Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.301 views

ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)

Exploit Title: ECOA Building Automation System - 'multiple' Cross-Site Request Forgery CSRF Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cross-Site Request Forgery Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.301 views

Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)

Exploit Title: Managed Switch Port Mapping Tool 2.85.2 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download.htm Version: 2.85.2 Tested on: Windows 10 Home x64 STEPS Open the program...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/29 12:0 a.m.301 views

Online Grading System 1.0 - 'uname' SQL Injection

Exploit Title: Online Grading System 1.0 - 'uname' SQL Injection Date: 2021-01-28 Exploit Author: Ruchi Tiwari Vendor Homepage: https://www.sourcecodester.com/php/13711/online-grading-system-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.301 views

Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal

Exploit Title: Citrix Application Delivery Controller ADC and Gateway 13.0 - Path Traversal Date: 2019-12-17 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor...

9.8CVSS10AI score0.99999EPSS
Exploits48
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.301 views

Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs

Tested on Ubuntu 19.10, kernel "5.3.0-19-generic 20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that this is attack surface from unprivileged userspace in the default...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.301 views

WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting

Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link: https://wordpress.org/plugins/foogallery/ Version: 1.8.12 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/15 12:0 a.m.301 views

Moodle 3.4.1 - Remote Code Execution

php MoodleExploit.php url=http://example.com user=teacher pass=password ip=10.10.10.10 port=1010 course=1 user The account username pass The password to the account ip Callback IP port Callback Port course Valid course ID belonging to the teacher Make sure you're running a netcat listener on the...

8.8CVSS8.7AI score0.32234EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.300 views

Cisco ISE 3.0 - Authorization Bypass

Exploit Title: Cisco ISE 3.0 - Authorization Bypass Exploit Author: @ibrahimsql ibrahimsql.com Exploit Author's github: https://github.com/ibrahmsql Description: Cisco ISE API Authorization Bypass CVE: CVE-2025-20125 Vendor Homepage: https://www.cisco.com/ Requirements: requests=2.25.0,...

9.1CVSS7.4AI score0.14982EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.300 views

GeoVision GV-ASManager 6.1.0.0 - Information Disclosure

Exploit Title: Information Disclosure in GeoVision GV-ASManager Google Dork: inurl:"ASWeb/Login" Date: 02-FEB-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Version: 6.1.0.0 or less Teste...

7.5CVSS7.4AI score0.23232EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/13 12:0 a.m.300 views

BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE

!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.300 views

Taskhub CRM Tool 2.8.6 - SQL Injection

Exploit Title: Taskhub CRM Tool 2.8.6 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Tested on: Kali Linux & MacOS CVE: N/A Request GET /projects?filter=notstarted HTTP/1.1 Host: localhost...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/16 12:0 a.m.300 views

Moodle 3.11.5 - SQLi (Authenticated)

Exploit Title: Moodle 3.11.5 - SQLi Authenticated Date: 2/3/2022 Exploit Author: Chris Anastasio @mufinnnnnnn Vendor Homepage: https://moodle.com/ Software Link: https://github.com/moodle/moodle/archive/refs/tags/v3.11.5.zip Write Up: https://muffsec.com/blog/moodle-2nd-order-sqli/ Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.300 views

Attendance and Payroll System v1.0 - SQLi Authentication Bypass

Exploit Title: Attendance and Payroll System v1.0 - SQLi Authentication Bypass Date: 04/03/2022 Exploit Author: pr0z Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip Version: v1.0 Tested on: Linux,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.300 views

OpenBMCS 2.4 - Server Side Request Forgery (SSRF) (Unauthenticated)

Exploit Title: OpenBMCS 2.4 - Server Side Request Forgery SSRF Unauthenticated Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Unauthenticated SSRF / RFI Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/18 12:0 a.m.301 views

Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting (XSS)

Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Date: 16/10/2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/29 12:0 a.m.300 views

Denver IP Camera SHO-110 - Unauthenticated Snapshot

Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot Date: 28 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-sho-110/c-1024/c-1243/p-3826 Version: Denver SHO-110 all firmware versions Tested on: Denver SHO-110...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/06 12:0 a.m.300 views

Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting Authenticated Date: 2021-05-05 Exploit Author: Emircan Baş Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/14 12:0 a.m.300 views

Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE

Exploit Title: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE Date: 12-4-2021 Exploit Author: Jay Sharma Version: Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Tested on: V2.1 CVE : CVE-2021-29003 steps to reproduce Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute...

