Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2018/10/10 12:0 a.m.480 views

WhatsApp - RTP Processing Heap Corruption

Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet. 08-31 15:43:50.721 9428 9713 F libc : Fatal signal 11 SIGSEGV, code 1, fault addr 0x7104200000 in tid 9713 Thread-11 08-31 15:43:50.722 382 382 W : debuggerd: handling request: pid=9428 uid=10119...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/14 12:0 a.m.480 views

WordPress Core 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities

!/usr/bin/env ruby .---. .---. : : o : happy antiblogging, dear kids! ..-: 0 : :-.. / .-'' ' ---' ---' " -. Copyright c Lance M. Havok .' " ' " . " . ' " . : '.---.,,.,...,.,.,.,..---. ' ; . " . .' " .' ----- All rights reserved. . '. .-/|||||||-. .' ' .' 2006, 2007. . -. |||/ .-' " .' . "...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.479 views

TestLink 1.19 - Arbitrary File Download (Unauthenticated)

Exploit Title: TestLink 1.19 - Arbitrary File Download Unauthenticated Google Dork: inurl:/testlink/ Date: 07/12/2021 Exploit Author: Gonzalo Villegas Cl34r Exploit Author Homepage: https://nch.ninja Vendor Homepage: https://testlink.org/ Version:1.16 = 1.19 CVSS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/13 12:0 a.m.479 views

Police Crime Record Management System 1.0 - 'casedetails' SQL Injection

Exploit Title: Police Crime Record Management System 1.0 - 'casedetails' SQL Injection Date: 12/08/2021 Exploit Author: Ömer Hasan Durmuş Software Link: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Version: v1.0 Category: Webapps Tested on: Linux/Windows Ste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/01 12:0 a.m.479 views

Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Online Catering Reservation System 1.0 - Unauthenticated Remote Code Execution Date: 28-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11355/online-catering-reservation.html Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.479 views

Millewin 13.39.146.1 - Local Privilege Escalation

Exploit Title: Millewin 13.39.146.1 - Local Privilege Escalation Date: 2021-02-07 Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link:...

8.8CVSS8.9AI score0.05794EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.479 views

Curfew e-Pass Management System 1.0 - Stored XSS

Exploit Title: Curfew e-Pass Management System 1.0 - Stored XSS Date: 2/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/curfew-e-pass-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10/Wamp 1 Log into the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.479 views

Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation

Exploit Title: Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation Date: 03.12.2020 Exploit Author: Maximilian Barz and Daniel Schwendner Vendor Homepage: https://us.macally.com/products/wifisd2 Version: 2.000.010 Tested on: Kali Linux 5.7.0-kali1-amd64 CVE : CVE-2020-29669...

9CVSS8.9AI score0.04866EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/06/05 12:0 a.m.479 views

Online Course Registration 1.0 - Authentication Bypass

Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/09 12:0 a.m.479 views

Wikidforum 2.20 - 'select_sort' SQL Injection

Exploit Title: Wikidforum 2.20 - 'selectsort' SQL Injection Date: 2018-10-08 Exploit Author: Seccops - Siber Güvenlik Hizmetleri https://seccops.com Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/13 12:0 a.m.479 views

Microsoft Windows .NET Framework - Remote Code Execution

Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WSDL parser log. Then the parsing log results in running...

9.3CVSS8.2AI score0.88698EPSS
Exploits14
Exploit DB
Exploit DB
added 2010/07/03 12:0 a.m.479 views

phpMyAdmin - Config File Code Injection (Metasploit)

$Id: phpmyadminconfig.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.8CVSS9.6AI score0.95438EPSS
Exploits16
Exploit DB
Exploit DB
added 2022/08/09 12:0 a.m.478 views

Prestashop blockwishlist module 2.1.0 - SQLi

Exploit Title: Prestashop blockwishlist module 2.1.0 - SQLi Date: 29/07/22 Exploit Author: Karthik UJ @5up3r541y4n Vendor Homepage: https://www.prestashop.com/en Software Link blockwishlist: https://github.com/PrestaShop/blockwishlist/releases/tag/v2.1.0 Software Link prestashop:...

