Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/02/11 12:0 a.m.406 views

Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path

Exploit Title: Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path Exploit Author: boku Date: 2020-02-10 Vendor Homepage: http://www.disksorter.com Software Link: http://www.disksorter.com/setups/disksorterentsetupv12.4.16.exe Version: 12.4.16 Tested On: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.406 views

Hospital Management System 4.0 - Authentication Bypass

Exploit Title: Hospital Management System 4.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/06/30 12:0 a.m.406 views

Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability. CVE-2009-2408. Remote exploit for linux platform source: http://www.securityfocus.com/bid/35888/info Mozilla Network Security Services NSS is prone to a security-bypass vulnerability because it fails to proper...

6.8CVSS0.05741EPSS
Exploits4
Exploit DB
Exploit DB
added 2000/12/06 12:0 a.m.406 views

Kwintv - Local Buffer Overflow

/ kwintv local buffer overflow. gid=video33 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected] 12/17/2000 For SuSE 7.0 - x86. sgid "video"33 by default. bash-2.04$ id uid=1000loophole gid=501noc bash-2.04$ ./b 0 Ret-addr 0xbfffe1fc, offset: 0, allign: 0. sh-2.04$ id...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.405 views

vm2 - sandbox escape

/ Exploit Title: vm2 Sandbox Escape vulnerability Date: 23/12/2023 Exploit Author: Calil Khalil & Adriel Mc Roberts Vendor Homepage: https://github.com/patriksimek/vm2 Software Link: https://github.com/patriksimek/vm2 Version: vm2 = 3.9.19 Tested on: Ubuntu 22.04 CVE : CVE-2023-37466 / const VM =...

10CVSS9.8AI score0.02342EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.405 views

Academy LMS 6.2 - Reflected XSS

Exploit Title: Academy LMS 6.2 - Reflected XSS Exploit Author: CraCkEr Date: 29/08/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4973 CWE...

6.1CVSS7.1AI score0.01835EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.405 views

SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated)

!/usr/bin/python3 Exploit Title: SCM Manager 1.60 - Cross-Site Scripting Stored Authenticated Google Dork: intitle:"SCM Manager" intext:1.60 Date: 05-25-2023 Exploit Author: neg0x https://github.com/n3gox/CVE-2023-33829 Vendor Homepage: https://scm-manager.org/ Software Link:...

5.4CVSS5.5AI score0.07258EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/02/24 12:0 a.m.405 views

Wondershare MirrorGo 2.0.11.346 - Insecure File Permissions

Exploit Title: Wondershare MirrorGo 2.0.11.346 - Insecure File Permissions Discovery by: Luis Martinez Discovery Date: 2022-02-23 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/mirrorgofull8050.exe Tested Version: 2.0.11.346 Vulnerability Type: Loca...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/07 12:0 a.m.405 views

PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection

Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Date: 03.05.2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.405 views

WordPress Plugin litespeed cache 3.6 - 'server_ip' Cross-Site Scripting

Exploit Title: WordPress Plugin litespeed-cache 3.6 - 'serverip' Cross-Site Scripting Date: 20-12-2020 Software Link: https://downloads.wordpress.org/plugin/litespeed-cache.3.6.zip Version: litespeed-cache Tested on: Windows 10 x64 Description: A Stored Cross-site scripting XSS was discovered in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/15 12:0 a.m.405 views

Vehicle Parking Management System 1.0 - Authentication Bypass

Exploit Title: Vehicle Parking Management System 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-10-14 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/22 12:0 a.m.405 views

Filetto 1.0 - 'FEAT' Denial of Service (PoC)

Exploit Title: Filetto 1.0 - 'FEAT' Denial of Service PoC Date: 2020-05-13 Found by: Alvaro J. Gene Socket0x03 Vendor Homepage: http://www.utillyty.eu Software Link: https://sourceforge.net/projects/filetto Vulnerable Application: Filetto Version: 1.0 last version. Updated: 01/31/2020 Server: FTP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/05 12:0 a.m.405 views

Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path

Exploit Title: Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path Discovery by: Nguyen Khang - SunCSR Discovery Date: 2020-05-03 Vendor Homepage: https://www.oracle.com/ Software Link: https://www.oracle.com/database/technologies/112010-win64soft.html Tested Version: 11g...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/10/23 12:0 a.m.405 views

Socat 1.4.0.2 - Not SETUID Local Format String

/ socatexp.c Socat Format String Vulnerability socat No System Group - http://www.nosystem.com.ar coki@servidor:$ make socatexp coki@servidor:$ ./socatexp socat shellcode address = 0xbfffffb9 .dtors address = 0x080740c4 2004/10/19 09:49:46 socat26197 E unknown syslog facility...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.404 views

WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass

!/usr/bin/env python3 Exploit Title: WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass Date: 2025-05-22 Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://wordpress.org/plugins/user-registration/ Software Link:...

8.1CVSS7AI score0.07427EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.404 views

DataCube3 v1.0 - Unrestricted file upload 'RCE'

Exploit Title: DataCube3 v1.0 - Unrestricted file upload 'RCE' Date: 7/28/2022 Exploit Author: Samy Younsi - NS Labs https://neroteam.com Vendor Homepage: https://www.f-logic.jp Software Link: https://www.f-logic.jp/pdf/support/manualproduct/manualproductdatacube3ver1.0sc.pdf Version: Ver1.0 Test...

9.8CVSS6.9AI score0.2403EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/08/10 12:0 a.m.404 views

OutSystems Service Studio 11.53.30 - DLL Hijacking

Exploit Title: OutSystems Service Studio 11.53.30 - DLL Hijacking Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.outsystems.com/ Version: Up to 11.53.30 Build 61739 Tested on: Windows CVE : CVE-2022-47636 A DLL hijacking vulnerability...

7.8CVSS7.8AI score0.01135EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.404 views

Chitor-CMS v1.1.2 - Pre-Auth SQL Injection

!/usr/bin/python3 Exploit Title: Chitor-CMS v1.1.2 - Pre-Auth SQL Injection Date: 2023/04/13 ExploitAuthor: msd0pe Project: https://github.com/waqaskanju/Chitor-CMS My Github: https://github.com/msd0pe-1 Patched the 2023/04/16: 69d3442 commit description = 'Chitor-CMS 1.1.2 Pre-Auth SQL Injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/26 12:0 a.m.404 views

WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi

Title: WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi Author: nu11secur1ty Date: 07.11.2022 Vendor: https://wphive.com/ Software: https://wphive.com/plugins/wp-visual-slidebox-builder/?pluginversion=3.2.9 Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.404 views

WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting XSS Authenticated Date: 29/11/2021 Exploit Author: Mansi Singh Vendor Homepage: https://wordpress.org/plugins/typebot/ Software Link: https://wordpress.org/plugins/typebot/ Tested on Windows Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.404 views

Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection

Exploit Title: Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/20 12:0 a.m.404 views

Online Traffic Offense Management System 1.0 - 'id' SQL Injection (Authenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - 'id' SQL Injection Authenticated Date: 19/08/2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/17 12:0 a.m.404 views

Unified Office Total Connect Now 1.0 - 'data' SQL Injection

Exploit Title: Unified Office Total Connect Now 1.0 – 'data' SQL Injection Shodan Filter: http.title:"TCN User Dashboard" Date: 06-16-2021 Exploit Author: Ajaikumar Nadar Vendor Homepage: https://unifiedoffice.com/ Software Link: https://unifiedoffice.com/voip-business-solutions/ Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.404 views

Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection

Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...

8.7CVSS7AI score0.03504EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/28 12:0 a.m.404 views

Joplin 1.0.245 - Arbitrary Code Execution (PoC)

Exploit Title: Joplin 1.0.245 - Arbitrary Code Execution PoC Date: 2020-09-21 Exploit Author: Ademar Nowasky Junior @nowaskyjr Vendor Homepage: https://joplinapp.org/ Software Link: https://github.com/laurent22/joplin/releases/download/v1.0.245/Joplin-Setup-1.0.245.exe Version: 1.0.190 to 1.0.245...

