Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
โ€ขadded 2024/06/14 12:0 a.m.โ€ข442 views

Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)

Exploit Title: Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution Date: 2023-03-31 Exploit Author: sf Vendor Homepage: https://www.zyxel.com/ Software Link: https://www.zyxel.com/ Version: ATP Firmware version 4.60 to 5.35 inclusive, USG FLEX Firmware version 4.60 to 5.35 inclusive, V...

9.8CVSS7.4AI score0.99284EPSS
Exploits8
Exploit DB
Exploit DB
โ€ขadded 2024/06/14 12:0 a.m.โ€ข442 views

Rebar3 3.13.2 - Command Injection

Exploit Title: Rebar3 3.13.2 Command Injection Date: 2020-06-03 Exploit Author: Alexey Pronin Vendor Homepage: https://rebar3.org Software Link: https://github.com/erlang/rebar3 Versions affected: 3.0.0-beta.3 - 3.13.2 Tested on: Linux CVE: CVE-2020-13802 1. Description: ----------------------...

10CVSS7.4AI score0.0675EPSS
Exploits3
Exploit DB
Exploit DB
โ€ขadded 2024/02/05 12:0 a.m.โ€ข442 views

Milesight Routers UR5X, UR32L, UR32, UR35, UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption

!/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password Encryption CVE: CVE-2023-43261 Script Author: Bipin Jitiya @win3zz Vendor: Milesight IoT - https://www.milesight-iot.com/ Formerly Xiamen Ursalink Technology Co., Ltd...

7.5CVSS7.6AI score0.59342EPSS
Exploits5
Exploit DB
Exploit DB
โ€ขadded 2025/04/16 12:0 a.m.โ€ข441 views

phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)

Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Version: 3.1.7 Tested on: Ubuntu Windows CVE : CVE-2022-4407 PoC: Get:...

9.8CVSS7.4AI score0.04381EPSS
Exploits2
Exploit DB
Exploit DB
โ€ขadded 2024/03/14 12:0 a.m.โ€ข441 views

JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)

Exploit Title: JetBrains TeamCity 2023.05.3 - Remote Code Execution RCE - Shodan Dork: http.title:TeamCity , http.favicon.hash:-1944119648 - Exploit Author: ByteHunter - Vendor: JetBrains - Email: [email protected] - vendor: JetBrains - Version: versions before 2023.05.4 - Tested on:...

9.8CVSS9.8AI score0.99979EPSS
Exploits17
Exploit DB
Exploit DB
โ€ขadded 2021/01/15 12:0 a.m.โ€ข441 views

PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message)

Exploit Title: PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery Delete admin shoutbox message Date: 2020-12-21 Exploit Author: Mohamed Oosman B S Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: 9.03.90 and below Tested...

4.3CVSS4.9AI score0.01365EPSS
Exploits3
Exploit DB
Exploit DB
โ€ขadded 2020/10/20 12:0 a.m.โ€ข441 views

User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS

Exploit Title: User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS Google Dork: N/A Date: 2020-08-07 Exploit Author: yusufmalikul Vendor Homepage: https://phpgurukul.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2020/09/09 12:0 a.m.โ€ข441 views

Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)

Exploit Title: Audio Playback Recorder 3.2.2 - Local Buffer Overflow SEH Date: 2020-09-08 Author: Felipe Winsnes Software Link: https://archive.org/download/tucows288670AudioPlaybackRecorder/AudioRec.exe Version: 3.2.2 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2023/10/09 12:0 a.m.โ€ข440 views

Limo Booking Software v1.0 - CORS

Title: Limo Booking Software v1.0 - CORS Author: nu11secur1ty Date: 09/08/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/limo-booking-software/sectionDemo Reference: https://portswigger.net/web-security/cors Description: The application implements an HTML5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2023/10/09 12:0 a.m.โ€ข440 views

Media Library Assistant Wordpress Plugin - RCE and LFI

Exploit Title: Media Library Assistant Wordpress Plugin - RCE and LFI Date: 2023/09/05 CVE: CVE-2023-4634 Exploit Author: Florent MONTEL / Patrowl.io / @Pepitoh / Twitter @Pepitooh Exploitation path: https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/ Exploit:...

