Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.509 views

InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal

Exploit Title: InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal Date: 11/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: innovastudio.com Product: Asset Manager Version: = Asset Manager ASP Version 5.4 Tested on: Windows 10 and Windows...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.509 views

PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)

Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/05 12:0 a.m.509 views

Fluig 1.7.0 - Path Traversal

Exploit Title: Fluig 1.7.0 - Path Traversal Date: 26/11/2020 Exploit Author: Lucas Souza Vendor Homepage: https://www.totvs.com/fluig/ Version: payload.txt curl -s https://raw.githubusercontent.com/lucxssouza/banners/main/xFluig/banner banner -- FUNCTIONS -- function create-payload wordlist.txt...

8.9AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.509 views

Beauty Parlour Management System 1.0 - 'sername' SQL Injection

Exploit Title: Beauty Parlour Management System 1.0 - 'sername' SQL Injection Date: 19/2/2021 Exploit Author: Thinkland Security Team Vendor Homepage: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/03 12:0 a.m.509 views

EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass

Exploit Title: EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass Date: 02-12-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/egm-address-book/ Version: 1.0 Tested on: PopOS Attack Vector: An attacker can gain...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/27 12:0 a.m.509 views

LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting

Exploit Title: LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting Date: 05/26/2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 Patch Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/05/25 12:0 a.m.509 views

Ubiquiti airOS - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubiquiti airOS Arbitrary File Upload', 'Description' = %q This module exploits a pre-auth file upload to install a new root user to /etc/passwd an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/30 12:0 a.m.509 views

Sendmail 8.12.8 (BSD) - 'Prescan()' Remote Command Execution

/ Sendmail 8.12.8 prescan PROOF OF CONCEPT exploit by bysin This is to prove that the bug in sendmail 8.12.8 and below is vulnerable. On sucessful POC exploitation the program should crash with the following: Program received signal SIGSEGV, Segmentation fault. 0x5c5c5c5c in ?? / include include...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.508 views

Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)

Exploit Title: Cockpit Version 234 - Server-Side Request Forgery Unauthenticated Date: 08.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://cockpit-project.org/ Version: v234 Tested on: Ubuntu 18.04 !/usr/bin/python3 import argparse import requests import sys import urllib3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.507 views

Windows 11 10.0.22000 - Backup service Privilege Escalation

Title: Windows 11 10.0.22000 - Backup service Privilege Escalation Author: nu11secur1ty Date: 01.13.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-21752...

7.1CVSS7.8AI score0.05327EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.507 views

Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

5.4CVSS5.5AI score0.01647EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.507 views

PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting

Exploit Title: PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: PEEL SHOPPING 9.3.0 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.506 views

Microsoft Windows - Storage QoS Filter Driver Checker

Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...

7.8CVSS7.4AI score0.00586EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/05/29 12:0 a.m.506 views

WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing

Exploit Title: WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing Google Dork: inurl:/wp-content/plugins/digits/ Date: 2025-04-30 Exploit Author: Saleh Tarawneh Vendor Homepage: https://digits.unitedover.com/ Version: 8.4.6.1 CVE : CVE-2025-4094 """ The Digits plugin for...

9.8CVSS7AI score0.16444EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.506 views

ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)

Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Date: 03/06/2023 Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions Tested on: Linux CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager"...

9.8CVSS7.4AI score0.1929EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.506 views

Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation (Unauthenticated)

Exploit Title: Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation Unauthenticated Google Dork: inurl:/wp-content/plugins/thecartpress/ Date: 04/10/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugin/thecartpress Version: spacehen www.github.com/spacehen" def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.506 views

OpenEMR 5.0.0 - Remote Code Execution (Authenticated)

Exploit Title: OpenEMR 5.0.0 - Remote Code Execution Authenticated Date 10.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.0/openemr-5.0.0.zip/download Version: 5.0.0 Teste...

