Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.362 views

Google SLO-Generator 2.0.0 - Code Execution

Exploit Title: Google SLO-Generator 2.0.0 - Code Execution Date: 2021-09-28 Exploit Author: Kiran Ghimire Software Link: https://github.com/google/slo-generator/releases Version: = 2.0.0 Tested on: Linux CVE: CVE-2021-22557 Introduction: Is a tool to compute and export Service Level Objectives...

7.8CVSS7.7AI score0.0158EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/29 12:0 a.m.362 views

Home Assistant Community Store (HACS) 1.10.0 - Directory Traversal

Exploit Title: Home Assistant Community Store HACS 1.10.0 - Path Traversal to Account Takeover Date: 2021-01-28 Exploit Author: Lyghtnox Vendor Homepage: https://www.home-assistant.io/ Software Link: https://github.com/hacs/integration Version: 1.10.0 Tested on: Raspbian + Home Assistant 2021.1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/08 12:0 a.m.362 views

Employee Performance Evaluation System 1.0 - 'Task and Description' Persistent Cross Site Scripting

Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting Date: 08/12/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.362 views

DotCMS 20.11 - Stored Cross-Site Scripting

Exploit Title: DotCMS 20.11 - Stored Cross-Site Scripting Exploit Author: Hardik Solanki Vendor Homepage: https://dotcms.com/ Version: 20.11 Tested on Windows 10 Vulnerable Parameters: Template Title Steps to reproduce: 1. Login With Admin Username and password. 2. Navigate to Site -- Template --...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/07 12:0 a.m.362 views

All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)

Exploit Title: All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery Add Admin Discovery by: LiquidWorm Discovery Date: 2020-08-05 Vendor Homepage: https://www.all-dynamics.de !-- All-Dynamics Software enlogic:show Digital Signage System 2.0.2 CSRF Add Admin Vendor: All-Dynamics...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/11 12:0 a.m.362 views

Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution

!/usr/bin/python3 Exploits the Citrix Directory Traversal Bug: CVE-2019-19781 You only need a listener like netcat to catch the shell. Shout out to the team: Rob Simon, Justin Elze, Logan Sampson, Geoff Walton, Christopher Paschen, Kevin Haubris, Scott White Tool Written by: Rob Simon and David...

9.8CVSS10AI score0.99999EPSS
Exploits48
Exploit DB
Exploit DB
added 2019/11/22 12:0 a.m.362 views

macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache

Tested on macOS Mojave 10.14.6, 18G87 and Catalina Beta 10.15 Beta 19A536g. On macOS, the dyld shared cache in /private/var/db/dyld/ is generated locally on the system and therefore doesn't have a real code signature; instead, SIP seems to be the only mechanism that prevents modifications of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.362 views

Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution

Exploit Title: Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Date: 2019-10-19 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: 1.62.0.1218 and below Tested on: Microsoft Windows CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...

7.8CVSS7.6AI score0.12939EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/10/15 12:0 a.m.362 views

sudo 1.8.27 - Security Bypass

Exploit Title : sudo 1.8.27 - Security Bypass Date : 2019-10-15 Original Author: Joe Vennix Exploit Author : Mohin Paramasivam Shad0wQu35t Version : Sudo priv" os.system"cat priv | grep 'ALL' | cut -d '' -f 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/26 12:0 a.m.362 views

WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting

Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept: https://domain.tld/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&errordescription=...

6.1CVSS6.5AI score0.82962EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/08/23 12:0 a.m.362 views

Nimble Streamer 3.0.2-2 < 3.5.4-9 - Directory Traversal

Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal Exploit Author: MAYASEVEN Source at "https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/" Published on 08/04/2019 Vendor Homepage at "https://wmspanel.com/nimble" Affected Version 3.0.2-2 to 3.5.4-9...

6.5CVSS6.7AI score0.23978EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.361 views

Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Denial Of Service

Exploit Title: Tinycontrol LAN Controller v3 LK3 1.58a - Remote Denial Of Service Exploit Author: LiquidWorm Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of a web page. The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.361 views

Jobpilot v2.61 - SQL Injection

Exploit Title: Jobpilot v2.61 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.361 views

IOTransfer 4.0 - Remote Code Execution (RCE)

Exploit Title: IOTransfer V4 – Remote Code Execution RCE Date: 06/22/2022 Exploit Author: Tomer Peled Vendor Homepage: https://www.iobit.com Software Link: https://iotransfer.itopvpn.com/ Version: V4 and onward Tested on: Windows 10 CVE : 2022-24562 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.361 views

WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting XSS Date: 03/11/2021 Exploit Author: Luca Schembri Vendor Homepage: https://www.essentialplugin.com/ Software Link: https://wordpress.org/plugins/popup-anything-on-click/ Version: 2.0.4 Summary A user wi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/04 12:0 a.m.361 views

Online Ordering System 1.0 - Arbitrary File Upload

Exploit Title: Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Date: 04/03/2021 Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/06 12:0 a.m.361 views

BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution

!/bin/bash EDB Note Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48642.zip Exploit Title: F5 BIG-IP Remote Code Execution Date: 2020-07-06 Exploit Authors: Charles Dardaman of Critical Start, TeamARES Rich Mirch of Critical Start, TeamARES CVE:...

