Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/10/16 12:0 a.m.354 views

Seat Reservation System 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Seat Reservation System 1.0 - Unauthenticated Remote Code Execution Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/seat-reservation-system-using-php0.zip...

9.8CVSS9.7AI score0.04984EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/05/25 12:0 a.m.354 views

Online Discussion Forum Site 1.0 - Remote Code Execution

Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/09 12:0 a.m.354 views

DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow (DEP Bypass)

Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/05 12:0 a.m.354 views

macOS iMessage - Heap Overflow when Deserializing

There is a heap overflow in NSURL initWithCoder: that can be reached via iMessage and likely other paths. When an NSURL is deserialized, one property its plist can contain is NS.minimalBookmarkData, which is then used as a parameter for NSURL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.353 views

MikroTik RouterOS 7.19.1 - Reflected XSS

Exploit Title: MikroTik RouterOS 7.19.1 - Reflected XSS Google Dork: inurl:/login?dst= Date: 2025-07-15 Exploit Author: Prak Sokchea Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: RouterOS /login?dst=javascript:alert3 A reflected XSS will be triggered...

4.8CVSS6.6AI score0.00642EPSS
Exploits2
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.353 views

KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution (RCE)

Title: KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution RCE Author: nu11secur1ty Date: 04.30.2023 Vendor: https://kodcloud.com/ Software: https://github.com/kalcaddle/KodExplorer/releases/tag/4.51.03 Reference: https://portswigger.net/web-security/file-upload Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.353 views

Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS)

Exploit Title: Simple Food Ordering System v1.0 - Cross-Site Scripting XSS Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1...

5.4CVSS5.1AI score0.02693EPSS
Exploits9
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.353 views

BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path

Exploit Title: BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.filehorse.com/ Link Software : https://www.filehorse.com/download-bartvpn/ Tested on OS: Windows 7 Analyze PoC : ============== C:\Users\ZwXsc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/06 12:0 a.m.352 views

WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE)

Exploit Title: WBCE CMS " exit 1 fi if -z "$which nc" ; then echo "! Netcat is not installed." exit 1 fi ip=$1 port=$2 rm -rf shellModule.zip rm -rf shellModule mkdir shellModule echo Crafting Payload cat shellModule/info.php ?php / @category modules @package Reverse Shell @author Swammers8 @link...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.352 views

Webedition CMS v2.9.8.8 - Blind SSRF

Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRF Application: Webedition CMS Version: v2.9.8.8 Bugs: Blind SSRF Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 07.09.2023 Author: Mirabbas...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.352 views

Dynojet Power Core 2.3.0 - Unquoted Service Path

Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path Exploit Author: Pedro Sousa Rodrigues https://www.0x90.zone/ / @PedroSECR Version: 2.3.0 Build 303 Date: 30.10.2021 Vendor Homepage: https://www.dynojet.com/ Software Link: https://docs.dynojet.com/Document/18762 Tested on: Windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/28 12:0 a.m.352 views

Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)

Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Date: 27 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.352 views

Hestia Control Panel 1.3.2 - Arbitrary File Write

Title: Hestia Control Panel 1.3.2 - Arbitrary File Write Date: 07.03.2021 Author: Numan Türle Vendor Homepage: https://hestiacp.com/ Software Link: https://github.com/hestiacp/hestiacp Version: 1.3.3 Tested on: HestiaCP Version 1.3.2 curl --location --request POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.352 views

Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting

Exploit Title: Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting Date: 2021-10-01 Exploit Author: Ramazan Mert GÖKTEN Vendor Homepage: anchorcms.com Vulnerable Software: https://github.com/anchorcms/anchor-cms/releases/download/0.12.7/anchor-cms-0.12.7-bundled.zip Affected Version: 0.12....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/05 12:0 a.m.352 views

iDS6 DSSPro Digital Signage System 6.2 - CAPTCHA Security Bypass

Exploit Title: iDS6 DSSPro Digital Signage System 6.2 - CAPTCHA Security Bypass Date: 2020-07-16 Exploit Author: LiquidWorm Vendor Homepage: http://www.yerootech.com Version: 6.2 iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass Vendor: Guangzhou Yeroo Tech Co., Ltd. Product web page...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.351 views

Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution RCE CVE: CVE-2025-47812 Date: 2025-06-30 Exploit Author: Sheikh Mohammad Hasan aka 4m3rr0r https://github.com/4m3rr0r Vendor Homepage: https://www.wftpserver.com/ Version: Wing FTP Server = 7.4.3 Tested on: Linux Root...

10CVSS6.8AI score0.95343EPSS
Exploits23
Exploit DB
Exploit DB
added 2024/05/08 12:0 a.m.351 views

iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)

Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Date: 4/4/2024 Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with...

