Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2019/09/04 12:0 a.m.416 views

WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting

Exploit Title: WordPress Download Manager Cross-site Scripting Discovery Date: 2019-04-13 Exploit Author: ThuraMoeMyint Author Link: https://twitter.com/mgthuramoemyint Vendor Homepage: https://www.wpdownloadmanager.com Software Link: https://wordpress.org/plugins/download-manager Version: 2.9.93...

6.1CVSS6.5AI score0.12531EPSS
Exploits6
Exploit DB
Exploit DB
added 2010/12/03 12:0 a.m.416 views

D-Link Routers - Authentication Bypass (1)

Exploit Title: Multiple D-Link Router Authentication Bypass Vulnerabilities Date: 12-01-2011 Author: Craig Heffner, /dev/ttyS0 Firmware Link: http://www.dlink.co.uk/ Firmware Versions: All Tested on: DIR-300, DIR-320, DIR-615 revD Multiple D-Link routers that use a PHP based Web interface suffer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/07 12:0 a.m.415 views

Apache Tomcat 11.0.3 - Remote Code Execution

Exploit Title: Apache Tomcat Path Equivalence - Remote Code Execution Exploit Author: Al Baradi Joy CVE: CVE-2025-24813 Date: 2025-04-06 Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-90.cgi Version: Apache Tomcat 11.0.3 / 10.1.35 / 9.0.98 Tested on:...

10CVSS7.3AI score0.99945EPSS
Exploits47
Exploit DB
Exploit DB
added 2021/11/22 12:0 a.m.415 views

Modbus Slave 7.3.1 - Buffer Overflow (DoS)

Exploit Title: Modbus Slave 7.3.1 - Buffer Overflow DoS Discovered by: Yehia Elghaly Discovered Date: 2021-11-19 Vendor Homepage: https://www.modbustools.com/ Software Link : https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe Tested Version: 7.3.1 Connect 5. - Paste the characters of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/18 12:0 a.m.415 views

Company's Recruitment Management System 1.0 - 'Add New user' Cross-Site Request Forgery (CSRF)

Exploit Title: Company's Recruitment Management System 1.0 - 'Add New user' Cross-Site Request Forgery CSRF Date: 18-10-2021 Exploit Author: Aniket Anil Deshmane Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.415 views

Open Game Panel - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Open Game Panel - Remote Code Execution RCE Authenticated Google Dork: intext:"Open Game Panel 2021" Date: 08/14/2021 Exploit Author: prey Vendor Homepage: https://www.opengamepanel.org/ Software Link: https://github.com/OpenGamePanel/OGP-Website Version: before 14 Aug patch...

9CVSS8.9AI score0.01311EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/05/06 12:0 a.m.415 views

Schlix CMS 2.2.6-6 - Remote Code Execution (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - Remote Code Execution Authenticated Date: 2021-05-06 Exploit Author: Eren Saraç Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows & WampServer ==...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/25 12:0 a.m.415 views

MyBB Timeline Plugin 1.0 - Persistent Cross-Site Scripting

Exploit Title: MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF Date: 1/21/2021 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1428 Version: 1.0 Tested on: Windows 10 1. Description: MyBB Timeline replaces the default MyBB user profile. This introduces...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/15 12:0 a.m.415 views

Online Polling System 1.0 - Authentication Bypass

Exploit Title: Online Polling System 1.0 - Authentication Bypass Date: 2020-07-20 Author: AppleBois Version: NULL Software Link: https://www.sourcecodester.com/php/14330/online-polling-system.html Administration Control Panel || Authentication Bypass Unthenticated User perform SQL Injection bypas...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.414 views

ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure

Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...

6.5CVSS6.6AI score0.05312EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.414 views

Linux Kernel 6.2 - Userspace Processes To Enable Mitigation

Exploit Title: Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit Author: nu11secur1ty CVE ID: CVE-2023-1998 Description Summary The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as...

