Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.370 views

Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Billing System Project 1.0 - Remote Code Execution RCE Unauthenticated Date: 06.07.2021 Exploit Author: Talha DEMİRSOY Software Link: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html Version: V 1.0 Tested on: Linux & Windows import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.370 views

Fastweb Fastgate 0.00.81 - Remote Code Execution

Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb ISP network Version: 0.00.81 Tested on: Linux CV...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.369 views

Microsoft SharePoint 2019 - NTLM Authentication

Titles: Microsoft SharePoint 2019 NTLM Authentication Author: nu11secur1ty Date: 06/27/25 Vendor: Microsoft Software: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Reference: https://www.networkdatapedia.com/post/ntlm-autSharePoint 2019 NTLM Authentication...

8.8CVSS6.4AI score0.12606EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/03/18 12:0 a.m.369 views

Chamilo LMS 1.11.24 - Remote Code Execution (RCE)

Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version: 1.11.24 Beersel Tested Versions: 1.11.24 Beersel - August 31, 2023...

8.1CVSS7AI score0.76084EPSS
Exploits27
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.369 views

DLINK DPH-400SE - Exposure of Sensitive Information

Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Date : 25-08-2023 Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.369 views

Perch v3.2 - Persistent Cross Site Scripting (XSS)

Exploit Title: Perch v3.2 - Persistent Cross Site Scripting XSS Google Dork: N/A Date: 23-July-2023 Exploit Author: Dinesh Mohanty Vendor Homepage: https://grabaperch.com/ Software Link: https://grabaperch.com/download Version: v3.2 Tested on: Windows CVE : Requested Description: Stored Cross Sit...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.369 views

CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)

Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS Cross-Site Scripting Date: 2023-02-02 Exploit Author: Andrea Intilangelo Vendor Homepage: https://civicrm.org Software Link: https://civicrm.org/download Version: 5.59.alpha1, 5.58.0 and earlier, 5.57.3 and earlier Tested on: Latest Version of Deskt...

5.4CVSS5.5AI score0.02537EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.369 views

Siemens S7-1200 - Unauthenticated Start/Stop Command

Exploit Title: Unauthenticated Siemens S7-1200 CPU Start/Stop Command Date: 09/03/2022 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/global/en.html Version: V4.5 and below Tested on: Siemens S7-1200 CPU: 1215C IP == PLC IP address Start Command curl -i -s -k -X $'POST' \ -...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.369 views

Simple Payroll System 1.0 - SQLi Authentication Bypass

Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Date: 2021-10-09 Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/18 12:0 a.m.369 views

Simple Image Gallery 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Simple Image Gallery 1.0 - Remote Code Execution RCE Unauthenticated Date: 17.08.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Version: V 1.0 Tested on: Ubuntu import reques...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/05 12:0 a.m.369 views

Church Management System 1.0 - 'password' SQL Injection (Authentication Bypass)

Exploit Title: Church Management System 1.0 - 'password' SQL Injection Authentication Bypass Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Versio...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/07 12:0 a.m.369 views

Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection

Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Date: 2020-06-17 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Update :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/03 12:0 a.m.369 views

P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)

Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-02-02 Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207 Software Link: App Store for iOS devices Tested Version: 10.4.1 Vulnerability Type: Denial o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/14 12:0 a.m.369 views

Aida64 6.00.5100 - 'Log to CSV File' Local SEH Buffer Overflow

!/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/16 12:0 a.m.369 views

Nginx (Debian Based Distros + Gentoo) - 'logrotate' Local Privilege Escalation

!/bin/bash Nginx Debian-based distros + Gentoo - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid Golunski dawidatlegalhackers.com https://legalhackers.com Follow https://twitter.com/dawidgolunski for updates on this advisory. --- This Po...

7.8CVSS7.6AI score0.04863EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.368 views

Employee Management System 1.0 - 'admin_id' SQLi

Exploit Title: Employee Management System 1.0 - 'adminid' SQLi Date: 20-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Version: 1.0 Tested on...

9.8CVSS6.8AI score0.01229EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.368 views

taskhub 2.8.7 - SQL Injection

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Date: 05/09/2023 Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth...

