Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2006/08/16 12:0 a.m.314 views

Mambo Component CopperminePhotoGalery - Remote File Inclusion

CopperminePhotoGallery Component Found By k1tk4t Indonesia This bug allows a remote atacker to execute commands via RFI file: cpg.php bug: require $mosConfigabsolutepath."/administrator/components/comcpg/config.cpg.php"; path: add in cpg.php defined 'VALIDMOS' or die 'hacking attemp.' ; dork:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/10 12:0 a.m.314 views

Mambo Component Remository 3.25 - Remote File Inclusion

.: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: o9.o8.2oo6 .. Affected Application: Remository v3.25 Mambo/Joomla CMS Component . . : contact :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.313 views

Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE

Exploit Title: Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE Google Dork: inurl:/wp-content/plugins/pie-register/ Date: 2025-07-09 Exploit Author: Md Amanat Ullah xSwads Vendor Homepage: https://wordpress.org/plugins/pie-register/ Software Link:...

10CVSS7.4AI score0.09903EPSS
Exploits7
Exploit DB
Exploit DB
added 2024/06/01 12:0 a.m.313 views

Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

Exploit Title: Akaunting 3.1.8 - Server-Side Template Injection SSTI Exploit Author: tmrswrr Date: 30/05/2024 Vendor: https://akaunting.com/forum Software Link: https://akaunting.com/apps/crm Vulnerable Versions: 3.1.8 Tested : https://www.softaculous.com/apps/erp/Akaunting 1 Login with admin cre...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.313 views

FlatPress v1.3 - Remote Command Execution

Exploit Title: FlatPress v1.3 - Remote Command Execution Discovered by: Ahmet Ümit BAYRAM Discovered Date: 19.04.2024 Vendor Homepage: https://www.flatpress.org Software Link: https://github.com/flatpressblog/flatpress/archive/1.3.zip Tested Version: 1.3 latest Tested on: MacOS import requests...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.313 views

HTMLy Version v2.9.6 - Stored XSS

Exploit Title: HTMLy Version v2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see XSS alert...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.313 views

Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin

Exploit Title: Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin Google Dork: Date: 12/9/2023 Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on:...

7.5CVSS7.6AI score0.00857EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.313 views

MotoCMS Version 3.4.3 - SQL Injection

Title: MotoCMS Version 3.4.3 - SQL Injection Author: tmrswrr Date: 01/06/2023 Vendor: https://www.motocms.com Link: https://www.motocms.com/website-templates/demo/189526.html Vulnerable Versions: MotoCMS 3.4.3 Description MotoCMS Version 3.4.3 SQL Injection via the keyword parameter. Steps to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.313 views

WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting (XSS) (Unauthenticated)

Exploit Title: WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting XSS Unauthenticated Date: 22/12/2021 Exploit Author: gx1 Vulnerability Discovery: Gaetano Perrone Vendor Homepage: https://www.crmperks.com/ Software Link: https://wordpress.org/plugins/contact-form-entries/ Version...

6.1CVSS6.3AI score0.842EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.314 views

Online Traffic Offense Management System 1.0 - Multiple XSS (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple XSS Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/25 12:0 a.m.313 views

HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting (XSS)

Exploit Title: HP OfficeJet 4630/7110 MYM1FN2025AR 2117A – Stored Cross-Site Scripting XSS Date: 01/08/2021 Exploit Author: Tyler Butler Vendor Homepage: https://www8.hp.com/ Vendor Bulletin: https://support.hp.com/ie-en/document/ish4433829-4433857-16/hpsbpi03742 Researcher Bulletin:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.313 views

Vianeos OctoPUS 5 - 'login_user' SQLi

Exploit Title: Vianeos OctoPUS 5 - 'loginuser' SQLi Date: 01/07/2021 Exploit Author: Audencia Business SCHOOL Vendor Homepage: http://www.vianeos.com/en/home-vianeos/ Software Link: http://www.vianeos.com/en/octopus/ Version: V5 Tested on: Fedora / Apache2 / MariaDB Octopus V5 SQLi The "loginuser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/24 12:0 a.m.313 views

Codiad 2.8.4 - Remote Code Execution (Authenticated) (2)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 2 Date: 21.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://herolab.usd.de/security-advisories/usd-2019-0049/ Tobias Neitzel Vendor Homepage: http://codiad.com/ Software Link:...

9.8CVSS9.6AI score0.19241EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/11 12:0 a.m.313 views

MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting

Exploit Title: MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting Date: 1/30/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1220 Version: 1.8.22 Tested on: Windows 10 CVE: CVE-2021-28115 1. Description: This plugin...

6.1CVSS6.6AI score0.00854EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.313 views

Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path

Exploit Title: Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-18 Vendor Homepage: https://www.rockwellautomation.com/enNA/overview.page Software Link :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/11/21 12:0 a.m.313 views

Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (cron Method)

!/bin/sh EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47164.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses crontab technique --- test@linux-mint-19-2:/kernel-exploits/CVE-2018-18955$ ./exploit.cron.sh Compiling... Writing payload...