5.6CVSS7.1AI score0.01377EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.414 views

OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE)

Exploit Title: OctoBot WebInterface 0.4.3 - Remote Code Execution RCE Date: 9/2/2021 Exploit Author: Samy Younsi, Thomas Knudsen Vendor Homepage: https://www.octobot.online/ Software Link: https://github.com/Drakkar-Software/OctoBot Version: 0.4.0beta3 - 0.4.3 Tested on: Linux Ubuntu, CentOs CVE ...

9.8CVSS9.6AI score0.15466EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.414 views

Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated)

Exploit Title: Exam Hall Management System 1.0 - Unrestricted File Upload Unauthenticated Date: 06/07/2021 Exploit Author: Thamer Almohammadi @Thamerz88 Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/10 12:0 a.m.414 views

TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: TextPattern CMS 4.8.7 - Stored Cross-Site Scripting XSS Date: 2021/09/06 Exploit Author: Mert Daş [email protected] Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp TextPattern is pron...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.414 views

Joomla 3.9.13 - 'Host' Header Injection

Exploit Title: Joomla 3.9.13 - 'Host' Header Injection Author: Pablo Santiago Date: 2019-11-12 Vendor Homepage: https://www.joomla.org/ Source: https://downloads.joomla.org/cms/joomla3/3-9-13/Joomla3-9-13-Stable-FullPackage.zip?format=zip Version: 3.9.13 CVE : N/A Tested on: Windows 10 PoC curl...

Exploits0
Exploit DB
Exploit DB
added 2019/11/11 12:0 a.m.414 views

_GCafé 3.0 - 'gbClienService' Unquoted Service Path

Exploit Title: GCafé 3.0 - 'gbClienService' Unquoted Service Path Google Dork: N/A Date: 2019-11-09 Exploit Author: Doan Nguyen 4ll4u Vendor Homepage: https://gcafe.vn/ Software Link: https://gcafe.vn/post/view?slug=gcafe-3.0 Version: v3.0 Tested on: Windows 7, Win 10, WinXP CVE : N/A Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/06 12:0 a.m.414 views

Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass

Exploit Title: Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass Author: LiquidWorm Date: 2019-11-05 Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5540 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/23 12:0 a.m.414 views

Joomla! Component vReview 1.9.11 - SQL Injection

Exploit Title: Joomla! Component vReview 1.9.11 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/ratings-a-reviews/vreview/ Version: 1.9.11 Category:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/17 12:0 a.m.414 views

Jax Guestbook 3.50 - 'Page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17560/info Jax Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.413 views

GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

7.5CVSS7.6AI score0.46966EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.413 views

Omnia MPX 1.5.0+r1 - Path Traversal

Exploit Title: Omnia MPX 1.5.0+r1 - Path Traversal Date: 24/7/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.telosalliance.com/ Software Link: https://support.telosalliance.com/article/934ixoaz3l-mpx-node-release-notes-and-update-instructions Version: 1.5.0+r1 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/17 12:0 a.m.413 views

Playable 9.18 iOS - Persistent Cross-Site Scripting

Title: Playable 9.18 iOS - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-04-15 Software Link: https://apps.apple.com/de/app/playable-the-full-hd-media-player/id502405034 CVE: N/A Document Title: =============== Playable v9.18 iOS - Multiple Web Vulnerabilities...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/09 12:0 a.m.413 views

Sentrifugo HRMS 3.2 - 'id' SQL Injection

Exploit Title: Sentrifugo HRMS 3.2 - 'id' SQL Injection Exploit Author: minhnb Website: Date: 2020-03-06 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly before Patched Version: unpatched Category: Web Applicatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/30 12:0 a.m.413 views

Citrix StoreFront Server 7.15 - XML External Entity Injection

Exploit Title: Citrix StoreFront Server 7.15 - XML External Entity Injection Date: 2019-08-28 Exploit Author: Vahagn Vardanya Vendor Homepage:https://www.citrix.com/downloads/storefront/ Software Link: https://support.citrix.com/article/CTX251988 Version: Citrix StoreFront Server earlier than 190...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.412 views

StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload

Exploit Title: StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload Exploit Author: xpl0dec Vendor Homepage: https://www.storychief.io/wordpress-content-scheduler Software Link: https://github.com/Story-Chief/wordpress/ Version: ”; ? 2. Adjust the echo phpinfo section as needed 3. Host it o...

