Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2015/04/02 12:0 a.m.323 views

Kemp Load Master 7.1.16 - Multiple Vulnerabilities

Exploit Title: Kemp Load Master - Multiple Vulnerabilities RCE, CSRF, XSS, DoS Date: 01 April 2015 Author: Roberto Suggi Liverani Software Link: http://kemptechnologies.com/load-balancer/ Version: 7.1.16 and previous versions Tested on: Kemp Load Master 7.1-16 CVE : CVE-2014-5287/5288 Link:...

8.8CVSS8.8AI score0.07932EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/05/01 12:0 a.m.322 views

Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: https://hyp3rlinx.altervista.org/advisories/MicrosoftWindowsxrm-msFileNTLM-HashDisclosure.txt x.com/hyp3rlinx ISR: ApparitionSec Vendor www.microsoft.com Product .xrm-ms File Type Vulnerability Type NTLM Hash...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/13 12:0 a.m.322 views

Online Fire Reporting System OFRS - SQL Injection Authentication Bypass

Exploit Title: Online Fire Reporting System SQL Injection Authentication Bypass Date: 02/10/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://phpgurukul.com/online-fire-reporting-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/28 12:0 a.m.322 views

Siklu MultiHaul TG series < 2.0.0 - unauthenticated credential disclosure

Exploit Title: Siklu MultiHaul TG series - unauthenticated credential disclosure Date: 28-02-2024 Exploit Author: semaja2 Vendor Homepage: https://siklu.com/ Software Link: https://partners.siklu.com/home/frontdoor Version: 2.0.0 Tested on: 2.0.0 CVE : None assigned Instructions 1. Perform IPv6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.322 views

Easywall 0.3.1 - Authenticated Remote Command Execution

Exploit Title: Easywall 0.3.1 - Authenticated Remote Command Execution Date: 30-11-2023 Exploit Author: Melvin Mejia Vendor Homepage: https://jpylypiw.github.io/easywall/ Software Link: https://github.com/jpylypiw/easywall Version: 0.3.1 Tested on: Ubuntu 22.04 import requests, json, urllib3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.322 views

Razer Sila - Command Injection

Exploit Title: Razer Sila - Command Injection Google Dork: N/A Date: 4/9/2022 Exploit Author: Kevin Randall Vendor Homepage: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Software Link: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/02 12:0 a.m.322 views

Prowise Reflect v1.0.9 - Remote Keystroke Injection

Exploit Title: Prowise Reflect v1.0.9 - Remote Keystroke Injection Date: 30/10/2022 Exploit Author: Rik Lutz Vendor Homepage: https://www.prowise.com/ Version: V1.0.9 Tested on: Windows 10 Prowise Reflect software version 1.0.9 for Windows is vulnerable to a remote keystroke injection. Much like...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.322 views

WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming

Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...

4.3CVSS5AI score0.03205EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.322 views

PolicyKit-1 0.105-31 - Privilege Escalation

Exploit Title: PolicyKit-1 0.105-31 - Privilege Escalation Exploit Author: Lance Biggerstaff Original Author: ryaagard https://github.com/ryaagard Date: 27-01-2022 Github Repo: https://github.com/ryaagard/CVE-2021-4034 References: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt...

7.8CVSS8.3AI score0.94921EPSS
Exploits152
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.322 views

Vodafone H-500-s 3.5.10 - WiFi Password Disclosure

Exploit Title: Vodafone H-500-s 3.5.10 - WiFi Password Disclosure Date: 01/01/2022 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.vodafone.es/ Software Link: N/A Version: Firmware version Vodafone-H-500-s-v3.5.10 Hardware model: Sercomm VFH500 The WiFi access point password...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/24 12:0 a.m.322 views

Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting

Title: Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.322 views

IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal

Exploit Title: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal Date: 2020-01-01 Exploit Author: Raif Berkay Dincel Vendor Homepage: ibm.com Software https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&appname=iSource&supplier=897&letternum=ENUS107-295...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/29 12:0 a.m.322 views

rConfig 3.9.2 - Remote Code Execution

Exploit Title: rConfig 3.9.2 - Remote Code Execution Date: 2019-09-18 Exploit Author: Askar Vendor Homepage: https://rconfig.com/ Software link: https://rconfig.com/download Version: v3.9.2 Tested on: CentOS 7.7 / PHP 7.2.22 CVE : CVE-2019-16662 !/usr/bin/python import requests import sys from...

