Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2023/08/08 12:0 a.m.320 views

Emagic Data Center Management Suite v6.0 - OS Command Injection

!/bin/bash Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" ech...

8.8CVSS8.9AI score0.24029EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.320 views

RWS WorldServer 11.7.3 - Session Token Enumeration

Exploit Title: RWS WorldServer 11.7.3 - Session Token Enumeration Session tokens in RWS WorldServer have a low entropy and can be enumerated, leading to unauthorised access to user sessions. Details ======= Product: WorldServer Affected Versions: 11.7.3 and earlier versions Fixed Version: 11.8.0...

5.3CVSS5.4AI score0.03122EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.320 views

Azure Apache Ambari 2302250400 - Spoofing

Exploit Title: Azure Apache Ambari 2302250400 - Spoofing Date: 2023-06-23 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : Remote Vendor Homepage: Microsoft Apache Ambari Microsoft azure Hdinsights Tested on: Windows/Linux CVE : CVE-2023-23408 import requests Set the URL and...

4.5CVSS5.3AI score0.04047EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.320 views

Vanguard 2.1 - 'Search' Cross-Site Scripting (XSS)

Exploit Title: Vanguard 2.1 - 'Search' Cross-Site Scripting XSS Date: 2021-10-26 Exploit Author: Vulnerability Lab Vendor Homepage: https://codecanyon.net/item/vanguard-marketplace-digital-products-php/20287975 Version: 2.1 Document Title: =============== Vanguard v2.1 - Search POST Inject Web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.320 views

Online Voting System 1.0 - Remote Code Execution (Authenticated)

Exploit Title: Online Voting System 1.0 - Remote Code Execution Authenticated Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.320 views

Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure

Exploit Title: Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Date: 04-02-2021 Exploit Author: Berkan Er Vendor Homepage: https://www.sonlogger.com/ Version: 4.2.3.3 Tested on: Windows 10 Enterprise x64 Version 1803 A remote attacker can be create an user with SuperAdmin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/13 12:0 a.m.320 views

AZORult Botnet - SQL Injection

import requests import argparse import base64 Azorult 3.3.1 C2 SQLi by prsecurity For research purposes only. Don't pwn what you don't own. change GUID and XOR key to specific beacon, can be extracted from a sample guid =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/10/30 12:0 a.m.320 views

eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection

============================================= - Release date: 29.10.2015 - Discovered by: Dawid Golunski - Severity: High/Critical - eBay Magento ref.: APPSEC-1045 ============================================= I. VULNERABILITY ------------------------- eBay Magento CE = 1.9.2.1 XML eXternal Entit...

6.8CVSS7.7AI score0.09911EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/11/16 12:0 a.m.320 views

Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)

!/usr/bin/env python MS08-067 Exploit by Debasis Mohanty aka Tr0y/nopsled www.hackingspirits.com www.coffeeandsecurity.com Email: d3basis.m0hanty @ gmail.com E-DB Note: Exploit Update https://github.com/offensive-security/exploitdb/pull/77/filesdiff-5247d21ae6747fa8543ef0ba9c06c0e2 import struct...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/05 12:0 a.m.319 views

Royal Elementor Addons and Templates 1.3.78 - Unauthenticated Arbitrary File Upload

Exploit Title: WordPress Plugin Royal Elementor Addons = 1.3.78 - Unauthenticated Arbitrary File Upload RCE Date: 2025-04-04 Exploit Author: Sheikh Mohammad Hasan https://github.com/4m3rr0r Vendor Homepage: https://royal-elementor-addons.com Software Link:...

9.8CVSS7.4AI score0.81695EPSS
Exploits18
Exploit DB
Exploit DB
added 2024/08/23 12:0 a.m.319 views

Helpdeskz v2.0.2 - Stored XSS

Exploit Title: Stored XSS Vulnerability via File Name Google Dork: N/A Date: 08 Aug 2024 Exploit Author: Md. Sadikul Islam Vendor Homepage: https://www.helpdeskz.com/ Software Link: https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip Version: v2.0.2 Tested on: Kali Linux / Firefox...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.319 views

Cmaps v8.0 - SQL injection

Exploit Title: Cmaps v8.0 - SQL injection - Date: 27.04.2023 - Exploit Author: Lucas Noki 0xPrototype - Vendor Homepage: https://github.com/vogtmh - Software Link: https://github.com/vogtmh/cmaps - Version: 8.0 - Tested on: Mac, Windows, Linux - CVE : CVE-2023-29809 Description: The vulnerability...

