Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.329 views

Real Player v.20.0.8.310 G2 Control - 'DoGoToURL()' Remote Code Execution (RCE)

Exploit Title: Real Player v.20.0.8.310 G2 Control - 'DoGoToURL' Remote Code Execution RCE Google Dork: n/a Date: May 31, 2022 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: v.20.0.8.310 Tested on: Windows 7, 8.1, 10 CVE : N/A Full...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/21 12:0 a.m.329 views

FileCloud 21.2 - Cross-Site Request Forgery (CSRF)

Exploit Title: FileCloud 21.2 - Cross-Site Request Forgery CSRF Date: 2022-02-20 Exploit Author: Masashi Fujiwara Vendor Homepage: https://www.filecloud.com/ Software Link: https://hub.docker.com/r/filecloud/filecloudserver21.2 Version: All versions of FileCloud prior to 21.3 Fiexd: version...

8.8CVSS8.9AI score0.03271EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.329 views

WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.329 views

Nettmp NNT 5.1 - SQLi Authentication Bypass

Exploit Title: Nettmp NNT 5.1 - SQLi Authentication Bypass Date: 23/12/2021 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://wiki.nettemp.tk Software Link: https://wiki.nettemp.tk Version: nettmp NNT Tested on: Linux Ubuntu 20.04 Payload: username: 1' or 1=1;-- password: \ Proo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/31 12:0 a.m.329 views

DD-WRT 45723 - UPNP Buffer Overflow (PoC)

Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Date: 24.03.2021 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.329 views

PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload

Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.329 views

Centreon 19.10.5 - 'id' SQL Injection

Exploit Title: Centreon 19.10.5 - 'id' SQL Injection Date: 2020-04-19 Exploit Author: Basim alabdullah Vendor Homepage: https://www.centreon.com Software Link: https://download.centreon.com/ Version: v.19.10.5 Tested on: Centos 5 EXECUTIVE SUMMARY Centreon has come a long way from its early roots...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/17 12:0 a.m.329 views

Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows NtUserSetWindowFNID Win32k User Callback', 'Description' = %q An elevation of privilege vulnerability exists in Windows when the Win32k...

7.8CVSS8.1AI score0.69833EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/01/05 12:0 a.m.329 views

Cisco IOS - Remote Code Execution

!/usr/bin/env python if False: ''' CVE-2017-6736 / cisco-sa-20170629-snmp Cisco IOS remote code execution =================== This repository contains Proof-Of-Concept code for exploiting remote code execution vulnerability in SNMP service disclosed by Cisco Systems on June 29th 2017 - Descriptio...

9CVSS8.7AI score0.70559EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.328 views

SugarCRM 14.0.0 - SSRF/Code Injection

Exploit Title : SugarCRM 14.0.0 - SSRF/Code Injection Author: Egidio Romano aka EgiX Email : [email protected] Software Link: https://www.sugarcrm.com Affected Versions: All commercial versions before 13.0.4 and 14.0.1. CVE Reference: CVE-2024-58258 Vulnerability Description: User input passed...

7.2CVSS6.6AI score0.13248EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.328 views

freeSSHd 1.0.9 - Denial of Service (DoS)

Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Date: 2024-01-13 Discovery by: Fernando Mengali Linkedin: https://www.linkedin.com/in/fernando-mengali/ Software Link: https://www.exploit-db.com/apps/be82447d556d60db55053d658b4822a8-freeSSHd.exe Version: 1.0.9 Tested on: Window XP Profession...

7.5CVSS7.4AI score0.03649EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/05/29 12:0 a.m.328 views

Campcodes Online Hospital Management System 1.0 - SQL Injection

Exploit Title: Campcodes Online Hospital Management System 1.0 - SQL Injection Google Dork: N/A Exploit Author: Carine Constantino Vendor Homepage: https://www.campcodes.com Software Link: https://www.campcodes.com/projects/online-hospital-management-system-using-php-and-mysql/ Version: 1.0 Teste...

9.8CVSS7.1AI score0.00758EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/17 12:0 a.m.328 views

Usermin 2.100 - Username Enumeration

Exploit Title: Usermin 2.100 - Username Enumeration Date: 10.02.2024 Exploit Author: Kjesper Vendor Homepage: https://www.webmin.com/usermin.html Software Link: https://github.com/webmin/usermin Version: = 2.100 Tested on: Kali Linux CVE: CVE-2024-44762...