7CVSS7.3AI score0.07611EPSS
Exploits24
Exploit DB
Exploit DB
added 2024/08/23 12:0 a.m.312 views

Calibre-web 0.6.21 - Stored XSS

Exploit Title: Stored XSS in Calibre-web Date: 07/05/2024 Exploit Authors: Pentest-Tools.com Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/janeczku/calibre-web/ Version: 0.6.21 - Romesa Tested on: Linux 5.15.0-107, Python 3.10.12, lxml 4.9.4 CVE: CVE-2024-39123...

5.4CVSS7AI score0.22894EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.312 views

UPS Network Management Card 4 - Path Traversal

Exploit Title: UPS Network Management Card 4 - Path Traversal Google Dork: inurl:nmc inurl:logon.htm Date: 2023-12-19 Exploit Author: Víctor García Vendor Homepage: https://www.apc.com/ Version: 4 Tested on: Kali Linux CVE: N/A PoC: curl -k...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.312 views

Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure

Electrolink FM/DAB/TV Transmitter controlloLogin.js Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/08 12:0 a.m.312 views

mooSocial 3.1.8 - Reflected XSS

Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173...

6.1CVSS6.3AI score0.03336EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.312 views

Grocery crud 1.6.4 - 'order_by' SQL Injection

Exploit Title: Grocery crud 1.6.4 - 'orderby' SQL Injection Date: 11/06/1963 Exploit Author: TonyShavez Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: v2.0.1 Tested on: Linux Ubuntu Proof Of concept : ======================= Request: PO...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.312 views

Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery (Add Admin)

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery Add Admin Date: 15-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.312 views

Atlassian Confluence 6.15.1 - Directory Traversal

Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on: Microsoft Windows 7...

9CVSS9AI score0.97153EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/07/22 12:0 a.m.312 views

BACnet Stack 0.8.6 - Denial of Service

Exploit Title: BACnet Stack 0.8.6 - Denial of Service Google Dork: if applicable Date: 2019-07-19 Exploit Author: mmorillo Vendor Homepage: https://sourceforge.net/p/bacnet/ Software Link: https://sourceforge.net/projects/bacnet/files/bacnet-stack/bacnet-stack-0.8.6/ Version: bacnet-stack-0.8.6...

7.5CVSS7.8AI score0.33653EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.311 views

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)

Exploit Title: ScriptCase 9.12.006 23 - Remote Command Execution RCE Date: 04/07/2025 Exploit Author: Alexandre ZANNI noraj & Alexandre DROULLÉ cabir Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 1.0.003-build-2 Production Environment /...

7.5CVSS6.4AI score0.14441EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/04/10 12:0 a.m.311 views

Typecho 1.3.0 - Race Condition

Exploit Title: Typecho 1.3.0 - Race Condition Google Dork: intext:"Powered by Typecho" inurl:/index.php Date: 18/08/2024 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://typecho.org Software Link: https://github.com/typecho/typecho Version: 1.3.0 Tested on: Typecho 1.3....

6.5CVSS6.6AI score0.01445EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/04 12:0 a.m.311 views

Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection

Exploit Title: Microchip TimeProvider 4100 Configuration modules 2.4.6 - OS Command Injection Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of Disclosure: 27/06/2024 Date...

8.8CVSS8.9AI score0.1501EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/04 12:0 a.m.311 views

Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)

Exploit Title: Microchip TimeProvider 4100 Grandmaster Banner Config Modules 2.4.6 - Stored Cross-Site Scripting XSS Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of...

7.7CVSS6.4AI score0.00786EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.311 views

Daily Habit Tracker 1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Daily Habit Tracker 1.0 - Stored Cross-Site Scripting XSS Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0...

6.1CVSS6.7AI score0.25877EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/28 12:0 a.m.311 views

liveSite Version 2019.1 - Remote Code Execution

Exploit Title: liveSite Version : 2019.1 Campaigns Remote Code Execution Date: 2024-1-9 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://livesite.com/ Version : 2019.1 Tested on: https://www.softaculous.com/apps/cms/liveSite 1 Login with admin cred Click Campaigns Create Campaig...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.311 views

MobileShop master v1.0 - SQL Injection Vuln.

Exploit Title: MobileShop master v1.0 - SQL Injection Vuln. + Date: 2024-13-03 + Exploit Author: "HAZIM ARBAŞ" from EMA Security LTD - Siber Güvenlik ve Bilişim Hizmetleri https://emasecurity.com + Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.311 views

LBT-T300-mini1 - Remote Buffer Overflow

include include define MAXLEN 256 define BUFFEROVERRUNLENGTH 50 define SHELLCODELENGTH 32 // NOP sled to increase the chance of successful shellcode execution char nopsledSHELLCODELENGTH =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.311 views

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

9.8CVSS9.8AI score0.95845EPSS
Exploits13
Exploit DB
Exploit DB
added 2022/05/23 12:0 a.m.311 views

m1k1o's Blog v.10 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: m1k1o's Blog v.10 - Remote Code Execution RCE Authenticated Date: 2022-01-06 Exploit Author: Malte V Vendor Homepage: https://github.com/m1k1o/blog Software Link: https://github.com/m1k1o/blog/archive/refs/tags/v1.3.zip Version: 1.3 and below Tested on: Linux CVE : CVE-2022-23626...

