Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.566 views

Kados R10 GreenBee - 'release_id' SQL Injection

Exploit Title: Kados R10 GreenBee - 'releaseid' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.kados.info/ Software Link: https://sourceforge.net/projects/kados/ Version: R10 GreenBee Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.566 views

Heatmiser Wifi Thermostat 1.7 - Credential Disclosure

Exploit Title: Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Dork: intitle:"Heatmiser Wifi Thermostat" Date: 2018-08-17 Exploit Author: d0wnp0ur Original Discoverer: Andrew Tierney Vendor Lnk: https://www.heatmiser.com/en/ Product Link: https://www.heatmiser.com/en/wireless-thermostats/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/15 12:0 a.m.566 views

WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow

=============================================================================================== WarFTP 1.65 USER Remote Buffer Overflow SEH overflow Exploit By Umesh Wanve =============================================================================================== Date : 15-03-2007 Tested on...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/26 12:0 a.m.566 views

PHP-Update 2.7 - '/admin/uploads.php' Remote Code Execution

!/usr/bin/perl rgod u fucking little piece of shit faggot. way to ruin a private exploit, scumbag use strict; use IO::Socket; use MIME::Base64; use Getopt::Std; my $app = "PHP-Update 2.7"; my $type = "Remote Code Execution"; my $author = "undefined1"; my $date = "2006-10-21"; my $settings = "none...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/09 12:0 a.m.565 views

PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: PAN-OS 10.0 - Remote Code Execution RCE Authenticated Date: 2022-08-13 Exploit Author: UnD3sc0n0c1d0 Software Link: https://security.paloaltonetworks.com/CVE-2020-2038 Category: Web Application Version: 10.0.1, 9.1.4 and 9.0.10 Tested on: PAN-OS 10.0 - Parrot OS CVE : CVE-2020-2038...

9CVSS6.9AI score0.86086EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/11/24 12:0 a.m.565 views

CMSimple 5.4 - Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)

Exploit Title: CMSimple 5.4 - Local file inclusion LFI to Remote code execution RCE Authenticated Date: 11/15/2021 Exploit Author: S1lv3r Vendor Homepage: https://www.cmsimple.org/en/ Software Link: https://www.cmsimple.org/en/ Version: CMSimple 5.4 Tested on: CMSimple 5.4 writeup:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/26 12:0 a.m.565 views

Elasticsearch ECE 7.13.3 - Anonymous Database Dump

Exploit Title: Elasticsearch ECE 7.13.3 - Anonymous Database Dump Date: 2021-07-21 Exploit Author: Joan Martinez @magichk Vendor Homepage: https://www.elastic.co/ Software Link: https://www.elastic.co/ Version: = 7.10.0 to = 7.13.3 Tested on: Elastic ECE Cloud CVE : CVE-2021-22146 Reference:...

7.5CVSS7.6AI score0.27788EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/07/08 12:0 a.m.565 views

Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution RCE Authenticated Date 07.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://smartypantsplugins.com/ Software Link:...

8.8CVSS8.7AI score0.52007EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/09/09 12:0 a.m.565 views

Input Director 1.4.3 - 'Input Director' Unquoted Service Path

Exploit Title: Input Director 1.4.3 - 'Input Director' Unquoted Service Path Discovery Date: 2020-09-08 Response from Input Director Support: 09/09/2020 Exploit Author: TOUHAMI Kasbaoui Vendor Homepage: https://www.inputdirector.com/ Version: 1.4.3 Tested on: Windows Server 2012, Windows 10 Find...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/27 12:0 a.m.565 views

eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution

Exploit Title: eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution Date: 2020-07-27 Exploit Author: Berk KIRAS Vendor Homepage: https://www.egroupware.org/en/ Version: 1.14 Tested on: Apache Berk KIRAS PwC - Cyber Security Specialist !/usr/bin/python3 import requests import sys import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/02/06 12:0 a.m.565 views

