Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.391 views

Cisco ISE 3.0 - Remote Code Execution (RCE)

Exploit Title: Cisco ISE 3.0 - Remote Code Execution RCE Exploit Author: @ibrahimsql ibrahimsql.com Exploit Author's github: https://github.com/ibrahmsql Description: Cisco ISE API Java Deserialization RCE CVE: CVE-2025-20124 Vendor Homepage: https://www.cisco.com/ Requirements: requests=2.25.0,...

9.9CVSS7.4AI score0.17218EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.391 views

Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)

Exploit Title: Microsoft Excel 2024 Use after free - Remote Code Execution RCE Author: nu11secur1ty Date: 06/24/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47165 CVE:...

7.8CVSS7.4AI score0.01768EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.391 views

WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Authenticated Google Dork: inurl:/wp-content/plugins/wp-useronline/ Date: 2024-06-12 Exploit Author: Onur Göğebakan Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...

5.5CVSS5.6AI score0.05291EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.391 views

Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

Exploit Title: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload Date: 2024-04-01 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys import os.path import requests import re import urllib3 from requests.exceptions import SSLError from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/12 12:0 a.m.391 views

Microsoft Windows Defender - Detections Bypass

Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERDETECTIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSec Vendor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.391 views

MTPutty 1.0.1.21 - SSH Password Disclosure

Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.391 views

Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)

Exploit Title: Dolibarr ERP-CRM 12.0.3 - Remote Code Execution Authenticated Date: 2020.12.17 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://github.com/Dolibarr/dolibarr Software Link: https://sourceforge.net/projects/dolibarr/ Version: 12.0.3 Tested on: Kali Linux 2020.2 Vulnerabilit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.391 views

Ksix Zigbee Devices - Playback Protection Bypass (PoC)

Exploit Title: Ksix Zigbee Devices - Playback Protection Bypass PoC Date: 2020-11-15 Exploit Author: Alejandro Vazquez Vazquez Vendor Homepage: https://www.ksixmobile.com/ Firmware Version: Gateway Zigbee Module - v1.0.3, Gateway Main Module - v1.1.2, Door Sensor - v1.0.7, PIR Motion Sensor -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/01 12:0 a.m.391 views

Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution

Exploit Title: Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-09-18 Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/15 12:0 a.m.391 views

Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting

Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/01 12:0 a.m.391 views

DiskBoss 7.7.14 - Denial of Service (PoC)

Exploit Title: DiskBoss 7.7.14 - Denial of Service PoC Date: 2020-04-01 Exploit Author: Paras Bhatia Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Vulnerable Software: DiskBoss Version: 7.7.14...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/05 12:0 a.m.390 views

IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow

Exploit Title : IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow ======== ================================================ 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline 5. References 6. Credits 7. Legal Notices ========...

8.2CVSS7AI score0.0163EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.390 views

Wondercms 4.3.2 - XSS to RCE

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.390 views

Apache CouchDB 3.2.1 - Remote Code Execution (RCE)

Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Date: 2022-01-21 Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name...

10CVSS9.6AI score0.9251EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.390 views

ExifTool 12.23 - Arbitrary Code Execution

Exploit Title: ExifTool 12.23 - Arbitrary Code Execution Date: 04/30/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://exiftool.org/ Software Link: https://github.com/exiftool/exiftool/archive/refs/tags/12.23.zip Version: 7.44-12.23 Tested on: ExifTool 12.23 Debian CVE:...

7.8CVSS7.6AI score0.99981EPSS
Exploits39
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.390 views

Simple Chatbot Application 1.0 - Remote Code Execution (RCE)

Exploit Title: Simple Chatbot Application 1.0 - Remote Code Execution RCE Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/07 12:0 a.m.390 views

Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection

Exploit Title: Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection Date: 05/01/20222 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15119/online-veterinary-appointment-system-using-phpoop-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.390 views

Terramaster TOS 4.2.15 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Terramaster TOS 4.2.15 - Remote Code Execution RCE Unauthenticated Date: 12/24/2021 Exploit Author: n0tme thatsn0tmysite Full Write-Up: https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/ Vendor Homepage: https://www.terra-master.com/ Version: TOS 4.2.X 4.2.15-2107141517 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/08 12:0 a.m.390 views

Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path

Exploit Title: Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://pingzapper.com Software Links: https://pingzapper.com/download Tested Version: 2.3.1 Vulnerability Type: Unquoted Service Path Tested on: Windows 8.1 Pro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.390 views

Atlassian Confluence Widget Connector Macro - SSTI

Exploit Title: Atlassian Confluence Widget Connector Macro - SSTI Date: 21-Jan-2021 Exploit Author: 46o60 Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://product-downloads.atlassian.com/software/confluence/downloads/atlassian-confluence-6.12.1-x64.bin Version...

