Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.346 views

Webedition CMS v2.9.8.8 - Stored XSS

Exploit Title: Webedition CMS v2.9.8.8 - Stored XSS Application: Webedition CMS Version: v2.9.8.8 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 03.08.2023 Author: Mirabbas...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.346 views

Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download

Exploit Title: Pydio Cells 4.1.2 - Cross-Site Scripting XSS via File Download Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Cross-Site Scripting Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...

5.4CVSS5.5AI score0.02937EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/06/27 12:0 a.m.346 views

WSO2 Management Console (Multiple Products) - Unauthenticated Reflected Cross-Site Scripting (XSS)

Exploit Title: WSO2 Management Console Multiple Products - Unauthenticated Reflected Cross-Site Scripting XSS Date: 21 Apr 2022 Exploit Author: cxosmo Vendor Homepage: https://wso2.com Software Link: API Manager https://wso2.com/api-manager/, Identity Server https://wso2.com/identity-server/,...

6.1CVSS6.3AI score0.41078EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/21 12:0 a.m.346 views

Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service (PoC)

Exploit Title: Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service PoC Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.yenkee.eu/gaming-mouse-hornet-aim/yms-3029 Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/20 12:0 a.m.346 views

Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)

Exploit Title: Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery CSRF Date: 24/04/2021 Exploit Author: Mesh3l911 & Z0ldyck Vendor Homepage: https://www.webmin.com Repo Link: https://github.com/Mesh3l911/CVE-2021-31761 Version: Webmin 1.973 Tested on: All versions POC By \0331;m...

9.6CVSS9.4AI score0.33569EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.346 views

WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting XSS Date: 22/6/2021 Exploit Author: Mohammed Adam Vendor Homepage: https://www.wpgmaps.com/ Software Link: https://wordpress.org/plugins/wp-google-maps/ Version: 5.7.2 Tested on: Windows 10 CVE: CVE-2021-24383...

5.4CVSS5.8AI score0.02339EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/11/06 12:0 a.m.346 views

BlogEngine 3.3.8 - 'Content' Stored XSS

Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/26 12:0 a.m.346 views

ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution (Unauthenticated)

Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution Unauthenticated Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 !/usr/bin/env python3 -- coding: utf-8 -- ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/06 12:0 a.m.346 views

File Management System 1.1 - Persistent Cross-Site Scripting

Exploit Title: File Management System 1.1 - Persistent Cross-Site Scripting Date: 2020-06-30 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/download-code?nid=13333&title=File+Management+System+Very+Complete+Using+PHP%2FMySQLi+version+1.1 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.346 views

FusionPBX - Operator Panel exec.php Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...

8.8CVSS7.4AI score0.8748EPSS
Exploits9
Exploit DB
Exploit DB
added 2019/06/25 12:0 a.m.346 views

BlogEngine.NET 3.3.6/3.3.7 - 'path' Directory Traversal

Exploit Title: Directory Traversal on BlogEngine.NET Date: 24 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10717 1. Description ============== BlogEngine.NET is vulnerable to a directory traversal. The page...

7.1CVSS7.2AI score0.05399EPSS
Exploits5
Exploit DB
Exploit DB
added 2006/06/28 12:0 a.m.346 views

RsGallery2 < 1.11.2 - 'rsgallery.html.php' File Inclusion

RsGallery2 for Joomla --------------------------------------------------------------------------- Discovered: marriottvn Remote : Yes Level : High --------------------------------------------------------------------------- Affected software description : Application : RsGallery2 version : latest...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.345 views

GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

9.8CVSS9.7AI score0.23466EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/21 12:0 a.m.345 views

Microweber 1.2.11 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Microweber 1.2.11 - Remote Code Execution RCE Authenticated Google Dork: NA Date: 02/17/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber Version: 1.2.11 Tested on: KALI OS CVE :...

9CVSS7AI score0.51193EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.345 views

Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Open-AudIT Community 4.2.0 - Cross-Site Scripting XSS Authenticated Date: 01/11/2021 Exploit Author: Dominic Clark parzival Vendor Homepage: https://opmantek.com/ Software Link: https://www.open-audit.org/downloads.php Category: WebApps Version: = 4.2.0 Tested on: Windows 10 CVE:...

