Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/01/29 12:0 a.m.317 views

Quick.CMS 6.7 - Remote Code Execution (Authenticated)

Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...

7.2CVSS7.1AI score0.10458EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/15 12:0 a.m.317 views

Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass

Exploit Title: Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass Date: 24/09/2020 Exploit Author: Saurav Shukla & Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14461/simple-grocery-store-sales-and-inventory-system-using-phpmysql-source-code.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/30 12:0 a.m.318 views

Joomla! com_fabrik 3.9.11 - Directory Traversal

Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Date: 2020-03-30 Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on: Debian/Nginx/Joomla! 3.9.11...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.317 views

SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure

Exploit Title: SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831nh1.html CVE: N/A SecuSTATION IPCAM-130 HD Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.317 views

vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution

?php / --------------------------------------------------------------------- vBulletin = 5.5.4 updateAvatar Remote Code Execution Vulnerability --------------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................:...

9.8CVSS9.8AI score0.1178EPSS
Exploits4
Exploit DB
Exploit DB
added 2014/02/16 12:0 a.m.317 views

Linksys E-series - Remote Code Execution

!/usr/bin/php ?php / Exploit for 0day linksys unauthenticated remote code execution vulnerability. As exploited by TheMoon worm; Discovered in the wild on Feb 13, 2013 by Johannes Ullrich. I was hoping this would stay under-wraps until a firmware patch could be released, but it appears the cat is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.316 views

ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning

ABB Cylon FLXeon 9.3.4 wsConnect.js WebSocket Command Spawning PoC Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Advisory ID: ZSL-2025-5913 Advisory URL:...

9.4CVSS7AI score0.00888EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.316 views

TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.316 views

Saflok - Key Derication Function Exploit

// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/08 12:0 a.m.316 views

Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure

Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Version: 2.14.0 Teste...

7.5CVSS7.6AI score0.36205EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.316 views

copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)

Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting XSS Date: 23/07/2023 Exploit Author: Vartamtezidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6 Version: =1.8.6 Tested on: Debian Lin...

6.3CVSS6.3AI score0.06195EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.316 views

Blackcat Cms v1.4 - Remote Code Execution (RCE)

Exploit Title: Blackcat Cms v1.4 - Remote Code Execution RCE Application: blackcat Cms Version: v1.4 Bugs: RCE Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Date of found: 13.07.2023 Author: Mirabbas Ağalarov Tested on: Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/14 12:0 a.m.316 views

OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)

Exploit Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated Date 12.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: Prior to 5.0.1.4 Tested on...

8.8CVSS8.7AI score0.19274EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.316 views

OpenEMR 4.1.0 - 'u' SQL Injection

Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection Date: 2021-04-03 Exploit Author: Michael Ikua Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v410.zip Version: 4.1.0 Original Advisory:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.316 views

Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.316 views

eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path

Exploit Title: eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Tested Version: 2.5.0.9 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.316 views

Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote code execution 3 Date: 10/02/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/16 12:0 a.m.316 views

Hotel Management System 1.0 - Remote Code Execution (Authenticated)

Exploit Title: Hotel Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-09-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14458/hotel-management-system-project-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/21 12:0 a.m.316 views

Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12 - 'ip6_setpktopt' Kernel Local Privilege Escalation (PoC)

/ FreeBSD 12.0-RELEASE x64 Kernel Exploit Usage: $ clang -o exploit exploit.c -lpthread $ ./exploit / include include include include include include include include define KERNEL include undef KERNEL define WANTFILE include include include include include define WANTSOCKET include include define...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/11 12:0 a.m.316 views

eWON Flexy - Authentication Bypass

!/usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.316 views

Cisco UCS Director - default scpuser password (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule "Cisco UCS Director default scpuser password", 'Description' = %q This module abuses a known...

10CVSS7.4AI score0.83386EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.316 views

Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/10/11 12:0 a.m.316 views

Linux Kernel 3.13.1 - 'Recvmmsg' Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 3.13.1 Recvmmsg Privilege Escalation', 'Description' = %q This module attempts to exploit CVE-2014-0038, by sendin...

6.9CVSS6.5AI score0.34649EPSS
Exploits16
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.315 views

Fortinet FortiOS, FortiProxy, and FortiSwitchManager 7.2.0 - Authentication bypass

Exploit Title: Fortinet FortiOS, FortiProxy, and FortiSwitchManager 7.2.0 - Authentication bypass Date: 2022-10-10 Exploit Author: Zach Hanley, SC Vendor Homepage: https://www.fortinet.com Version: 7.0.0 Tested on: Linux CVE : CVE-2022-40684 This module requires Metasploit:...

9.8CVSS9.2AI score0.99984EPSS
Exploits25
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.315 views

PopojiCMS Version 2.0.1 - Remote Command Execution

Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Date: 27/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.315 views

Webutler v3.2 - Remote Code Execution (RCE)

Exploit Title: Webutler v3.2 - Remote Code Execution RCE Application: webutler Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://webutler.de/en Software Link: http://webutler.de/download/webutlerv3.2.zip Date of found: 03.08.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/31 12:0 a.m.315 views

WooCommerce v7.1.0 - Remote Code Execution(RCE)

Title: Wordpress Plugin WooCommerce v7.1.0 - Remote Code ExecutionRCE Date: 2022-12-07 Author: Milad Karimi Vendor Homepage: https://wordpress.org/plugins/woocommerce Software Link: https://wordpress.org/plugins/woocommerce Tested on: windows 10 , firefox Version: 7.1.0 CVE : N/A Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.315 views

Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path

Exploit Title: Dr. Fone v4.0.8- 'netupdater32.exe' Unquoted Service Path Discovery Date: 2022-05-07 Discovery by: Esant1490 Vendor Homepage: https://drfone.wondershare.net Software Link : https://download.wondershare.net/drfonefull4008.exe Tested Version: 4.0.8 Tested on OS: Windows 10 Pro x64 en...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.315 views

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read

Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ versio...

