Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.450 views

HCL Lotus Notes V12 - Unquoted Service Path

Exploit Title: HCL Lotus Notes V12- Unquoted Service Path Exploit Author: Mert DAŞ Version: V12 Date: 01/12/2021 Vendor Homepage: https://www.hcltechsw.com/domino/download Tested on: Windows 10 ProcessId : 3860 Name : LNSUSvc DisplayName : HCL Notes Smart Upgrade Hizmeti PathName :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/08 12:0 a.m.450 views

WordPress Plugin TablePress 1.14 - CSV Injection

Exploit Title: WordPress Plugin TablePress 1.14 - CSV Injection Date: 07/09/2021 Exploit Author: Nikhil Kapoor Vendor Homepage: Software Link: https://wordpress.org/plugins/tablepress/ Version: 1.14 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1. Install...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/10 12:0 a.m.450 views

Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 2020-06-10 Exploit Author: Extinction Vendor Homepage: https://adikiss.net/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.450 views

WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting

Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...

5.4CVSS5.6AI score0.03376EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.450 views

Craft CMS 2.7.9/3.2.5 - Information Disclosure

Exploit Title : CraftCms Users information disclosure From uploaded File Author Discovered By : Mohammed Abdul Raheem Author's Company Name : TrekShield IT Solution Author Exploit-db : https://www.exploit-db.com/?author=9783 Found Vulnerability On : 20-07-2019 Vendor Homepage:https://craftcms.com...

5.3CVSS5.6AI score0.07968EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/07/30 12:0 a.m.450 views

iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1

There is a memory corruption vulnerability when decoding an object of class NSKnownKeysDictionary1. This class decodes an object of type NSKnownKeysMappingStrategy1, which decodes a length member which is supposed to represent the length of the keys of the dictionary. However, this member is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.449 views

Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges

Exploit Title : Microsoft Graphics Component Windows 11 Pro Build 26100+ - Local Elevation of Privileges Author: nu11secur1ty Date: 07/11/2025 --- Overview This repository contains a PowerShell script to validate whether a Windows 11 system is vulnerable to CVE-2025-49744—a critical local privile...

7CVSS7.4AI score0.0071EPSS
Exploits1
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.449 views

Flowise 1.6.5 - Authentication Bypass

Exploit Title: Flowise 1.6.5 - Authentication Bypass Date: 17-April-2024 Exploit Author: Maerifat Majeed Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise/releases Version: 1.6.5 Tested on: mac-os CVE : CVE-2024-31621 The flowise version if...

7.6CVSS7.5AI score0.59867EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.449 views

Simple Online College Entrance Exam System 1.0 - Account Takeover

Exploit Title: Simple Online College Entrance Exam System 1.0 - Account Takeover Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/07 12:0 a.m.449 views

OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)

Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Date: 23/03/2021 Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/29 12:0 a.m.449 views

Online Examination System 1.0 - 'name' Stored Cross Site Scripting

Exploit Title: Online examination system 1.0 - 'name' Stored Cross Site Scripting Date: 29/10/2020 Exploit Author: Nikhil Kumar https://www.linkedin.com/in/nikhil-kumar-4b9443166/ Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/31 12:0 a.m.449 views

Mara CMS 7.5 - Reflective Cross-Site Scripting

Exploit Title: Mara CMS 7.5 - Reflective Cross-Site Scripting Google Dork: NA Date: 2020-08-01 Exploit Author: George Tsimpidas Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5 Tested on:...

6.1CVSS6.4AI score0.14552EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.448 views

MyBB 1.8.25 - Poll Vote Count SQL Injection

Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...

8.8CVSS7.5AI score0.04201EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.448 views

Codiad 2.8.4 - Remote Code Execution (Authenticated)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 !/usr/bin/env python encoding: utf-8 import requests import...

10CVSS9.6AI score0.38444EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.448 views

Xorg X11 Server - Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xorg X11 Server Local Privilege Escalation', 'Description' = %q WARNING: Successful execution of this module results in /etc/passwd being...

7.2CVSS7.2AI score0.2704EPSS
Exploits39
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.448 views

CentOS Control Web Panel 0.9.8.838 - User Enumeration

Exploit Title: CWP CentOS Control Web Panel 0.9.8.848 User Enumeration via HTTP Response Message Date: 15 July 2019 Exploit Author: Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage: https://control-webpanel.com/changelog Software Link: Not available, user panel on...

5.3CVSS5.6AI score0.14241EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/06/25 12:0 a.m.448 views

SuperDoctor5 - 'NRPE' Remote Code Execution

SuperMicro implemented a Remote Command Execution plugin in their implementation of NRPE in SuperDocter 5, which is their monitoring utility for SuperMicro chassis'. This is an intended feature but leaves the system open by default to unauthenticated remote command execution by abusing the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/12/18 12:0 a.m.448 views

Microsoft Windows 8.1 - 'win32k' Local Privilege Escalation (MS15-010)

Exploit Title: MS15-010/CVE-2015-0057 win32k Local Privilege Escalation Date: 2015-12-17 Exploit Author: Jean-Jamil Khalife Software Link: http://www.microsoft.com Version: Windows 8.1 x64 Tested on: Windows 8.1 x64 CVE : CVE-2015-0057 Proof of Concept:...

