Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.410 views

PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Date: 2022-03-29 Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on:...

9CVSS7.4AI score0.91877EPSS
Exploits17
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.410 views

Netgear Genie 2.4.64 - Unquoted Service Path

Exploit Title: Netgear Genie 2.4.64 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 2.4.64 Date: 23.10.2021 Vendor Homepage: https://www.netgear.com/ Tested on: Windows 10 C:\Users\Mertsc qc NETGEARGenieDaemon SC QueryServiceConfig SUCCESS SERVICENAME: NETGEARGenieDaemon TYPE : 10...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/17 12:0 a.m.410 views

Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path

Exploit Title: Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.syncbreeze.com/ Software Links: https://www.syncbreeze.com/setupsx64/syncbreezesrvsetupv13.6.18x64.exe...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/10 12:0 a.m.410 views

Atlassian JIRA 8.11.1 - User Enumeration

Title: Atlassian JIRA 8.11.1 - User Enumeration Author: Dolev Farhi Vulnerable versions: version ' print'e.g. python3 script.py https://jiratarget.com usernames.txt' sys.exit if lensys.argv 3: help server = sys.argv1 usernames = sys.argv2 randomuser = '0x00001' try: os.path.existsusernames except...

5.3CVSS6AI score0.99603EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/01/12 12:0 a.m.410 views

Cemetry Mapping and Information System 1.0 - Multiple SQL Injections

Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple SQL Injections Exploit Author: Mesut Cetin Date: 2021-01-12 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.410 views

System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path

Exploit Title: System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path Date: 2020-10-14 Exploit Author: Mohammed Alshehri Vendor Homepage: http://systemexplorer.net/ Software Link: http://systemexplorer.net/download/SystemExplorerSetup.exe Version: Version 7.0.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/03/24 12:0 a.m.410 views

Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities

/ Femitter Server FTP 1.x Multiple Vulnerability ---------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when processing FTP requests. This can be exploited to read, modify, or delete arbitrary files from the affected...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.409 views

Curfew e-Pass Management System 1.0 - FromDate SQL Injection

Exploit Title: Curfew e-Pass Management System 1.0 - FromDate SQL Injection Date: 28/9/2023 Exploit Author: Puja Dey Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/curfew-e-pass-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10/Wamp 1 login...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.409 views

Minio 2022-07-29T19-40-48Z - Path traversal

Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Date: 2023-09-02 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before executio...

7.4CVSS5.9AI score0.52334EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.409 views

NVClient v5.0 - Stack Buffer Overflow (DoS)

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 2023-08-19 Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/03 12:0 a.m.409 views

WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion (LFI)

Exploit Title: WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion LFI Exploit Author: Mohamed Magdy Abumusilm Aka m19o Software: All-in-One Video Gallery plugin Version: = 2.4.9 Tested on: Windows,linux Poc:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/04 12:0 a.m.409 views

qdPM 9.1 - Remote Code Execution (Authenticated)

Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: http://qdpm.net/...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.409 views

Cerberus FTP Web Service 11 - 'svg' Stored Cross-Site Scripting (XSS)

Exploit Title: Cerberus FTP web Service 11 - 'svg' Stored Cross-Site Scripting XSS Date: 08/06/2021 Exploit Author: Mohammad Hossein Kaviyany Vendor Homepage: www.cerberusftp.com Software Link: https://www.cerberusftp.com/download/ Version:11.0 releases prior to 11.0.4, 10.0 releases prior to...

6.1CVSS6.4AI score0.01766EPSS
Exploits1
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.409 views

WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF

Exploit Title: WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF Date: 2/10/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/database-backups/ Version: 1.2.2.6 Tested on: Windows 10 CVE: CVE-2021-24174 1. Description: This plugin allows admins to create and...

8.1CVSS8.2AI score0.03218EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.409 views

MiladWorkShop VIP System 1.0 - 'lang' SQL Injection

Exploit Title: MiladWorkShop VIP System 1.0 - 'lang' SQL Injection Google Dork: Powered By MiladWorkShop VIP System Date: 2020-03-03 Exploit Author: AYADI Mohamed email : [email protected] Vendor Homepage: https://miladworkshop.ir/ Software Link: https://miladworkshop.ir/vip.html Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.409 views

ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Application Manager v14.2 - Privilege Escalation / Remote Command Execution", 'Description' = %q This module exploits sqli and comman...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/29 12:0 a.m.409 views

Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script

IonMonkey can, during a bailout, leak an internal JSOPTIMIZEDOUT magic value to the running script. This magic value can then be used to achieve memory corruption. Prerequisites Magic Values Spidermonkey represents JavaScript values with the C++ type JS::Value 1, which is a NaN-boxed value that c...