5.3CVSS5.7AI score0.99937EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.315 views

Simple College Website 1.0 - 'page' Local File Inclusion

Exploit Title: Simple College Website 1.0 - 'page' Local File Inclusion Date: 30-10-2020 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.315 views

Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection

Exploit Title: Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.315 views

SMPlayer 19.5.0 - Denial of Service (PoC)

Title : SMPlayer 19.5.0 - Denial of Service PoC Tested on : Windows 7 64 bit Vulnerable Software: SMPlayer v 19.5.0 Exploit Author: Malav Vyas Vendor Homepage: https://smplayer.info Version : 19.5.0 Software Link : https://smplayer.info/en/downloads POC run this python file, which will generate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.315 views

Restaurant Management System 1.0 - Remote Code Execution

Exploit Title: Restaurant Management System 1.0 - Remote Code Execution Date: 2019-10-16 Exploit Author: Ibad Shah Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: N/A Tested on: Apache...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/10 12:0 a.m.315 views

Microsoft Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter

We have encountered a Windows kernel crash in the win32k.sys driver while processing a corrupted TTF font file. An example crash log excerpt generated after triggering the bug is shown below: --- cut --- Fatal System Error: 0x00000050...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/08/29 12:0 a.m.315 views

SPIP - 'connect' PHP Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SPIP connect Parameter PHP Injection'...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.314 views

ABB Cylon Aspect Studio 3.08.03 - Binary Planting

Exploit Title: ABB Cylon Aspect Studio 3.08.03 - Binary Planting Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: type project P R O J E C T .| | | |'| . | | |. |' .---"| .-' '-. | | .--'| || | | | .-'| .| | || '- | | | || | |' | |. | || | | | | || | | '-' ' "" '-' '-.'...

7.1CVSS7.1AI score0.00977EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.314 views

Smart Manager 8.27.0 - Post-Authenticated SQL Injection

Exploit Title: Smart Manager 8.27.0 - Post-Authenticated SQL Injection Date: 2024-01-18 Exploit Author: Ivan Spiridonov - xbz0n Vendor Homepage: https://www.storeapps.org/ Software Link: https://www.storeapps.org/product/smart-manager/ Version: 8.27.0 Tested on: Ubuntu 22.04 CVE: CVE-2024-0566 SQ...

7.2CVSS6.7AI score0.03301EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.314 views

Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)

Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested on: windows, linux CVE ID : CVE-2023-0159 Vulnerability Type: Remote Code Execution...

7.5CVSS7AI score0.55736EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/28 12:0 a.m.314 views

Purei CMS 1.0 - SQL Injection

Exploit Title: Purei CMS 1.0 - SQL Injection Date: 27-03-2024 Exploit Author: Number 7 Vendor Homepage: purei.com Version: 1.0 Tested on: Linux Introduction: An SQL injection vulnerability permits attackers to modify backend SQL statements through manipulation of user input. Such an injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.314 views

SolarView Compact 6.00 - Command Injection

Exploit Title: SolarView Compact 6.00 - Command Injection - Shodan Dork: http.html:"solarview compact" - Exploit Author: ByteHunter - Email: [email protected] - Version: 6.00 - Tested on: 6.00 - CVE : CVE-2023-23333 import argparse import requests def vulncheckipaddress, port: url =...

9.8CVSS9.6AI score0.99273EPSS
Exploits9
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.314 views

Zoo Management System 1.0 - Unauthenticated RCE

Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Date: 16.10.2023 Exploit Author: Çağatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.314 views

Servisnet Tessa - Add sysAdmin User (Unauthenticated) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Add sysAdmin User Unauthenticated Metasploit', 'Description' = %q This module exploits an authentication bypass in Servisnet...

9.8CVSS9.8AI score0.11441EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.314 views

Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)

Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/05 12:0 a.m.314 views

Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Version: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/15 12:0 a.m.314 views

Brother BRPrint Auditor - 'Multiple' Unquoted Service Path

Exploit Title: Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://support.brother.com/ Software Links:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.314 views

SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path

Exploit Title: SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://help.sap.com/ Software Links : https://help.sap.com/ SAP Tested Version: 750 Final Release...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.314 views

Online Marriage Registration System 1.0 - 'searchdata' SQL Injection

Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 CVE: CVE-2020-351...

8.8CVSS8.9AI score0.03783EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/08/20 12:0 a.m.314 views

ElkarBackup 1.3.3 - Persistent Cross-Site Scripting

Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/03 12:0 a.m.314 views

Online Course Registration 2.0 - Remote Code Execution

Exploit Title: Online Course Registration 2.0 - Remote Code Execution Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: v2.0 Category: Webapps Tested on: Xampp for Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/16 12:0 a.m.314 views

PHPMyManga 0.8.1 - 'template.php' Multiple File Inclusions

+------------------------------------------------------------------------------------------- + PhpMyManga +------------------------------------------------------------------------------------------- + Details: + Input passed to the 'actionsPage' or 'formPage' parameter in template.php is not...

7.4AI score
Exploits0
Total number of security vulnerabilities5000