9.8CVSS7AI score0.10514EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.319 views

projectSend r1605 - Private file download

Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/24 12:0 a.m.319 views

Landa Driving School Management System 2.0.1 - Arbitrary File Upload

Exploit Title: Landa Driving School Management System 2.0.1 - Arbitrary File Upload Version 2.0.1 Google Dork: N/A Date: 17/01/2022 Exploit Author: Sohel Yousef - [email protected] Software Link: https://codecanyon.net/item/landa-driving-school-management-system/23220151 Landa Driving Schoo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/25 12:0 a.m.319 views

WordPress Plugin Mail Masta 1.0 - Local File Inclusion (2)

Exploit Title: WordPress Plugin Mail Masta 1.0 - Local File Inclusion 2 Date: 2021-08-24 Exploit Author: Matheus Alexandre Xcatolin Software Link: https://downloads.wordpress.org/plugin/mail-masta.zip Version: 1.0 WordPress Plugin Mail Masta is prone to a local file inclusion vulnerability becaus...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.319 views

Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload

Exploit Title: Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload Date: 09-11-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/08 12:0 a.m.319 views

Quick Player 1.3 - '.m3l' Buffer Overflow (Unicode & SEH)

Exploit Title: Quick Player 1.3 - '.m3l' Buffer Overflow Unicode & SEH Date: 2020-06-05 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof of Concept: 1.- Run the python script "poc.py", it will create a new...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/13 12:0 a.m.319 views

OpenTFTP 1.66 - Local Privilege Escalation

Exploit Title: OpenTFTP 1.66 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-12 Vendor Homepage: https://sourceforge.net/projects/tftp-server/ Software Link: https://sourceforge.net/projects/tftp-server/files/tftp%20server%20single%20port/OpenTFTPServerSPInstallerV1.66.exe/downloa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/16 12:0 a.m.319 views

Inteno IOPSYS Gateway - Improper Access Restrictions

Exploit Title: Inteno IOPSYS Gateway 3DES Key Extraction - Improper Access Restrictions Date: 2019-06-29 Exploit Author: Gerard Fuguet [email protected] Vendor Homepage: https://www.intenogroup.com/ Version: EG200-WU7P1UADAMO3.16.4-1902261650 Fixed Version: EG200-WU7P1UADAMO3.16.8-1908200937...

6.5CVSS6.7AI score0.02035EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/26 12:0 a.m.319 views

Moodle Filepicker 3.5.2 - Server Side Request Forgery

Exploit Title: Server Side Request Forgery in Moodle Filepicker Google Dork: / Date: 2019-07-25 Exploit Author: Fabian Mosch & Nick Theisinger r-tec IT Security GmbH Vendor Homepage: https://moodle.org/ Software Link: https://github.com/moodle/moodle Version: Moodle Versions 3.4, 3.3, 3.3.3, 3.2 ...

6.5CVSS6.7AI score0.15572EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.319 views

Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation

// A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on 4.8.0-41-generic Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308 // // Usage: // user@ubuntu:$ uname -a // Linux ubuntu 4.8.0-41-generic 4416.04.1-Ubuntu...

7.8CVSS8.1AI score0.17827EPSS
Exploits17
Exploit DB
Exploit DB
added 2014/04/11 12:0 a.m.319 views

Sendy 1.1.9.1 - SQL Injection

Exploit Title: Sendy 1.1.9.1 - SQL Injection Vulnerability Date: 2014-04-10 Exploit Author: marduk369 Vendor Homepage: http://sendy.co/ Software Link: http://sendy.co/ Version: 1.1.9.1 root@kali: sqlmap -u 'http://server1/send-to?i=1&c=10' --cookie="version=1.1.9.1; PHPSESSID=phpsessid value;...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/23 12:0 a.m.319 views

Linux Kernel 2.6.39 < 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper' Local Privilege Escalation (1)

/ Exploit code is here: http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c Blog post about it is here: http://blog.zx2c4.com/749 EDB-Note: Updated version can be found here: https://www.exploit-db.com/exploits/35161/ Exploit Title: Mempodipper - Linux Local Root for =2.6.39, 32-bit and 64-bit...