10CVSS9.8AI score0.99913EPSS
Exploits20
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.390 views

Content Management System 1.0 - 'id' SQL Injection

Exploit Title: Content Management System 1.0 - 'id' SQL Injection Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/15 12:0 a.m.390 views

Infor Storefront B2B 1.0 - 'usr_name' SQL Injection

Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.390 views

Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path

Exploit Title: Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path Exploit Author: boku Date: 2020-04-17 Vendor Homepage: http://www.drive-software.com Software Link: http://www.drive-software.com/download/ataclock.exe Version: 6.3 Tested On: Windows 10 Pro 1909 32-bit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.390 views

ManageEngine Desktop Central - Java Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Desktop Central Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in the...

10CVSS7.4AI score0.99941EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/10/03 12:0 a.m.390 views

AnchorCMS < 0.12.3a - Information Disclosure

Exploit Title: Information disclosure MySQL password in error log Date: 2/10/2019 Exploit Author: Tijme Gommers https://twitter.com/finnwea/ Vendor Homepage: https://anchorcms.com/ Software Link: https://github.com/anchorcms/anchor-cms/releases Version: 0.12.3a Tested on: Linux CVE : CVE-2018-725...

9.8CVSS9.8AI score0.72272EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.390 views

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The ctfmon service creates an ALPC port in a well known location, to which...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/05/15 12:0 a.m.390 views

ElasticSearch - Remote Code Execution

body padding-top: 50px; .starter-template padding: 40px 15px; text-align: center; function esinject var readfile; var writefile; readfile = functionfilename return "import java.util.;\nimport java.io.;\nnew Scannernew File"" + filename + "".useDelimiter"\\Z".next;"; ; writefile =...

8.1CVSS6.4AI score0.88559EPSS
Exploits17
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.389 views

Simple File List WordPress Plugin 4.2.2 - File Upload to RCE

Exploit Title: Simple File List WordPress Plugin 4.2.2 - File Upload to RCE Google Dork: inurl:/wp-content/plugins/simple-file-list/ Date: 2025-07-15 Exploit Author: Md Amanat Ullah xSwads Vendor Homepage: https://wordpress.org/plugins/simple-file-list/ Software Link:...

9.8CVSS7.4AI score0.12633EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.389 views

Discourse 3.2.x - Anonymous Cache Poisoning

!/usr/bin/env python3 """ Exploit Title: Discourse 3.2.x - Anonymous Cache Poisoning Date: 2024-10-15 Exploit Author: ibrahimsql Github: : https://github.com/ibrahmsql Vendor Homepage: https://discourse.org Software Link: https://github.com/discourse/discourse Version: Discourse latest patched...

8.2CVSS6.5AI score0.01593EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.389 views

GLiNet - Router Authentication Bypass

DZONERZY Security Research GLiNet: Router Authentication Bypass ======================================================================== Contents ======================================================================== 1. Overview 2. Detailed Description 3. Exploit 4. Timeline...

9.8CVSS7AI score0.00764EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.389 views

Clinic's Patient Management System 1.0 - Unauthenticated RCE

Exploit Title: Clinic's Patient Management System 1.0 - Unauthenticated RCE Date: 07.10.2023 Exploit Author: Oğulcan Hami Gül Vendor Homepage: https://www.sourcecodester.com/php-clinics-patient-management-system-source-code Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/11 12:0 a.m.389 views

Tdarr 2.00.15 - Command Injection

Exploit Title: Tdarr 2.00.15 - Command Injection Date: 10/03/2022 Exploit Author: Sam Smith Vendor Homepage: https://tdarr.io Software Link: https://f000.backblazeb2.com/file/tdarrs/versions/2.00.15/linuxarm64/TdarrServer.zip Version: 2.00.15 likely also older versions Tested on: 2.00.15 Exploit:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/25 12:0 a.m.389 views

Simple Client Management System 1.0 - 'uemail' SQL Injection (Unauthenticated)

Exploit Title: Simple Client Management System 1.0 - 'uemail' SQL Injection Unauthenticated Date: 24-06-2021 Exploit Author: Barış Yıldızoğlu Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/client-details.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.389 views

Unified Remote 3.9.0.2463 - Remote Code Execution

Exploit Title: Unified Remote 3.9.0.2463 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: https://www.unifiedremote.com/ Software Link: https://www.unifiedremote.com/download Tested on: Windows 10, 10.0.19042 Build 19042 !/usr/bin/python import socket import sys import os from time impor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.389 views

ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)

Exploit Title: ChurchCRM 4.2.1- Persistent Cross Site ScriptingXSS Date: 2020- 10- 29 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM Version: 4.2.1 Tested on: Kali Linux 2020.3 Proof Of Concept: ChurchCRM application allo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.389 views

Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality

Exploit Title: Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality Date: 2020-11-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5311 Tested on: Kali Linux 2020....

