Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/03/31 12:0 a.m.384 views

SharePoint Workflows - XOML Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...

10CVSS9.6AI score0.99222EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/27 12:0 a.m.384 views

Torrent 3GP Converter 1.51 - Stack Overflow (SEH)

Exploit Title: Torrent 3GP Converter 1.51 - Stack Overflow SEH Exploit Author: boku Date: 2020-01-24 Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link: http://www.torrentrockyou.com/download/tr3gpconverter.exe Version: Torrent 3GP Converter Version 1.51...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.384 views

Product Key Explorer 4.2.0.0 - 'Name' Denial of Service (POC)

Exploit Title: Product Key Explorer 4.2.0.0 - 'Name' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.384 views

Bludit - Directory Traversal Image File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Bludit Directory Traversal Image File Upload Vulnerability", 'Description' = %q This module exploits a vulnerability in Bludit. A remote user cou...

8.8CVSS7.4AI score0.77962EPSS
Exploits16
Exploit DB
Exploit DB
added 2013/11/18 12:0 a.m.384 views

Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)

Dahua DVR Authentication Bypass - CVE-2013-6117 --Summary-- Dahua web-enabled DVRs and rebranded versions do not enforce authentication on their administrative services. Zhejiang Dahua Technology Co., Ltd. http://www.dahuasecurity.com --Affects-- Dahua web-enabled DVRs Dahua-rebranded web-enabled...

10CVSS7AI score0.70713EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.383 views

Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution

Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.383 views

Ivanti Avalanche <v6.4.0.0 - Remote Code Execution

""" Exploit Title: Ivanti Avalanche IIIss'.formatself.namesize, self.valuesize, self.type, self.namesize, self.valuesize, self.name, self.value Create a header structure class HP: def initself, hdr, payload: self.hdr = hdr self.payload = payload self.pad = b'\x00' 16 - lenself.hdr + lenself.paylo...

9.8CVSS9.8AI score0.98919EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/09/17 12:0 a.m.383 views

WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass

Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Date: 2021-09-16 Exploit Author: Sebastian Kriesten 0xB455 Contact: https://twitter.com/0xB455 Affected Plugin: Booster for WooCommerce Plugin Slug: woocommerce-jetpack Vulnerability disclosure:...

9.8CVSS9.6AI score0.50869EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.383 views

WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS

Exploit Title: WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/wp-paginate/ Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version: WP-PaginateVer-2.1.3 CVE : N/A Tested on: Windows 10 x64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.383 views

OpenBSD - Dynamic Loader chpass Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...

7.8CVSS7.6AI score0.03522EPSS
Exploits12
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.383 views

AppXSvc 17763 - Arbitrary File Overwrite (DoS)

Exploit Title: AppXSvc 17763 - Arbitrary File Overwrite DoS Date: 2019-10-28 Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested on: Windows 10 Version 1809 for x64-based Systems CVE: CVE-2019-1476 Summary: AppXSvc...

7.8CVSS7AI score0.414EPSS
Exploits20
Exploit DB
Exploit DB
added 2019/11/21 12:0 a.m.383 views

Network Management Card 6.2.0 - Host Header Injection

Exploit Title: Network Management Card 6.2.0 - Host Header Injection Google Dork: Date: 2019-11-21 Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link: https://www.apc.com/shop/in/en/products/Network-Management-Card Version: v6.2.0 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/30 12:0 a.m.383 views

Cisco Small Business 220 Series - Multiple Vulnerabilities

!/usr/bin/python2.7 """ Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/04/17 12:0 a.m.383 views

Microsoft Windows - 'SeImpersonatePrivilege' Local Privilege Escalation

source: https://www.securityfocus.com/bid/28833/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow authenticated users to elevate their privileges to NetworkService. This allows attackers to execute code with elevated privileges and aids in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.382 views

Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/09/15 12:0 a.m.382 views

Gitea 1.16.6 - Remote Code Execution (RCE) (Metasploit)

Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...

7.5CVSS7.5AI score0.87678EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.382 views

RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path

Exploit Title: RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-11-07 Vendor Homepage: https://www.real.com/ Tested Version: 18.1.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Enterprise SP1 x64 es Step to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/26 12:0 a.m.382 views

CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection

Exploit Title: CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection Google Dork: N/A Date: 11/10/2017 Exploit Author: Gurkirat Singh Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: N/A Version: 2.1.6 Tested on: Linux CVE : CVE-2017-16783 POC :...