6.1CVSS5.1AI score0.22002EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.351 views

Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

10CVSS9.8AI score0.99156EPSS
Exploits39
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.351 views

WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated)

Exploit Title: WP Statistics Plugin = 13.1.5 currentpageid - Time based SQL injection Unauthenticated Date: 13/02/2022 Exploit Author: psychoSherlock Vendor Homepage: https://wp-statistics.com/ Software Link: https://downloads.wordpress.org/plugin/wp-statistics.13.1.5.zip Version: 13.1.5 and prio...

9.8CVSS8.8AI score0.8093EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/15 12:0 a.m.351 views

Icinga Web 2.10 - Authenticated Remote Code Execution

!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Authenticated Remote Code Execution Date: 8/07/2023 Exploit Author: Dante CoronaAka. cxdxnt Software Link: https://github.com/Icinga/icingaweb2 Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version:...

8.8CVSS8.7AI score0.1467EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.351 views

ManageEngine ADSelfService Plus 6.1 - User Enumeration

Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.351 views

WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion

Exploit Title: WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion Google Dork: inurl:/wp-content/plugins/cab-fare-calculator/ Date: 24-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/cab-fare-calculator/ Version: 1.0.3 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.351 views

OpenBMCS 2.4 - SQLi (Authenticated)

Exploit Title: OpenBMCS 2.4 - SQLi Authenticated Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Authenticated SQL Injection Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.351 views

Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection

Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection Date: 2021-10-19 Exploit Author: Vulnerability Lab Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Tested on: Linux Document Title: =============== Simplephpscripts Simple CMS v2.1 - SQL Injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/09 12:0 a.m.351 views

OpenCart 3.0.3.7 - 'Change Password' Cross-Site Request Forgery (CSRF)

Exploit Title : OpenCart 3.0.3.7 - 'Change Password' Cross-Site Request Forgery CSRF Date : 2021/08/06 Exploit Author : Mert Daş [email protected] Software Link : http://www.opencart.com/index.php?route=download/download : https://github.com/opencart Software web : www.opencart.com Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/01 12:0 a.m.351 views

Atlassian Jira 8.15.0 - Information Disclosure (Username Enumeration)

Exploit Title: Atlassian Jira 8.15.0 - Information Disclosure Username Enumeration Date: 31/05/2021 Exploit Author: Mohammed Aloraimi Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira Vulnerable versions: version 8.11.x to 8.15.0 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.351 views

TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path

Exploit Title: TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path Date: 2019-11-28 Exploit Author: Cristian Ayala G Vendor Homepage: https://tenaxsoft.com/index.html Software Link: https://tenaxsoft.com/descargas.html Version: 6.4.131 Tested on: Windows 10 Pro x64 Step to discover...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.351 views

WinRAR 5.80 (x64) - Denial of Service

Exploit Title: winrar 5.80 64bit - Denial of Service Date: 2019-10-19 Exploit Author: alblalawi Vendor Homepage: https://win-rar.com/fileadmin/winrar-versions/winrar-x64-58b2.exe Version: 5.80 Tested on: Microsoft Windows Version 10.0.18362.418 64bit 1- open winrar or any file.rar 2- help 3- help...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/24 12:0 a.m.351 views

Easy File Sharing Web Server 7.2 - 'New User' Local Overflow (SEH)

!/usr/bin/python Exploit Title: Easy File Sharing Web Server 7.2 local SEH overflow Date: 9/23/2019 Exploit Author: x00pwn Vendor Homepage: http://www.sharing-file.com/ Software Link: http://www.sharing-file.com/efssetup.exe Version: 7.2 Tested on: Windows 7 Exploit summary: When adding a new use...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/12/29 12:0 a.m.351 views

Google Android - get_user/put_user (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class MetasploitModule "Android getuser/putuser Exploit", 'Description' = %q This module exploits a missing check in the getuser and...

8.8CVSS7AI score0.39711EPSS
Exploits9
Exploit DB
Exploit DB
added 2000/12/04 12:0 a.m.351 views

UUCP - File Creation/Overwriting Symlinks

/ root exploit: multiple subsystem errors allowing root exploit bashack.c - Thu Nov 30 21:50:50 NZDT 2000 redhat 6.1 /etc/rc.d/ and scripts that are trusting the untrustworthy. /bin/sh acts silly when u get it to use the include define FNAME "/usr/man/man1/last.1.gz;export PATH=...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/05 12:0 a.m.350 views

CloudClassroom PHP Project 1.0 - SQL Injection

Exploit Title: CloudClassroom PHP Project 1.0 - SQL Injection Google Dork: inurl:CloudClassroom-PHP-Project-master Date: 2025-05-30 Exploit Author: Sanjay Singh Vendor Homepage: https://github.com/mathurvishal/CloudClassroom-PHP-Project Software Link:...