9.8CVSS9.7AI score0.45417EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.300 views

dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)

Exploit Title: dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow PoC Exploit Author: Kağan Çapar Date: 2020-02-17 Vendor Homepage: https://www.ddc-web.com/ Software Link: https://www.ddc-web.com/en/connectivity/databus/milstd1553-1/software-1/bu-69414?partNumber=BU-69414 Version: 4.5.3 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.300 views

Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2)

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-14-12 Exploit Author: Andrea Bruschi - www.andreabruschi.net Vendor Homepage: https://phpgurukul.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.300 views

BrightSign Digital Signage Diagnostic Web Server 8.2.26 - File Delete Path Traversal

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - File Delete Path Traversal Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 File Backup/Delete Path Traversal Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.300 views

SpinetiX Fusion Digital Signage 3.4.8 - Username Enumeration

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - Username Enumeration Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration Weakness Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.300 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting

Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full Disclosu...

6.1CVSS6AI score0.04609EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/25 12:0 a.m.300 views

WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads

BACKGROUND As lokihardt@ has demonstrated in https://bugs.chromium.org/p/project-zero/issues/detail?id=1121, WebKit's support of the obsolete showModalDialog method gives an attacker the ability to perform synchronous cross-origin page loads. In certain conditions, this might lead to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/15 12:0 a.m.300 views

WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php?basepath' Remote File Inclusion

source: https://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the 'displaycategory.php' script. There is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.299 views

Inventio Lite 4 - SQL Injection

Exploit Title: Inventio Lite 4 - SQL Injection Error Based SQLi in "username" parameter on "/?action=processlogin." Date: 08/21/2024 Exploit Author: pointedsec Vendor Homepage: http://evilnapsis.com Software Link: https://github.com/evilnapsis/inventio-lite Version: ' or email LIKE '' and passwor...

9.8CVSS7.4AI score0.02576EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/08/04 12:0 a.m.299 views

SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.299 views

Tourism Management System v2.0 - Arbitrary File Upload

Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload Google Dork: N/A Exploit Author: SoSPiro Date: 2024-02-18 Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/tourism-management-system-free-download/ Version: 2.0 Tested on: Windows 10 Pro Impact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/07 12:0 a.m.299 views

USB Flash Drives Control 4.1.0.0 - Unquoted Service Path

Exploit Title: USB Flash Drives Control 4.1.0.0 - Unquoted Service Path Date: 2023-31-05 Exploit Author: Jeffrey Bencteux Vendor Homepage: https://binisoft.org/ Software Link: https://binisoft.org/wfc Version: 4.1.0.0 Tested on: Microsoft Windows 11 Pro Vulnerability Type: Unquoted Service Path P...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.299 views

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Deletion Date: 29/03/2022 Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 CVE:...

6.5CVSS6.5AI score0.0057EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.299 views

Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting (XSS)

Exploit Title: Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.299 views

Online Railway Reservation System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Railway Reservation System 1.0 - Remote Code Execution RCE Unauthenticated Date: 07/01/2022 Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/30 12:0 a.m.299 views

Strapi 3.0.0-beta - Set Password (Unauthenticated)

Exploit Title: Strapi 3.0.0-beta - Set Password Unauthenticated Date: 2021-08-29 Exploit Author: David Anglada CodiObert Vendor Homepage: https://strapi.io/ Version: 3.0.0-beta Tested on: Linux CVE: CVE-2019-18818 !/usr/bin/python import requests import sys import json userEmail = "[email protected]...