10CVSS10AI score0.99999EPSS
Exploits60
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.361 views

SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow (SEH)

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/19 12:0 a.m.361 views

Mambo Component cropimage 1.0 - Remote File Inclusion

C Y B E R - W A R R I O R T I M Mambo comcropimage 1.0 Component Remote Include Vulnerability Author: XORON Class: Remote cont@ct: x0r0nathotmaildotcom Code: in admin.cropcanvas.php , line 7 requireonce $cropimagedir."class.cropinterface.php"; Fix: 1-open admin.cropcanvas.php 2-add this code befo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.360 views

TP-Link TL-WR740N - Buffer Overflow 'DOS'

Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS' Date: 8/12/2023 Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N Description: There exist a buffer overflow vulnerability in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/15 12:0 a.m.360 views

DS Wireless Communication - Remote Code Execution

Exploit Title: DS Wireless Communication Remote Code Execution Date: 11 Oct 2023 Exploit Author: MikeIsAStar Vendor Homepage: https://www.nintendo.com Version: Unknown Tested on: Wii CVE: CVE-2023-45887 """This code will inject arbitrary code into a client's game. You are fully responsible for al...

9.8CVSS9.7AI score0.01566EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.360 views

TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions

Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v...

9.8CVSS9.7AI score0.02884EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.360 views

RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: RockMongo 1.1.7 - Stored Cross-Site Scripting XSS Discovery by: Rafael Pedrero Discovery Date: 2020-09-19 Vendor Homepage: https://github.com/iwind/rockmongo/ Software Link : https://github.com/iwind/rockmongo/ Tested Version: 1.1.7 Tested on: Windows 7 and 10 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.360 views

EasyPHP Webserver 14.1 - Multiple Vulnerabilities (RCE and Path Traversal)

Exploit Title: EasyPHP Webserver 14.1 - Multiple Vulnerabilities RCE and Path Traversal Discovery by: Rafael Pedrero Discovery Date: 2022-02-06 Vendor Homepage: https://www.easyphp.org/ Software Link : https://www.easyphp.org/ Tested Version: 14.1 Tested on: Windows 7 and 10 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.360 views

SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference (IDOR)

Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...

8.1CVSS8.2AI score0.04227EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.360 views

Zenario CMS 9.0.54156 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Zenario CMS 9.0.54156 - Remote Code Execution RCE Authenticated Date: 04/02/2022 Exploit Author: minhnq22 Vendor Homepage: https://zenar.io/ Software Link: https://zenar.io/download-page Version: 9.0.54156 Tested on: Ubuntu 21.04 CVE : CVE-2021–42171 Python3 import os import sys...

7.2CVSS7.4AI score0.02484EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.360 views

VUPlayer 2.49 - '.wax' Local Buffer Overflow (DEP Bypass)

Exploit Title: VUPlayer 2.49 - '.wax' Local Buffer Overflow DEP Bypass Date: 26/06/2021 Exploit Author: Bryan Leong Vendor Homepage: http://www.vuplayer.com/ Software Link: Null Version: VUPlayer 2.49 Tested on: Windows 7 x64 CVE : CVE-2009-0182 VUPlayer 2.49 Local Buffer Overflow to Arbitrary Co...

9.3CVSS8.8AI score0.48398EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.360 views

Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection

Exploit Title: Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection Date: 2021-10-22 Exploit Author: Vulnerability Lab Vendor Homepage: https://multecart.com/ Version: 2.4 Document Title: =============== Mult-e-Cart Ultimate v2.4 - SQL Injection Vulnerability References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.360 views

openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting

Exploit Title: openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting Date: 13/03/2021 Exploit Author: Hosein Vita Vendor Homepage: https://www.openmaint.org/ Software Link: https://sourceforge.net/projects/openmaint/files/2.1/Core%20updates/openmaint-2.1-3.3.1/ Version: 2.1-3...

6.1CVSS6.6AI score0.02986EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.360 views

LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path

Exploit Title: LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path Discovery by: Victor Mondragón Discovery Date: 23-02-2021 Vendor Homepage: https://www.softros.com/ Software Links : https://download.logonexpert.com/LogonExpertSetup64.msi Tested Version: 8.1 Vulnerability Type: Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.360 views

Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path

Exploit Title: Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path Date: 2020-08-31 Exploit Author: Angelo D'Amato Vendor Homepage: https://www.rapid7.com Version: sc qc nexposeengine SC QueryServiceConfig SUCCESS SERVICENAME: nexposeengine TYPE : 10 WIN32OWNPROCESS STARTTYPE ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.360 views

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.360 views

BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path

Exploit Title: BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path Exploit Author: Debashis Pal Date: 2019-10-17 Vendor : Blackmoonftpserver Source: http://www.tucows.com/preview/222822/BlackMoon-FTP-Server?q=FTP+server Version: BlackMoon FTP Server 3.1.2.1731 CVE : N/A Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/12 12:0 a.m.360 views

Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution

Cisco Catalyst 2960 IOS 12.255SE1 - 'ROCEM' Remote Code Execution. CVE-2017-3881. Remote exploit for Hardware platform !/usr/bin/python Author: Artem Kondratenko @artkond import socket import sys from time import sleep setcredless = True if lensys.argv 3: print sys.argv0 + ' host --set/--unset'...

