Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2022/03/11 12:0 a.m.422 views

Seowon SLR-120 Router - Remote Code Execution (Unauthenticated)

Exploit Title: Seowon SLR-120 Router - Remote Code Execution Unauthenticated Date: 2022-03-11 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=126&bigkind=B05&middlekind=B0530 Version: All versi...

9.8CVSS9.6AI score0.71691EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/11/05 12:0 a.m.422 views

10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path Discovery by: Brian Rodriguez Date: 04-11-2021 Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.422 views

NewsLister - Authenticated Persistent Cross-Site Scripting

Exploit Title: NewsLister - Authenticated Persistent Cross-Site Scripting Date: 2020-11-27 Exploit Author: Emre Aslan Vendor Homepage: https://www.netartmedia.net/newslister.html Tested on: Windows & XAMPP == PoC HTTP Request == GET /admin/index.php?page=add HTTP/1.1 Host: 127.0.0.1:8080...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.422 views

Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting

Exploit Title: Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting Date: 27-11-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/online-voting-system-project-in-php-2/ Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.422 views

Mitel mitel-cs018 - Call Data Information Disclosure

Exploit Title: Mitel mitel-cs018 - Call Data Information Disclosure Date: 2003-07-28 Exploit Author: Andrea Intilangelo acme olografix / paranoici Vendor Homepage: www.mitel.com Version: mitel-cs018 Tested on: Windows, Linux There is an interesting bug in a Mitel's servers for Voice over IP that...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.422 views

B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin)

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery Add Maintenance Admin Date: 2020-09-16 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: 3.6.5 Affected version: 3.6.5,3.6.2,3.6.1,3.6.0,3.5.80,3.5.40,3.5.20,3.5.00,3.2.00,3.1.00 !--...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/11/17 12:0 a.m.422 views

Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)

function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var string2 = "BBBB"; while string2.length 500 string2 += string2; var fr = new Array; var al = new Array...

9.3CVSS6.4AI score0.64962EPSS
Exploits27
Exploit DB
Exploit DB
added 2011/08/26 12:0 a.m.422 views

RealVNC - Authentication Bypass (Metasploit)

$Id: realvnc41bypass.rb 13641 2011-08-26 04:40:21Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS9.5AI score0.91522EPSS
Exploits13
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.421 views

Petrol Pump Management Software v1.0 - Remote Code Execution (RCE)

Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution RCE Date: 02/04/2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version:...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/21 12:0 a.m.421 views

WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)

Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Date: 19/10/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE :...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.421 views

Kite 1.2021.610.0 - Unquoted Service Path

Exploit Title: Kite 1.2021.610.0 - Unquoted Service Path Date: 2020-11-6 Exploit Author: Ghaleb Al-otaibi Vendor Homepage: https://www.kite.com/ Version: Version 4.2.0.1 U1 Tested on: Microsoft Windows 10 Pro - 10.0.19044 N/A Build 19044 CVE : NA Service info: C:\Windows\system32\cmd.exesc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/22 12:0 a.m.421 views

Pinkie 2.15 - TFTP Remote Buffer Overflow (PoC)

Exploit Title: Pinkie 2.15 - TFTP Remote Buffer Overflow PoC Discovered by: Yehia Elghaly Discovered Date: 2021-11-19 Vendor Homepage: http://www.ipuptime.net/ Software Link : http://ipuptime.net/PinkieSetup.zip Tested Version: 2.15 Vulnerability Type: Buffer Overflow DoS Remote Tested on OS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/05 12:0 a.m.421 views

Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting XSS Date: 2021-11-05 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.criticalgears.com/ Software Link: https://www.criticalgears.com/product/authorize-net-payment-terminal/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/22 12:0 a.m.421 views

WebPort 1.19.1 - Reflected Cross-Site Scripting

Exploit Title: WebPort 1.19.1 - Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version: v1.19.1 Tested on: Windows/Linux CVE-2019-12461...

6.1CVSS6.3AI score0.09916EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/03 12:0 a.m.421 views

Symantec DLP 15.5 MP1 - Cross-Site Scripting

Exploit Title: Persistent XSS on Symantec DLP = 15.5 MP1 Date: 2019-06-21 Exploit Author: Chapman Schleiss Vendor Homepage: https://www.symantec.com/ Software Link: https://support.symantec.com/us/en/mysymantec.html Version: = 15.5 MP1 CVE : 2019-9701 Advisory-URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.420 views

Grav CMS 1.7.48 - Remote Code Execution (RCE)

Exploit Title: Grav CMS 1.7.48 - Remote Code Execution RCE Date: 2025-08-07 Exploit Author: binneko https://github.com/binneko Vendor Homepage: https://getgrav.org/ Software Link: https://github.com/getgrav/grav/releases/tag/1.7.48 Version: Grav CMS v1.7.48 / Admin Plugin v1.10.48 Tested on: Debi...

