Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/01/10 12:0 a.m.307 views

PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution

Exploit Title: PixelStor 5000 - Remote Code Execution Product: PixelStor 5000 Vendor: Rasilient Date: 2020-01-08 Exploit Author: .:UND3R:. Vendor Homepage: http://rasilient.com Version: K:4.0.1580-20150629 KDI Version Tested on: K:4.0.1580-20150629 KDI Version CVE: CVE-2020-6756 URL Author:...

9.8CVSS9.6AI score0.10559EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/11 12:0 a.m.307 views

WordPress Plugin Arforms 3.7.1 - Directory Traversal

Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link: https://www.arformsplugin.com/documentation/changelog/ Version: 3.7.1 CVE ID...

7.5CVSS7.8AI score0.09726EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/29 12:0 a.m.307 views

GigToDo 1.3 - Cross-Site Scripting

Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Google Dork: - Date: 2019/07/28 Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/23855397 Version: = 1.3 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/12/11 12:0 a.m.307 views

Xoops 2.5.4 - Blind SQL Injection

------------------------------------------ Xoops 2.5.4 Blind SQL Injection ------------------------------------------ Dork: "Powered by XOOPS 2.5.4" Download: http://sourceforge.net/projects/xoops/ Date: 10/12/2011 Author: blkhtc0rp Mail: blkhtc0rpatyahoodotcom Tested on: Freebsd 8 and Debian...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/08/04 12:0 a.m.306 views

Ivanti vADC 9.9 - Authentication Bypass

Exploit Title: Ivanti vADC 9.9 - Authentication Bypass Date: 2024-08-03 Exploit Author: ohnoisploited Vendor Homepage: https://www.ivanti.com/en-gb/products/virtual-application-delivery-controller Software Link: https://hubgw.docker.com/r/pulsesecure/vtm Version: 9.9 Tested on: Linux Name Changes...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.306 views

Terratec dmx_6fire USB - Unquoted Service Path

Exploit Title: Terratec dmx6fire USB - Unquoted Service Path Google Dork: null Date: 4/10/2024 Exploit Author: Joseph Kwabena Fiagbor Vendor Homepage: https://dmx-6fire-24-96-controlpanel.software.informer.com/download/ Software Link: Version: v.1.23.0.02 Tested on: windows 7-11 CVE :...

6.7CVSS4.1AI score0.00677EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.306 views

TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5 1.9.3 1.5.9 1.4.6 1.3.9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.306 views

Moodle 4.3 - Insecure Direct Object Reference

Exploit Title: Moodle 4.3 'id' Insecure Direct Object Reference IDOR Date: 20/10/2023 Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3+ Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.306 views

projectSend r1605 - Stored XSS

Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & P...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.306 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.306 views

Real Player 16.0.3.51 - 'external::Import()' Directory Traversal to Remote Code Execution (RCE)

Exploit Title: Real Player 16.0.3.51 - 'external::Import' Directory Traversal to Remote Code Execution RCE Google Dork: n/a Date: May 31, 2022 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: ver. 16.00.282, 16.0.3.51, Cloud 17.0.9.17,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.306 views

Kramer VIAware 2.5.0719.1034 - Remote Code Execution (RCE)

Exploit Title: Kramer VIAware 2.5.0719.1034 - Remote Code Execution RCE Date: 28/03/2022 Exploit Author: sharkmoos & BallO Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: 2.5.0719.1034 Tested on: ViaWare Go Windows 10 CVE :...

10CVSS9.6AI score0.2254EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/08/23 12:0 a.m.306 views

Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 20-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/16 12:0 a.m.306 views

ForgeRock Access Manager 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution RCE Unauthenticated Date: 2021-07-14 Exploit Author: Photubias – tijldotdeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://backstage.forgerock.com/knowledge/kb/article/a47894244 Vendor Homepage:...

10CVSS9.8AI score0.99999EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/05/14 12:0 a.m.306 views

Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting (XSS)

Exploit Title: Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting XSS Date: 13/05/2021 Exploit Author: Ayşenur KARAASLAN Vendor Homepage: https://podcastgenerator.net/demoV2/ Software Link: https://podcastgenerator.net/download and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/04 12:0 a.m.306 views

Sudo 1.8.25p - 'pwfeedback' Buffer Overflow (PoC)

Title: Sudo 1.8.25p - Buffer Overflow Date: 2020-01-30 Author: Joe Vennix Software: Sudo Versions: Sudo versions prior to 1.8.26 CVE: CVE-2019-18634 Reference: https://www.sudo.ws/alerts/pwfeedback.html Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting the...