7.5CVSS7.7AI score0.06362EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/06/08 12:0 a.m.389 views

Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow (SEH) (PoC)

Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-07 Vulnerable Software: Frigate Version: "Command...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/02 12:0 a.m.389 views

DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow (PoC)

Exploit Title: DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow PoC Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Exploit Author: Paras Bhatia Discovery Date: 2020-04-01 Vulnerable...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/11 12:0 a.m.389 views

AVCON6 systems management platform - OGNL Remote Command Execution

Exploit Title: AVCON6 systems management platform - OGNL - Remote root command execution Date: 10/09/2018 Exploit Author: Nassim Asrir Contact: [email protected] | https://www.linkedin.com/in/nassim-asrir-b73a57122/ CVE: N\A Tested On: Windows 1064bit / 61.0b12 64-bit Thanks to: Otmane Aarab...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.389 views

TortoiseSVN 1.12.1 - Remote Code Execution

Document Title: =============== TortoiseSVN v1.12.1 - Remote Code Execution Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2188 Product:...

8.8CVSS9AI score0.16391EPSS
Exploits6
Exploit DB
Exploit DB
added 2009/08/24 12:0 a.m.389 views

Linux Kernel 2.4/2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)

/ 0x82-CVE-2009-2692 Linux kernel 2.4/2.6 32bit socksendpage local ring0 root exploit simple ver Tested RedHat Linux 9.0, Fedora core 411, Whitebox 4, CentOS 4.x. -- Discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team. spender and venglin's code is very excellent. Thankful t...

7.8CVSS8.2AI score0.14633EPSS
Exploits18
Exploit DB
Exploit DB
added 2008/09/24 12:0 a.m.389 views

AJ Auction Pro Platinum Skin - 'item_id' SQL Injection

AJ Auction Pro Platinum Skin 2 detail.php itemid Remote SQL Injection Vulnerability POC : /detail.php?itemid=-1+UNION+SELECT+1,2,3,4,concatusername,0x3a,password, 6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.388 views

Sitecore 10.4 - Remote Code Execution (RCE)

Exploit Title: Sitecore 10.4 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://developers.sitecore.com/downloads Version: Sitecore 10.3 - 10.4 CVE : CVE-2025-27218 Link: https://github.com/yealvarez/CVE/blob/main/CVE-2025-27218/exploit.py from requests import...

5.3CVSS7.4AI score0.6356EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.388 views

(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]

Exploit Title: Linux-x64 - create a shell with execve sending argument using XOR /bin//sh 55 bytes Shellcode Author: Alexys 0x177git Tested on: Linux x8664 Shellcode Description: creating a new process using execve syscall sending bin//sh as argument | encrypted using XOR operation was QWORD size...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/08 12:0 a.m.388 views

PHPJabbers Vacation Rental Script 4.0 - CSRF

Exploit Title: PHPJabbers Vacation Rental Script 4.0 - CSRF Date: 05/08/2023 Exploit Author: Hasan Ali YILDIR Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/vacation-rental-script/ Version: 4.0 Tested on: Windows 10 Pro Description The attacker can send to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.388 views

JLex GuestBook 1.6.4 - Reflected XSS

Exploit Title: JLex GuestBook 1.6.4 - Reflected XSS Exploit Author: CraCkEr Date: 01/08/2023 Vendor: JLexArt Vendor Homepage: https://jlexart.com/ Software Link: https://extensions.joomla.org/extension/contacts-and-feedback/guest-book/jlex-guestbook/ Demo: https://jlexguestbook.jlexart.com/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.388 views

Codiad 2.8.4 - Remote Code Execution (Authenticated) (4)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.388 views

WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/ninja-tables/ Software Link: https://wpmanageninja.com/downloads/ninja-tables-pro-add-on/ Version: 4.1.7 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.388 views

SCO Openserver 5.0.7 - 'section' Reflected XSS

Exploit Title: SCO Openserver 5.0.7 - 'section' Reflected XSS Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 14/06/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Tested on...

6.1CVSS6.3AI score0.08142EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/16 12:0 a.m.388 views

CS-Cart 1.3.3 - 'classes_dir' LFI

Exploit Title: CS-Cart unauthenticated LFI Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.4 Vulnerability Type: unauthenticated LFI...

7.4AI score
Exploits0
Total number of security vulnerabilities5000