9.8CVSS6.5AI score0.37349EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/06/05 12:0 a.m.412 views

macOS LaunchDaemon iOS 17.2 - Privilege Escalation

!/usr/bin/env python3 Exploit Title: macOS LaunchDaemon iOS 17.2 - Privilege Escalation Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-05-31 Tested on: macOS Sonoma 14.x ARM64 / x8664 CVE: CVE-2025-24085 Type: Local Privilege Escalation Platform...

10CVSS7.4AI score0.18668EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/10/01 12:0 a.m.412 views

dizqueTV 1.5.3 - Remote Code Execution (RCE)

Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/08 12:0 a.m.412 views

Clinic Queuing System 1.0 - RCE

Exploit Title: Clinic Queuing System 1.0 RCE Date: 2024/1/7 Exploit Author: Juan Marco Sanchez Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html Version: 1.0 Tested on...

9.8CVSS9.4AI score0.20938EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.412 views

Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution

Exploit Title: Lot Reservation Management System Unauthenticated File Upload and Remote Code Execution Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.412 views

XAMPP - Buffer Overflow POC

Exploit Title: XAMPP v3.3.0 — '.ini' Buffer Overflow Unicode + SEH Date: 2023-10-26 Author: Talson @Ripp3rdoc Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.0.28/xampp-windows-x64-8.0.28-0-VS16-installer.exe Version: 3.3.0 Tested on: Windows 11 CVE-2023-46517 \ / \ ...

6.7AI score
Exploits4
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.412 views

Cacti 1.2.24 - Authenticated command injection when using SNMP options

Exploit Title: Cacti 1.2.24 - Authenticated command injection when using SNMP options Date: 2023-07-03 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/info/downloads Version: Cacti 1.2.24 Tested on: Cacti 1.2.24 installed on...

7.2CVSS8.6AI score0.82186EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/05/07 12:0 a.m.412 views

WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path

Exploit Title: WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://www.gearboxcomputers.com/downloads/wifihotspot.exe Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.412 views

WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/pricing-table-by-supsystic.1.8.7.zip Version: 1.8.7 and 1.8.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.412 views

EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting Exploit Author: Soushikta Chowdhury Vendor Homepage: http://egavilanmedia.com Software Link: http://egavilanmedia.com/user-registration-and-login-system-with-admin-panel/ Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/05 12:0 a.m.412 views

iDS6 DSSPro Digital Signage System 6.2 - Improper Access Control Privilege Escalation

Exploit Title: iDS6 DSSPro Digital Signage System 6.2 - Improper Access Control Privilege Escalation Date: 2020-07-16 Exploit Author: LiquidWorm Vendor Homepage: http://www.yerootech.com Version: 6.2 iDS6 DSSPro Digital Signage System 6.2 Improper Access Control Privilege Escalation Vendor:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/21 12:0 a.m.412 views

Complaint Management System 1.0 - 'cid' SQL Injection

Title: Complaint Management System 1.0 - 'cid' SQL Injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/08 12:0 a.m.412 views

Django 3.0 - Cross-Site Request Forgery Token Bypass

Exploit Title: Django 3.0 - Cross-Site Request Forgery Token Bypass Date: 2020-04-08 Exploit Author: Spad Security Group Vendor Homepage: https://www.djangoproject.com/ Software Link: https://pypi.org/project/Django/ Version: 3.0 = Tested on: windows 10 Language: python3.8 t.me/SpadSec Spad...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.412 views

Wing FTP Server 6.2.3 - Privilege Escalation

Exploit Title: Wing FTP Server 6.2.3 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-02 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link: https://www.wftpserver.com/download/wftpserver-linux-64bit.tar.gz Version: v6.2.3 Tested...