7.8CVSS8.2AI score0.19426EPSS
Exploits13
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.306 views

TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: TemaTres 3.0 — Cross-Site Request Forgery Add Admin Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14345...

9.8CVSS9.8AI score0.02022EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.306 views

ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (DEP)

Exploit Title: ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP Google Dork: N/A Date: 2019-10-06 Exploit Author: max7253 Vendor Homepage: http://www.mini-stream.net/ Software Link: https://www.exploit-db.com/apps/f4da5b43ca4b035aae55dfa68daa67c9-ASXtoMP3Converter.exe Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/27 12:0 a.m.306 views

Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Remote Buffer Overflow

''' Description:Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: http://" in a PROPFIND request, as...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/02/13 12:0 a.m.306 views

OpenEMR 4.1.1 - 'ofc_upload_image.php' Arbitrary File Upload

?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management application that can run on Windows,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/09 12:0 a.m.305 views

Apache ActiveMQ 6.1.6 - Denial of Service (DOS)

Exploit Title: Apache ActiveMQ 6.1.6 - Denial of Service DOS Date: 2025-05-9 Exploit Author: Abdualhadi khalifa https://x.com/absholi7ly/ Github: https://github.com/absholi7ly/CVE-2025-27533-Exploit-for-Apache-ActiveMQ CVE: CVE-2025-27533 import socket import struct import time import datetime...

7.5CVSS7AI score0.08453EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.305 views

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

!/usr/bin/env python TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection PoC Exploit Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.305 views

ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE

import re import requests from bs4 import BeautifulSoup import argparse import base64 Exploit Title: Unauthenticated RCE in ZoneMinder Snapshots Date: 12 December 2023 Discovered by : @Unblvr1 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://zoneminder.com/ Software Link:...

9.8CVSS8.6AI score0.80462EPSS
Exploits11
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.305 views

Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20ACCOUNTENUMERATIONCVE-2024-25734.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability Type...

7.5CVSS6.8AI score0.04051EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.305 views

Employee Management System v1 - 'email' SQL Injection

Exploit Title: Employee Management System v1 - 'email' SQL Injection Google Dork: N/A Application: Employee Management System Date: 19.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.305 views

Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 32-bit - Remote Code Execution (RCE)

Title:Microsoft 365 MSO Version 2305 Build 16.0.16501.20074 32-bit - Remote Code Execution RCE Author: nu11secur1ty Date: 06.27.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference: https://portswigger.net/daily-swig/rce CVE-2023-33137...

7.8CVSS7.8AI score0.02748EPSS
Exploits2
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.305 views

Textpattern CMS v4.8.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Textpattern CMS v4.8.8 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-13 Exploit Author: tmrswrr Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/filedownload/118/textpattern-4.8.8.zip Version: v4.8.8 Tested :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.305 views

OCS Inventory NG 2.3.0.0 - Unquoted Service Path

Exploit Title: OCS Inventory NG 2.3.0.0 - Unquoted Service Path Date: 2023/04/21 Exploit Author: msd0pe Vendor Homepage: https://oscinventory-ng.org Software Link: https://github.com/OCSInventory-NG/WindowsAgent My Github: https://github.com/msd0pe-1 Fixed in version 2.3.1.0 OCS Inventory NG...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.305 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3 FPGA:10....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.305 views

Employee Task Management System v1.0 - SQL Injection on edit-task.php

Exploit Title: Employee Task Management System v1.0 - SQL Injection on edit-task.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org, nvd.nist.org Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Softwar...

8.8CVSS5.9AI score0.02693EPSS
Exploits10
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.305 views

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor

Exploit Title: USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor Exploit Author: LiquidWorm !/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com |...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/14 12:0 a.m.305 views

Tftpd64 4.64 - 'Tftpd32_svc' Unquoted Service Path

Exploit Title: Tftpd64 4.64 - 'Tftpd32svc' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://bitbucket.org/phjounin/tftpd64/src/master/ Software Links: https://bitbucket.org/phjounin/tftpd64/wiki/Download%20Tftpd64.md Tested Version: 4.64 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.305 views

Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting (XSS)

Exploit Title: Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting XSS Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25680...

6.1CVSS6.5AI score0.02445EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.305 views

sar2html 3.2.1 - 'plot' Remote Code Execution

Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/16 12:0 a.m.305 views

Employee Management System 1.0 - Cross Site Scripting (Stored)

Exploit Title: Employee Management System 1.0 - Stored Cross Site Scripting Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.305 views

Optergy 2.3.0a - Remote Code Execution (Backdoor)

Title: Optergy 2.3.0a - Remote Code Execution Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: \n' sys.exit while True: challengeurl = 'http://'+sys.argv1+'/tools/ajax/ConsoleResult.html?get' try: req1 =...