5.3CVSS7.1AI score0.02621EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.328 views

WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Google Dork: NA Date: 28/10/2023 Exploit Author: Rachit Arora Vendor Homepage: Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.328 views

TP-Link TL-WR740N - UnAuthenticated Directory Transversal

Exploit Title: TP-Link TL-WR740N UnAuthenticated Directory Transversal Date: 25/9/2023 Exploit Author: Syed Affan Ahmed ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.329 views

Groomify v1.0 - SQL Injection

Exploit Title: Groomify v1.0 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/groomify-barbershop-salon-spa-booking-and-ecommerce-platform/45808114 Demo Site: https://script.bugfinder.net/groomify Tested on: Kali Linux CVE: N/A Vulnerable URL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.328 views

Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution

Exploit Title: Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.5 Hardware revision: 1.1 SoapLive 2.4.0 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.328 views

Sourcegraph Gitserver 3.36.3 - Remote Code Execution (RCE)

Exploit Title: Sourcegraph Gitserver 3.36.3 - Remote Code Execution RCE Date: 2022-06-10 Exploit Author: Altelus Vendor Homepage: https://about.sourcegraph.com/ Version: 3.63.3 Tested on: Linux CVE : CVE-2022-23642 Docker Container: sourcegraph/server:3.36.3 Sourcegraph prior to 3.37.0 has a remo...

8.8CVSS7AI score0.7431EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.328 views

Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPr...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.328 views

IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path

Exploit Title: IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : HTC Version : IPTInstaller 4.0.9 Vendor Homepage : https://www.htc.com/latam/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\DSAZ230sc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/16 12:0 a.m.328 views

Seat Reservation System 1.0 - Unauthenticated SQL Injection

Title: Seat Reservation System 1.0 - Unauthenticated SQL Injection Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/seat-reservation-system-using-php0.zip Version: 1.0 Teste...

9.1CVSS9.4AI score0.11301EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.328 views

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd

mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is com.apple.audio.AudioFileServer, a fairly simple XPC service which will parse...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.328 views

logrotten 3.15.1 - Privilege Escalation

Exploit Title: logrotten 3.15.1 - Privilege Escalation Date: 2019-10-04 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://github.com/logrotate/logrotate Software Link: https://github.com/logrotate/logrotate/releases/tag/3.15.1 Version: all versions through 3.15.1 Tested on: Debian...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/21 12:0 a.m.328 views

Netatalk 3.1.12 - Authentication Bypass

Exploit Title: Netatalk Authentication Bypass Date: 12/20/2018 Exploit Author: Jacob Baines Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 Tested on: Seagate NAS OS x8664 CVE : CVE-2018-1160 Advisory:...

10CVSS9.6AI score0.86539EPSS
Exploits10
Exploit DB
Exploit DB
added 2010/09/21 12:0 a.m.328 views

mountall 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation

source: https://www.securityfocus.com/bid/43084/info !/bin/sh by fuzz. For Anux inc. ubuntu 10.04 , 10.10 if -z "$1" then echo "usage: $0 " echo "see here http://www.reactivated.net/writingudevrules.html" exit fi cat usn985-exploit.sh usn985-sc.c /dev/.udev/rules.d/root.rules chmod +x...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/11 12:0 a.m.328 views

BOA Web Server 0.94.x - Terminal Escape Sequence in Logs Command Injection

source: https://www.securityfocus.com/bid/37718/info Boa Webserver is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. Boa Webserver 0.94.14rc21 is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.327 views

Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

Exploit Title: Winter CMS 1.2.2 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 Tested :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.327 views

Karaf v4.4.3 Console - RCE

!/usr/bin/python Exploit Title: Karaf v4.4.3 Console RCE Date: 2023-08-07 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-karaf-exploits.git Vendor Homepage: https://karaf.apache.org Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.327 views

Akaunting < 3.1.3 - RCE

Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...

9.8CVSS9.7AI score0.30036EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.327 views

Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection

Exploit Title: Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection Date: 26 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.327 views

R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure Vendor: R Radio Network Product web page: http://www.pktc.ac.th Affected version: 1.07 Summary: R Radio FM Transmitter that includes FM Exciter and FM Amplifier parameter setup. Desc: The transmitter suffers from an improper acces...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.327 views

Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass

Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.327 views

Microsoft Windows 11 - 'cmd.exe' Denial of Service

Exploit Title: Microsoft Windows 11 - 'cmd.exe' Denial of Service Exploit Author: Milad Karimi Ex3ptionaL Date: 2023-03-30 Vendor Homepage: https://www.microsoft.com/en-us Software Link: https://www.microsoft.com/en-us Tested Version: N/A Tested on OS: Windows 11 Pro About App Microsoft Windows i...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.327 views

Avantune Genialcloud ProJ 10 - Cross-Site Scripting (XSS)

Exploit Title: Avantune Genialcloud ProJ 10 - Cross-Site Scripting XSS Date: 2022-06-01 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.avantune.com Software Link: https://www.genialcloud.com - https://www.genialcloud.com/discover-genialcloud-proj - https://store.genialcloud.com...

