: NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection Exploit Author: Berk Dusunur Google Dork: N/A Type: Web App Date: 2020-05-28 Vendor Homepage: https://www.nokia.com Software Link: https://www.nokia.com/networks/products/vitalsuite-performance-management-software/ Affected...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2015/10/02 12:0 a.m.•591 views

ASX to MP3 Converter 1.82.50 (Windows XP SP3) - '.asx' Local Stack Overflow

''' Exploit Title: ASX to MP3 Converter 1.82.50 Stack Overflow Date: 2 Oct 2015 Exploit Author: exptr Vendor Homepage: http://mini-stream.net Version: 1.82.50 Tested on: Windows XP SP3 ''' import struct filename = "exploit.asx" dummy = "A"0x104 EIP = struct.pack'I', 0x76af3adc FFFF =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2012/05/05 12:0 a.m.•591 views

PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection

Exploit Title: Cve-2012-1823 PHP CGI Argument Injection Exploit Date: May 4, 2012 Author: rayh4c0x4080sec0x2ecom Exploit Discovered by wofeiwo0x4080sec0x2ecom import socket import sys def cgiexploit: pwncode = """""" postLength = lenpwncode httpraw="""POST...

9.8CVSS10AI score0.99998EPSS
Exploits42
Exploit DB
Exploit DB
•added 2020/12/01 12:0 a.m.•590 views

TypeSetter 5.1 - CSRF (Change admin e-mail)

Exploit Title: TypeSetter 5.1 - CSRF Change admin e-mail Exploit Author: Alperen Ergel Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Kali & ubuntu Category: WebApp Description Attacker can change admin e-mail address Vulnerable - Go to the admin page view preferences ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/07/30 12:0 a.m.•590 views

Online Shopping Alphaware 1.0 - Authentication Bypass

Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Date: 2020-07-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/11/23 12:0 a.m.•589 views

Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)

Exploit Title: Linux Kernel 5.1.x - 'PTRACETRACEME' pkexec Local Privilege Escalation 2 Date: 11/22/21 Exploit Author: Ujas Dhami Version: 4.19 - 5.2.1 Platform: Linux Tested on: Ubuntu 19.04 kernel 5.0.0-15-generic Parrot OS 4.5.1 kernel 4.19.0-parrot1-13t-amd64 Kali Linux kernel...

7.8CVSS8.2AI score0.52199EPSS
Exploits21
Exploit DB
Exploit DB
•added 2024/03/28 12:0 a.m.•588 views

RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service

Exploit Title: CVE-2024-27686: RouterOS-SMB-DOS Google Dork: N/A Date: 03/04/2024 Exploit Author: ice-wzl, Solstice Cyber Solutions Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download/archive Version: RouterOS devices ranging from 6.40.5 - 6.44 and 6.48.1 - 6.49.10...

7.5CVSS7AI score0.00591EPSS
Exploits7
Exploit DB
Exploit DB
•added 2020/12/14 12:0 a.m.•588 views

Rumble Mail Server 0.51.3135 - 'servername' Stored XSS

Exploit Title: Rumble Mail Server 0.51.3135 - 'servername' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2008/06/14 12:0 a.m.•588 views

Alstrasoft AskMe Pro 2.1 - Multiple SQL Injections

-+================================================================================+- -+ AlstraSoft AskMe Pro = 2.1 SQL Injection Vulnerabilitys +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On: 10 JUNE 2008 Script...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/08/04 12:0 a.m.•587 views

qdPM 9.2 - Password Exposure (Unauthenticated)

Exploit Title: qdPM 9.2 - DB Connection String and Password Exposure Unauthenticated Date: 03/08/2021 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: Ubuntu 20.04 Apache2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/12/18 12:0 a.m.•587 views

SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)

Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service Poc Data: 18-Dec-2020 Exploit Author: Ahmed Elkhressy Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7, Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/15 12:0 a.m.•587 views

Tailor MS 1.0 - Reflected Cross-Site Scripting

Exploit Title: Tailor MS 1.0 - Reflected Cross-Site Scripting Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-09-14 CVE ID: CVE-2020-23835 Vendor Homepage: https://www.sourcecodester.com Software Link:...

6.4CVSS6.3AI score0.02289EPSS
Exploits3
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•586 views

Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)

Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit: https://metasploit.com/download Current...

9.3CVSS8.8AI score0.73779EPSS
Exploits24
Exploit DB
Exploit DB
•added 2025/06/26 12:0 a.m.•585 views

Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)

Exploit Title: Pterodactyl Panel 1.11.11 - Remote Code Execution RCE Date: 22/06/2025 Exploit Author: Zen-kun04 Vendor Homepage: https://pterodactyl.io/ Software Link: https://github.com/pterodactyl/panel Version: 1.11.11 Tested on: Ubuntu 22.04.5 LTS CVE: CVE-2025-49132 import requests import js...

10CVSS7.4AI score0.13105EPSS
Exploits28
Exploit DB
Exploit DB
•added 2021/09/06 12:0 a.m.•585 views

FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: FlatCore CMS 2.0.7 - Remote Code Execution RCE Authenticated Date: 04/10/2021 Exploit Author: Mason Soroka-Gill @sgizoid Vendor Homepage: https://flatcore.org/ Software Link: https://github.com/flatCore/flatCore-CMS/archive/refs/tags/v2.0.7.tar.gz Version: 2.0.7 Tested on: Ubuntu...

9CVSS7AI score0.45948EPSS
Exploits4
Exploit DB
Exploit DB
•added 2017/10/02 12:0 a.m.•585 views

Dnsmasq < 2.78 - Heap Overflow

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open two terminals docker build -t dnsmasq . docker run --rm -t -i...

9.8CVSS9AI score0.93307EPSS
Exploits5
Exploit DB
Exploit DB
•added 2011/03/04 12:0 a.m.•585 views

JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Command Execution

JBoss AS Remote Exploit by Kingcope use IO::Socket; use LWP::UserAgent; use URI::Escape; use MIME::Base64; sub usage print "JBoss AS Remote Exploit\nby Kingcope\n\nusage: perl jboss.pl \n"; print "example: perl daytona.pl 192.168.2.10 8080 192.168.2.2 443 lnx\n"; exit; if $ARGV != 4 usage; $host ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2022/08/01 12:0 a.m.•584 views

NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/12/20 12:0 a.m.•584 views

WBCE CMS 1.5.1 - Admin Password Reset

Exploit Title: WBCE CMS 1.5.1 - Admin Password Reset Google Dork: intext: "Way Better Content Editing" Date: 20/12/2021 Exploit Author: citril or https://github.com/maxway2021 Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: = 1.5.1 Tested on: Linux CVE :...

9.8CVSS9.7AI score0.37824EPSS
Exploits4
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•583 views

Voting System 1.0 - Authentication Bypass (SQLI)

Exploit Title: Voting System 1.0 - Authentication Bypass SQLI Date: 06/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities5000