9.8CVSS9.7AI score0.07969EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/05/12 12:0 a.m.382 views

WordPress Plugin ChopSlider 3.4 - 'id' SQL Injection

Exploit Title: ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research Google Dork: N/A Date: 2020-05 -12 Vendor Homepage: https://idangero.us/ Software Link: https://github.com/idangerous/Plugins Version: getrow'SELECT FROM ' . CHOPSLIDERTABLENAME...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/18 12:0 a.m.381 views

Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation

Exploit Title: Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation Date: 2025-04-23 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.zyxel.com/ Version: Zyxel uOS V1.31 see https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-= =3D...

7.8CVSS7AI score0.00934EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.381 views

GYM MS - GYM Management System - Cross Site Scripting (Stored)

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.381 views

Academy LMS 6.2 - SQL Injection

Exploit Title: Academy LMS 6.2 - SQL Injection Exploit Author: CraCkEr Date: 29/08/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4974 CWE: CWE-89 / CWE-74 /...

9.8CVSS9.7AI score0.04886EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.381 views

Ruijie Reyee Mesh Router - MITM Remote Code Execution (RCE)

Exploit Title: Ruijie Reyee Wireless Router firmware version B11P204 - MITM Remote Code Execution RCE Date: April 15, 2023 Exploit Author: Mochammad Riyan Firmansyah of SecLab Indonesia Vendor Homepage: https://ruijienetworks.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.381 views

Bang Resto v1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip...

4.8CVSS5.2AI score0.01926EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/02 12:0 a.m.381 views

Xerte 3.10.3 - Directory Traversal (Authenticated)

Exploit Title: Xerte 3.10.3 - Directory Traversal Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.9.zip Version: up until 3.10.3 Tested on: Windows 10 XAMP CVE ...

6.5CVSS6.5AI score0.07685EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.381 views

WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...

4.8CVSS5.5AI score0.0632EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.381 views

Student Management System 1.0 - SQLi Authentication Bypass

Exploit Title: Student Management System 1.0 - SQLi Authentication Bypass Date: 2020-07-06 Exploit Author: Enes Özeser Vendor Homepage: https://www.sourcecodester.com/php/14268/student-management-system.html Version: 1.0 Tested on: Windows & WampServer CVE: CVE-2020-23935 1- Go to following url...

9.8CVSS9.6AI score0.15926EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/07/16 12:0 a.m.381 views

Aruba Instant 8.7.1.0 - Arbitrary File Modification

Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification Date: 15/07/2021 Exploit Author: Gr33nh4t Vendor Homepage: https://www.arubanetworks.com/ Version: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below Aruba Instant 6.5.x: 6.5.4.18 and below Aruba Instant 8.3.x: 8.3.0.14 and below Aru...

8.5CVSS6.8AI score0.13312EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/12 12:0 a.m.381 views

Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection

Exploit Title: Monitoring System Dashboard 1.0 - 'uname' SQL Injection Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.381 views

Interview Management System 1.0 - 'id' SQL Injection

Exploit Title: Interview Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.381 views

BigTree CMS 4.4.10 - Remote Code Execution

Exploit Title: BigTree CMS 4.4.10 - Remote Code Execution Google Dork: " BigTree CMS " Date: 2020-25-09 Exploit Author: SunCSR ThienNV and HoaVT - Sun Cyber Security Research Vendor Homepage: https://www.bigtreecms.org/ Software Link: https://www.bigtreecms.org/ Version: 4.4.10 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/22 12:0 a.m.381 views

Dolibarr 11.0.3 - Persistent Cross-Site Scripting

Title: Dolibarr 11.0.3 - Persistent Cross-Site Scripting Author: Mehmet Kelepce / Gais Cyber Security Date : 2020-04-14 Vendor: https://www.dolibarr.org/ Exploit-DB Author ID: 8763 Remotely Exploitable: Yes Dynamic Coding Language: PHP CVSSv3 Base Score: 7.4 AV:N, AC:L, PR:L, UI:N, S:C, C:L, I:L,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/26 12:0 a.m.381 views

Apache Pluto 3.0.0 / 3.0.1 - Persistent Cross-Site Scripting

Exploit Title: Stored XSS Date: 25-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://portals.apache.org/pluto Software Link: https://portals.apache.org/pluto/download.html Version: 3.0.0, 3.0.1 Tested on: Ubuntu 16.04 LTS CVE: CVE-2019-0186 References:...