9.8CVSS9.5AI score0.97639EPSS
Exploits13
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.299 views

Comment System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Comment System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-18 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14713/comment-system-phpmysqli-full-source-code.html Software: : Comment...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/03 12:0 a.m.299 views

Pixelimity 1.0 - 'password' Cross-Site Request Forgery

Exploit Title: Pixelimity 1.0 - 'password' Cross-Site Request Forgery Date: 2020-06-03 Exploit Author: Noth Vendor Homepage: https://github.com/pixelimity/pixelimity Software Link: https://github.com/pixelimity/pixelimity Version: v1.0 CVE : 2020-23522 Pixelimity 1.0 has cross-site request forger...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.299 views

4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting

Exploit Title: 4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting Date: 30-12-2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.4homepages.de/ Software Link: https://www.4homepages.de/download-4images Version: 1.7.11 Tested on: Windows 10/Kali Linux Vulnerable Parameters:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/13 12:0 a.m.299 views

LimeSurvey 3.17.13 - Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...

5.4CVSS6.2AI score0.04611EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/05/20 12:0 a.m.299 views

Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)

!/usr/bin/env python -- coding: utf-8 -- Huawei eSpace Meeting cenwpoll.dll Unicode Stack Buffer Overflow with SEH Overwrite Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected application: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpac...

1.9CVSS6.6AI score0.00566EPSS
Exploits4
Exploit DB
Exploit DB
added 2010/11/12 12:0 a.m.299 views

Microsoft IIS FTP Server - NLST Response Overflow (MS09-053) (Metasploit)

$Id: ms09053ftpdnlst.rb 11003 2010-11-12 06:19:49Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

9CVSS7AI score0.90913EPSS
Exploits11
Exploit DB
Exploit DB
added 2005/08/29 12:0 a.m.299 views

Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14686/info AutoLinks Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.298 views

Soosyze CMS 2.0 - Brute Force Login

Exploit Title: Soosyze CMS 2.0 - Brute Force Login Google Dork: N/A Date: 2025-08-13 Exploit Author: Beatriz Fresno Naumova beafn28 Vendor Homepage: https://soosyze.com/ Software Link: https://github.com/soosyze/soosyze Version: 2.0 tested Tested on: macOS Sonoma 14.x Apple Silicon M1, /bin/bash...

5.4CVSS7.4AI score0.00861EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.298 views

WP Publications WordPress Plugin 1.2 - Stored XSS

Exploit Title: WP Publications WordPress Plugin 1.2 - Stored XSS Google Dork: inurl:/wp-content/plugins/wp-publications/ Date: 2025-07-15 Exploit Author: Zeynalxan Quliyev Vendor Homepage: https://wordpress.org/plugins/wp-publications/ Software Link:...

4.8CVSS9.6AI score0.0118EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/02 12:0 a.m.298 views

Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS

Exploit Title: Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS Date: 09/2024 Exploit Author: Haythem Arfaoui CBTW Team Vendor Homepage: https://www.elaine.io/ Software Link: https://www.elaine.io/en/products/elaine-marketing-automation/ Version: 6.18.17 and below Tested on: Windows, Linu...

6.1CVSS6.4AI score0.00816EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.298 views

WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)

Exploit Title: WBCE CMS Version : 1.6.1 Remote Command Execution Date: 30/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.1.zip Version: 1.6.1 Tested on: https://www.softaculous.com/apps/cms/WBCECMS POC: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.298 views

E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: E-INSUARANCE v1.0 - Stored Cross Site Scripting XSS Google Dork: NA Date: 28-03-2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: v1.0...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.298 views

Simple Inventory Management System v1.0 - 'email' SQL Injection

Exploit Title: Simple Inventory Management System v1.0 - 'email' SQL Injection Google Dork: N/A Application: Simple Inventory Management System Date: 26.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.298 views

Blackcat Cms v1.4 - Stored XSS

Exploit Title: Blackcat Cms v1.4 - Stored XSS Application: blackcat Cms Version: v1.4 Bugs: Stored XSS Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Date of found: 13.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.298 views

Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification

!/usr/bin/env python Exploit Title: Osprey Pump Controller v1.0.1 - Authentication Bypass Credentials Modification Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.298 views

Home Owners Collection Management System 1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Remote Code Execution RCE Authenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.298 views

Loan Management System 1.0 - SQLi Authentication Bypass

Exploit Title: Loan Management System 1.0 - SQLi Authentication Bypass Date: 08.10.2021 Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities5000