8.8CVSS8.8AI score0.15188EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.506 views

LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection

Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection Google Dork: Unknown Date: 13-12-2020 Exploit Author: Hodorsec Vendor Homepage: https://www.librenms.org Software Link: https://github.com/librenms/librenms Update notice:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/23 12:0 a.m.506 views

Point of Sales 1.0 - 'id' SQL Injection

Exploit Title: Point of Sales 1.0 - SQL Injection Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/pos0.zip Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/26 12:0 a.m.506 views

TP-Link Archer C50 3 - Denial of Service (PoC)

Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Date: 2020-01-25 Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...

7.8CVSS7AI score0.28223EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.506 views

Bash 5.0 Patch 11 - SUID Priv Drop Exploit

Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include include...

7.8CVSS8.1AI score0.02608EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.505 views

LaborOfficeFree 19.10 - MySQL Root Password Calculator

Exploit Title: LaborOfficeFree 19.10 MySQL Root Password Calculator - CVE-2024-1346 Google Dork: N/A Date: 09/02/2023 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.laborofficefree.com/ Software Link: https://www.laborofficefree.com/plans Version: 19.10 Tested on...

6.8CVSS6.7AI score0.00392EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.505 views

Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path

Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.505 views

Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery (SSRF)

Exploit Title: Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery SSRF Date: 09 Jun 2021 Exploit Author: Alex Birnberg Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Version: 16.0.10372.20060 Tested on: Windows Serv...

8.1CVSS7.7AI score0.04563EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/04/17 12:0 a.m.505 views

Nexus Repository Manager - Java EL Injection RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nexus Repository Manager Java EL Injection RCE', 'Description' = %q This module exploits a Java Expression Language EL injection in Nexus...

9CVSS8.7AI score0.99064EPSS
Exploits10
Exploit DB
Exploit DB
added 2004/10/06 12:0 a.m.505 views

BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion

source: https://www.securityfocus.com/bid/11336/info BlackBoard Internet Newsboard System is reported prone to a remote file include vulnerability. This issue presents itself because the application fails to sanitize user-supplied data properly. This issue may allow an attacker to include malicio...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.504 views

PaperCut NG/MG 22.0.4 - Authentication Bypass

Exploit Title: PaperCut NG/MG 22.0.4 - Authentication Bypass Date: 21 April 2023 Exploit Author: MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests from bs4 import BeautifulSoup import re def vulnversion: ip = input"Ent...

9.8CVSS9.6AI score0.99999EPSS
Exploits24
Exploit DB
Exploit DB
added 2022/06/27 12:0 a.m.504 views

Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Date: 06.18.2022 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/29 12:0 a.m.504 views

Simple Public Chat Room 1.0 - Authentication Bypass SQLi

Exploit Title: Simple Public Chat Room 1.0 - Authentication Bypass SQLi Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/14 12:0 a.m.504 views

Ticket-Booking 1.4 - Authentication Bypass

Exploit Title: Ticket-Booking 1.4 - Authentication Bypass Author: Cakes Discovery Date: 2019-09-14 Vendor Homepage: https://github.com/ABHIJEET-MUNESHWAR/Ticket-Booking Software Link: https://github.com/ABHIJEET-MUNESHWAR/Ticket-Booking/archive/master.zip Tested Version: 1.4 Tested on OS: CentOS ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/05 12:0 a.m.504 views

Exim 4.87 < 4.91 - (Local / Remote) Command Execution

Qualys Security Advisory The Return of the WIZard: RCE in Exim CVE-2019-10149 ======================================================================== Contents ======================================================================== Summary Local exploitation Remote exploitation - Non-default...

10CVSS9.8AI score0.99961EPSS
Exploits27
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.503 views

MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/08 12:0 a.m.502 views

Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities

Exploit Title: Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities Google Dork: N/A Date: 25/08/2023 Exploit Author: The Security Team exploitsecurity.io Vendor Homepage: https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570 Software...

7.5CVSS7AI score0.02548EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.502 views

Auerswald COMfortel 2.8F - Authentication Bypass

Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration...

7.5CVSS7.6AI score0.5106EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/12 12:0 a.m.502 views

WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/28 12:0 a.m.502 views

aptdaemon < 1.1.1 - File Existence Disclosure

Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusinterface = dbus.Interfaceaptdbusobject, "or...