9.8CVSS9.9AI score0.13197EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/08/13 12:0 a.m.409 views

Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04/16.04) - Local Privilege Escalation (KASLR / SMEP)

// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on Ubuntu trusty 4.4.0- and Ubuntu xenial 4-8-0- kernels. // // EDB Note: Also included the work from...

7CVSS7AI score0.20797EPSS
Exploits19
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.408 views

Wallos < 1.11.2 - File Upload RCE

Exploit Title: Wallos - File Upload RCE Authenticated Date: 2024-03-04 Exploit Author: [email protected] Vendor Homepage: https://github.com/ellite/Wallos Software Link: https://github.com/ellite/Wallos Version: 1.11.2 Tested on: Debian 12 Wallos allows you to upload an image/logo when you create...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/23 12:0 a.m.408 views

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD

Exploit Title: CL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Exploit Author: LiquidWorm !/usr/bin/env python3 -- coding: utf-8 -- ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Vendor: Industrial Control Links, Inc. Product web page:...

9.1CVSS9.6AI score0.37295EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.408 views

Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion

Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Date: 25/1/2022 Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0,...

7.5CVSS7.6AI score0.92331EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/12/01 12:0 a.m.408 views

MilleGPG5 5.7.2 Luglio 2021 - Local Privilege Escalation

Exploit Title: MilleGPG5 5.7.2 Luglio 2021 x64 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it/ Software Link: https://www.millegpg.it/download/MilleGPGInstall.exe Version: 5.7.2 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/12 12:0 a.m.408 views

Mumara Classic 2.93 - 'license' SQL Injection (Unauthenticated)

Exploit Title: Mumara Classic 2.93 - 'license' SQL Injection Unauthenticated Date: 2021-11-11 Exploit Author: v0yager Shain Lakin Vendor Homepage: https://mumara.com Version: = 2.93 Tested on: CentOS 7 -==== Vulnerability ====- An SQL injection vulnerability in licenseupdate.php in Mumara Classic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/21 12:0 a.m.408 views

NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC)

Exploit Title: NIMax 5.3.1 - 'Remote VISA System' Denial of Service PoC Date: 24/06/2021 Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.408 views

T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)

Exploit Title: T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery CSRF Exploit Author: Alperen Ergel Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux 2021.4 / xammp Category: WebApp Google Dork: intext:'T-Soft E-Ticaret Sistemleriyle...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/08 12:0 a.m.408 views

Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution (Unauthenticated)

Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Date: 2021-07-07 Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/05 12:0 a.m.408 views

TextPattern CMS 4.9.0-dev - Remote Command Execution (RCE) (Authenticated)

Exploit Title: TextPattern CMS 4.9.0-dev - Remote Command Execution RCE Authenticated Date: 07/04/2021 Exploit Author: Mevlüt Akçam Software Link: https://github.com/textpattern/textpattern Vendor Homepage: https://textpattern.com/ Version: 4.9.0-dev Tested on: 20.04.1-Ubuntu !/usr/bin/python3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.408 views

SOYAL 701 Server 9.0.1 - Insecure Permissions

Exploit Title: SOYAL 701 Server 9.0.1 - Insecure Permissions Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.408 views

Laravel 8.4.2 debug mode - Remote code execution

Exploit Title: Laravel 8.4.2 debug mode - Remote code execution Date: 1.14.2021 Exploit Author: SunCSR Team Vendor Homepage: https://laravel.com/ References: https://www.ambionics.io/blog/laravel-debug-rce https://viblo.asia/p/6J3ZgN8PKmB Version: = 8.4.2 Tested on: Ubuntu 18.04 + nginx + php 7.4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.408 views

Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path

Exploit Title: Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Date: 2019-11-22 Exploit Author: Rene Cortes S Vendor Homepage: https://easy-hide-ip.com Software Link: https://easy-hide-ip.com Version: 5.0.0.3 Tested on: Windows 7 Professional Service Pack 1 Step to discover the unquot...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/12/19 12:0 a.m.408 views

Codiad 2.4.3 - Multiple Vulnerabilities

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Codiad 2.4.3 - Cross Site Scripting - Local File Inclusion Vulnerability's Date: 19/12/2014 Url Vendor: http://codiad.com/ Vendor Name: Codiad...

6.4AI score
Exploits9
Exploit DB
Exploit DB
added 2013/05/14 12:0 a.m.408 views

Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Local Privilege Escalation

/ usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include include include include include include include include include include include include include ifndef CLONENEWUSER...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/09 12:0 a.m.407 views

Laravel Pulse 1.3.1 - Arbitrary Code Injection

!/usr/bin/env python3 Exploit Title: Laravel Pulse 1.3.1 - Arbitrary Code Injection Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: Laravel Pulse v1.2.0 / Ubuntu 22.04 / Apache2 CVE: CVE-2024-55661 Type: Remote Code Execution via...