9.8CVSS9.8AI score0.82585EPSS
Exploits6
Exploit DB
Exploit DB
โ€ขadded 2021/11/15 12:0 a.m.โ€ข440 views

KONGA 0.14.9 - Privilege Escalation

Exploit Title: KONGA 0.14.9 - Privilege Escalation Date: 10/11/2021 Exploit Author: Fabricio Salomao & Paulo Trindade @paulotrindadec Vendor Homepage: https://github.com/pantsel/konga Software Link: https://github.com/pantsel/konga/archive/refs/tags/0.14.9.zip Version: 0.14.9 Tested on: Linux -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/08/16 12:0 a.m.โ€ข440 views

COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass

Exploit Title: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Date: 02.08.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Biometric Access Control System 1.0.0 Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/08/10 12:0 a.m.โ€ข440 views

Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection

Exploit Title: Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection Date: 06-08-2021 Exploit Author: Brian Ombongi Vendor Homepage: https://getcockpit.com/ Version: Cockpit 0.11.1 Tested on: Ubuntu 16.04.7 CVE : CVE-2020-35847 & CVE-2020-35848 !/usr/bin/python3 import json...

9.8CVSS9.6AI score0.98294EPSS
Exploits9
Exploit DB
Exploit DB
โ€ขadded 2020/08/04 12:0 a.m.โ€ข440 views

Pi-hole 4.3.2 - Remote Code Execution (Authenticated)

!/usr/bin/env python2 Exploit Title: Pi-hole 4.3.2 - Remote Code Execution Authenticated Date: 2020-08-04 Exploit Author: Luis Vacas @CyberVaca Vendor Homepage: https://pi-hole.net/ Software Link: https://github.com/pi-hole/pi-hole Version: = 4.3.2 Tested on: Ubuntu 19.10 CVE : CVE-2020-8816...

9.1CVSS7.2AI score0.7819EPSS
Exploits13
Exploit DB
Exploit DB
โ€ขadded 2020/07/23 12:0 a.m.โ€ข440 views

FTPDummy 4.80 - Local Buffer Overflow (SEH)

Exploit Title: FTPDummy 4.80 - Local Buffer Overflow SEH Date: 2020-07-22 Author: Felipe Winsnes Software Link: http://www.dummysoftware.com/ftpdummy.html Version: 4.80 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will create the fil...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2019/02/19 12:0 a.m.โ€ข440 views

Listing Hub CMS 1.0 - 'pages.php id' SQL Injection

Exploit Title: Listing Hub CMS 1.0 - 'pages.php id' SQL Injection Google Dork: inurl:"pages.php?title=privacy-policy" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage: https://themerig.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2016/11/27 12:0 a.m.โ€ข440 views

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method)

// EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // // ----------------------------------------------------------------- // Copyright C 2016...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2010/02/05 12:0 a.m.โ€ข440 views

Oracle 11g - Multiple Privilege Escalation Vulnerabilities

source: https://www.securityfocus.com/bid/38115/info Oracle Database is prone to multiple remote privilege-escalation issues because it fails to properly restrict access to certain packages. The attacker can exploit these issues to escalate their privileges to DBA or execute arbitrary operating...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2025/08/18 12:0 a.m.โ€ข439 views

RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)

Exploit Title: RiteCMS 3.0.0 โ€“ Reflected Cross-Site Scripting XSS Google Dork: N/A Date: 2024-08-12 Exploit Author: GURJOT SINGH Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.0.0/ritecms.v3.0.0.zip Version: Steps: 1. Log in or...