7.3CVSS7.4AI score0.01044EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.350 views

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.19...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.350 views

Nagios XI Version 2024R1.01 - SQL Injection

Exploit Title: NAGIOS XI SQLI Google Dork: if applicable Date: 02/26/2024 Exploit Author: Jarod Jaslow MAWK https://www.linkedin.com/in/jarod-jaslow-codename-mawk-265144201/ Vendor Homepage: https://www.nagios.com/changelog/nagios-xi Software Link: https://github.com/MAWK0235/CVE-2024-24401...

9.8CVSS9.6AI score0.45884EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.350 views

WebCatalog 48.4 - Arbitrary Protocol Execution

Exploit Title: WebCatalog 48.4 - Arbitrary Protocol Execution Date: 9/27/2023 Exploit Author: ItsSixtyN3in Vendor Homepage: https://webcatalog.io/en/ Software Link: https://cdn-2.webcatalog.io/webcatalog/WebCatalog%20Setup%2052.3.0.exe Version: 48.4.0 Tested on: Windows CVE : CVE-2023-42222...

8.8CVSS8.9AI score0.01418EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/23 12:0 a.m.350 views

MCL-Net 4.3.5.8788 - Information Disclosure

Exploit Title: MCL-Net 4.3.5.8788 - Information Disclosure Date: 5/31/2023 Exploit Author: Victor A. Morales, GM Sectec Inc. Vendor Homepage: https://www.mcl-mobilityplatform.com/net.php Version: 4.3.5.8788 other versions may be affected Tested on: Microsoft Windows 10 Pro CVE: CVE-2023-34834...

5.3CVSS5.7AI score0.03958EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.350 views

Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting (XSS)

Exploit Title: Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting XSS Date: 11.10.2021 Exploit Author: Hüseyin Serkan Balkanli Vendor Homepage: https://www.sourcecodester.com/php/14953/student-quarterly-grading-system-using-php-and-sqlite-free-source-code.html Software Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.350 views

WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting XSS Date: 02/09/2021 Exploit Author: Nikhil Kapoor Software Link: https://wordpress.org/plugins/duplicate-page/ Version: 4.4.1 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/30 12:0 a.m.350 views

MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)

Exploit Title: MySQL User-Defined Linux x32 / x8664 - 'sysexec' Local Privilege Escalation 2 Date: 29/08/2021 Exploit Author: ninpwn Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 9 / mysql Ver 14.14 Distrib 5.7.30, for Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/02 12:0 a.m.350 views

Web Based Quiz System 1.0 - 'name' Persistent Cross-Site Scripting

Exploit Title: Web Based Quiz System 1.0 - 'name' Persistent/Stored Cross-Site Scripting Date: 2021-03-02 Exploit Author: P.Naveen Kumar Vendor Homepage: https://www.sourcecodester.com Software Download Link :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/21 12:0 a.m.350 views

Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting

Exploit Title: Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting Date: 1-20-2021 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.350 views

HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities

Exploit Title: HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTXf62aaafe780a496dad6d28621a Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.350 views

TP-Link Archer A7/C7 - Unauthenticated LAN Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution', 'Description' = %q This module exploits a command injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/11 12:0 a.m.350 views

Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed JBIG2Globals Stream

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 88e4.30f4: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/04 12:0 a.m.350 views

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting

Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit Title: Multiple Cross-Site Scripting XSS in DASAN Zhone ZNID GP...

6.1CVSS6.5AI score0.07253EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/06/17 12:0 a.m.350 views

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)

Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command" -Force Set-ItemProperty -Path "HKCU:\Software\Classes\exefile\shell\open\command" -Na...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/01/21 12:0 a.m.350 views

OTRS 5.0.x/6.0.x - Remote Command Execution (1)

Exploit Title: OTRS 5.0.x/6.0.x - Remote Command Execution 1 Date: 21-01-2018 Exploit Author: Bæln0rn Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE : CVE-2017-169...

9CVSS9AI score0.19901EPSS
Exploits8
Exploit DB
Exploit DB
added 2010/04/12 12:0 a.m.350 views

TANDBERG Video Communication Server 4.2.1/4.3.0 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/39389/info TANDBERG Video Communication Server is prone to multiple remote vulnerabilities, including: 1. A file-disclosure vulnerability. 2. A security vulnerability that may allow attackers to conduct server impersonation and man-in-middle attacks. 3. A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/07/10 12:0 a.m.350 views

CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote Code Execution

/ ===================================== CCBILL CGI Remote Exploit for /ccbill/whereami.cgi By: Knight420 7/07/03 spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid C COPYRIGHT Blue Ballz , 2003 all rights reserved...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.349 views

WebDAV Windows 10 - Remote Code Execution (RCE)

Exploit Title: WebDAV Windows 10 - Remote Code Execution RCE Date: June 2025 Author: Dev Bui Hieu Tested on: Windows 10, Windows 11 Platform: Windows Type: Remote CVE: CVE-2025-33053 Description: This exploit leverages the behavior of Windows .URL files to execute a remote binary over a UNC path...

8.8CVSS8.5AI score0.81558EPSS
Exploits10
Total number of security vulnerabilities5000