Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.326 views

XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service

Exploit Title: XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.xmedia-recode.de/ Link Software : https://www.xmedia-recode.de/download.php Tested on OS: Windows 7 Social: twitter.com/ZwX2a contact: [email protected] ''' Proof...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/06/18 12:0 a.m.326 views

Nikto 2.1.6 - CSV Injection

Exploit Title: Nikto 2.1.6 - CSV Injection Google Dork: N/A Date: 2018-06-01 Exploit Author: Adam Greenhill Vendor Homepage: https://cirt.net/Nikto2 Software Link: https://github.com/sullo/nikto Affected Version: 2.1.6, 2.1.5 Category: Applications Tested on: Kali Linux 4.14 x64 CVE :...

10CVSS9.5AI score0.24727EPSS
Exploits5
Exploit DB
Exploit DB
added 2009/04/28 12:0 a.m.326 views

Linux Kernel 2.6.20/2.6.24/2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Overflow

/ CVE-2009-0065 SCTP FWD Chunk Memory Corruption Linux Kernel 2.6.x SCTP FWD Memory COrruption Remote Exploit coded by: sgrakkyu antifork.org http://kernelbof.blogspot.com NOTE: you need at least one sctp application bound on the target box Supported target: Ubuntu 7.04 x8664 2.6.2015-17-generic ...

10CVSS6.3AI score0.1673EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/07/06 12:0 a.m.325 views

Gila CMS 1.10.9 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Gila CMS 1.10.9 - Remote Code Execution RCE Authenticated Date: 05-07-2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/ Version: Gila 1.10.9 Tested on: Linux import requests from termcolor import...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/01 12:0 a.m.325 views

GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: GitLab v15.3 - Remote Code Execution RCE Authenticated Date: 2022-12-25 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install/ Version: GitLab CE/EE, all versions from 11.3.4 prior to 15.1.5, 15.2 to...

9.9CVSS9.8AI score0.75718EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/09 12:0 a.m.325 views

Cobian Backup 0.9 - Unquoted Service Path

Exploit Title: Cobian Backup 0.9 - Unquoted Service Path Date: 06/03/2022 Exploit Author: Hejap Zairy Vendor Homepage: https://www.cobiansoft.com// Software Link: https://www.cobiansoft.com/download.php/ Version:0.9.93 Tested: Windows 10 Pro x64 es C:\Users\Hejapsc qc CobianReflectorService SC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/18 12:0 a.m.325 views

Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/fmlurlsvc/ Date: 01-Feb-2022 Exploit Author: Braiant Giraldo Villa Contact: @ironfortress Twitter Vendor Homepage: https://www.fortinet.com/products/email-security Software Link:...

6.1CVSS6.3AI score0.12936EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.325 views

WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection (Unauthenticated)

Exploit Title: WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection Unauthenticated Date 26.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.6.1.0.zi...

9.8CVSS9.6AI score0.728EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.325 views

Exam Form Submission System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Exam Form Submission System 1.0 - SQL Injection Authentication Bypass Date: 30-09-2021 Exploit Author: Nitin Sharma Vidvansh Vendor Homepage: https://code-projects.org Product link: https://code-projects.org/exam-form-submission-in-php-with-source-code/ Version: 1.0 Tested on: XAMP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/23 12:0 a.m.325 views

DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting XSS Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty, g3ck0dr1v3r Date: 04/23/2021 Vendor: http://www.dzzoffice.com/ Link: https://github.com/zyx0814/dzzoffice CVE: CVE-2021-3318 + Exploit Source: !/usr/bin/python3 Author...

6.1CVSS6.3AI score0.02848EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.325 views

GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...

9.8CVSS7.4AI score0.806EPSS
Exploits12
Exploit DB
Exploit DB
added 2021/03/17 12:0 a.m.325 views

FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR & DEP Bypass)

Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Date: 15/03/2020 Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.325 views

ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting

Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting Date: 11/8/2020 Exploit Author: Joe Helle Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products Version: 19.46.1802.0 Tested on: Linux CVE: 2020-28351 PoC: The conferencing component on...

6.1CVSS6.3AI score0.15987EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/02/06 12:0 a.m.325 views

Online Job Portal 1.0 - Cross Site Request Forgery (Add User)

Exploit Title: Online Job Portal 1.0 - Cross Site Request Forgery Add User Dork: N/A Date: 2020-02-06 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/13850/online-job-portal-phppdo.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.325 views

IBM RICOH 6400 Printer - HTML Injection

Exploit Title: IBM RICOH 6400 Printer - HTML Injection Date: 2020-01-02 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link: https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=649/ENUSA02-1405&appname=USN Firmware Version: 1.1.26...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.325 views

Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting

Title: Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting Date: 2019-10-07 Author: Min Ko Ko Creatigon Vendor Homepage: https://subrion.org/ CVE : https://nvd.nist.gov/vuln/detail/CVE-2019-17225 Website : https://l33thacker.com Description : Allows XSS via the panel/members/ Username, Full...