10CVSS9.8AI score0.93384EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/10/24 12:0 a.m.305 views

AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection

Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: It is a proprietary devices:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.305 views

Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store Operators

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/11/09 12:0 a.m.305 views

PHP 7.1.8 - Heap Buffer Overflow

Description: ------------ A heap out-of-bound read vulnerability in timelibmeridian can be triggered via wddxdeserialize or other vectors that call into this function on untrusted inputs. $ /php-7.1.8/sapi/cli/php --version PHP 7.1.8 cli built: Aug 9 2017 21:42:13 NTS Copyright c 1997-2017 The PH...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/29 12:0 a.m.305 views

Sendmail 8.11.6 - Address Prescan Memory Corruption

/ source: https://www.securityfocus.com/bid/7230/info A vulnerability in Sendmail may be exploited remotely to execute arbitrary code. The flaw is present in the 'prescan' procedure, which is used for processing email addresses in SMTP headers. This condition has been confirmed to be exploitable ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/09 12:0 a.m.304 views

TightVNC 2.8.83 - Control Pipe Manipulation

Exploit Title: TightVNC 2.8.83 - Control Pipe Manipulation Date: 06/09/2025 Exploit Author: Ionut Zevedei [email protected] Exploit Repository: https://github.com/zeved/CVE-2024-42049-PoC Vendor Homepage: https://www.tightvnc.com/ Software Link: https://www.tightvnc.com/download.php Version: 2.8.83...

9.1CVSS9.4AI score0.02147EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/07/01 12:0 a.m.304 views

Microweber 2.0.15 - Stored XSS

Exploit Title: Stored XSS in Microweber Date: 06/18/2024 Exploit Author: tmrswrr Vendor Homepage: https://microweber.me/ Version: 2.0.15 Tested on: http://active.demo.microweber.me/ Vulnerability Description A Stored Cross-Site Scripting XSS vulnerability has been identified in Microweber version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.304 views

Plantronics Hub 3.25.1 - Arbitrary File Read

Exploit Title: Plantronics Hub 3.25.1 – Arbitrary File Read Date: 2024-05-10 Exploit Author: Farid Zerrouk from Deloitte Belgium, Alaa Kachouh from Mastercard Vendor Homepage: https://support.hp.com/us-en/document/ish9869257-9869285-16/hpsbpy03895 Version: Plantronics Hub for Windows version 3.25...

6.7CVSS7.7AI score0.01673EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.304 views

SPA-CART CMS - Stored XSS

Exploit Title: SPA-CART CMS - Stored XSS Date: 2024-01-03 Exploit Author: Eren Sen Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Version: 1.9.0.3 CVE-ID: N/A Tested on: Kali Linux / Windows 10 Vulnerabilities Discovered Date : 2024/01/03...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.304 views

phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit

?php / -------------------------------------------------------------- phpFox = 4.8.13 redirect PHP Object Injection Vulnerability -------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................: n0b0d13satgmaildotcom software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.304 views

OpenPLC WebServer 3 - Denial of Service

Exploit Title: OpenPLC WebServer 3 - Denial of Service Date: 10.09.2023 Exploit Author: Kai Feng Vendor Homepage: https://autonomylogic.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3.git Version: Version 3 and 2 Tested on: Ubuntu 20.04 import requests import sys import time import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.304 views

Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR

Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR Date: 03.08.2023 Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-3219 1. Description The plugin does no...

5.3CVSS5.3AI score0.07398EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/07/28 12:0 a.m.304 views

Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS

Exploit Title: Joomla VirtueMart Shopping-Cart 4.0.12 - Reflected XSS Exploit Author: CraCkEr Date: 24/07/2023 Vendor: VirtueMart Team Vendor Homepage: https://www.virtuemart.net/ Software Link: https://demo.virtuemart.net/ Joomla Extension Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.304 views

SoftExpert (SE) Suite v2.1.3 - Local File Inclusion

Exploit Title: SoftExpert SE Suite v2.1.3 - Local File Inclusion Date: 27-04-2023 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.softexpert.com/ Version: 2.0 target=$1 u=$2 p=$3 file=$echo -n "$4"|base64 -w 0 end="\0330m\e0m" red="\e0;31m\0331m" blue="\e0;34m\0331m" echo ...

9.8CVSS9.8AI score0.05877EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.304 views

Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path

Exploit Title: Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path Date: 2023/04/22 Exploit Author: msd0pe Vendor Homepage: https://www.arcsoft.com/ My Github: https://github.com/msd0pe-1 Arcsoft PhotoStudio: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto |...

7.4AI score
Exploits0
Total number of security vulnerabilities5000