5.5CVSS5.4AI score0.004EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/09 12:0 a.m.502 views

Tailor Management System - 'id' SQL Injection

Exploit Title: Tailor Management System - 'id' SQL Injection Google Dork: N/A Date: 2020-09-08 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.502 views

FreeSWITCH - Event Socket Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/23 12:0 a.m.502 views

Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation

Exploit Title: Nagios XI 5.5.6 Remote Code Execution and Privilege Escalation Date: 2019-01-22 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.nagios.com/ Product: Nagios XI Software Link: https://assets.nagios.com/downloads/nagiosxi/5/xi-5.5.6.tar.gz Version: From 2012r1.0 to 5.5...

9.8CVSS8.7AI score0.89362EPSS
Exploits10
Exploit DB
Exploit DB
added 2021/06/29 12:0 a.m.501 views

ES File Explorer 4.1.9.7.4 - Arbitrary File Read

Exploit Title: ES File Explorer 4.1.9.7.4 - Arbitrary File Read Date: 29/06/2021 Exploit Author: Nehal Zaman Version: ES File Explorer v4.1.9.7.4 Tested on: Android CVE : CVE-2019-6447 import requests import json import ast import sys if lensys.argv file to download" sys.exit1 url = 'http://' +...

8.1CVSS8.3AI score0.6202EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.501 views

Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path

Exploit Title: Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Software Link: http://down.myequil.com/dn/setup/ScrapBookwin/down.html Tested Version: 3.6 Tested on OS: Windows 10 Pro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.501 views

Cisco Adaptive Security Appliance - Path Traversal (Metasploit)

require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without...

7.5CVSS7.9AI score0.99903EPSS
Exploits18
Exploit DB
Exploit DB
added 2020/05/22 12:0 a.m.500 views

VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR)

Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Date: 2020-05-22 Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py ===================================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/11 12:0 a.m.500 views

Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection

Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and SQL Server Management Studio 18.0 Previe...

5.5CVSS5.8AI score0.23373EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/10/11 12:0 a.m.500 views

Phoenix Contact WebVisit 6.40.00 - Password Disclosure

Exploit Title: Phoenix Contact WebVisit 6.40.00 - Password Disclosure Exploit Author: Deneut Tijl Date: 2018-09-30 Vendor Homepage: www.phoenixcontact.com Software Link: https://www.phoenixcontact.com/online/portal/nl/?uri=pxc-oc-itemdetail:pid=2985725&library=nlnl&pcck=P-19-05-01&tab=5 Version:...

7.3CVSS7.2AI score0.05845EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/06/10 12:0 a.m.499 views

Virtual Airlines Manager 2.6.2 - 'id' SQL Injection

Exploit Title: Virtual Airlines Manager 2.6.2 - 'id' SQL Injection Date: 2020-06-09 Exploit Author: Mosaaed Vendor Homepage: http://virtualairlinesmanager.net/ Dork: N/A Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A ------------------- xss...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/07 12:0 a.m.499 views

QuickDate 1.3.2 - SQL Injection

Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:55.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/24 12:0 a.m.499 views

Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery

NBG-418N v2 Modem CSRF Exploit & PoC...

8.8CVSS8.8AI score0.02975EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/05/01 12:0 a.m.498 views

ZTE ZXV10 H201L - RCE via authentication bypass

Exploit Title: ZTE ZXV10 H201L - RCE via authentication bypass Exploit Author: l34n tasos meletlidis https://i0.rs/blog/finding-0click-rce-on-two-zte-routers/ import http.client, requests, os, argparse, struct, zlib from io import BytesIO from os import stat from Crypto.Cipher import AES def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/22 12:0 a.m.498 views

Responsive Tourism Website 3.1 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Responsive Tourism Website 3.1 - Remote Code Execution RCE Unauthenticated Date: 22.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14838/simple-responsive-tourism-website-using-php-free-source-code.html Version: V 3.1 Tested on: MacOS &...

7.4AI score
Exploits0
Total number of security vulnerabilities5000