10CVSS9.8AI score0.97702EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/07/11 12:0 a.m.322 views

SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow

!/usr/bin/python -- coding: utf-8 -- -------------------------------------------------------------------- Exploit: SNMPc Enterprise Edition 9 & 10 Mapping File Name BOF Date: 11 July 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://www.castlerock.com/ Software Linke:...

7.8CVSS7AI score0.03887EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.322 views

Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'AlienVault USM/OSSIM API Command Execution', 'Description' = %q This module exploits an unauthenticated command injection in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/09 12:0 a.m.322 views

ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Local Privilege Escalation

!/usr/bin/env python ''' team-edward.py Linux Kernel http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access the internal ".reiserfspriv" directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/04 12:0 a.m.322 views

PHP 4.4.3 < 4.4.6 - 'PHPinfo()' Cross-Site Scripting

//////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan Esser //...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.321 views

Tatsu 3.3.11 - Unauthenticated RCE

Exploit Title:Tatsu 3.3.11 - Unauthenticated RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Product: Tatsu wordpress plugin = 3.3.11 CVE:...

8.1CVSS7.4AI score0.83232EPSS
Exploits9
Exploit DB
Exploit DB
added 2024/05/19 12:0 a.m.321 views

PopojiCMS 2.0.1 - Remote Command Execution (RCE)

Exploit Title: PopojiCMS 2.0.1 - Remote Command Execution Date: 14/04/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/15 12:0 a.m.321 views

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

10CVSS8.3AI score0.75863EPSS
Exploits14
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.321 views

Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Xoops CMS 2.5.10 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-12 Exploit Author: tmrswrr Vendor Homepage: https://xoops.org/ Software https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10 Version: 2.5.10 Tested : https://www.softaculous.com/apps/cms/Xoops ---...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.321 views

TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)

Exploit Title: TinyWebGallery v2.5 - Stored Cross-Site Scripting XSS Application: TinyWebGallery Version: v2.5 Bugs: Stored Xss Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.321 views

Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls

Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...

7.5CVSS7AI score0.21127EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.321 views

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

9.8CVSS9.8AI score0.99999EPSS
Exploits10
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.321 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.321 views

Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/23 12:0 a.m.321 views

aaPanel 6.8.21 - Directory Traversal (Authenticated)

Exploit Title: aaPanel 6.8.21 - Directory Traversal Authenticated Date: 22.02.2022 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.aapanel.com/ Software Link: https://www.aapanel.com Version: 6.8.21 Tested on: Ubuntu Application vulnerable to Directory Traversal and attacker c...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.321 views

WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)

Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...

7.2CVSS7.2AI score0.73293EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.321 views

CMSimple_XH 1.7.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Date: 01-10-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleX...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.321 views

Online Voting System 1.0 - Authentication Bypass (SQLi)

Exploit Title: Online Voting System 1.0 - Authentication Bypass SQLi Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.321 views

Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure

Exploit Title: Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Date: 04-02-2021 Exploit Author: Berkan Er Vendor Homepage: https://www.sonlogger.com/ Version: 4.2.3.3 Tested on: Windows 10 Enterprise x64 Version 1803 A remote attacker can be create an user with SuperAdmin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.321 views

WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/data-tables-generator-by-supsystic.1.9.96.zip Category...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.321 views

Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution

Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Remote Program Execution Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/17 12:0 a.m.321 views

Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass

!/usr/bin/env ruby Title: Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass Author: noraj Alexandre ZANNI Author website: https://pwn.by/noraj/ Date: 2020-08-16 Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/archive/3.9.2.tar.gz Version: = 3.9.2...

9.8CVSS6.8AI score0.39598EPSS
Exploits9
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.321 views

Oriol Espinal CMS 1.0 - 'id' SQL Injection

Exploit Title: Oriol Espinal CMS 1.0 - 'id' SQL Injection Google Dork: inurl:/eotoolsshare/ Date: 2020-06-03 Exploit Author: TSAR Vendor Homepage: http://www.oriolespinal.es/eowd Software Link: http://www.oriolespinal.es/eotools Version: ALL VERSION UP TO LATEST Tested on: MACOS 10.11.2 CVE : NOt...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/19 12:0 a.m.321 views

Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi-Hole heisenbergCompensator Blocklist OS Command Execution', 'Description' = %q This exploits a command execution in Pi-Hole MSFLICENSE, 'Autho...