6.1CVSS6.3AI score0.03709EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/22 12:0 a.m.345 views

Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection

Exploit Title: Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection Date: 20/11/2021 Exploit Author: Ilker Burak ADIYAMAN Vendor Homepage: https://aimeos.org Software Link: https://aimeos.org/laravel-ecommerce-package Version: Aimeos 2021.10 LTS Tested on: MacOSX Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/21 12:0 a.m.345 views

WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection (Unauthenticated)

Exploit Title: WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection Unauthenticated Date: 20/05/2021 Exploit Author: Mansoor R @time4ster CVSS Score: 7.5 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Version Affected: 13.0 to 13.0.7 Vendor URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.345 views

Advanced Guestbook 2.4.4 - 'Smilies' Persistent Cross-Site Scripting (XSS)

Exploit Title: Advanced Guestbook 2.4.4 - 'Smilies' Persistent Cross-Site Scripting XSS Date: 17/08/2021 Exploit Author: Abdulkadir AYDOGAN Vendor Homepage: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Software Link: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Version: 2.4....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/08 12:0 a.m.345 views

Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path

Exploit Title: Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://www.oki.com Software Links:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/31 12:0 a.m.345 views

FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)

Exploit Title: FlexNet Publisher 11.12.1 - Cross-Site Request Forgery Add Local Admin Date: 2019-12-29 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.flexerasoftware.com/ Software : FlexNet Publisher Product Version: v11.12.1 Product :...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.345 views

InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)

Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service PoC Discovery by: chuyreds Discovery Date: 12019-11-16 Vendor Homepage: https://on.wonderware.com/ Software Link : https://on.wonderware.com/intouch-machine-edition Tested Version: 8.1 SP1 Vulnerability Type: Denial of...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/15 12:0 a.m.345 views

Bolt CMS 3.6.10 - Cross-Site Request Forgery

Exploit Title: Bolt CMS 3.6.10 - Cross-Site Request Forgery Date: 2019-10-15 Exploit Author: r3m0t3nu11Zero-Way Vendor Homepage: https://bolt.cm/ Software Link: https://bolt.cm/ Version: up to date and 6.5 Tested on: Linux CVE : CVE-2019-17591 last version Csrf p0c Bolt v 3.x exploit 0day Bolt v...

5.7AI score
Exploits4
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.345 views

PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)

\ This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/postgres' class MetasploitModule 'PostgreSQL COPY FROM PROGRAM Command Execution', 'Description' = %q Installations running Postgres 9.3 and...

9CVSS7.4AI score0.91877EPSS
Exploits17
Exploit DB
Exploit DB
added 2013/11/01 12:0 a.m.345 views

Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2)

Apache + PHP 5.3.12 / 5.4.2 - Remote Code Execution Multithreaded Scanner 2. CVE-2012-1823,CVE-2012-2311,CVE-2012-2336. Remote exploit for PHP...

9.8CVSS2.3AI score0.99998EPSS
Exploits42
Exploit DB
Exploit DB
added 2025/04/19 12:0 a.m.344 views

Drupal 11.x-dev - Full Path Disclosure

!/usr/bin/env python Exploit Title: Drupal 11.x-dev - Full Path Disclosure Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Version: 11.x-dev CVE:...

5.3CVSS7AI score0.09269EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.344 views

Online Shopping System Advanced - Sql Injection

Exploit Title: Online Shopping System Advanced Date: 07.12.2023 Exploit Author: Furkan Gedik Vendor Homepage: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software Link: https://github.com/PuneethReddyHC/online-shopping-system-advanced Version: 1.0 Tested on: Kali Linux 2020....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.344 views

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

9.8CVSS7.1AI score0.95845EPSS
Exploits13
Exploit DB
Exploit DB
added 2022/02/28 12:0 a.m.344 views

Cobian Backup 11 Gravity 11.2.0.582 - &#039;Password&#039; Denial of Service (PoC)

Exploit Title: Cobian Backup 11 Gravity 11.2.0.582 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-02-16 Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/cbSetup.exe Tested Version: 11.2.0.582 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.344 views

Hospital Management System 4.0 - &#039;multiple&#039; SQL Injection

Title: Hospital Management System 4.0 - 'multiple' SQL Injection Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multipl...

9.8CVSS9.8AI score0.08244EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.344 views

OpenBMCS 2.4 - Information Disclosure

Exploit Title: OpenBMCS 2.4 - Information Disclosure Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Secrets Disclosure Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.344 views

Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution (Unauthenticated)

Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution Unauthenticated Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/17 12:0 a.m.344 views

VX Search 13.5.28 - &#039;Multiple&#039; Unquoted Service Path

Exploit Title: VX Search 13.5.28 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.vxsearch.com Software Links: https://www.vxsearch.com/setupsx64/vxsearchsrvsetupv13.5.28x64.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.344 views

Wordpress Plugin wpDiscuz 7.0.4 - Unauthenticated Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress wpDiscuz Unauthen File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in the WordPress wpDiscu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/27 12:0 a.m.344 views

TDM Digital Signage PC Player 4.1 - Insecure File Permissions

Exploit Title: TDM Digital Signage PC Player 4.1 - Insecure File Permissions Date: 2020-09-23 Exploit Author: LiquidWorm Software Link: https://www.tdmsignage.com / https://pro.sony/enNL/products/display-software/tdm-ds1y-tdm-ds3y Version: 4.1.0.4 Vendor: TDM Trending Digital Marketing Product we...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.344 views

HiSilicon Video Encoders - RCE via unauthenticated command injection

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated command injection Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech, J-Tech...