8CVSS7.9AI score0.00692EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.368 views

MISP 2.4.171 - Stored XSS

Exploit Title: MISP 2.4.171 Stored XSS CVE-2023-37307 Authenticated Date: 8th October 2023 Exploit Author: Mücahit Çeri Vendor Homepage: https://www.circl.lu/ Software Link: https://github.com/MISP/MISP Version: 2.4.171 Tested on: Ubuntu 20.04 CVE : CVE-2023-37307 Exploit: Logged in as low...

5.4CVSS7AI score0.00502EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.368 views

FileMage Gateway 1.10.9 - Local File Inclusion

Exploit Title: FileMage Gateway 1.10.9 - Local File Inclusion Date: 8/22/2023 Exploit Author: Bryce "Raindayzz" Harty Vendor Homepage: https://www.filemage.io/ Version: Azure Versions 1.10.9 Tested on: All Azure deployments 1.10.9 CVE : CVE-2023-39026 Technical Blog -...

7.5CVSS7.6AI score0.10562EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/22 12:0 a.m.368 views

Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing

Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Author: nu11secur1ty Date: 06.22.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...

6.5CVSS6.8AI score0.01649EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.368 views

Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak

Exploit Title: Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak Exploit Author: LiquidWorm Product web page: https://www.ateme.com Affected version: 3.2.9 Hardware revision 1.0 SoapLive 2.0.3 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.368 views

Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks

Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880...

6.8CVSS5.4AI score0.02902EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.368 views

Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution (RCE)

!/usr/bin/env python """ Exploit Title: Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution RCE Google Dork: N/A Date: 2023-04-13 Exploit Author: max / Zoltan Padanyi Vendor Homepage: https://exchange.nagios.org/directory/Addons/Configuration/Lilac-2DReloaded/visit Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.368 views

pdfkit v0.8.7.2 - Command Injection

!/usr/bin/env python3 Exploit Title: pdfkit v0.8.7.2 - Command Injection Date: 02/23/2023 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pdfkit.org/ Software Link: https://github.com/pdfkit/pdfkit Version: 0.0.0-0.8.7.2 Tested on: pdfkit 0.8.6 CVE: CVE-2022–25765 Source:...

9.8CVSS9.5AI score0.39389EPSS
Exploits11
Exploit DB
Exploit DB
added 2022/02/18 12:0 a.m.368 views

Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path

Exploit Title: Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/drfonefull3360.exe Tested Version: 11.4.9 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/11 12:0 a.m.368 views

Subrion CMS 4.2.1 - Cross Site Request Forgery (CSRF) (Add Amin)

Exploit Title: Subrion CMS 4.2.1 - Cross Site Request Forgery CSRF Add Amin Date: 2022-02-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://subrion.org Software Link: https://subrion.org/download Version: 4.2.1 Tested on: Windows 10 About - Subrion CMS : Subrion is a PHP/MySQL based C...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.368 views

Huawei DG8045 Router 1.0 - Credential Disclosure

Title: Huawei DG8045 Router 1.0 - Credential Disclosure Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 HardwareVersion: VER.A CVE: N/A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the bac...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.368 views

ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path

Exploit Title: ELAN Touchpad 15.2.13.1X64WHQL - 'ETDService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-22 Vendor : ELAN Microelectronics Version : ELAN Touchpad 15.2.13.1X64WHQL Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 8 This software installs...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.368 views

AMD Fuel Service - 'Fuel.service' Unquote Service Path

Exploit Title: AMD Fuel Service - 'Fuel.service' Unquote Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://www.amd.com/ Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/28 12:0 a.m.368 views

CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)

Exploit Title: CMSUno 1.6.2 - 'lang/user' Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Exploit Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr https://www.exploit-db.com/?author=10066 Vendor Homepage:...

8.8CVSS8.7AI score0.09852EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/04/10 12:0 a.m.368 views

AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)

Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-05-02 Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe Tested Version: 11.12 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/04 12:0 a.m.368 views

OpenVPN Connect 3.0.0.272 - 'agent_ovpnconnect' Unquoted Service Path

Exploit Title: OpenVPN Connect 3.0.0.272 - 'ovpnagent' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-03 Vendor Homepage: https://openvpn.net Software Link : https://openvpn.net/downloads/openvpn-connect-v3-windows.msi Tested Version: 3.0.0.272 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/08/05 12:0 a.m.368 views

PHP Power Browse 1.2 - Directory Traversal

Exploit Title: PHP Power Browse v1.2 - Path Traversal Google Dork: intitle:PHP Power Browse inurl:browse.php Exploit Author: Manuel Mancera sinkmanu | sinkmanu at gmail dot com Software URL: https://github.com/arzynik/PHPPowerBrowse Version: 1.2 Vulnerability Type : Path traversal Severity : High...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.367 views

GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

Exploit Title: GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload Date: 2024-02-04 Exploit Author: Georgios Tsimpidas Vendor Homepage: https://www.openeclass.org/ Software Link: https://download.openeclass.org/files/3.15/ Version: 3.15 2024 Tested on: Debian Kali...