6.1CVSS6.5AI score0.04377EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.403 views

CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 17/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/24 12:0 a.m.403 views

Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE) via subprocess_execute

Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE via subprocessexecute Exploit Author: Iyaad Luqman K Application: Roxy WI = v6.1.0.0 Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Tested on: Ubuntu 22.04 CVE : CVE-2022-31137 P...

10CVSS9.6AI score0.90387EPSS
Exploits15
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.403 views

Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection (Unauthenticated)

Title: Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection Unauthenticated Exploit Author: Yash Mahajan Date: 2021-10-09 Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html Version: 1 Software Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/02 12:0 a.m.403 views

Intel(R) Audio Service x64 01.00.1080.0 - 'IntelAudioService' Unquoted Service Path

Exploit Title: IntelR Audio Service x64 01.00.1080.0 - 'IntelAudioService' Unquoted Service Path Date: 06-01-2021 Exploit Author: Geovanni Ruiz Vendor Homepage: https://www.intel.com Software Version: 01.00.1080.0 File Version: 1.00.1080.0 Tested on: Microsoft® Windows 10 Home Single Language...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/21 12:0 a.m.403 views

forma.lms 5.6.40 - Cross-Site Request Forgery (Change Admin Email)

Exploit Title: forma.lms 5.6.40 - Cross-Site Request Forgery Change Admin Email Date: 2020-05-21 Exploit Author: Daniel Ortiz Vendor Homepage: https://sourceforge.net/projects/forma/ Tested on: XAMPP for Linux 64bit 5.6.40-0 1 - Description - Vulnerable form: Edit Profile - Details: The validatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/11 12:0 a.m.403 views

SolarWinds MSP PME Cache Service 1.1.14 - Insecure File Permissions

Title: SolarWinds MSP PME Cache Service 1.1.14 - Insecure File Permissions Author: Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG Date: 2020-05-06 Vendor: https://www.solarwindsmsp.com/ CVE: CVE-2020-12608 GitHub: https://github.com/jensregel/Advisories/tree/master/CVE-2020-12608 CVSSv3:...

9.3CVSS7.8AI score0.22404EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/12/13 12:0 a.m.403 views

NVMS 1000 - Directory Traversal

Title: NVMS-1000 - Directory Traversal Date: 2019-12-12 Author: Numan Türle Vendor Homepage: http://en.tvt.net.cn/ Version : N/A Software Link : http://en.tvt.net.cn/products/188.html POC --------- GET /../../../../../../../../../../../../windows/win.ini HTTP/1.1 Host: 12.0.0.1 Accept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/23 12:0 a.m.403 views

Joomla! Component FacileForms 1.4.4 - Remote File Inclusion

Title: Joomla Component ComFacileforms ================================================================ + Author : Dr.Kacak + Special Thankz : KnocKout and all my friends + System 0VerfL0verZ ================================================================= Script : Joomla Google Dork :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.402 views

Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi

Exploit Title: Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://phpgurukul.com/teacher-subject-allocation-system-using-php-and-mysql Software Link:...

7.5CVSS7.7AI score0.01079EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.402 views

TYPO3 11.5.24 - Path Traversal (Authenticated)

Exploit Title: TYPO3 11.5.24 Path Traversal Vulnerability Authenticated Date: Apr 9, 2023 Exploit Author: Saeed reza Zamanian Software Link: https://get.typo3.org/release-notes/11.5.24 Version: 11.5.24 Tested on: Kali 2022.3 CVE : CVE-2023-30451 In TYPO3 11.5.24, the filelist component allows...

4.9CVSS5.4AI score0.01161EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.402 views

CVE-2023-50071 - Multiple SQL Injection

Exploit Title: Customer Support System 1.0 - Multiple SQL injection vulnerabilities Date: 15/12/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

8.8CVSS8.8AI score0.13754EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.403 views

WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)

Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting XSS Version: 1.6.1 Bugs: XSS Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.402 views

Online Pizza Ordering System v1.0 - Unauthenticated File Upload

Exploit Title: Online Pizza Ordering System 1.0 - Unauthenticated File Upload Date: 03/05/2023 Exploit Author: URGAN Vendor Homepage: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Link:...