5.4CVSS5.8AI score0.01938EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/24 12:0 a.m.325 views

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service

There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've been able to construct an X.509 certificate that triggers the bug. I've found that...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/20 12:0 a.m.325 views

WordPress Plugin Add Mime Types 2.2.1 - Cross-Site Request Forgery

Exploit Title: CSRF vulnerabilities in WP Add Mime Types Plugin...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/09 12:0 a.m.325 views

Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read

// A proof-of-concept exploit for CVE-2017-18344. // Includes KASLR and SMEP bypasses. No SMAP bypass. // No support for 1 GB pages or 5 level page tables. // Tested on Ubuntu xenial 4.4.0-116-generic and 4.13.0-38-generic // and on CentOS 7 3.10.0-862.9.1.el7.x8664. // // gcc pwn.c -o pwn // // ...

5.5CVSS6.9AI score0.03228EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.324 views

NodeJS 24.x - Path Traversal

Exploit Title : NodeJS 24.x - Path Traversal Exploit Author : Abdualhadi khalifa CVE : CVE-2025-27210 import argparse import requests import urllib.parse import json import sys def exploitpathtraversalprecisetargeturl: str, targetfile: str, method: str - dict: traversesequence = "..\" 6...

7.5CVSS5.7AI score0.09752EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/04/15 12:0 a.m.324 views

IBMi Navigator 7.5 - Server Side Request Forgery (SSRF)

Author Title: John Page aka hyp3rlinx Author Website: hyp3rlinx.altervista.org Source: https://hyp3rlinx.altervista.org/advisories/IBMiNavigatorHTTPSecurityTokenBypass-CVE-2024-51464.txt Vendor: www.ibm.com Vendor www.ibm.com Product Navigator for i is a Web console interface where you can perfor...

5.4CVSS4.8AI score0.01417EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.324 views

Simple Student Attendance System v1.0 - Time Based Blind SQL Injection

Exploit Title: Simple Student Attendance System - Time Based Blind SQL Injection Date: 26 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/17018/simple-student-attendance-system-using-php-and-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.324 views

SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration

Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Date: 05/12/2023 Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp...

5.3CVSS5.4AI score0.01808EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.324 views

Rail Pass Management System 1.0 - Time-Based SQL Injection

Exploit Title: Rail Pass Management System - 'searchdata' Time-Based SQL Injection Date: 02/10/2023 Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/rail-pass-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17479...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.324 views

Academy LMS 6.1 - Arbitrary File Upload

Exploit Title: Academy LMS 6.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 05/08/2023 Vendor: Creativeitem Vendor Homepage: https://academylms.net/ Software Link: https://demo.academylms.net/ Version: 6.1 Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CW...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/11 12:0 a.m.325 views

AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...

6.7AI score
Exploits3
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.324 views

Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit - Remote Code Execution (RCE)

Title: Microsoft 365 MSO Version 2305 Build 16.0.16501.20074 64-bit - Remote Code Execution RCE Author: nu11secur1ty Date: 04.17.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/ Reference:...

7.8CVSS7.8AI score0.03011EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.324 views

FLEX 1080 < 1085 Web 1.6.0 - Denial of Service

Exploit Title: FLEX 1080 1085 Web 1.6.0 - Denial of Service Date: 2023-05-06 Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested on: Android CVE ID: CVE-2022-2591 !/usr/bin/env python3 import request...

7.5CVSS7.7AI score0.0667EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.324 views

Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection (Authenticated)

Exploit Title: Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection Authenticated Date 28.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.download-monitor.com/ Software Link: https://downloads.wordpress.org/plugin/download-monitor.4.4.4.zip Version: 4.4.5...

7.2CVSS7.2AI score0.17484EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/25 12:0 a.m.324 views

WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting XSS Authenticated Date: 23-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: Software Link: https://wordpress.org/plugins/simple-tags/ Tested on Windows CVE: CVE-2021-24444...

4.8CVSS5.1AI score0.02315EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.324 views

OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated)

Exploit Title: OpenEMR 5.0.1.7 - 'fileName' Path Traversal Authenticated Date 16.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5017.zip Version: All versions prior to 5.0.2 Tested on:...