9.8CVSS6.7AI score0.03821EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.367 views

Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation

Exploit Title: Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation Google Dork: inurl:/user-public-account Date: 2023-09-04 Exploit Author: Revan Arifio Vendor Homepage: https:/.org/plugins/masterstudy-lms-learning-management-system/ Version: | | \ / | | / /| |...

7.5CVSS7.6AI score0.03495EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.367 views

pfSense v2.7.0 - OS Command Injection

Exploit Title: pfSense v2.7.0 - OS Command Injection Exploit Author: Emir Polat CVE-ID : CVE-2023-27253 class MetasploitModule 'pfSense Restore RRD Data Command Injection', 'Description' = %q This module exploits an authenticated command injection vulnerabilty in the "restorerrddata" function of...

8.8CVSS9.2AI score0.90655EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.367 views

Ulicms 2023.1 - create admin user via mass assignment

Exploit Title: Ulicms 2023.1 - create admin user via mass assignment Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: create admin user via mass assignment Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.368 views

Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878...

9.1CVSS7AI score0.35716EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/23 12:0 a.m.367 views

Simple Real Estate Portal System 1.0 - 'id' SQLi

Exploit Title: Simple Real Estate Portal System 1.0 - 'id' SQL Injection Date: 22/02/2022 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15184/simple-real-estate-portal-system-phpoop-free-source-code.html Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.367 views

meterN v1.2.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: meterN v1.2.3 - Remote Code Execution RCE Authenticated Date: 18/11/2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.metern.org !-- meterN v1.2.3 Authenticated Remote Command Execution Vulnerability Vendor: Jean-Marc Louviaux Product web page: https://www.metern.org...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/15 12:0 a.m.367 views

WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting XSS Date: 20/08/2021 Exploit Author: Davide Taraschi Vendor Homepage: https://wpschoolpress.com/ Software Link: https://wpschoolpress.com/free-download/ Version: up to 2.1.17 non included Tested on: Ubuntu 20.0...

4.8CVSS5.1AI score0.02358EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.367 views

WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion

Exploit Title: WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion Date: 11/07/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.miniorange.com/ Software Link: https://wordpress.org/plugins/backup-and-restore-for-wp/ Version: 1.0.3 Tested on : Window...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/09 12:0 a.m.367 views

OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting

Exploit Title: OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting Date: 2021/08/06 Exploit Author: Mert Daş Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.7 Tested on: Windows 10 Stored Cross-site scriptingXSS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/20 12:0 a.m.367 views

Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path

Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2021-05-19 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Window...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.367 views

MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path

Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.367 views

b2evolution 6.11.6 - 'tab3' Reflected XSS

Exploit Title: b2evolution 6.11.6 - 'tab3' Reflected XSS CVE: CVE-2020-22839 Date: 10/02/2021 Exploit Author: Nakul Ratti, Soham Bakore Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version...

6.1CVSS6.3AI score0.05206EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/03/10 12:0 a.m.367 views

PHPStudy - Backdoor Remote Code execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.367 views

Microsoft Windows PowerShell - Unsanitized Filename Command Execution

''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.366 views

WebFileSys 2.31.0 - Directory Path Traversal

Exploit Title: WebFileSys 2.31.0 - Directory Path Traversal in relPath Parameter Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee Vendor Homepage: http://www.webfilesys.de/webfilesys-home/index.html Software Link:...

5.3CVSS7AI score0.01805EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.366 views

WBCE 1.6.0 - Unauthenticated SQL injection

Exploit Title: |Unauthenticated SQL injection in WBCE 1.6.0 Date: 15.11.2023 Exploit Author: young pope Vendor Homepage: https://github.com/WBCE/WBCECMS Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.0.zip Version: 1.6.0 Tested on: Kali linux CVE : CVE-2023-39796 There is an...

9.8CVSS9.8AI score0.06096EPSS
Exploits3
Total number of security vulnerabilities5000