6.9CVSS7AI score0.10904EPSS
Exploits11
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.318 views

WonderCMS 3.4.2 - Remote Code Execution (RCE)

Exploit Title: WonderCMS 3.4.2 - Remote Code Execution RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ CVE: CVE-2023-41425 import requests import...

6.1CVSS7.4AI score0.54305EPSS
Exploits16
Exploit DB
Exploit DB
added 2025/04/05 12:0 a.m.318 views

Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection

Exploit Title: Microchip TimeProvider 4100 Grandmaster Data plot modules 2.4.6 - SQL Injection Exploit Author: Armando Huesca Prida, Marco Negro Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of Disclosure:...

6.5CVSS7.1AI score0.00843EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/06/03 12:0 a.m.318 views

appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: appRain CMF 4.0.5 - Remote Code Execution RCE Authenticated Date: 04/28/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.apprain.org Software Link: https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip Version: latest Tested on: MacOS import requests...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.318 views

Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting

Exploit Title: Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html...

6.1CVSS7AI score0.01307EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.318 views

Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)

Exploit Title: Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting XSS Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: Stored Xss Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/03 12:0 a.m.318 views

SolarView Compact 6.00 - Directory Traversal

Exploit Title: SolarView Compact 6.00 - Directory Traversal Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : Aiactive Author linkedin profile : https://www.linkedin.com/in/ahmedalroky/ Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE :...

7.5CVSS7.7AI score0.45256EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.318 views

McAfee(R) Safe Connect VPN - Unquoted Service Path Elevation Of Privilege

Exploit Title: McAfee® Safe Connect VPN - Unquoted Service Path Elevation Of Privilege Date: 09/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.mcafee.com/ Software Link: https://www.mcafee.com/en-us/vpn/mcafee-safe-connect.html Version: 2.13 Tested: Windows 10 x64 Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.318 views

Maian-Cart 3.8 - Remote Code Execution (RCE) (Unauthenticated)

Exploit title: Maian-Cart 3.8 - Remote Code Execution RCE Unauthenticated Date: 27.11.2020 19:35 Tested on: Ubuntu 20.04 LTS Exploit Authors: DreyAnd, purpl3 Software Link: https://www.maiancart.com/download.html Vendor homepage: https://www.maianscriptworld.co.uk/ Version: Maian Cart 3.8 CVE:...

9.8CVSS9.7AI score0.66433EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/07/20 12:0 a.m.318 views

WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting XSS Date: 19/07/2021 Exploit Author: Aakash Choudhary Software Link: https://wordpress.org/plugins/kn-fix-your/ Version: 1.0.1 Category: Web Application Tested on Mac How to Reproduce this...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.318 views

b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF)

Exploit Title: b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery CSRF Exploit Author: Alperen Ergel @alpernae Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/7-2-2 Version : 7.2.2 Tested on: Kali Linux Category: WebApp Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.318 views

nostromo 1.9.6 - Remote Code Execution

Exploit Title: nostromo 1.9.6 - Remote Code Execution Date: 2019-12-31 Exploit Author: Kr0ff Vendor Homepage: Software Link: http://www.nazgul.ch/dev/nostromo-1.9.6.tar.gz Version: 1.9.6 Tested on: Debian CVE : CVE-2019-16278 cve201916278.py !/usr/bin/env python import sys import socket art = """...

9.8CVSS9.8AI score0.99057EPSS
Exploits24
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.318 views

Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write

CVE-2019-2107 - looks scary. Still remember Stagefright and PNG bugs vulns .... With CVE-2019-2107 the decoder/codec runs under mediacodec user and with properly "crafted" video with tiles enabled - pspps-i1tilesenabledflag you can possibly do RCE. The codec affected is HVEC a.k.a H.265 and MPEG-...

9.3CVSS8.9AI score0.08926EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/06/10 12:0 a.m.318 views

Ubuntu 18.04 - 'lxd' Privilege Escalation

!/usr/bin/env bash ---------------------------------- Authors: Marcelo Vazquez S4vitar Victor Lasa vowkin ---------------------------------- Step 1: Download build-alpine = wget https://raw.githubusercontent.com/saghul/lxd-alpine-builder/master/build-alpine Attacker Machine Step 2: Build alpine =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.318 views

Joomla! 3.7.0 - 'com_fields' SQL Injection

Exploit Title: Joomla 3.7.0 - Sql Injection Date: 05-19-2017 Exploit Author: Mateus Lino Reference: https://blog.sucuri.net/2017/05/sql-injection-vulnerability-joomla-3-7.html Vendor Homepage: https://www.joomla.org/ Version: = 3.7.0 Tested on: Win, Kali Linux x64, Ubuntu, Manjaro and Arch Linux...