Tube Ace (Adult PHP Tube Script) - SQL Injection

Exploit Title: Tube AceAdult PHP Tube Script SQL Injection Date: 05/02/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software: Tube Ace http://www.tubeace.com Tested on: Linux Dork: "?viewStandard=0" Comment Greetz: Hernan Jais...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/03/29 12:0 a.m.565 views

glFusion 1.1.2 - 'COM_applyFilter()/order' SQL Injection

= 4.1 php.ini independent our site: http://retrogod.altervista.org/ software site: http://www.glfusion.org/ google dork: "Page created in" "seconds by glFusion" +RSS Vulnerability, sql injection in 'order' and 'direction' arguments: look ExecuteQueries function in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.564 views

Microsoft IIS - WebDav 'ScStoragePathFromUrl' Remote Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule ' Microsoft IIS WebDav ScStoragePathFromUrl Overflow', 'Description' = %q Buffer overflow in the ScStoragePathFromUrl function in the WebDAV servic...

10CVSS9.6AI score0.99823EPSS
Exploits39
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.563 views

FusionPBX 4.5.29 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: FusionPBX 4.5.29 - Remote Code Execution RCE Authenticated Date: 11/08/2021 Exploit Author: Luska Vendor Homepage: https://www.fusionpbx.com/ Software Link: https://github.com/fusionpbx/fusionpbx Version: 4.5.30 Tested on: Debian CVE : CVE-2021-43405 !/usr/bin/python3 import reques...

8.8CVSS8.9AI score0.35628EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/23 12:0 a.m.563 views

Point of Sales 1.0 - 'username' SQL Injection

Exploit Title: Point of Sales 1.0 - 'username' SQL Injection Date: 22/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/18 12:0 a.m.563 views

Microsoft Word - '.RTF' Remote Code Execution

!/usr/bin/env python ''' Exploit toolkit CVE-2017-0199 - v4.0 https://github.com/bhdresh/CVE-2017-0199 Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41894.zip ''' import os,sys,thread,socket,sys,getopt,binascii,shutil,tempfile from random import randin...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.562 views

Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit

!/usr/bin/env python Exploit Title: Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.561 views

WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download

Exploit Title: WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download Google Dork: N/A Date: 07.27.2022 Exploit Author: SecuriTrust Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: 1.4.7 Tested on: Linux, Windows CVE :...

7.5CVSS7.6AI score0.12485EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/20 12:0 a.m.561 views

Macro Expert 4.7 - Unquoted Service Path

Exploit Title: Macro Expert 4.7 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 4.7 Date: 20.10.2021 Vendor Homepage: http://www.macro-expert.com/ Tested on: Windows 10 C:\Users\Mertsc qc "Macro Expert" SC QueryServiceConfig SUCCESS SERVICENAME: Macro Expert TYPE : 10 WIN32OWNPROCESS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/22 12:0 a.m.561 views

CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS)

Exploit Title: CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting XSS Date: 2021/03/19 Exploit Author: bt0 Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: https://s3.amazonaws.com/cmsms/downloads/14832/cmsms-2.2.15-install.zip Version: 2.2.15 CVE: CVE-2021-28935...

5.4CVSS5.5AI score0.01574EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/03 12:0 a.m.561 views

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 2 Authors and Contributors: cts, help from r4j, debug by nu11secur1ty Date: 30.01.2021 Vendor: https://www.sudo.ws/ Link: https://www.sudo.ws/download.html CVE: CVE-2021-3156 + Source:...

7.8CVSS8.6AI score0.99295EPSS
Exploits81
Exploit DB
Exploit DB
added 2020/10/07 12:0 a.m.561 views

Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting

Exploit Title: Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting Exploit Author: Alperen Ergel Web Site: https://alperenae.gitbook.io/ Software Homepage: https://textpattern.com/ Version : 4.6.2 Tested on: windows 10 / xammp Category: WebApp Google Dork: intext:"Published with...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.561 views

Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities

Exploit Title: Centos Web Panel 0.9.8.480 Multiple Vulnerabilities Exploit Author: Seccops - Siber Güvenlik Hizmetleri https://seccops.com Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/system-requirements Version: 0.9.8.480 Tested on: Centos 7 Vulnerabilit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.560 views

Liferay Portal - Java Unmarshalling via JSONWS RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Liferay Portal Java Unmarshalling via JSONWS RCE', 'Description' = %q This module exploits a Java unmarshalling vulnerability via JSONWS in Lifer...