8.1CVSS7.4AI score0.09319EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.420 views

Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery (CSRF)

Exploit Title: Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery CSRF Date: 13/12/2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.axesstmc.com/cloki/ !-- Zucchetti Axess CLOKI Access Control 1.64 CSRF Disable Access Control Vendor: Zucchetti Axess S.p.A. Product...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/13 12:0 a.m.420 views

Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free

Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Date: 2021-05-04 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit...

7.6CVSS8.1AI score0.86863EPSS
Exploits17
Exploit DB
Exploit DB
added 2020/10/14 12:0 a.m.420 views

Guild Wars 2 - Insecure Folder Permissions

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Date: 2020-10-09 Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild War...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.420 views

Cayin Digital Signage System xPost 2.5 - Remote Command Injection

Title: Cayin Digital Signage System xPost 2.5 - Remote Command Injection Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A !/usr/bin/env python3 Cayin Digital Signage System xPost 2.5 Pre-Auth SQLi Remote Code Execution Vendor: CAYIN Technology Co., Ltd. Product web...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/07 12:0 a.m.420 views

Draytek VigorAP 1000C - Persistent Cross-Site Scripting

Title: Draytek VigorAP 1000C - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-05-07 Vendor: https://www.draytek.com/ Software: https://www.draytek.com/products/vigorap-903/ CVE: N/A Document Title: =============== Draytek VigorAP - RADIUS Persistent XSS Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/16 12:0 a.m.420 views

Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting

Exploit Title: Reflected XSS on Zyxel login pages Date: 10 Apr 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE : 2019-9955 1. Description ==============...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/30 12:0 a.m.420 views

PHP Links 1.3 - 'id' SQL Injection

------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : Houssamix From H-T Team = Script : PHP Links from DeltaScripts = 1.3 = Download :...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.419 views

Axigen < 10.5.7 - Persistent Cross-Site Scripting

Exploit Title: Axigen alert1 PoC of the POST request: POST /?h=1bb40e85937506a7186a125bd8c5d7ef&page=glset HTTP/1.1 Host: localhost:9443 Cookie: eula=true;...

9.6CVSS9.5AI score0.02962EPSS
Exploits1
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.419 views

GitLab CE/EE < 16.7.2 - Password Reset

Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...

10CVSS8.9AI score0.94955EPSS
Exploits16
Exploit DB
Exploit DB
added 2021/11/10 12:0 a.m.419 views

Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting (XSS)

Exploit Title: Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting XSS Date: 09/11/2021 Exploit Author: Ragavender A G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/edtms.zip Version...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.419 views

Balbooa Joomla Forms Builder 2.0.6 - SQL Injection (Unauthenticated)

Exploit Title: Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Unauthenticated Date: 24.10.2021 Exploit Author: blockomat2100 Vendor Homepage: https://www.balbooa.com/ Version: 2.0.6 Tested on: Docker An example request to trigger the SQL-Injection: POST /index.php?option=combaforms HTTP/1.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.419 views

WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/contact-form-by-supsystic.1.7.5.zip Version: 1.7.5 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.418 views

Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation

Exploit Title: Filmora 12 version Build 1.0.0.7 - Unquoted Service Paths Privilege Escalation Date: 20 May 2023 Exploit Author: Thurein Soe Vendor Homepage: https://filmora.wondershare.com Software Link: https://mega.nz/file/tQNGGZTQE1u20rdbT4R3pgSoUBG93IPAXqesJ5yyn6T8RlMFxaE Version: Filmora 12...

7.8CVSS8AI score0.01079EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/08/09 12:0 a.m.418 views

ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)

Exploit Title: ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting XSS Date: 03/08/2022 Exploit Author: Steffen Langenfeld & Sebastian Biehler Vendor Homepage: https://thingsboard.io/ Software Link: https://github.com/thingsboard/thingsboard/releases/tag/v3.3.1 Version: 3.3.1 Tested on:...

4.8CVSS5.2AI score0.02331EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.418 views

PTPublisher v2.3.4 - Unquoted Service Path

Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.primera.com/ Tested Version: 2.3.4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.418 views

Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/mqtt' class MetasploitModule 'Servisnet Tessa - MQTT Credentials Dump...

7.5CVSS7.8AI score0.11484EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/15 12:0 a.m.418 views

TestLink 1.9.20 - Unrestricted File Upload (Authenticated)

Exploit Title: TestLink 1.9.20 - Unrestricted File Upload Authenticated Date: 14th February 2021 Exploit Author: snovvcrash Original Research by: Ackcent AppSec Team Original Research: https://ackcent.com/testlink-1-9-20-unrestricted-file-upload-and-sql-injection/ Vendor Homepage:...