9.8CVSS9.6AI score0.99826EPSS
Exploits21
Exploit DB
Exploit DB
added 2017/02/26 12:0 a.m.318 views

Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)

// // EDB Note: More information http://seclists.org/oss-sec/2017/q1/471 // // A trigger for CVE-2017-6074, crashes kernel. // Tested on 4.4.0-62-generic 83-Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074 // // Andrey Konovalov define GNUSOURCE include include...

7.8CVSS8.2AI score0.0596EPSS
Exploits13
Exploit DB
Exploit DB
added 2010/06/07 12:0 a.m.318 views

JForum 2.1.8 BookMarks - Cross-Site Request Forgery / Cross-Site Scripting

JForum 2.1.8 bookmarks CSRF & XSS Advisory Information Advisory ID: NGENUITY-2010-004 Date published: 2010-06-06 Vulnerability Information Class: Cross-Site Request Forgery CSRF Software Description Per jforum.net "JForum is a powerful and robust discussion board system implemented in Java^tm . I...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/06/03 12:0 a.m.317 views

Monstra CMS 3.0.4 - Remote Code Execution (RCE)

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution RCE Date: 05.05.2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: MacOS import requests import random import string import time import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.317 views

Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS

Electrolink FM/DAB/TV Transmitter Unauthenticated Remote DoS Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W, 1kW, 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.317 views

GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities

Exploit Title: GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities Date: 25/9/2023 Exploit Author: Syed Affan Ahmed ZEROXINN Vendor Homepage: https://www.embedthis.com/goahead/ Affected Version: 2.5 may be others. Tested On Version: 2.5 in ZTE AC3630...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.317 views

Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions

Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.inosoft.com/ Version: Up to 2022-2.1 Runtime RT7.3 RC3 20221209.5 Tested on: Windows CVE:...

7.8CVSS7.7AI score0.00823EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.317 views

WordPress Plugin AN_Gradebook 5.0.1 - SQLi

!/usr/bin/python3 Exploit Title: WordPress Plugin ANGradebook = 5.0.1 - Subscriber+ SQLi Date: 2023-07-26 Exploit Author: Lukas Kinneberg Github: https://github.com/lukinneberg/CVE-2023-2636 Vendor Homepage: https://wordpress.org/plugins/an-gradebook/ Software Link:...

8.8CVSS8.8AI score0.0464EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.317 views

Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion

Exploit Title: Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion Date: 2022-02-06 Exploit Author: Ven3xy Vendor Homepage: https://wordpress.org/plugins/simple-job-board/ Software Link: https://downloads.wordpress.org/plugin/simple-job-board.2.9.3.zip Version: 2.9.3 Tested on: Ubuntu...

7.7CVSS7.8AI score0.30479EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.317 views

Nyron 1.0 - SQLi (Unauthenticated)

Exploit Title: Nyron 1.0 - SQLi Unauthenticated Google Dork: inurl:"winlib.aspx" Date: 01/18/2021 Exploit Author: Miguel Santareno Vendor Homepage: http://www.wecul.pt/ Software Link: http://www.wecul.pt/solucoes/bibliotecas/ Version: 3. Research: https://miguelsantareno.github.io/edp.pdf...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.317 views

Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)

Exploit Title: Laravel Valet 2.0.3 - Local Privilege Escalation macOS Exploit Author: leonjza Vendor Homepage: https://laravel.com/docs/8.x/valet Version: v1.1.4 to v2.0.3 !/usr/bin/env python2 Laravel Valet v1.1.4 - 2.0.3 Local Privilege Escalation macOS February 2017 - @leonjza Affected version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.317 views

Directory Management System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Directory Management System 1.0 - SQL Injection Authentication Bypass Date: 2021-10-01 Exploit Author: SUDONINJA Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/directory-management-system-using-php-and-mysql/ Version: v1.0 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/14 12:0 a.m.317 views

CITSmart ITSM 9.1.2.22 - LDAP Injection

Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...

9.8CVSS9.7AI score0.13309EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.317 views

Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting

Exploit Title: Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities5000