10CVSS0.4AI score0.98975EPSS
Exploits12
Exploit DB
Exploit DB
added 2010/10/01 12:0 a.m.360 views

Microsoft IIS 6.0 - ASP Stack Overflow Stack Exhaustion (Denial of Service) (MS10-065)

Affected Vendors Microsoft Affected Products Only Microsoft IIS 6.0 was tested successfully On a Windows Server 2003 SP2 System The System was NOT updated to the latest patches during testing. Since tests “in the wild” have shown the attack to be real this advisory was released. Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/19 12:0 a.m.360 views

HP-UX 11.00/10.20 crontab - Overwrite Files

!/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e 2 /tmp/crontab$$ grep -v "error on previous...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.359 views

ABB Cylon Aspect 3.08.02 - Cross-Site Request Forgery (CSRF)

!-- ABB Cylon Aspect 3.08.02 userManagement.php Cross-Site Request Forgery Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable building energy...

7.3CVSS7.4AI score0.00656EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.359 views

MagnusSolution magnusbilling 7.3.0 - Command Injection

Exploit Title: MagnusSolution magnusbilling 7.3.0 - Command Injection Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/magnussolution/magnusbilling7 Software Link: https://github.com/magnussolution/magnusbilling7 Version: 7.3.0 Tested on: Centos CVE : CVE-2023-30258...

9.8CVSS9.6AI score0.9425EPSS
Exploits15
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.359 views

Windows 11 22h2 - Kernel Privilege Elevation

// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...

7.8CVSS8.8AI score0.02866EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.359 views

Microsoft SharePoint Enterprise Server 2016 - Spoofing

// Exploit Title: Microsoft SharePoint Enterprise Server 2016 - Spoofing // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : Remote // Vendor Homepage: // Microsoft SharePoint Foundation 2013 Service Pack 1 // Microsoft SharePoint Server Subscription...

8.1CVSS8.3AI score0.06233EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/07/29 12:0 a.m.359 views

IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration

Exploit Title: IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Date: 03.05.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.eforcesoftware.com IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.359 views

Simple CRM 3.0 - 'email' SQL injection (Authentication Bypass)

Exploit Title: Simple CRM 3.0 - 'email' SQL injection Authentication Bypass Date: 22/06/2021 Exploit Author: Rinku Kumar rinku191 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.359 views

WoWonder Social Network Platform 3.1 - Authentication Bypass

Exploit Title: WoWonder Social Network Platform 3.1 - Authentication Bypass Date: 11.06.2021 Exploit Author: securityforeveryone.com Researchers : Security For Everyone Team - https://securityforeveryone.com Vendor Homepage: https://www.wowonder.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/28 12:0 a.m.359 views

Selenium 3.141.59 - Remote Code Execution (Firefox/geckodriver)

Exploit Title: Selenium 3.141.59 - Remote Code Execution Firefox/geckodriver Date: 2021-05-27 Exploit Author: Jon Stratton Vendor Homepage: https://www.selenium.dev/ Software Link: https://selenium-release.storage.googleapis.com/3.141/selenium-server-standalone-3.141.59.jar Version: 3.141.59 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/12 12:0 a.m.359 views

Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths

Exploit Title: Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths Date: 2020-11-6 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.vembu.com/ Software Link: https://sg-build-release.s3.amazonaws.com/BDRSuite/V420/4202020051312/VembuBDRBackupServerSetup4201U1GA.exe Version: Versi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/01 12:0 a.m.359 views

WiFi Mouse 1.7.8.5 - Remote Code Execution

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Date: 25-02-2021 Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option whic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.359 views

Seacms 11.1 - 'ip and weburl' Remote Command Execution

Exploit Title: Seacms 11.1 - 'ip and weburl' Remote Command Execution Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SeaCMS111/5f9js3/adminip.php?action=set HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/28 12:0 a.m.359 views

IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path

Exploit Title: IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path Date: 2020-8-25 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.gearboxcomputers.com/ Software Link: https://www.gearboxcomputers.com/files/IPWatcherSetup.exe Version: 3.0.0.30 Tested on: Microsoft Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/15 12:0 a.m.359 views

Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass

Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/30 12:0 a.m.359 views

Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting

Exploit Title: Victor CMS 1.0 - 'userfirstname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-06-28 Exploit Author: Anushree Priyadarshini Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link:https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0...

6.1CVSS6.4AI score0.02114EPSS
Exploits2
Total number of security vulnerabilities5000