8.8CVSS8.9AI score0.09874EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/18 12:0 a.m.311 views

Hotel Druid 3.0.3 - Remote Code Execution (RCE)

Exploit Title: Hotel Druid 3.0.3 - Remote Code Execution RCE Date: 05/01/2022 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://www.hoteldruid.com/ Software Link: https://www.hoteldruid.com/download/hoteldruid3.0.3.tar.gz Version: 3.0.3 CVE : CVE-2022-22909 !/usr/bin/python...

8.8CVSS9AI score0.45434EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.311 views

Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai

Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Date: 2021-09-11 Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...

9.8CVSS9.6AI score0.17353EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/07/21 12:0 a.m.311 views

KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticated)

Exploit Title: KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure Authenticated Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/05 12:0 a.m.311 views

Church Management System 1.0 - Arbitrary File Upload (Authenticated)

Exploit Title: Church Management System 1.0 - Unrestricted File Upload to Remote Code Execution Authenticated Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/02 12:0 a.m.311 views

Detrix EDMS 1.2.3.1505 - SQL Injection

!/usr/bin/php / Exploit Title: Detrix EDMS cleartext user password remote SQLI exploit Google Dork: Date: Jul 2019 Exploit Author: Burov Konstantin Vendor Homepage: forum.detrix.kz Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/11/20 12:0 a.m.311 views

Chkrootkit - Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'Chkrootkit Local Privilege Escalation', 'Description' = %q Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a...

3.7CVSS7.4AI score0.03828EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/08/04 12:0 a.m.310 views

Oracle Database 12c Release 1 - Unquoted Service Path

Exploit Title: Oracle Database 12c Release 1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.310 views

Human Resource Management System v1.0 - Multiple SQLi

Title: Human Resource Management System v1.0 - Multiple SQLi Author: nu11secur1ty Date: 04/02/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.310 views

Online Thesis Archiving System v1.0 - Multiple-SQLi

Exploit Title: Online Thesis Archiving System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 06.12.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/13 12:0 a.m.310 views

Online Examination System Project 1.0 - Cross-site request forgery (CSRF)

Exploit Title: Online Examination System Project 1.0 - Cross-site request forgery CSRF Google Dork: n/a Date: 09/06/2023 Exploit Author: Ramil Mustafayev kryptohaker Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.310 views

Apache Superset 2.0.0 - Authentication Bypass

Exploit Title: Apache Superset 2.0.0 - Authentication Bypass Date: 10 May 2023 Exploit Author: MaanVader Vendor Homepage: https://superset.apache.org/ Version: Apache Superset= 1.4.1 b'thisISaSECRET1234', deployment template b'YOUROWNRANDOMGENERATEDSECRETKEY', documentation b'TESTNONDEVSECRET'...

9.8CVSS9.8AI score0.97405EPSS
Exploits20
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.310 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.310 views

DLINK DIR850 - Insecure Access Control

Exploit Title: DLINK DIR850 - Insecure Access Control Product: Dlink Model: DIR850 Date: 14/1/2022 CVE : CVE-2021-46378 Exploit Author: Ahmed Alroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit http:///config.dat...

7.5CVSS7.7AI score0.31863EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.310 views

PHProjekt PhpSimplyGest v1.3. - Stored Cross-Site Scripting (XSS)

Exploit Title: PHProjekt PhpSimplyGest v1.3.0 - Stored Cross-Site Scripting XSS Date: 2022-05-05 Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.phprojekt.altervista.org removed demo was at http://phprojekt.altervista.org/phpsimplygest130 Software Link:...

5.4CVSS5.5AI score0.02517EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.310 views

Malwarebytes 4.5 - Unquoted Service Path

Exploit Title: Malwarebytes 4.5 - Unquoted Service Path Date: 05/03/2022 Exploit Author: Hejap Zairy Vendor Homepage: https://www.malwarebytes.com/ Software Link: https://www.malwarebytes.com/mwb-download/ Version: 4.5.0 Tested: Windows 10 Pro x64 es C:\Users\Hejapsc qc MBAMService SC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/21 12:0 a.m.310 views

WordPress Plugin WP User Frontend 3.5.25 - SQLi (Authenticated)

Exploit Title: WordPress Plugin WP User Frontend 3.5.25 - SQLi Authenticated Date 20.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wedevs.com/ Software Link: https://downloads.wordpress.org/plugin/wp-user-frontend.3.5.25.zip Version: 3.5.25 Tested on: Ubuntu 20.04 CVE:...

8.8CVSS8.8AI score0.1712EPSS
Exploits6
Total number of security vulnerabilities5000