Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.369 views

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.369 views

DLINK DPH-400SE - Exposure of Sensitive Information

Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Date : 25-08-2023 Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.369 views

Perch v3.2 - Persistent Cross Site Scripting (XSS)

Exploit Title: Perch v3.2 - Persistent Cross Site Scripting XSS Google Dork: N/A Date: 23-July-2023 Exploit Author: Dinesh Mohanty Vendor Homepage: https://grabaperch.com/ Software Link: https://grabaperch.com/download Version: v3.2 Tested on: Windows CVE : Requested Description: Stored Cross Sit...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.369 views

CuteEditor for PHP 6.6 - Directory Traversal

Exploit Title: CuteEditor for PHP 6.6 - Directory Traversal Google Dork: N/A Date: November 17th, 2021 Exploit Author: Stefan Hesselman Vendor Homepage: http://phphtmledit.com/ Software Link: http://phphtmledit.com/download/phphtmledit.zip Version: 6.6 Tested on: Windows Server 2019 CVE : N/A The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.369 views

Siemens S7-1200 - Unauthenticated Start/Stop Command

Exploit Title: Unauthenticated Siemens S7-1200 CPU Start/Stop Command Date: 09/03/2022 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: V4.5 and below Tested on: Siemens S7-1200 CPU: 1215C IP == PLC IP address Start Command curl -i -s -k -X $'POST' \ -...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.369 views

Simple Payroll System 1.0 - SQLi Authentication Bypass

Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Date: 2021-10-09 Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/05 12:0 a.m.369 views

Church Management System 1.0 - 'password' SQL Injection (Authentication Bypass)

Exploit Title: Church Management System 1.0 - 'password' SQL Injection Authentication Bypass Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Versio...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/07 12:0 a.m.369 views

Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection

Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Date: 2020-06-17 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Update :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/14 12:0 a.m.369 views

Aida64 6.00.5100 - 'Log to CSV File' Local SEH Buffer Overflow

!/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/16 12:0 a.m.369 views

Nginx (Debian Based Distros + Gentoo) - 'logrotate' Local Privilege Escalation

!/bin/bash Nginx Debian-based distros + Gentoo - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid Golunski dawidatlegalhackers.com https://legalhackers.com Follow https://twitter.com/dawidgolunski for updates on this advisory. --- This Po...

7.8CVSS7.6AI score0.04863EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.368 views

Employee Management System 1.0 - 'admin_id' SQLi

Exploit Title: Employee Management System 1.0 - 'adminid' SQLi Date: 20-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Version: 1.0 Tested on...

9.8CVSS6.8AI score0.01229EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.368 views

taskhub 2.8.7 - SQL Injection

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Date: 05/09/2023 Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth...

8CVSS7.9AI score0.00692EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.368 views

MISP 2.4.171 - Stored XSS

Exploit Title: MISP 2.4.171 Stored XSS CVE-2023-37307 Authenticated Date: 8th October 2023 Exploit Author: Mücahit Çeri Vendor Homepage: https://www.circl.lu/ Software Link: https://github.com/MISP/MISP Version: 2.4.171 Tested on: Ubuntu 20.04 CVE : CVE-2023-37307 Exploit: Logged in as low...

5.4CVSS7AI score0.00502EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.368 views

FileMage Gateway 1.10.9 - Local File Inclusion

Exploit Title: FileMage Gateway 1.10.9 - Local File Inclusion Date: 8/22/2023 Exploit Author: Bryce "Raindayzz" Harty Vendor Homepage: https://www.filemage.io/ Version: Azure Versions 1.10.9 Tested on: All Azure deployments 1.10.9 CVE : CVE-2023-39026 Technical Blog -...

7.5CVSS7.6AI score0.10562EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/22 12:0 a.m.368 views

Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing

Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Author: nu11secur1ty Date: 06.22.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...

6.5CVSS6.8AI score0.01649EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.368 views

Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak

Exploit Title: Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak Exploit Author: LiquidWorm Product web page: https://www.ateme.com Affected version: 3.2.9 Hardware revision 1.0 SoapLive 2.0.3 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.368 views

CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)

Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS Cross-Site Scripting Date: 2023-02-02 Exploit Author: Andrea Intilangelo Vendor Homepage: https://civicrm.org Software Link: https://civicrm.org/download Version: 5.59.alpha1, 5.58.0 and earlier, 5.57.3 and earlier Tested on: Latest Version of Deskt...

