Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.374 views

GDidees CMS 3.9.1 - Local File Disclosure

Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 an...

7.5CVSS7.6AI score0.60793EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/05/07 12:0 a.m.374 views

Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)

Exploit Title: Human Resource Information System 0.1 - Remote Code Execution Unauthenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/05 12:0 a.m.374 views

LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)

Exploit Title: LiteSpeed Web Server Enterprise 5.4.11 - Command Injection Authenticated Date: 05/20/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://www.litespeedtech.com/products Version: 5.4.11 Ubuntu/Kali Linux Step 1: Log in to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.374 views

Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution

Exploit Title: Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2021-01-05 Vendor Homepage: https://www.sourcecodester.com/php/14588/employee-record-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.374 views

Responsive E-Learning System 1.0 - 'id' Sql Injection

Exploit Title: Responsive E-Learning System 1.0 – 'id' Sql Injection Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/08 12:0 a.m.374 views

Nextcloud 17 - Cross-Site Request Forgery

Exploit Title: Nextcloud 17 - Cross-Site Request Forgery Date: 08.11.2019 Exploit Author: Ozer Goker Vendor Homepage: https://nextcloud.com Software Link: https://nextcloud.com/install/instructions-server Version: 17 CVE: N/A Nextcloud offers the industry-leading, on-premises content collaboratio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/10 12:0 a.m.374 views

Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File

We have encountered a Windows kernel crash in memcpy called by nt!MiRelocateImage while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/13 12:0 a.m.374 views

Dolibarr ERP-CRM 10.0.1 - 'User-Agent' Cross-Site Scripting

Exploit Title: Dolibarr ERP/CRM 10.0.1 - User-Agent Http Header Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for Linux CVE:...

6.1CVSS6.5AI score0.0299EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/03/26 12:0 a.m.374 views

QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)

Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection Date: 7 February 2015 Exploit Author: Patrick Pellegrino | [email protected] work / [email protected] other Employer homepage: http://www.securegroup.it Vendor...

10CVSS10AI score0.99999EPSS
Exploits132
Exploit DB
Exploit DB
added 2025/03/20 12:0 a.m.373 views

JUX Real Estate 3.4.0 - SQL Injection

Exploit Title: JUX Real Estate 3.4.0 - SQL Injection Exploit Author: CraCkEr Date: 26/02/2025 Vendor: JoomlaUX Vendor Homepage: https://joomlaux.com/ Software Link: https://extensions.joomla.org/extension/jux-real-estate/ Demo Link: http://demo.joomlaux.com/jux-real-estate Tested on: Windows 11 P...

8.8CVSS7.4AI score0.09591EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.373 views

GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 3.216 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

9.8CVSS9.7AI score0.24725EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.373 views

Wordpress Seotheme - Remote Code Execution Unauthenticated

Exploit Title: Wordpress Seotheme - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys , requests, re from multiprocessing.dummy import Pool from colorama import Fore from colorama import init...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.373 views

TASKHUB-2.8.8 - XSS-Reflected

Title: TASKHUB-2.8.8-XSS-Reflected Author: nu11secur1ty Date: 09/22/2023 Vendor: https://codecanyon.net/user/infinitietech Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Reference: https://portswigger.net/web-security/cross-site-scripting Description: T...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.373 views

Dingtian-DT-R002 3.1.276A - Authentication Bypass

Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass Google Dork: NA Date: 13th July 2022 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2022-29593/ Vendor Homepage: https://www.dingtian-tech.com/enus/relay4.html Software Link:...

5.9CVSS5.8AI score0.12907EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.373 views

Telesquare TLR-2855KS6 - Arbitrary File Creation

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Creation Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46418 Proof of Concept PUT /cgi-bin/testingcve.txt HTTP/1.1 Host:...

7.5CVSS7.6AI score0.23945EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/09 12:0 a.m.373 views

Exam Reviewer Management System 1.0 - ‘id’ SQL Injection

Exploit Title: Exam Reviewer Management System 1.0 - ‘id’ SQL Injection Date: 2022-02-18 Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.373 views

Hospitals Patient Records Management System 1.0 - 'room_list' Stored Cross Site Scripting (XSS)

Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomlist' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/12 12:0 a.m.373 views

WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting XSS Date: 11/12/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://accesspressthemes.com/ Software Link: https://wordpress.org/plugins/accesspress-social-icons/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.373 views

Ericsson Network Location MPS GMPC21 - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Privilege Escalation Meow Variant', 'Description' = %q This module exploits privilege escalation vulnerability in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/02 12:0 a.m.373 views

Men Salon Management System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Men Salon Management System 1.0 - SQL Injection Authentication Bypass Date: 2021-07-30 Exploit Author: Akshay Khanna ConfusedBot Vendor Homepage: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/22 12:0 a.m.373 views

ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted Service Path

Exploit Title: ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted Service Path Date: 2021-06-21 Exploit Author: Julio Aviña Vendor Homepage: https://www.asus.com/ Software Link: https://dlcdnets.asus.com/pub/ASUS/LCD%20Monitors/MB16ACE/ASUSDisplayWidget3.4.0.036.exe.zip...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.373 views

YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery

Title: YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery Date: 09.01.2021 Author: Numan Türle Vendor Homepage: https://mfscripts.com Software Link: https://yetishare.com Version: v5.1.0 Tested on: YetiShare - File Hosting Script v5.1.0, Php Version : 7.4 Summary ---------...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/15 12:0 a.m.373 views

Macs Framework 1.14f CMS - Persistent Cross-Site Scripting

Title: Macs Framework 1.14f CMS - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-04-15 Software Link: https://sourceforge.net/projects/macs-framework/files/latest/download CVE: N/A Document Title: =============== Macs Framework v1.14f CMS - Multiple Web Vulnerabilitie...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/06 12:0 a.m.373 views

QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path

Exploit Title: QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path Discovery Date: 2019-11-05 Exploit Author: Ivan Marmolejo Vendor Homepage: https://www.qnap.com/en/ Software Link: https://www.qnap.com/en/download Version: 4.5.6.0607 Vulnerability Type: Local Tested on: Windo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/13 12:0 a.m.372 views

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

Exploit Title: WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation Google Dork: inurl:/wp-content/plugins/frontend-login-and-registration-blocks/ Date: 2025-05-12 Exploit Author: Md Shoriful Islam RootHarpy Vendor Homepage:...

9.8CVSS7.1AI score0.06441EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/19 12:0 a.m.372 views

FoxCMS 1.2.5 - Remote Code Execution (RCE)

Date: 2025-04-17 Exploit Title: Exploit Author: VeryLazyTech Vendor Homepage: https://www.foxcms.org/ Software Link: https://www.foxcms.cn/ Version: FoxCMS v.1.2.5 Tested on: Ubuntu 22.04, Windows Server 2019 CVE: CVE-2025-29306 Website: https://www.verylazytech.com !/bin/bash banner cat " exit 1...

9.8CVSS7AI score0.43655EPSS
Exploits11
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.372 views

File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution RCE Date: 05/31/2023 Exploit Author: Mateus Machado Tesser Vendor Homepage: https://advancedfilemanager.com/ Version: File Manager Advanced Shortcode 2.3.2 Tested on: Wordpress 6.1 / Linux Ubuntu 5.15 CVE...

9.8CVSS7AI score0.3962EPSS
Exploits8
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.372 views

TLR-2005KSH - Arbitrary File Upload

Exploit Title: TLR-2005KSH - Arbitrary File Upload Date: 2022-05-11 Shodan Dork: title:"Login to TLR-2021" Exploit Author: Ahmed Alroky Author Company : Aiactive Version: 1.0.0 Vendor home page : http://telesquare.co.kr/ Authentication Required: No Tested on: Windows CVE: CVE-2021-45428...

9.8CVSS9.7AI score0.56931EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/07 12:0 a.m.372 views

WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection (2)

Exploit Title: WordPress Plugin Survey & Poll 1.5.7.3 - 'sssparams' SQL Injection 2 Date: 2021-09-07 Exploit Author: Mohin Paramasivam Shad0wQu35t Vendor Homepage: http://modalsurvey.pantherius.com/ Software Link: https://downloads.wordpress.org/plugin/wp-survey-and-poll.zip Version: 1.5.7.3 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.372 views

WordPress Plugin WP24 Domain Check 1.6.2 - 'fieldnameDomain' Stored Cross Site Scripting

Exploit Title: WordPress Plugin WP24 Domain Check 1.6.2 - 'fieldnameDomain' Stored Cross Site Scripting Date: 2021-01-03 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://wordpress.org/plugins/wp24-domain-check/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.372 views

Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path

Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.372 views

HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path

Exploit Title: HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path Discovery by: Jocelyn Arenas Discovery Date: 2020-11-07 Vendor Homepage: https://www8.hp.com/mx/es/home.html Tested Version: 1.4.8.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Home x64 es Step to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/28 12:0 a.m.372 views

Exploit - EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path

Exploit Title: EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path Discovery by: İsmail Önder Kaya Discovery Date: 2020-10-27 Vendor Homepage: https://www.epson.co.uk/support?productID=10820&os=22driversandmanuals Tested Version: 1.124 Vulnerability Type: Unquoted Service Path Tested on OS: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.372 views

Textpattern CMS 4.6.2 - Cross-site Request Forgery

Exploit Title: Textpattern CMS 4.6.2 - Cross-site Request Forgery Exploit Author: Alperen Ergel Contact: @alprenae Software Homepage: https://textpattern.com/ Version : 4.6.2 Tested on: windows 10 / xammp Category: WebApp Google Dork: intext:"Published with Textpattern CMS" Date: 2020-10-29...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/15 12:0 a.m.372 views

Zoo Management System 1.0 - Authentication Bypass

Exploit Title: Zoo Management System 1.0 - Authentication Bypass Date: 02/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://phpgurukul.com/zoo-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=12723 Version: 1.0 Tested On:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.371 views

McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information

Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit Author: Keenan Scott Vendor Homepage: hxxps://www.mcafee.com/ Software Download: N/A Unable to find Version: Arguments CmdletBinding param string$DbSource =...