6.1CVSS7.4AI score0.01317EPSS
Exploits4
Exploit DB
Exploit DB
โ€ขadded 2021/12/09 12:0 a.m.โ€ข439 views

LimeSurvey 5.2.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: LimeSurvey 5.2.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:limesurvey/index.php/admin/authentication/sa/login Date: 05/12/2021 Exploit Author: Y1LD1R1M Vendor Homepage: https://www.limesurvey.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/07/21 12:0 a.m.โ€ข439 views

CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2019/07/19 12:0 a.m.โ€ข439 views

fuel CMS 1.4.1 - Remote Code Execution (1)

Exploit Title: fuel CMS 1.4.1 - Remote Code Execution 1 Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start = haystack.findneedle, start+1 n -= 1 return start...

9.8CVSS9.8AI score0.82937EPSS
Exploits17
Exploit DB
Exploit DB
โ€ขadded 2024/03/14 12:0 a.m.โ€ข438 views

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

9.8CVSS6.9AI score0.74697EPSS
Exploits4
Exploit DB
Exploit DB
โ€ขadded 2021/10/28 12:0 a.m.โ€ข438 views

PHPGurukul Hostel Management System 2.1 - Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)

Exploit Title: PHPGurukul Hostel Management System 2.1 - Cross-site request forgery CSRF to Cross-site Scripting XSS Date: 2021-10-27 Exploit Author: Anubhav Singh Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Vulnerable...

7AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2020/12/02 12:0 a.m.โ€ข438 views

Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting

Exploit Title: Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting Date: 26-11-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2020/12/02 12:0 a.m.โ€ข438 views

Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover

Exploit Title: Anuko Time Tracker 1.19.23.5311 - Password Reset Vulnerability leading to Account Takeover Date: 2020-11-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5311 Tested on: Kali...

9.8CVSS9.7AI score0.07764EPSS
Exploits2
Exploit DB
Exploit DB
โ€ขadded 2020/06/04 12:0 a.m.โ€ข438 views

Navigate CMS 2.8.7 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Navigate CMS 2.8.7 - Cross-Site Request Forgery Add Admin Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2020/03/30 12:0 a.m.โ€ข438 views

Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Local Privilege Escalation

CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel Garcรญa Gutiรฉrrez @danigargu Manuel Blanco Parajรณn @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...

10CVSS9.2AI score0.9981EPSS
Exploits125
Exploit DB
Exploit DB
โ€ขadded 2019/11/28 12:0 a.m.โ€ข438 views

GHIA CamIP 1.2 for iOS - 'Password' Denial of Service (PoC)

Exploit Title: GHIA CamIP 1.2 for iOS - 'Password' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019-11-27 Vendor Homepage: https://apps.apple.com/mx/app/ghia-camip/id1342090963 Software Link: App Store for iOS devices Tested Version: 1.2 Vulnerability Type: Denial of Servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2014/10/04 12:0 a.m.โ€ข438 views

OpenVPN 2.2.29 - 'Shellshock' Remote Command Injection

Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port 1194 proto udp dev tun client-cert-not-required...

10CVSS10AI score0.99999EPSS
Exploits132
Exploit DB
Exploit DB
โ€ขadded 2025/04/14 12:0 a.m.โ€ข437 views

Pimcore 11.4.2 - Stored cross site scripting

Exploit Title: Authenticated Stored Cross-Site Scripting XSS Via Search Document Google Dork: N/A Date: 1/28/2025 Exploit Author: maeitsec Vendor Homepage: https://pimcore.com/ Software Link: https://github.com/pimcore/pimcore Version: Pimcore 10.5.x prior to 10.5.21 and 11.x prior to 11.1.1 Test...

5.1CVSS4.3AI score0.01039EPSS
Exploits2
Exploit DB
Exploit DB
โ€ขadded 2024/04/02 12:0 a.m.โ€ข437 views

Employee Management System 1.0 - `txtfullname` and `txtphone` SQL Injection

Exploit Title: Employee Management System 1.0 - txtfullname and txtphone SQL Injection Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16999/employee-management-system.html Version: 1.0 Tested on:...