6.1CVSS6.3AI score0.02363EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/03/02 12:0 a.m.327 views

Xerte 3.9 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...

8.8CVSS8.8AI score0.12782EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.327 views

GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...

9.8CVSS7.4AI score0.806EPSS
Exploits12
Exploit DB
Exploit DB
added 2021/03/17 12:0 a.m.327 views

FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR & DEP Bypass)

Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Date: 15/03/2020 Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.327 views

Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation

Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Local Privilege Escalation Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Local Privilege Escalation Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/05 12:0 a.m.327 views

Saltstack 3000.1 - Remote Code Execution

Exploit Title: Saltstack 3000.1 - Remote Code Execution Date: 2020-05-04 Exploit Author: Jasper Lievisse Adriaanse Vendor Homepage: https://www.saltstack.com/ Version: 3000.2, 2019.2.4, 2017., 2018. Tested on: Debian 10 with Salt 2019.2.0 CVE : CVE-2020-11651 and CVE-2020-11652 Discription:...

9.8CVSS8.7AI score0.96405EPSS
Exploits25
Exploit DB
Exploit DB
added 2019/06/17 12:0 a.m.327 views

Thunderbird ESR < 60.7.XXX - 'icalrecur_add_bydayrules' Stack-Based Buffer Overflow

X41 D-Sec GmbH Security Advisory: X41-2019-003 Stack-based buffer overflow in Thunderbird ========================================== Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL:...

9.8CVSS9.7AI score0.09903EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/10/09 12:0 a.m.327 views

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (2)

!/usr/bin/python import requests import re import signal from optparse import OptionParser class bcolors: HEADER = '\03395m' OKBLUE = '\03394m' OKGREEN = '\03392m' WARNING = '\03393m' FAIL = '\03391m' ENDC = '\0330m' BOLD = '\0331m' UNDERLINE = '\0334m' banner=""" / \ \ / / | | \ / / | | / | \ /...

8.1CVSS7AI score0.99988EPSS
Exploits23
Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.326 views

Java-springboot-codebase 1.1 - Arbitrary File Read

Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 1.1 Tested on:...

8.7CVSS7AI score0.03847EPSS
Exploits14
Exploit DB
Exploit DB
added 2025/04/15 12:0 a.m.326 views

Spring Boot common-user-management 0.1 - Remote Code Execution (RCE)

Exploit Title: Unrestricted File Upload Google Dork: Date: 14/Nov/2024 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 0.1 Tested on: Debian Linux CVE :...

8.7CVSS6.8AI score0.03222EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/09 12:0 a.m.326 views

Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)

Exploit Title: Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution RCE Google Dork: N/A Date: 07/09/2024 Exploit Author: Andrew Lemon/Red Threat https://redthreatsec.com Vendor Homepage: https://www.q-free.com Software Link: N/A Version: 1.9 Tested on: Intelight x-1 Linux...

9.8CVSS9.7AI score0.02368EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/06/03 12:0 a.m.326 views

CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: CMSimple 5.15 - Remote Command Execution Date: 04/28/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.cmsimple.org Software Link: https://www.cmsimple.org/downloadscmsimple50/CMSimple5-15.zip Version: latest Tested on: MacOS Log in to SimpleCMS. Go to Settings CM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.326 views

Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART2.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.326 views

Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)

Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...

4.3CVSS4.7AI score0.00511EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.326 views

copyparty 1.8.2 - Directory Traversal

Exploit Title: copyparty 1.8.2 - Directory Traversal Date: 14/07/2023 Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE :...

7.5CVSS7.5AI score0.42828EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.326 views

Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module

Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...

9.6CVSS5.6AI score0.02631EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/23 12:0 a.m.326 views

OpenCart v3.x Newsletter Module - Blind SQLi

Exploit Title: OpenCart v3.x Newsletter Module - Blind SQLi Date: 19/05/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=marketplace/extension/info&extensionid=32750&filtermember=Zemez Version: v.3.0.2.0 Tested on...

7.4AI score
Exploits0
Total number of security vulnerabilities5000