9.8CVSS9.8AI score0.99783EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.560 views

FLIR Brickstream 3D+ - RTSP Stream Disclosure

FLIR Systems FLIR Brickstream 3D+ Unauthenticated RTSP Stream Disclosure Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842 Api: 1.0.0 Node: 0.10.33 Onvif: 0.1.1.47 Summary: The Brickstream line of sensors provides highly accurate,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.560 views

Advanced HRM 1.6 - Remote Code Execution

Exploit Title: Advanced HRM 1.6 - Remote Code Execution Google Dork: intext:"Advanced HRM" Date: 2018-10-06 Exploit Author: Renos Nikolaou Vendor Homepage: https://coderpixel.com/ Software Link: https://codecanyon.net/item/advanced-hrm/17767006 Version: 1.6 Tested on: Windows 10 CVE: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/07/13 12:0 a.m.560 views

phpVibe - Arbitrary File Disclosure

In The Name Of ALLAH Exploit Title: phpVibe ALL versions LFD vulnerability Google Dork: "powered by phpvibe" Date: 2015/07/13 july 13th Exploit Author: ali ahmady -- Iranian Security Researcher snip3rirathotmail.com Vendor Homepage: http://www.phpvibe.com/ Software Link: http://get.phpvibe.com/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.559 views

Apache Log4j2 2.14.1 - Information Disclosure

Exploit Title: Apache Log4j2 2.14.1 - Information Disclosure Date: 12/12/2021 Exploit Author: leonjza Vendor Homepage: https://logging.apache.org/log4j/2.x/ Version: None: printf' i| new connection from self.clientaddress0' sock = self.request sock.recv1024 sock.sendallLDAPHEADER data =...

10CVSS9.8AI score0.99999EPSS
Exploits352
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.559 views

Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/28 12:0 a.m.559 views

SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting

Exploit Title: SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2020-08-28 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.getsymphony.com/ Software Link: https://www.getsymphony.com/ Version: 3.0.0 Tested on: Windows CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/12 12:0 a.m.559 views

Phoenix Contact WebVisit 2985725 - Authentication Bypass

Exploit Title: Phoenix Contact WebVisit 2985725 - Authentication Bypass Date: 2018-09-30 Exploit Author: Deneut Tijl Vendor Homepage: www.phoenixcontact.com Software Link: https://www.phoenixcontact.com/online/portal/nl/?uri=pxc-oc-itemdetail:pid=2985725&library=nlnl&pcck=P-19-05-01&tab=5 Version...

7.5CVSS7.4AI score0.11199EPSS
Exploits4
Exploit DB
Exploit DB
added 2013/03/06 12:0 a.m.559 views

VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys'

/ CVE-2013-1406 exploitation PoC by Artem Shishkin, Positive Research, Positive Technologies, 02-2013 / void stdcall FireShellDWORD dwSomeParam EscalatePrivilegeshProcessToElevate; // Equate the stack and quit the cycle ifndef AMD64 asm pop ebx pop edi push 0xFFFFFFF8 push 0xA010043 endif HANDLE...

7.2CVSS6.4AI score0.00968EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/05 12:0 a.m.558 views

kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition

Exploit Title: kk Star Ratings Extensions Turbo Intruder Send to turbo intruder. 5- Drop the initial request and turn Intercept off. 6- In the Turbo Intruder window, add "%s" to the end of the connection header e.g. "Connection: close %s". 7- Use the code examples/race.py. 8- Click "Attack" at th...

5.9CVSS5.8AI score0.00414EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/08/13 12:0 a.m.558 views

easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: easy-mock 1.6.0 - Remote Code Execution RCE Authenticated Date: 12/08/2021 Exploit Author: LionTree Vendor Homepage: https://github.com/easy-mock Software Link: https://github.com/easy-mock/easy-mock Version: 1.5.0-1.6.0 Tested on: windows 10node v8.17.0 import requests import json...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.558 views

Bludit 3.9.2 - Authentication Bruteforce Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bludit Panel Brute force', 'Description' = %q This Module performs brute force attack on Bludit Panel. , 'Author' = 'Eren Simsek ', 'License' =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/29 12:0 a.m.558 views

Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution (MS15-011)

Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows...