8.8CVSS8.8AI score0.24146EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/02/26 12:0 a.m.478 views

Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Disk Savvy Enterprise v10.4.18', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/08 12:0 a.m.477 views

soosyze 2.0.0 - File Upload

Title: soosyze 2.0.0 - File Upload Author: nu11secur1ty Date: 04.26.2023-08.28.2023 Vendor: https://soosyze.com/ Software: https://github.com/soosyze/soosyze/releases/tag/2.0.0 Reference: https://portswigger.net/web-security/file-upload Description: Broken file upload logic. The malicious user ca...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.477 views

Kramer VIAware - Remote Code Execution (RCE) (Root)

Exploit Title: Remote Code Execution as Root on KRAMER VIAware Date: 31/03/2022 Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys,...

10CVSS9.6AI score0.70753EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.477 views

Spring Cloud Gateway 3.1.0 - Remote Code Execution (RCE)

Exploit Title: Spring Cloud Gateway 3.1.0 - Remote Code Execution RCE Google Dork: N/A Date: 03/03/2022 Exploit Author: Carlos E. Vieira Vendor Homepage: https://spring.io/ Software Link: https://spring.io/projects/spring-cloud-gateway Version: This vulnerability affect Spring Cloud Gateway 3.0.7...

10CVSS10AI score0.98253EPSS
Exploits54
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.477 views

Croogo 3.0.2 - Remote Code Execution (Authenticated)

Exploit Title: Croogo 3.0.2 - Remote Code Execution Authenticated Date: 05/12/2021 Exploit Author: Deha Berkin Bir Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 ==...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.477 views

Online Hotel Reservation System 1.0 - Cross-site request forgery (CSRF)

Exploit Title: Online Hotel Reservation System 1.0 - Cross-site request forgery CSRF Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/28 12:0 a.m.477 views

Blueman < 2.1.4 - Local Privilege Escalation

Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Date: 2020-10-27 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE...

7.1CVSS6.9AI score0.04539EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/01/24 12:0 a.m.477 views

Webtareas 2.0 - 'id' SQL Injection

Exploit Title: Webtareas 2.0 - 'id' SQL Injection Date: 2020-01-23 Exploit Author: Greg.Priest Vendor Homepage: http://webtareas.sourceforge.net/general/home.php Software Link: http://webtareas.sourceforge.net/general/home.php Version: Webtareas v2.0 Tested on: Windows CVE : N/A Webtareas v2.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/09 12:0 a.m.477 views

Oracle Weblogic 10.3.6.0.0 - Remote Command Execution

Exploit Title: Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Date: 2020-01-08 Exploit Author: Waffles & Paveway3 Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html Version: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 Tested on: Windows CVE : CVE-2019-2729 SerialLogic.py...

9.8CVSS9.7AI score0.8883EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/10/09 12:0 a.m.477 views

Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)

Exploit Title: Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow SEH DEP Bypass Date: 2018-10-08 Exploit Author: Matteo Malvica Vendor: Cleanersoft Software Software Link: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper Tested Version: 2.8 Tested on OS: Windows 7 -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/04/05 12:0 a.m.477 views

Microsoft Windows Kernel - 'win32k.sys' Local Privilege Escalation (MS14-058)

Sources: https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-lab-exploiting-cve-2014-4113.pdf https://github.com/sam-b/CVE-2014-4113 EDB Mirror: https://www.exploit-db.com/docs/english/39665-windows-kernel-exploitation-101-exploiting-cve-2014-4113.pdf Trigger and exploit code for CVE-2014-4113...

7.8CVSS7AI score0.87042EPSS
Exploits22
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.476 views

LPAR2RRD 8.04 - Remote Code Execution (RCE)

/ Author : Byte Reaper Title : LPAR2RRD 8.04 - Remote Code Execution RCE CVE : CVE-2025-54769 Vulnerability: RCE && directory traversal Description : Uploads a malicious Perl script via the LPAR2RRD upgrade endpoint, exploits directory traversal to place it in a CGI-executable path, then triggers...