9.6AI score
Exploits3
Exploit DB
Exploit DB
โ€ขadded 2024/02/28 12:0 a.m.โ€ข437 views

WP Rocket < 2.10.3 - Local File Inclusion (LFI)

Paulos Yibelo discovered and reported this Local File Inclusion vulnerability in WordPress WP Rocket Plugin. This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2023/10/09 12:0 a.m.โ€ข437 views

Clcknshop 1.0.0 - SQL Injection

Exploit Title: Clcknshop 1.0.0 - SQL Injection Exploit Author: CraCkEr Date: 16/08/2023 Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Version: 1.0.0 Tested on: Window...

9.8CVSS9.9AI score0.45639EPSS
Exploits3
Exploit DB
Exploit DB
โ€ขadded 2023/09/08 12:0 a.m.โ€ข437 views

Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS

Exploit Title: Axigen if xhr1.readyState === XMLHttpRequest.DONE hcookie = new URLxhr1.responseURL.search.split"="1; xhr2.open'PATCH', /api/v1/conversations/MQ/?h=$hcookie, true; xh...

6.1CVSS6.3AI score0.52088EPSS
Exploits4
Exploit DB
Exploit DB
โ€ขadded 2021/07/06 12:0 a.m.โ€ข437 views

Pallets Werkzeug 0.15.4 - Path Traversal

Exploit Title: Pallets Werkzeug 0.15.4 - Path Traversal Date: 06 July 2021 Original Author: Emre ร–VรœNร‡ Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://palletsprojects.com/ Software Link: https://github.com/pallets/werkzeug Version: Prior to 0.15.5 Tested on:...

7.5CVSS7.6AI score0.55526EPSS
Exploits7
Exploit DB
Exploit DB
โ€ขadded 2020/06/22 12:0 a.m.โ€ข437 views

Odoo 12.0 - Local File Inclusion

Exploit Title: Odoo 12.0 - Local File Inclusion Date: 2019-06-14 Exploit Author: Emre ร–VรœNร‡ Vendor Homepage: https://www.odoo.com/ Software Link: https://www.odoo.com/trTR/page/download Version: v12.0 Tested on: Windows/Linux https://github.com/EmreOvunc/Odoo-12.0-LFI-Vulnerabilities...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2019/12/09 12:0 a.m.โ€ข437 views

Omron PLC 1.0.0 - Denial of Service (PoC)

Exploit Title: Omron PLC 1.0.0 - Denial of Service PoC Google Dork: n/a Date: 2019-12-06 Exploit Author: n0b0dy Vendor Homepage: https://automation.omron.com, ia.omron.com Software Link: n/a Version: 1.0.0 Tested on: PLC f/w rev.: CJ2M v2.01 CWE-412 : Unrestricted Externally Accessible Lock CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2019/11/01 12:0 a.m.โ€ข437 views

ownCloud 10.3.0 stable - Cross-Site Request Forgery

Exploit Title: ownCloud 10.3.0 stable - Cross-Site Request Forgery Date: 2019-10-31 Exploit Author: Ozer Goker Vendor Homepage: https://owncloud.org Software Link: https://owncloud.org/download/ Version: 10.3 CVE: N/A Introduction Your personal cloud collaboration platform With over 50 million...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2019/10/22 12:0 a.m.โ€ข437 views

Total.js CMS 12 - Widget JavaScript Code Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Total.js CMS 12 Widget JavaScript Code Injection', 'Description' = %q This module exploits a vulnerability in Total.js CMS. The issue is that a...