8.8CVSS7.5AI score0.66891EPSS
Exploits11
Exploit DB
Exploit DB
added 2021/02/01 12:0 a.m.324 views

MyBB Delete Account Plugin 1.4 - Cross-Site Scripting

Exploit Title: MyBB Delete Account Plugin 1.4 - Cross-Site Scripting Date: 1/25/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://github.com/vintagedaddyo/MyBBPlugin-DeleteAccount/ Version: 1.4 Tested on: Windows 10 1. Description: This plugin allows users to delete...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.324 views

PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval

Exploit Title: PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval Date: 9 Jan 2021 Exploit Author: rootabeta Vendor Homepage: The original page, https://dmitryivanov.net/, cannot be found at this time of writing. The vulnerable software can be downloaded from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/05 12:0 a.m.324 views

NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path

Exploit Title: NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-12-04 Vendor Homepage : http://www.netgate.sk/ Link Software : http://www.netgate.sk/download/download.php?id=5 Tested on OS: Windows 7 Analyze PoC : ==============...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.323 views

UJCMS 9.6.3 - User Enumeration via IDOR

Exploit Title: UJCMS 9.6.3 User Enumeration via IDOR Exploit Author: Cyd Tseng Date: 11 Dec 2024 Category: Web application Vendor Homepage: https://dromara.org/ Software Link: https://github.com/dromara/ujcms Version: UJCMS 9.6.3 Tested on: Linux CVE: CVE-2024-12483 Advisory:...

6.3CVSS7.4AI score0.03507EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.323 views

TP-LINK TL-WR740N - Multiple HTML Injection

Exploit Title: TP-LINK TL-WR740N - Multiple HTML Injection Vulnerabilities Date: 25/9/2023 Exploit Author: Shujaat Amin ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.323 views

Atcom 2.7.x.x - Authenticated Command Injection

Exploit Title: Atcom 2.7.x.x - Authenticated Command Injection Google Dork: N/A Date: 07/09/2023 Exploit Author: Mohammed Adel Vendor Homepage: https://www.atcom.cn/ Software Link: https://www.atcom.cn/html/yingwenban/Product/FastIPphone/2017/1023/135.html Version: All versions above 2.7.x.x Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.323 views

Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Monstra 3.0.4 - Stored Cross-Site Scripting XSS Date: 2023-06-13 Exploit Author: tmrswrr Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested : https://www.softaculous.com/softaculous/demos/Monstra --- Description --- 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/13 12:0 a.m.323 views

Sales Tracker Management System v1.0 - Multiple Vulnerabilities

Exploit Title: Sales Tracker Management System v1.0 – Multiple Vulnerabilities Google Dork: NA Date: 09-06-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3184 ============================== CREDENTIAL TO USE...

4.8CVSS5AI score0.02264EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.323 views

RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution

Exploit Title: RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/RSANETWITNESSEDRAGENTINCORRECTACCESSCONTROLCVE-2022-47529.txt + twitter.com/hyp3rlinx...

6.7CVSS6.6AI score0.0157EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.323 views

Online Admission System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Admission System 1.0 - Remote Code Execution RCE Unauthenticated Date: 23/12/2021 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/rskoolrash/Online-Admission-System Software Link: https://github.com/rskoolrash/Online-Admission-System Tested on: LAMP Stack...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/16 12:0 a.m.323 views

Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting XSS Date: 06/12/2021 Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 ==...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.323 views

Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated)

Exploit Title: Netgear DGN2200v1 - Remote Command Execution RCE Unauthenticated Date: 02.07.2021 Exploit Author: SivertPL Vendor Homepage: https://www.netgear.com/ Version: All prior to v1.0.0.60 !/usr/bin/python """ NETGEAR DGN2200v1 Unauthenticated Remote Command Execution Author: SivertPL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/30 12:0 a.m.323 views

Simple Traffic Offense System 1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Simple Traffic Offense System 1.0 - 'Multiple' Stored Cross Site Scripting XSS Date: 30-06-2021 Exploit Author: Barış Yıldızoğlu Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/trafic.zip Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.323 views

Online News Portal 1.0 - 'name' SQL Injection

Exploit Title: Online News Portal 1.0 - 'name' SQL Injection Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.323 views

QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path

Exploit Title: QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.qnap.com Tested Version: 5.0.0.13230 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.323 views

Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path

Exploit Title: Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-08 Vendor Homepage: https://www.filehorse.com/es/descargar-motorola-device-manager/ Tested Version: 2.4.5 Vulnerability Type: Unquoted Service Path Tested ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.323 views

CloudMe 1.11.2 - Buffer Overflow (PoC)

Exploit Title: CloudMe 1.11.2 - Buffer Overflow PoC Date: 2020-04-27 Exploit Author: Andy Bowden Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 10 x86 Instructions: Start the CloudMe service a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.323 views

LibreNMS - Collectd Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS Collectd Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Collectd graphing...

7.2CVSS7.4AI score0.80662EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/04/02 12:0 a.m.323 views

Kemp Load Master 7.1.16 - Multiple Vulnerabilities

Exploit Title: Kemp Load Master - Multiple Vulnerabilities RCE, CSRF, XSS, DoS Date: 01 April 2015 Author: Roberto Suggi Liverani Software Link: http://kemptechnologies.com/load-balancer/ Version: 7.1.16 and previous versions Tested on: Kemp Load Master 7.1-16 CVE : CVE-2014-5287/5288 Link:...

8.8CVSS8.8AI score0.07932EPSS
Exploits6
Total number of security vulnerabilities5000