8.3CVSS6.8AI score0.2858EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.557 views

Hospital Management Startup 1.0 - 'Multiple' SQLi

Exploit Title: Hospital Management Startup 1.0 - 'loginid' SQLi Exploit Author: nu11secur1ty Date: 02.10.2022 Vendor: https://github.com/kabirkhyrul Software: https://github.com/kabirkhyrul/HMS CVE-2022-23366 Description: The loginid and password parameters from Hospital Management Startup 1.0...

9.8CVSS9.8AI score0.06708EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/20 12:0 a.m.557 views

SonicWall SMA 10.2.1.0-17sv - Password Reset

Exploit Title: SonicWall SMA 10.2.1.0-17sv - Password Reset Description: Overwrite the persistent database, resulting in password reset on reboot. Shodan Dork: https://www.shodan.io/search?query=title%3A%22Virtual+Office%22+%22Server%3A+SonicWall%22 Date: 10/19/2021 Exploit Author: Jacob Baines...

9.1CVSS9.4AI score0.80701EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.557 views

rconfig 3.9.6 - Arbitrary File Upload

Exploit Title: rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution Authenticated 2 Exploit Author: Vishwaraj Bhattrai Date: 18/04/2021 Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: = v3.9.6 Tested against Server Host:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.557 views

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13, OS: necov1.8-0-g7ffe5b3, Hardware: Flir Systems Ne...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/16 12:0 a.m.556 views

CS-Cart 1.3.3 - authenticated RCE

Exploit Title: CS-Cart authenticated RCE Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.3 Vulnerability Type: authenticated RCE get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell edit ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/28 12:0 a.m.555 views

Asterisk AMI - Partial File Content & Path Disclosure (Authenticated)

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.7AI score0.4557EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.555 views

Online Movie Streaming 1.0 - Authentication Bypass

Exploit Title: Online Movie Streaming 1.0 - Authentication Bypass Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.555 views

P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery (Add Admin)

Exploit Title: P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery Add Admin Google Dork:jizhicms Date: 2020-04-18 Exploit Author: iej1ctk1g Product web page: https://www.p5.hu Affected version: 1.0.20, 1.0.11 CVE : N/A !-- P5 FNIP-8x16A/FNIP-4xSH CSRF Stored Cross-Site Scripting Vendor: ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/25 12:0 a.m.554 views

Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection

RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15 and later Fixed Versions: since 1.4.2.20...

9CVSS7.5AI score0.95923EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.554 views

WordPress Plugin Support Board 1.2.3 - Cross-Site Scripting

Exploit Title: Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: https://schiocco.com/ Software Link : https://board.support/ Software : Support Board - Chat And Help Desk Version : v1.2.3 Vulernability Type : Code...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.554 views

FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure

Exploit Title: FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: http://www.brickstream.com Affected version: Firmware: 2.1.742.1842, Api: 1.0.0, Node: 0.10.33, Onvif: 0.1.1.47 Tested on: Tita...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/12 12:0 a.m.553 views

PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path

Exploit Title: PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-11-2020 Vendor Homepage: https://www.pdfcomplete.com/cms/dpl/tabid/111/Default.aspx?r=du2vH8r Software Links : https://pdf-complete.informer.com/download/ Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/07 12:0 a.m.553 views

TapinRadio 2.13.7 - Denial of Service (PoC)

Exploit Title: TapinRadio 2.13.7 - Denial of Service PoC Date: 2020-05-12 Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/tapinradiosetupx64.exe Version: 2.13.7 x64 Tested on: Windows 10 Home x64 STEPS Open the program TapinRadio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.553 views

Library CMS 2.1.1 - Cross-Site Scripting

Exploit Title: Library CMS 2.1.1 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://kaasoft.pro/ Software Link : https://library.kaasoft.pro/ Software : Library CMS - Powerful Book Management System Version : v 2.1.1 Vulernability Type : Cross-site...

7AI score
Exploits0
Total number of security vulnerabilities5000