6.1CVSS7.4AI score0.00622EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.371 views

Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection (Authenticated)

Exploit Title: Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection Authenticated Google Dork: intitle: "Inicio de Sesión - Kmaleon" Date: 2021-11-05 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.levelprograms.com Software Link: https://www.levelprograms.com/kmaleon-abogados/ Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/01 12:0 a.m.371 views

WordPress 5.0.0 - Image Remote Code Execution

Exploit Title: WordPress 5.0.0 - Image Remote Code Execution Date: 2020-02-01 Exploit Authors: OUSSAMA RAHALI aka V0lck3r Discovery Author : RIPSTECH Technology Version: WordPress 5.0.0 and :/ ' printusage url = sys.argv1 username = sys.argv2 password = sys.argv3 wptheme = sys.argv4 wpscan result...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.371 views

Joomla! 3.4.6 - 'configuration.php' Remote Code Execution

Exploit Title: Joomla 3.4.6 - 'configuration.php' Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo @Hacktive Security Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/25 12:0 a.m.371 views

Ovidentia 8.4.3 - SQL Injection

------------------------------------------------------- Exploit Title: Ovidentia CMS - SQL Injection Authenticated Date: 06/05/2019 CVE: CVE-2019-13978 Exploit Author: Fernando Pinheiro n3k00n3 Victor Flores UserX Vendor Homepage: https://www.ovidentia.org/ Version: 8.4.3 Tested on: Mac,linux -...

8.8CVSS9AI score0.01462EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.371 views

μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure

By default, utorrent create an HTTP RPC server on port 10000 uTorrent classic or 19575 uTorrent web. There are numerous problems with these RPC servers that can be exploited by any website using XMLHTTPRequest. To be clear, visiting any website is enough to compromise these applications. uTorrent...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.371 views

Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory corruption seems to be a Heap Overflow in the Windows DCE-RPC Call...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/14 12:0 a.m.371 views

Adobe ColdFusion - Directory Traversal

Working GET request courtesy of carnal0wnage: http://server/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../ColdFusion8/lib/password.properties%00en LLsecurity added another admin page filename: "/CFIDE/administrator/enter.cfm" !/usr/bin/python CVE-2010-2861 - Adobe ColdFusion...

9.8CVSS9.6AI score0.99721EPSS
Exploits13
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.370 views

Gibbon LMS < v26.0.00 - Authenticated RCE

Exploit Title: Gibbon LMS has a PHP Deserialization vulnerability on the v26.0.00 version Date: 22.01.2024 Exploit Author: SecondX.io Research TeamAli Maharramli,Fikrat Guliev,Islam Rzayev Vendor Homepage: https://gibbonedu.org/ Software Link: https://github.com/GibbonEdu/core Version: v26.0.00...

8.8CVSS6.6AI score0.5132EPSS
Exploits7
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.370 views

Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery Exploit Author: LiquidWorm Sielco Analog FM Transmitter 2.12 Cross-Site Request Forgery Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.370 views

WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload (Authenticated)

Exploit Title: WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload Authenticated Google Dork: - Date: 2022-03-13 Exploit Author: Roel van Beurden Vendor Homepage: - Software Link: https://downloads.wordpress.org/plugin/advanced-uploader.4.2.zip Version: =4.2 Tested on: WordPress 5.9 on...

8.8CVSS9AI score0.15929EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.370 views

Engineers Online Portal 1.0 - 'id' SQL Injection

Exploit Title: Engineers Online Portal 1.0 - 'id' SQL Injection Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.370 views

Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Date: 06.07.2021 Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.370 views

Responsive FileManager 9.13.4 - 'path' Path Traversal

Exploit Title: Responsive FileManager 9.13.4 - 'path' Path Traversal Date: 12/12/2018 PoC Date: 04/01/2020 Auto Exploit Exploit Author: SunCSR Sun Cyber Security Research Google Dork: intitle:"Responsive FileManager 9.x.x" Vendor Homepage: http://responsivefilemanager.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.370 views

Fastweb Fastgate 0.00.81 - Remote Code Execution

Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb ISP network Version: 0.00.81 Tested on: Linux CV...

7.4AI score
Exploits0
Total number of security vulnerabilities5000