8.8CVSS8.8AI score0.15858EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/02/02 12:0 a.m.418 views

Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)

Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 2 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc2.c - Solaris/SPARC FMT LPE...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/01 12:0 a.m.418 views

Mara CMS 7.5 - Remote Code Execution (Authenticated)

Exploit Title: Mara CMS 7.5 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Michele Cisternino 0blio Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/21 12:0 a.m.418 views

PHPFusion 9.03.50 - Persistent Cross-Site Scripting

Exploit Title: PHPFusion 9.03.50 - Persistent Cross-Site Scripting Date: 2020-05-20 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: v9.03.50 How? When creating a thread or editing one of h...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.417 views

AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...

8.1CVSS8.2AI score0.00581EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.417 views

BoidCMS v2.0.0 - authenticated file upload vulnerability

!/usr/bin/python3 Exploit Title: BoidCMS v2.0.0 - authenticated file upload vulnerability Date: 08/21/2023 Exploit Author: 1337kid Vendor Homepage: https://boidcms.github.io// Software Link: https://boidcms.github.io/BoidCMS.zip Version: ' with open'shell.php','w' as f: f.writelinesphpcode ====...

8.8CVSS7AI score0.69003EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.417 views

Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking

Exploit Title: Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.417 views

Auerswald COMpact 8.0B - Multiple Backdoors

Exploit Title: Auerswald COMpact 8.0B - Multiple Backdoors Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers w...

10CVSS9.7AI score0.71979EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.417 views

SCO Openserver 5.0.7 - 'outputform' Command Injection

Exploit Title: SCO Openserver 5.0.7 - 'outputform' Command Injection Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 04/09/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products/ Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Test...

9.8CVSS9.7AI score0.39193EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.417 views

Under Construction Page with CPanel 1.0 - SQL injection

Exploit Title: Under Construction Page with CPanel 1.0 - SQL injection Date: 17-11-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/under-construction-page-with-cpanel/ Version: 1.0 Tested on: PopOS SQL Injection: SQL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.417 views

Cayin Content Management Server 11.0 - Remote Command Injection (root)

Title: Cayin Content Management Server 11.0 - Remote Command Injection root Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.c...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/14 12:0 a.m.417 views

College-Management-System 1.2 - Authentication Bypass

Exploit Title: College-Management-System 1.2 - Authentication Bypass Author: Cakes Discovery Date: 2019-09-14 Vendor Homepage: https://github.com/ajinkyabodade/College-Management-System Software Link: https://github.com/ajinkyabodade/College-Management-System/archive/master.zip Tested Version: 1....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/06/30 12:0 a.m.417 views

TFM MMPlayer 2.0 - '.m3u'/'.ppl' Universal Buffer Overflow (SEH)

!/usr/bin/perl + Bug : TFM MMPlayer 2.0 m3u/ppl Universal Buffer Overflow Exploit SEH + Author : ThE g0bL!N Greetz to all my friends Tested on: Windows XP Pro SP2 Fr Big Thnx :His0k4 Download:http://www.tfm.ro/mmplayer/download/mmplayer.zip win32exec - EXITFUNC=seh CMD=calc Size=343...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.416 views

TSPlus 16.0.0.0 - Remote Work Insecure Credential storage

Exploit Title: TSPlus 16.0.0.0 - Remote Work Insecure Credential storage Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31069 With TSPlus Remote Work v. 16.0.0.0 you ca...

9.8CVSS7AI score0.01932EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.416 views

Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) (2)

Exploit Title: Wordpress 4.9.6 - Arbitrary File Deletion Authenticated 2 Date: 04/08/2021 Exploit Author: samguy Vulnerability Discovery By: Slavco Mihajloski & Karim El Ouerghemmi Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/wordpress-4.9.6.tar.gz Version: 4.9.6...

8.8CVSS7.9AI score0.62558EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/24 12:0 a.m.416 views

Huawei dg8045 - Authentication Bypass

Title: Huawei dg8045 - Authentication Bypass Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 Hardware Version: VER.A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. An...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.416 views

HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...

9.8CVSS9.6AI score0.40302EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/11 12:0 a.m.416 views

iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption (PoC)

Exploit Title: iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption PoC Date: 2019-10-29 Exploit Author: Sem Voigtlander, Joshua Hill and Raz Mashat Vendor Homepage: https://apple.com/ Software Link: https://support.apple.com/en-hk/HT210606 Version: iOS 13 Tested on: iOS 12.4.1...

9.3CVSS9AI score0.01235EPSS
Exploits4
Total number of security vulnerabilities5000