7.2CVSS7AI score0.12752EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/06/26 12:0 a.m.447 views

SolarWinds Platform 2024.1 SR1 - Race Condition

Exploit Title: SolarWinds Platform 2024.1 SR1 - Race Condition CVE: CVE-2024-28999 Affected Versions: SolarWinds Platform 2024.1 SR 1 and previous versions Author: Elhussain Fathy, AKA 0xSphinx import requests import urllib3 import asyncio import aiohttp...

7.5CVSS8.2AI score0.13913EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.447 views

Auerswald COMpact 8.0B - Arbitrary File Disclosure

Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX...

6.8CVSS5.2AI score0.02394EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/17 12:0 a.m.447 views

Online Shopping Portal 3.1 - Remote Code Execution (Unauthenticated)

Exploit Title: Online Shopping Portal 3.1 - Remote Code Execution Unauthenticated Date: 17.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: V3.1 Tested on: Windows & Ubuntu import requests import random import string url =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/01 12:0 a.m.447 views

Park Ticketing Management System 1.0 - 'viewid' SQL Injection

Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Google Dork: N/A Date: 29/1/2021 Exploit Author: Zeyad Azima Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Version: V1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/07 12:0 a.m.447 views

Complaint Management System 4.0 - Remote Code Execution

Exploit Title: Complaint Management System 4.0 - Remote Code Execution Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows Description: There...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/29 12:0 a.m.446 views

CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery CSRF to Remote Code Execution RCE Date: 14.04.2021 Exploit Author: niebardzo Vendor Homepage: https://www.cloverdx.com/ Software Link: https://github.com/cloverdx/cloverdx-server-docker Version: 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x,...

8.8CVSS8.9AI score0.04208EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.446 views

Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass

Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass Date: 14/01/2021 Exploit Author: Mesh3l911 Vendor Homepage: https://www.discourse.org/ Software Link:https://github.com/discourse/discourse Version: Discourse 2.7.0 CVE: CVE-2021-3138 import requests username = input"\n input ...

7.5CVSS7.6AI score0.03073EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.446 views

OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path

Exploit Title: OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path Exploit Auth: Tech Johnny Vendor Homepage: https://www.osas.com Version: 11 x86 Tested on: Windows 2012R2 Details: C:\Windows\system32wmic service get name, pathname, displayname, startmode | findstr /i "Auto...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.446 views

Open-AudIT Professional 3.3.1 - Remote Code Execution

Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Date: 2020-04-22 Exploit Author: Askar CVE: CVE-2020-8813 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings import random...

9.3CVSS8.8AI score0.73779EPSS
Exploits24
Exploit DB
Exploit DB
added 2020/03/25 12:0 a.m.446 views

AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path

Exploit Title: AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-24 Vendor Homepage:https://www.avast.com/ Software Link :https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version: 5.5.522.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/02/09 12:0 a.m.446 views

WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection

Exploit Title: WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection Exploit Author: sucuri.net @sucurisecurity Date: 2017-02-09 Google Dork : inurl:/wp-content/plugins/insert-php/ Vendor Homepage: https://fr.wordpress.org/plugins/insert-php/ Tested on: MSWin32 Version: 3.3.1 Explanation :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/25 12:0 a.m.446 views

ClanSphere 2010 - Multiple Vulnerabilities

Exploit Title: Clansphere Multiple vulnerabilities Date: 24/08/2010 Author: Sweet Contact : [email protected] Software Link: Download:http: http://sourceforge.net/projects/clansphere/ Version: all Tested on: WinXp sp3 Risk : HIGHT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.445 views

WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection

Exploit Title: Unauthenticated SQL Injection in WP Fastest Cache 1.2.2 Date: 14.11.2023 Exploit Author: Meryem Taşkın Vendor Homepage: https://www.wpfastestcache.com/ Software Link: https://wordpress.org/plugins/wp-fastest-cache/ Version: WP Fastest Cache 1.2.2 Tested on: WP Fastest Cache 1.2.2...

7.5CVSS7.6AI score0.73708EPSS
Exploits11
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.445 views

Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Exploit Title: Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash macOS Exploit Author: LiquidWorm Vendor: Google LLC Product web page: https://www.google.com Affected version: 111.0.5563.64 Official Build x8664 110.0.5481.100 Official Build x8664 108.0.5359.124 Official...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/01 12:0 a.m.445 views

Eudora Qualcomm WorldMail 3.0 - IMAPd 'LIST' Remote Buffer Overflow (Metasploit)

$Id: eudoralist.rb 9653 2010-07-01 23:33:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.5CVSS7AI score0.66803EPSS
Exploits10
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.444 views

Microsoft PowerPoint 2019 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Microsoft PowerPoint 2019 - Remote Code Execution RCE Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-07-02 Tested on: Microsoft PowerPoint 2019 / Office 365 version before June 2025 Patch CVE:...