7.8CVSS7.7AI score0.00807EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/05/19 12:0 a.m.412 views

SPIP CMS < 2.0.23/ 2.1.22/3.0.9 - Privilege Escalation

!/usr/bin/env python Exploit Title: SPIP - CMS " exit baseurl = sys.argv1 login = sys.argv2 ma...

7.5CVSS6.7AI score0.08982EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/28 12:0 a.m.411 views

Dell Security Management Server <1.9.0 - Local Privilege Escalation

Exploit Title: title Dell Security Management Server versions prior to 11.9.0 Exploit Author: author Amirhossein Bahramizadeh CVE : if applicable CVE-2023-32479 Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege...

7.8CVSS7.1AI score0.00087EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.411 views

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 doreboot Remote Denial Of Service Vendor: Video Medios, S.A. VIMESA Product web page: https://www.vimesa.es Affected version: img:v9.7.1 Html:v2.4 RS485:v2.5 Summary: The transmitter Blue Plus is designed with all the latest technologies, such as high...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.411 views

Simple Client Management System 1.0 - SQLi (Authentication Bypass)

Exploit Title: Simple Client Management System 1.0 - SQLi Authentication Bypass Exploit Author: Sentinal920 Date: 5-11-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/03 12:0 a.m.411 views

AnyDesk 5.5.2 - Remote Code Execution

Exploit Title: AnyDesk 5.5.2 - Remote Code Execution Date: 09/06/20 Exploit Author: scryh Vendor Homepage: https://anydesk.com/en Version: 5.5.2 Tested on: Linux Walkthrough: https://devel0pment.de/?p=1881 !/usr/bin/env python import struct import socket import sys ip = '192.168.x.x' port = 50001...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.411 views

Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read

Title: Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read Author:LiquidWorm Date: 2020-06-04 Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write Vendor: Secure Computing Corp. Product web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/20 12:0 a.m.411 views

Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Exagate Sysguard 6001 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.exagate.com/ Software Link: https://www.exagate.com/sysguard-6001 Version: SYSGuard 6001 HTML CSRF PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.410 views

Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation

Exploit Title : Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit Author: E1 Coders CVE: CVE-2024-21338 require 'msf/core' class MetasploitModule 'CVE-2024-21338 Exploit', 'Description' = 'This module exploits a vulnerability in FooBar version 1.0. It may lead to...

7.8CVSS8.1AI score0.51865EPSS
Exploits13
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.410 views

Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Date: 11.10.2023 Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/24 12:0 a.m.410 views

Uvdesk 1.1.4 - Stored XSS (Authenticated)

Exploit Title: Uvdesk 1.1.4 - Stored XSS Authenticated Date: 14/08/2023 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.uvdesk.com/ Software Link: https://github.com/MegaTKC/AeroCMS Version: 1.1.4 Testeted on: Windows 10 using XAMPP,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/09 12:0 a.m.410 views

ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting (XSS)

Exploit Title: ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting XSS Date: 03/08/2022 Exploit Author: Steffen Langenfeld & Sebastian Biehler Vendor Homepage: https://thingsboard.io/ Software Link: https://github.com/thingsboard/thingsboard/releases/tag/v3.3.1 Version: 3.3.1 CVE :...

4.8CVSS5.2AI score0.02331EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.410 views

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) - Remote Code Execution

Exploit Title: Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 - Remote Code Execution Exploit Author: LiquidWorm SpaceLogic.ps1 Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com...

8.8CVSS8.8AI score0.71084EPSS
Exploits6
Total number of security vulnerabilities5000