9.9CVSS7.4AI score0.79204EPSS
Exploits5
Exploit DB
Exploit DB
โ€ขadded 2013/01/09 12:0 a.m.โ€ข437 views

WeBid 1.0.6 - SQL Injection

Exploit Title: WeBid 1.0.6 SQL Injection Vulnerability Google Dork: "Powered by WeBid" Date: 1/9/13 Exploit Author: Life Wasted Vendor Homepage: http://www.webidsupport.com/ Version: Tested on 1.0.6, but could affect other version Tested On: Linux, Windows Vulnerable Code: Line 53 of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2024/02/26 12:0 a.m.โ€ข436 views

comments-like-dislike < 1.2.0 - Authenticated (Subscriber+) Plugin Setting Reset

Exploit Title: POC-CVE-2023-3244 Date: 9/12/2023 Exploit Author: Diaa Hanna Software Link: download link if available Version: = 1.2.0 comments-like-dislike Tested on: 1.1.6 comments-like-dislike CVE : CVE-2023-3244 References https://nvd.nist.gov/vuln/detail/CVE-2023-3244 The Comments Like Disli...

4.3CVSS4.8AI score0.00787EPSS
Exploits4
Exploit DB
Exploit DB
โ€ขadded 2023/09/08 12:0 a.m.โ€ข436 views

SyncBreeze 15.2.24 - 'login' Denial of Service

Exploit Title: SyncBreeze 15.2.24 -'login' Denial of Service Date: 30/08/2023 Exploit Author: mohamed youssef Vendor Homepage: https://www.syncbreeze.com/ Software Link: https://www.syncbreeze.com/setups/syncbreezesetupv15.4.32.exe Version: 15.2.24 Tested on: windows 10 64-bit import socket impor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/03/22 12:0 a.m.โ€ข436 views

WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal

Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Date: 19/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3....

7.5CVSS7.5AI score0.59063EPSS
Exploits7
Exploit DB
Exploit DB
โ€ขadded 2021/03/03 12:0 a.m.โ€ข436 views

Local Services Search Engine Management System (LSSMES) 1.0 - 'name' Persistent Cross-Site Scripting (XSS)

Exploit Title: Local Services Search Engine Management System LSSMES 1.0 - 'name' Persistent Cross-Site Scripting XSS Date: 2021-03-03 Exploit Author: Tushar Vaidya Vendor Homepage: https://phpgurukul.com/local-services-search-engine-management-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2020/04/24 12:0 a.m.โ€ข436 views

Popcorn Time 6.2 - 'Update service' Unquoted Service Path

Exploit Title: Popcorn Time 6.2 - 'Update service' Unquoted Service Path Date: 2020-04-24 Vendor Homepage: https://getpopcorntime.is Exploit Authors: Uriel Yochpaz & Jonatan Schor Software Link: https://dl.getpopcorntime.is/PopcornTime-latest.exe Version: 6.2.1.14 and probably prior versions Test...

7AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2022/06/14 12:0 a.m.โ€ข435 views

Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2022/02/02 12:0 a.m.โ€ข435 views

PHP Unit 4.8.28 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: PHP Unit 4.8.28 - Remote Code Execution RCE Unauthenticated Date: 2022/01/30 Exploit Author: souzo Vendor Homepage: phpunit.de Version: 4.8.28 Tested on: Unit CVE : CVE-2017-9841 import requests from sys import argv phpfiles = "/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php",...

9.8CVSS9.2AI score0.99999EPSS
Exploits19
Exploit DB
Exploit DB
โ€ขadded 2021/11/02 12:0 a.m.โ€ข435 views

Employee Record Management System 1.2 - 'empid' SQL injection (Unauthenticated)

Title: Employee Record Management System 1.2 - 'empid' SQL injection Unauthenticated Exploit Author: Anubhav Singh Date: 2021-10-31 Vendor Homepage: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/ Version: 1.2 Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/08/02 12:0 a.m.โ€ข435 views

Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)

Exploit Title: Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF Date: 13.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.panasonic.com !-- Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password Vendor:...

7AI score
Exploits0
Total number of security vulnerabilities5000