8.8CVSS8.8AI score0.28571EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/05/06 12:0 a.m.407 views

ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)

Exploit Title: ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery CSRF Google Dork: inurl:"/api/method/frappe" Date: 2025-04-29 Exploit Author: Ahmed Thaiban Thvt0ne Vendor Homepage: https://erpnext.com Software Link: https://github.com/frappe/erpnext Version: Delete User Click Her...

8.1CVSS7.1AI score0.00759EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.407 views

GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure

Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Date: 11 Jun 2022 Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

5.3CVSS5.6AI score0.0085EPSS
Exploits2
Exploit DB
Exploit DB
added 2022/03/16 12:0 a.m.407 views

Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Date: 13.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.p...

7.2CVSS7AI score0.37716EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/11 12:0 a.m.407 views

Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)

Exploit Title: Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure Unauthenticated Author: Luis Martinez Discovery Date: 2022-02-10 Vendor Homepage: https://www.kyoceradocumentsolutions.com/asia/en/products/business-application/command-center-rx.html Tested Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.407 views

Payara Micro Community 5.2021.6 - Directory Traversal

Exploit Title: Payara Micro Community 5.2021.6 - Directory Traversal Date: 01/10/2021 Exploit Author: Yasser Khan N3Thunt3r Vendor Homepage: https://docs.payara.fish/community/docs/release-notes/release-notes-2021-6.html Software Link:...

7.5CVSS7.6AI score0.52926EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/01/27 12:0 a.m.407 views

STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)

Exploit Title: STVS ProVision 5.9.10 - Cross-Site Request Forgery Add Admin Date: 19.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.stvs.ch STVS ProVision 5.9.10 Cross-Site Request Forgery Add Admin Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby Affected...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.407 views

Alumni Management System 1.0 - 'id' SQL Injection

Exploit Title: Alumni Management System 1.0 - 'id' SQL Injection Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/12 12:0 a.m.407 views

MedDream PACS Server 6.8.3.751 - Remote Code Execution (Unauthenticated)

!/usr/bin/python Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Unauthenticated Exploit Author: bzyo Twitter: @bzyo Date: 10-10-2020 Vulnerable Software: https://www.softneta.com/products/meddream-pacs-server/ Vendor Homepage: https://www.softneta.com Version: 6.8.3.751...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/23 12:0 a.m.407 views

Online Food Ordering System 1.0 - Remote Code Execution

Exploit Title: Online Food Ordering System 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-09-22 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14460/simple-online-food-ordering-system-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.406 views

Bus Reservation System 1.1 - Multiple-SQLi

Title: Bus Reservation System-1.1 Multiple-SQLi Author: nu11secur1ty Date: 08/26/2023 Vendor: https://www.phpjabbers.com/ Software: https://demo.phpjabbers.com/1693027053628/preview.php?lid=1 Reference: https://portswigger.net/web-security/sql-injection Description: The pickupid parameter appears...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.406 views

WBCE CMS 1.6.1 - Open Redirect & CSRF

Exploit Title: WBCE CMS 1.6.1 - Open Redirect & CSRF Version: 1.6.1 Bugs: Open Redirect + CSRF = CSS KEYLOGGING Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-07-2023 Author: Mirabbas Ağalarov Tested on: Linux ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.406 views

WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.406 views

Servisnet Tessa - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Privilege Escalation Metasploit', 'Description' = %q This module exploits privilege escalation in Servisnet Tessa, triggered by...

10CVSS9.8AI score0.14058EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.406 views

Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting (XSS)

Exploit Title: Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting XSS Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.sonicguard.com/NSV-800.asp Version: 6.5.4 Document Title: =============== Sonicwall SonicOS 6.5.4 - Cross Site Scripting Web Vulnerabilit...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.406 views

Active WebCam 11.5 - Unquoted Service Path

Exploit Title: Active WebCam 11.5 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 09.09.2021 Software Link: https://www.techspot.com/downloads/175-active-webcam.html Vendor Homepage: https://www.pysoft.com/ Version: 11.5 Tested on: Windows 10 Note: "Star...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.406 views

PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting

Exploit Title: PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: : PEEL SHOPPING 9.3.0 Vulnerability Type: Stored Cross-site...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/18 12:0 a.m.406 views

Inteno IOPSYS 3.16.4 - root filesystem access via sambashare (Authenticated)

Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...

9CVSS1.1AI score0.11075EPSS
Exploits5
Total number of security vulnerabilities5000