7.8CVSS7.4AI score0.02054EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/20 12:0 a.m.444 views

Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

Titles: Microsoft Excel LTSC 2024 - Remote Code Execution RCE Author: nu11secur1ty Date: 06/16/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 CVE-2025-47957 Versions: Microsoft...

8.4CVSS7.4AI score0.0211EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.444 views

elFinder Web file manager Version - 2.1.53 Remote Command Execution

Exploit Title: elFinder Web file manager Version: 2.1.53 Remote Command Execution Date: 23/11/2023 Exploit Author: tmrswrr Google Dork: intitle:"elFinder 2.1.53" Vendor Homepage: https://studio-42.github.io/elFinder/ Software Link: https://github.com/Studio-42/elFinder/archive/refs/tags/2.1.53.zi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/01 12:0 a.m.444 views

Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS

Exploit Title: Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS Date: 01-11-2020 Exploit Author: yunaranyancat Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/tablereservation.zip Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.444 views

IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path

Title: IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path Author: Gobinathan L Date: 2020-06-03 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.5.0.15 Tested on: Windows 10 64bitEN About Unquoted Servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/05 12:0 a.m.444 views

Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution

Title: Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Author: Peter Lapp Date: 2019-12-05 Vendor: https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html CVE: CVE-2018-9021 an...

9.8CVSS9.8AI score0.20391EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/06/29 12:0 a.m.444 views

ActiveMQ < 5.14.0 - Web Shell Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ActiveMQ web shell upload', 'Description' = %q The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uplo...

9.8CVSS9.8AI score0.98518EPSS
Exploits19
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.444 views

Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE)

Titles: Microsoft Virtual Hard Disk VHDX 11 - Remote Code Execution RCE Author: nu11secur1ty Date: 07/23/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/windows/windows-11?r=1 Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-49683 Base Score: 7.8 HIGHVector:...

7.8CVSS6.3AI score0.01916EPSS
Exploits1
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.443 views

Credit Lite 1.5.4 - SQL Injection

Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Date: 31/07/2023 Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Version: 1.5.4 Tested on: Windows 10 Pro Impact:...

9.8CVSS9.7AI score0.01073EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/08/09 12:0 a.m.443 views

Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting XSS Date: 02-08-2022 Exploit Author: Shivam Singh Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/ Version: 2.1.1 REQUIRED Tested on: Linu...

5.4CVSS5.5AI score0.03574EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/02/18 12:0 a.m.443 views

WordPress Plugin dzs-zoomsounds 6.60 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: WordPress Plugin dzs-zoomsounds - Remote Code Execution RCE Unauthenticated Google Dork: inurl:wp-content/plugins/dzs-zoomsounds Date: 16/02/2022 Exploit Author: Overthinker1877 1877 Team Vendor Homepage: https://digitalzoomstudio.net/docs/wpzoomsounds/ Version: 6.60 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/30 12:0 a.m.443 views

Laundry Booking Management System 1.0 - Remote Code Execution (RCE)

Exploit Title: Laundry Booking Management System 1.0 - Remote Code Execution RCE Date: 29/11/2021 Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.443 views

Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path

Exploit Title: Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path Discovery by: Victor Mondragón Discovery Date: 23-02-2021 Vendor Homepage: https://www.softros.com/ Software Links : https://download.softros.com/SoftrosLANMessengerSetup.exe Tested Version: 9.6.4 Vulnerabili...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.443 views

ILIAS Learning Management System 4.3 - SSRF

Exploit Title: ILIAS Learning Management System 4.3 - SSRF Date: 10-08-2020 Exploit Author: Dot/kx1z0 Vendor Homepage: https://www.ilias.de/ Software Link: https://github.com/ILIAS-eLearning/ILIAS/tree/release4-3 Version: 4.3-5.1 Tested on: Linux Description We can create portfolios, export them ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.443 views

Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path

Exploit Title: Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path Discovery by: Carlos Roa Discovery Date: 2020-11-07 Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home Tested Version: 5.1.0.8 Vulnerability Type: Unquoted Service Path Tested on O...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/05 12:0 a.m.443 views

thejshen Globitek CMS 1.4 - 'id' SQL Injection

Exploit Title: thejshen Globitek CMS 1.4 - 'id' SQL Injection Date: 2019-11-01 Exploit Author: Cakes Vendor Homepage: https://github.com/thejshen/contentManagementSystem Software Link: https://github.com/thejshen/contentManagementSystem.git Version: 1.4 Tested on: CentOS 7 CVE: N/A The GET reques...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.443 views

MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting

Exploit Title: MyT Project Management - Userusername Stored Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://manageyourteam.net/index.html Software Link: https://sourceforge.net/projects/myt/files/latest/download Version: 1.5.1 Category: Webapps Tested o...

6.1CVSS6.5AI score0.02187EPSS
Exploits4
Total number of security vulnerabilities5000