8.8CVSS6.5AI score0.03038EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.476 views

WhatsUp Gold 2022 (22.1.0 Build 39) - XSS

Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...

6.1CVSS6.3AI score0.0213EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.476 views

Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting XSS Date: 11/01/2022 Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/16 12:0 a.m.476 views

GetSimple CMS My SMTP Contact Plugin 1.1.1 - Cross-Site Request Forgery

Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: 15/04/2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor: NetExplorer...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/11 12:0 a.m.476 views

Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow (SEH) (PoC)

Exploit Title: Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-04 Vulnerable Software: Frigate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.476 views

VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution

Exploit Title: VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit Author: Tomas Melicher Technical Details: https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/ Date: 2020-05-24 Vendor Homepage: https://www.vmware.com/ Software Link:...

8.8CVSS8.8AI score0.211EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/05/22 12:0 a.m.476 views

Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service (PoC)

Exploit Title: Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service PoC Date: 2020-05-16 Found by: Alvaro J. Gene Socket0x03 Software Link: https://konica-minolta-ftp-utility.software.informer.com/download/ Vulnerable Application: Konica Minolta FTP Utility Version: 1.0 Server: FTP Server...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/09 12:0 a.m.476 views

Seqrite End Point Security 7.4 - Privilege Escalation

Exploit Title: Seqrite End Point Security 7.4 - Privilege Escalation Date: 2018-09-13 Exploit Author: Hashim Jawad - @ihack4falafel Vendor Homepage: https://www.seqrite.com/ Tested on: Windows 7 Enterprise SP1 x64 CVE: CVE-2018-17775 Description: Seqrite End Point Security v7.4 installs by defaul...

7.8CVSS7.8AI score0.01027EPSS
Exploits3
Exploit DB
Exploit DB
added 2016/10/04 12:0 a.m.476 views

ISC BIND 9 - Denial of Service

import socket import struct TARGET = '192.168.200.10', 53 QA = 1 QTSIG = 250 DNSMESSAGEHEADERLEN = 12 def buildbindnukequestion="\x06google\x03com\x00", udpsize=512: queryA = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16QA + "\x00\x01" sweetspot = udpsize -...

7.8CVSS7.2AI score0.89482EPSS
Exploits7
Exploit DB
Exploit DB
added 2024/08/28 12:0 a.m.475 views

Gitea 1.22.0 - Stored XSS

Exploit Title: Stored XSS in Gitea Date: 27/08/2024 Exploit Authors: Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/go-gitea/gitea Version: 1.22.0 Tested on: Linux 5.15.0-107, Go 1.23.0 CVE: CVE-2024-6886 Vulnerability Description Gitea 1.22.0 is vulnerable to a Stored...

10CVSS7.4AI score0.40321EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.475 views

Task Management System 1.0 - Unrestricted File Upload to Remote Code Execution

Exploit Title: Task Management System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-08 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Lin...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/03 12:0 a.m.475 views

Coastercms 5.8.18 - Stored XSS

Exploit Title: Coastercms 5.8.18 - Stored XSS Exploit Author: Hardik Solanki Vendor Homepage: https://www.coastercms.org/ Software Link: https://www.coastercms.org/ Version: 5.8.18 Tested on Windows 10 XSS IMPACT: 1: Steal the cookie 2: User redirection to a malicious website Vulnerable Parameter...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.475 views

Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork

Exploit Title: Artworks Gallery 1.0 - Arbitrary File Upload RCE Authenticated Date: November 17th, 2020 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: Source Code & Projects https://code-projects.org Software Link:...

9CVSS8.9AI score0.11894EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/10/11 12:0 a.m.475 views

WAGO 750-881 01.09.18 - Cross-Site Scripting

Exploit Title: WAGO 750-881 01.09.18 - Cross-Site Scripting Date: 2018-08-30 Exploit Author: SecuNinja @secuninja Vendor Homepage: wago.com Version: 01.09.1813 and earlier Affected Products: Ethernet Controller 750-881 - 01.09.1813, 01.08.01 10 CVE : N/A Description WAGO 750-881 Ethernet Controll...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/15 12:0 a.m.474 views

SISQUALWFM 7.1.319.103 - Host Header Injection

Exploit Title: SISQUALWFM 7.1.319.103 Host Header Injection Discovered Date: 17/03/2023 Reported Date: 17/03/2023 Resolved Date: 13/10/2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://www.sisqualwfm.com Version: 7.1.319.103 Tested on: SISQUAL WFM 7.1.319.103 Affected Versio...