9.8CVSS9.6AI score0.03624EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.402 views

Wavlink WN533A8 - Cross-Site Scripting (XSS)

Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...

6.1CVSS6.3AI score0.0509EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.402 views

PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation

Exploit Title: PaperStream IP TWAIN 1.42.0.5685 - Local Privilege Escalation Exploit Author: 1F98D Original Author: securifera Date: 12 May 2020 Vendor Hompage: https://www.fujitsu.com/global/support/products/computing/peripheral/scanners/fi/software/fi6x30-fi6x40-ps-ip-twain32.html CVE:...

7.8CVSS7.7AI score0.02557EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/06/22 12:0 a.m.402 views

Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload

Exploit Title: Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload Google Dork: N/A Date: 2020-06-20 Exploit Author: BKpatron Vendor Homepage: https://www.campcodes.com/projects/php/4745/online-student-enrollment-system-in-php-mysqli/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/07 12:0 a.m.402 views

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3)

CVE-2019-0841 BYPASS 2 There is a second bypass for CVE-2019-0841. This can be triggered as following: Delete all files and subfolders within "c:\users%username%\appdata\local\packages\Microsoft.MicrosoftEdge8wekyb3d8bbwe" atleast the ones we can delete as user Try to launch edge. It will crash...

7.8CVSS6.9AI score0.414EPSS
Exploits19
Exploit DB
Exploit DB
added 2018/02/05 12:0 a.m.402 views

WordPress Core - 'load-scripts.php' Denial of Service

EDB Note: python doser.py -g...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/12 12:0 a.m.402 views

CS-Guestbook 0.1 - Login Credentials Information Disclosure

source: https://www.securityfocus.com/bid/25652/info CS-Guestbook is prone to an information-disclosure vulnerability because the application fails to properly protect sensitive information. An attacker can exploit this issue to access sensitive information that may lead to further attacks...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/06/01 12:0 a.m.401 views

Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated)

Exploit Title: Craft CMS Logs Plugin 3.0.3 - Path Traversal Authenticated Date: 2022.01.26 Exploit Author: Steffen Rogge Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerabili...

4.9CVSS7AI score0.13759EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.401 views

Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Admin Password Change

!/bin/bash : " Exploit Title: Tinycontrol LAN Controller v3 LK3 1.58a - Remote Admin Password Change Exploit Author: LiquidWorm Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.401 views

WordPress Plugin WP-UserOnline 2.87.6 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP-UserOnline 2.87.6 - Stored Cross-Site Scripting XSS Date: 21/07/2022 Exploit Author: Steffin Stanly Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link: https://wordpress.org/plugins/wp-useronline/ Version: WP-UserOnline and enter the data...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/26 12:0 a.m.401 views

Simple College Website 1.0 - 'full' Stored Cross Site Scripting

Exploit Title: Simple College Website 1.0 - 'full' Stored Cross Site Scripting Exploit Author: Marco Catalano @stunn4 Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/7772/simple-college-website-using-php-and-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.401 views

House Rental and Property Listing 1.0 - Multiple Stored XSS

Exploit Title: House Rental and Property Listing 1.0 - Multiple Stored XSS Tested on: Windows 10 Exploit Author: Mohamed habib Smidi Craniums Date: 2020-12-28 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/05 12:0 a.m.401 views

TP-Link WDR4300 - Remote Code Execution (Authenticated)

Exploit Title: TP-Link WDR4300 - Remote Code Execution Authenticated Date: 2020-08-28 Exploit Author: Patrik Lantz Vendor Homepage: https://www.tp-link.com/se/home-networking/wifi-router/tl-wdr4300/ Version: TL-WDR4300, N750 Wireless Dual Band Gigabit Router Tested on: Firmware version 3.13.33 an...

9CVSS8.8AI score0.52559EPSS
Exploits8
Total number of security vulnerabilities5000