6.1CVSS6.3AI score0.20649EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/01/24 12:0 a.m.381 views

SimplePress CMS 1.0.7 - SQL Injection

Exploit Title: SimplePress CMS 1.0.7 - SQL Injection Dork: N/A Date: 2019-01-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/simplepresscms/ Software Link: https://ayera.dl.sourceforge.net/project/simplepresscms/1.0%20alpha/1.0.7alpha.zip Version: 1.0.7 Category:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/27 12:0 a.m.381 views

bludit Pages Editor 3.0.0 - Arbitrary File Upload

Exploit Title: bludit Pages Editor 3.0.0 - Arbitrary File Upload Date: 2018-10-02 Google Dork: N/A Exploit Author: BouSalman Vendor Homepage: https://www.bludit.com/ Software Link: N/A Version: 3.0.0 Tested on: Ubuntu 18.04 CVE : 2018-1000811 POST /admin/ajax/upload-files HTTP/1.1 Host:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/06 12:0 a.m.381 views

Moodle 2.x/3.x - SQL Injection

Exploit: Moodle SQL Injection via Object Injection Through User Preferences Date: April 6th, 2017 Exploit Author: Marko Belzetski Contact: [email protected] Vendor Homepage: https://moodle.org/ Version: 3.2 to 3.2.1, 3.1 to 3.1.4, 3.0 to 3.0.8, 2.7.0 to 2.7.18 and other unsupported versio...

9.8CVSS9.5AI score0.1453EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.380 views

WEBIGniter v28.7.23 File Upload - Remote Code Execution

Title: WEBIGniter v28.7.23 File Upload - Remote Code Execution Author: nu11secur1ty Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.380 views

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference: https://portswigger.net/web-security/access-control...

7.8CVSS8.2AI score0.0206EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.380 views

Online Diagnostic Lab Management System 1.0 - Account Takeover (Unauthenticated)

Exploit Title: Online Diagnostic Lab Management System 1.0 - Account Takeover Unauthenticated Date: 11/01/2022 Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/01 12:0 a.m.380 views

Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting

Exploit Title: Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting Date: 2021-01-30 Exploit Author: Anmol K Sachan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/ Software: : Vehicle...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.379 views

PivotX 3.0.0 RC3 - Remote Code Execution (RCE)

Exploit Title: PivotX v3.0.0 RC3 - Stored XSS to Remote Code Execution RCE Date: July 2025 Exploit Author: HayToN Vendor Homepage: https://github.com/pivotx Software Link: https://github.com/pivotx/PivotX Version: 3.0.0 RC3 Tested on: Debian 11, PHP 7.4 CVE : CVE-2025-52367 Vulnerability Type:...

5.4CVSS7.4AI score0.03835EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.379 views

Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation

Exploit Title: Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation Date: 2025-06-10 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Country: United Kingdom CVE : CVE-2024-28000 import requests import random...

9.8CVSS7AI score0.68266EPSS
Exploits8
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.379 views

Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)

Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomtypes' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/15 12:0 a.m.379 views

Oliver Library Server v5 - Arbitrary File Download

Exploit Title: Oliver Library Server v5 - Arbitrary File Download Date: 14/12/2021 Exploit Authors: Mandeep Singh, Ishaan Vij, Luke Blues, CTRL Group Vendor Homepage: https://www.softlinkint.com/product/oliver/ Product: Oliver Server v5 Version: /oliver/FileServlet?source=serverFile&fileName= 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.379 views

XAMPP 7.4.3 - Local Privilege Escalation

Exploit Title: XAMPP 7.4.3 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Original Author: Maximilian Barz @S1lkys Date: 27/09/2021 Vendor Homepage: https://www.apachefriends.org Version: XAMPP 7.2.29, 7.3.x 7.3.16 & 7.4.x 7.4.4 Tested on: Windows 10 +...

8.8CVSS9.1AI score0.2247EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/08/04 12:0 a.m.379 views

ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)

Exploit Title: ApacheOfBiz 17.12.01 - Remote Command Execution RCE via Unsafe Deserialization of XMLRPC arguments Date: 2021-08-04 Exploit Author: Álvaro Muñoz, Adrián Díaz s4dbrd Vendor Homepage: https://ofbiz.apache.org/index.html Software Link:...

6.1CVSS6.6AI score0.98926EPSS
Exploits16
Exploit DB
Exploit DB
added 2021/07/26 12:0 a.m.379 views

XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)

Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Date: 2021-07-25 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.379 views

Phone Shop Sales Managements System 1.0 - Arbitrary File Upload

Exploit Title: Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution Date: 2021-07-06 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/14 12:0 a.m.379 views

Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting (XSS)

Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...

6.1CVSS6.3AI score0.09996EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.378 views

Microsoft Outlook - Remote Code Execution (RCE)

Titles: Microsoft Outlook - Remote Code Execution RCE Author: nu11secur1ty Date: 07/06/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/microsoft-365/outlook/log-in Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47176...

7.8CVSS6.4AI score0.00648EPSS
Exploits2
Total number of security vulnerabilities5000