6.1CVSS6.3AI score0.00507EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/09/08 12:0 a.m.474 views

Drupal 10.1.2 - web-cache-poisoning-External-service-interaction

Title: drupal-10.1.2 web-cache-poisoning-External-service-interaction Author: nu11secur1ty Date: 08/30/2023 Vendor: https://www.drupal.org/ Software: https://www.drupal.org/download Reference: https://portswigger.net/kb/issues/00300210external-service-interaction-http Description: It is possible ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.474 views

Wondershare Filmora 12.2.9.2233 - Unquoted Service Path

Exploit Title: Wondershare Filmora 12.2.9.2233 - Unquoted Service Path Date: 2023/04/23 Exploit Author: msd0pe Vendor Homepage: https://www.wondershare.com My Github: https://github.com/msd0pe-1 Wondershare Filmora: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.474 views

Franklin Fueling Systems TS-550 - Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Default Password Date: 4/16/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks and access to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.474 views

mPDF 7.0 - Local File Inclusion

Exploit Title: mPDF 7.0 - Local File Inclusion Google Dork: N/A Date: 2022-07-23 Exploit Author: Musyoka Ian Vendor Homepage: https://mpdf.github.io/ Software Link: https://mpdf.github.io/ Version: CuteNews Tested on: Ubuntu 20.04, mPDF 7.0.x CVE: N/A !/usr/bin/env python3 from urllib.parse impor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/01 12:0 a.m.474 views

Veyon 4.4.1 - 'VeyonService' Unquoted Service Path

Exploit Title: Veyon 4.4.1 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Discovery Date: 2020-03-23 Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.4.1/veyon-4.4.1.0-win64-setup.exe Tested Version: 4.4.1 Vulnerability Type...

8CVSS7.2AI score0.11123EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/23 12:0 a.m.474 views

School Faculty Scheduling System 1.0 - 'username' SQL Injection

Exploit Title: School Faculty Scheduling System 1.0 - 'username' SQL Injection Date: 22/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.474 views

Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation

Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Date: 2019-11-22 Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability...

7.8CVSS9AI score0.03595EPSS
Exploits4
Exploit DB
Exploit DB
added 2008/11/20 12:0 a.m.474 views

PHP 5.2.6 - 'error_log' Safe_mode Bypass

SecurityReason.com PHP 5.2.6 errorlog safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.11.2008 - - Public: 20.11.2008 SecurityReason Research SecurityAlert Id: 57 CWE: CWE-264 SecurityRisk: Medium Affected Software: PHP 5.2.6 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.473 views

Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure

Titles: Microsoft Edge Chromium-based 135.0.7049.114/.115 - Information Disclosure Date: 08/02/2025 Vendor: Microsoft Software: https://www.microsoft.com/bg-bg/edge/download?form=MA13FJ Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49741 Description CVE-2025-49741...

7.5CVSS6.4AI score0.03375EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.473 views

Swagger UI 1.0.3 - Cross-Site Scripting (XSS)

/ Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-8191 Title : Swagger UI 1.0.3 - Cross-Site Scripting XSS Description : CVE-2025-8191, a vulnerability in the Swagger UI service due to poor description parameter filtering, leading to command execution on a remote server. / include...

5.4CVSS3.9AI score0.01646EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.473 views

Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over

Exploit Title: Lost and Found Information System v1.0 - idor leads to Account Take over Date: 2023-12-03 Exploit Author: OR4NG.M4N Category : webapps CVE : CVE-2023-38965 Python p0c : import argparse import requests import time parser = argparse.ArgumentParserdescription='Send a POST request to t...

9.8CVSS9.7AI score0.01264EPSS
Exploits4
Total number of security vulnerabilities5000