9.8CVSS7AI score0.40302EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.344 views

School ERP Pro 1.0 - &#039;es_messagesid&#039; SQL Injection

Exploit Title: School ERP Pro 1.0 - 'esmessagesid' SQL Injection Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT SQL Injection Detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/24 12:0 a.m.344 views

WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

5.4CVSS5.5AI score0.04428EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/10/29 12:0 a.m.344 views

Win10 MailCarrier 2.51 - &#039;POP3 User&#039; Remote Buffer Overflow

Exploit Title: Win10 MailCarrier 2.51 - 'POP3 User' Remote Buffer Overflow Date: 2019-10-01 Author: Lance Biggerstaff Original Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Tested on: Windows 10 Note: Every version of Windows 10 has a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/09 12:0 a.m.344 views

XNU - Remote Double-Free via Data Race in IPComp Input Path

=== Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK isn't affected over two network interfaces at the same time...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/05 12:0 a.m.344 views

UnrealIRCd 3.2.8.1 - Backdoor Command Execution (Metasploit)

$Id: unrealircd3281backdoor.rb 11227 2010-12-05 15:08:22Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS7AI score0.83534EPSS
Exploits12
Exploit DB
Exploit DB
added 2010/12/02 12:0 a.m.344 views

ProFTPd 1.3.2 rc3 &lt; 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit)

$Id: proftptelnetiac.rb 11208 2010-12-02 21:10:03Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS6.6AI score0.91303EPSS
Exploits10
Exploit DB
Exploit DB
added 2006/10/17 12:0 a.m.344 views

Easynews 4.4.1 - &#039;admin.php&#039; Authentication Bypass

+------------------------------------------------------------------------------------------- + Easynews +------------------------------------------------------------------------------------------- + Details: + Easynews doesn't properly check to ensure an administrator has been logged in with...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.343 views

Microsoft Windows 11 - Kernel Privilege Escalation

Exploit Title: Microsoft Windows 11 - Kernel Privilege Escalation Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win, Ubuntu CVE : CVE-2024-21338 include "pch.hpp" include "poc.hpp" // This...

7.8CVSS7.4AI score0.51865EPSS
Exploits13
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.343 views

XMB 1.9.12.06 - Stored XSS

Exploit Title: Persistent XSS in XMB 1.9.12.06 Date: 06/12/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.xmbforum2.com/ Software Link: https://www.xmbforum2.com/download/XMB-1.9.12.06.zip Version: 1.9.12.06 Tested on: Windows XP CVE: N/A Vulnerability Details A persistent store...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.343 views

Electrolink FM/DAB/TV Transmitter - Remote Authentication Removal

!/usr/bin/env python Electrolink FM/DAB/TV Transmitter Remote Authentication Removal Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.343 views

mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory

Exploit Title: mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Google Dork: - Date: 21.07.2023 Exploit Author: Maximilian Barz Vendor Homepage: https://mremoteng.org/ Software Link: https://mremoteng.org/download Version: mRemoteNG = v1.77.3.1784-NB Tested on:...

7.5CVSS7.6AI score0.00431EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.343 views

Student Study Center Management System v1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Student Study Center Management System v1.0 - Stored Cross-Site Scripting XSS Date of found: 12/05/2023 Exploit Author: VIVEK CHOUDHARY @sudovivek Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://phpgurukul.com Software Link:...

4.8CVSS5.2AI score0.03663EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.343 views

SAP BusinessObjects Intelligence 4.3 - XML External Entity (XXE)

Exploit Title: SAP BusinessObjects Intelligence 4.3 - XML External Entity XXE Google Dork: N/A Date: 4/21/2022 Exploit Author: West Shepherd Vendor Homepage: https://www.sap.com/ Software Link: https://www.sap.com/ Version: 4.2 and 4.3 Tested on: Windows Server 2019 x64 CVE : CVE-2022-28213...

8.1CVSS8.2AI score0.12476EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/08/31 12:0 a.m.343 views

BlazeDVD 7.0 Professional - &#039;.plf&#039; Local Buffer Overflow (SEH,ASLR,DEP)

Title: BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow SEH,ASLR,DEP Author: emalp Date: 2020-08-31 Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested on: Windows 7 Home Basic Run this file bfile.plf...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/13 12:0 a.m.343 views

phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery

============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 CVSS Base Score - CVE-ID: CVE-2019-12922 ============================================= I...

6.5CVSS7AI score0.10182EPSS
Exploits5
Total number of security vulnerabilities5000