5.4CVSS5.5AI score0.02537EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.368 views

pdfkit v0.8.7.2 - Command Injection

!/usr/bin/env python3 Exploit Title: pdfkit v0.8.7.2 - Command Injection Date: 02/23/2023 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pdfkit.org/ Software Link: https://github.com/pdfkit/pdfkit Version: 0.0.0-0.8.7.2 Tested on: pdfkit 0.8.6 CVE: CVE-2022–25765 Source:...

9.8CVSS9.5AI score0.39389EPSS
Exploits11
Exploit DB
Exploit DB
added 2022/02/18 12:0 a.m.368 views

Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path

Exploit Title: Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/drfonefull3360.exe Tested Version: 11.4.9 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/11 12:0 a.m.368 views

Subrion CMS 4.2.1 - Cross Site Request Forgery (CSRF) (Add Amin)

Exploit Title: Subrion CMS 4.2.1 - Cross Site Request Forgery CSRF Add Amin Date: 2022-02-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://subrion.org Software Link: https://subrion.org/download Version: 4.2.1 Tested on: Windows 10 About - Subrion CMS : Subrion is a PHP/MySQL based C...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/18 12:0 a.m.368 views

Simple Image Gallery 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Simple Image Gallery 1.0 - Remote Code Execution RCE Unauthenticated Date: 17.08.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Version: V 1.0 Tested on: Ubuntu import reques...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/03 12:0 a.m.368 views

P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)

Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-02-02 Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207 Software Link: App Store for iOS devices Tested Version: 10.4.1 Vulnerability Type: Denial o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/04 12:0 a.m.368 views

OpenVPN Connect 3.0.0.272 - 'agent_ovpnconnect' Unquoted Service Path

Exploit Title: OpenVPN Connect 3.0.0.272 - 'ovpnagent' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-03 Vendor Homepage: https://openvpn.net Software Link : https://openvpn.net/downloads/openvpn-connect-v3-windows.msi Tested Version: 3.0.0.272 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/08/05 12:0 a.m.368 views

PHP Power Browse 1.2 - Directory Traversal

Exploit Title: PHP Power Browse v1.2 - Path Traversal Google Dork: intitle:PHP Power Browse inurl:browse.php Exploit Author: Manuel Mancera sinkmanu | sinkmanu at gmail dot com Software URL: https://github.com/arzynik/PHPPowerBrowse Version: 1.2 Vulnerability Type : Path traversal Severity : High...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.367 views

Microsoft SharePoint 2019 - NTLM Authentication

Titles: Microsoft SharePoint 2019 NTLM Authentication Author: nu11secur1ty Date: 06/27/25 Vendor: Microsoft Software: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Reference: https://www.networkdatapedia.com/post/ntlm-autSharePoint 2019 NTLM Authentication...

8.8CVSS6.4AI score0.12606EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.367 views

GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

Exploit Title: GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload Date: 2024-02-04 Exploit Author: Georgios Tsimpidas Vendor Homepage: https://www.openeclass.org/ Software Link: https://download.openeclass.org/files/3.15/ Version: 3.15 2024 Tested on: Debian Kali...

9.8CVSS6.7AI score0.03821EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.367 views

Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation

Exploit Title: Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation Google Dork: inurl:/user-public-account Date: 2023-09-04 Exploit Author: Revan Arifio Vendor Homepage: https:/.org/plugins/masterstudy-lms-learning-management-system/ Version: | | \ / | | / /| |...

7.5CVSS7.6AI score0.03495EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.368 views

Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878...

9.1CVSS7AI score0.35716EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.367 views

Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution (RCE)

!/usr/bin/env python """ Exploit Title: Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution RCE Google Dork: N/A Date: 2023-04-13 Exploit Author: max / Zoltan Padanyi Vendor Homepage: https://exchange.nagios.org/directory/Addons/Configuration/Lilac-2DReloaded/visit Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/23 12:0 a.m.367 views

Simple Real Estate Portal System 1.0 - 'id' SQLi

Exploit Title: Simple Real Estate Portal System 1.0 - 'id' SQL Injection Date: 22/02/2022 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15184/simple-real-estate-portal-system-phpoop-free-source-code.html Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.367 views

meterN v1.2.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: meterN v1.2.3 - Remote Code Execution RCE Authenticated Date: 18/11/2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.metern.org !-- meterN v1.2.3 Authenticated Remote Command Execution Vulnerability Vendor: Jean-Marc Louviaux Product web page: https://www.metern.org...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.367 views

WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion

Exploit Title: WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion Date: 11/07/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.miniorange.com/ Software Link: https://wordpress.org/plugins/backup-and-restore-for-wp/ Version: 1.0.3 Tested on : Window...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.367 views

ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path

Exploit Title: ELAN Touchpad 15.2.13.1X64WHQL - 'ETDService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-22 Vendor : ELAN Microelectronics Version : ELAN Touchpad 15.2.13.1X64WHQL Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 8 This software installs...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.367 views

MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path

Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.367 views

AMD Fuel Service - 'Fuel.service' Unquote Service Path

Exploit Title: AMD Fuel Service - 'Fuel.service' Unquote Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://www.amd.com/ Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/28 12:0 a.m.367 views

CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)

Exploit Title: CMSUno 1.6.2 - 'lang/user' Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Exploit Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr https://www.exploit-db.com/?author=10066 Vendor Homepage:...

8.8CVSS8.7AI score0.09852EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/04/10 12:0 a.m.367 views

AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)

Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-05-02 Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe Tested Version: 11.12 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/10 12:0 a.m.367 views

PHPStudy - Backdoor Remote Code execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.367 views

Microsoft Windows PowerShell - Unsanitized Filename Command Execution

''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.366 views

WBCE 1.6.0 - Unauthenticated SQL injection

Exploit Title: |Unauthenticated SQL injection in WBCE 1.6.0 Date: 15.11.2023 Exploit Author: young pope Vendor Homepage: https://github.com/WBCE/WBCECMS Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.0.zip Version: 1.6.0 Tested on: Kali linux CVE : CVE-2023-39796 There is an...

9.8CVSS9.8AI score0.06096EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.366 views

KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow

Exploit Title: KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.366 views

Microsoft Windows 11 - 'apds.dll' DLL hijacking (Forced)

--------------------------------------------------------- Title: Microsoft Windows 11 - 'apds.dll' DLL hijacking Forced Date: 2023-09-01 Author: Moein Shahabi Vendor: https://www.microsoft.com Version: Windows 11 Pro 10.0.22621 Tested on: Windows 11x64 eng...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.366 views

pfSense v2.7.0 - OS Command Injection

Exploit Title: pfSense v2.7.0 - OS Command Injection Exploit Author: Emir Polat CVE-ID : CVE-2023-27253 class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of...

8.8CVSS9.2AI score0.90655EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.366 views

SCRMS 2023-05-27 1.0 - Multiple SQL Injection

Exploit Title: SCRMS 2023-05-27 1.0 - Multiple SQLi Author: nu11secur1ty Date: 05.27.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15895/simple-customer-relationship-management-crm-system-using-php-free-source-coude.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.366 views

Ulicms 2023.1 - create admin user via mass assignment

Exploit Title: Ulicms 2023.1 - create admin user via mass assignment Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: create admin user via mass assignment Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.366 views

Huawei DG8045 Router 1.0 - Credential Disclosure

Title: Huawei DG8045 Router 1.0 - Credential Disclosure Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 HardwareVersion: VER.A CVE: N/A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the bac...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/19 12:0 a.m.366 views

Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)

Exploit Title: Rocket LMS 1.1 - Persistent Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 29/12/2021 Document Title: =============== Rocket LMS 1.1 - Persistent Cross Site Scripting XSS References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/15 12:0 a.m.366 views

WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting XSS Date: 20/08/2021 Exploit Author: Davide Taraschi Vendor Homepage: https://wpschoolpress.com/ Software Link: https://wpschoolpress.com/free-download/ Version: up to 2.1.17 non included Tested on: Ubuntu 20.0...

4.8CVSS5.1AI score0.02358EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.366 views

Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload

Exploit Title: Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/mstore-api/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/mstore-api/ Version: 2.0.6, possibly higher Tested on: Ubuntu 20.04.1 import os.path...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/09 12:0 a.m.366 views

OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting

Exploit Title: OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting Date: 2021/08/06 Exploit Author: Mert Daş Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.7 Tested on: Windows 10 Stored Cross-site scriptingXSS:...

7.4AI score
Exploits0
Total number of security vulnerabilities5000