9CVSS9AI score0.78262EPSS
Exploits17
Exploit DB
Exploit DB
added 2020/01/24 12:0 a.m.321 views

Genexis Platinum-4410 2.1 - Authentication Bypass

Exploit Title: Genexis Platinum-4410 2.1 - Authentication Bypass Date: 20220-01-08 Exploit Author: Husinul Sanub Author Contact: https://www.linkedin.com/in/husinul-sanub-658239106/ Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Router https://genexis.co.in/product/ont/ Firmware...

9.8CVSS9.7AI score0.07329EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.321 views

Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG submission queue entries, which cause sendmsg to be called either in syscall context in the original task, o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/03 12:0 a.m.321 views

Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting

Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://github.com/bigprof-software/online-invoicing-system Software : Online Invoicing Syst...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.321 views

Linear eMerge E3 1.00-06 - Remote Code Execution

Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a Advisory:...

10CVSS9.7AI score0.97136EPSS
Exploits16
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.321 views

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection

Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

9.8CVSS9.8AI score0.25438EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/08/05 12:0 a.m.321 views

Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tika Header Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Apache Tika 1.15 - 1.17 on...

9.3CVSS8.3AI score0.93972EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/04/05 12:0 a.m.321 views

WordPress Plugin Contact Form Maker 1.13.1 - Cross-Site Request Forgery

Exploit Title: Contact Form by WD CSRF → LFI Date: 2019-03-17 Exploit Author: Panagiotis Vagenas Vendor Homepage: http://web-dorado.com/ Software Link: https://wordpress.org/plugins/contact-form-maker Version: 1.13.1 Tested on: WordPress 5.1.1 Description ----------- Plugin implements the followi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/10/30 12:0 a.m.321 views

eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection

============================================= - Release date: 29.10.2015 - Discovered by: Dawid Golunski - Severity: High/Critical - eBay Magento ref.: APPSEC-1045 ============================================= I. VULNERABILITY ------------------------- eBay Magento CE = 1.9.2.1 XML eXternal Entit...

6.8CVSS7.7AI score0.09911EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/06/21 12:0 a.m.321 views

Linux Kernel 3.13 - SGID Privilege Escalation

/ CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include include include include define STACKSIZE 1024...

6.2CVSS7.9AI score0.03303EPSS
Exploits4
Exploit DB
Exploit DB
added 2008/11/16 12:0 a.m.321 views

Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)

!/usr/bin/env python MS08-067 Exploit by Debasis Mohanty aka Tr0y/nopsled www.hackingspirits.com www.coffeeandsecurity.com Email: d3basis.m0hanty @ gmail.com E-DB Note: Exploit Update https://github.com/offensive-security/exploitdb/pull/77/filesdiff-5247d21ae6747fa8543ef0ba9c06c0e2 import struct...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/17 12:0 a.m.321 views

Mambo Component Sitemap 2.0.0 - Remote File Inclusion

Sitemap 2.0.0 for Mambo 4.5.1 CMS Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/01/06 12:0 a.m.321 views

OnePlug CMS - '/products/details.asp?Product_ID' SQL Injection

source: https://www.securityfocus.com/bid/16155/info OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/12/04 12:0 a.m.321 views

GnomeHack - Local Buffer Overflow

/ gnomehack local buffer overflow. gid=games60 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected] 12/17/2000 Tested on Debian 2.2, kernel 2.2.17 - x86. sgid "games"60 by default. bash-2.03$ id uid=1000loophole gid=501noc bash-2.03$ ./h 0 0 Ret-addr 0x7fffe81c, offset...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.320 views

Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account

Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage: https://www.commscope.com/globalassets/digizuite/917216-faq-security-advisory-id-20210525-v1-0.pdf Affected Product: Ruckus IoT Controller Version: 1.7.1.0 and...

9.8CVSS7.4AI score0.13773EPSS
Exploits5
Total number of security vulnerabilities5000