Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.298 views

Blood Bank System 1.0 - Authentication Bypass

Exploit Title: Blood Bank System 1.0 - Authentication Bypass Date: 30-9-2021 Exploit Author: Nitin Sharma vidvansh Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code/ Software Link : https://download.code-projects.org/details/f44a4ba9-bc33-48c3-b030-02f62117d230 Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/18 12:0 a.m.298 views

Xwiki CMS 12.10.2 - Cross Site Scripting (XSS)

Exploit Title: Xwiki CMS 12.10.2 - Cross Site Scripting XSS Date: 17-01-2021 Exploit Author: Karan Keswani Vendor Homepage: https://www.xwiki.org/xwiki/bin/view/Main/WebHome Software Link: https://www.xwiki.org/xwiki/bin/view/Download/ Version: Xwiki CMS- 12.10.2 Tested on: Windows 10 Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.298 views

B-swiss 3 Digital Signage System 3.6.5 - Database Disclosure

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Database Disclosure Date: 2020-09-16 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: 3.6.5 Affected version: 3.6.5,3.6.2,3.6.1,3.6.0,3.5.80,3.5.40,3.5.20,3.5.00,3.2.00,3.1.00 B-swiss 3 Digital Signage System 3.6....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.298 views

Rconfig 3.x - Chained Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rconfig 3.x Chained Remote Code Execution', 'Description' = ' This module exploits multiple vulnerabilities in rConfig version 3.9 in order to...

8.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.298 views

Alkacon OpenCMS 10.5.x - Local File inclusion

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple LFI in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE :...

4.3CVSS5AI score0.07346EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.298 views

Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation

VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is allowed to create TCP sockets. In particular, I was able to combine the issues mentioned below with a bug in Chromium to escape its sandbox. HTTP - SMB NTLM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/10/04 12:0 a.m.298 views

FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation

/ FreeBSD 9.0 Intel SYSRET Kernel Privilege Escalation exploit Author by CurcolHekerLink This exploit based on open source project, I can make it open source too. Right? If you blaming me for open sourcing this exploit, you can fuck your mom. Free of charge : Credits to KEPEDEAN Corp, Barisan Sak...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.297 views

Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

Exploit Title: Skyvern 0.1.85 - Remote Code Execution RCE via SSTI Date: 2025-06-15 Exploit Author: Cristian Branet Vendor Homepage: https://www.skyvern.com/ Software Link: https://github.com/Skyvern-AI/skyvern Version: Settings - API Key - Reveal and copy the API key" parser.addargument"-i",...

8.5CVSS8.5AI score0.13746EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/04/09 12:0 a.m.297 views

DocsGPT 0.12.0 - Remote Code Execution

Exploit Title: DocsGPT 0.12.0 - Remote Code Execution Date: 09/04/2025 Exploit Author: Shreyas Malhotra OSMSEC Vendor Homepage: https://github.com/arc53/docsgpt Software Link: https://github.com/arc53/DocsGPT/archive/refs/tags/0.12.0.zip Version: 0.8.1 through 0.12.0 Tested on: Debian Linux/Ubunt...

9.3CVSS7.4AI score0.15099EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/07/06 12:0 a.m.297 views

Piwigo v13.7.0 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Piwigo v13.7.0 - Stored Cross-Site Scripting XSS Authenticated Date: 25 June 2023 Exploit Author: Okan Kurtulus Vendor Homepage: https://piwigo.org Version: 13.7.0 Tested on: Ubuntu 22.04 CVE : N/A Proof of Concept: 1– Install the system through the website and log in with any user...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.297 views

Advanced Host Monitor v12.56 - Unquoted Service Path

Exploit Title: Advanced Host Monitor v12.56 - Unquoted Service Path Date: 2023-04-23 CVE: CVE-2023-2417 Exploit Author: MrEmpy Vendor Homepage: https://www.ks-soft.net Software Link: https://www.ks-soft.net/hostmon.eng/downpage.htm Version: 12.56 Tested on: Windows 10 21H2 Title: ================...

7.8CVSS7.8AI score0.00334EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.297 views

Auto Dealer Management System v1.0 - SQL Injection

Exploit Title: Auto Dealer Management System v1.0 - SQL Injection Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Version: v 1.0 Tested...

8.8CVSS8.9AI score0.01635EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.297 views

WordPress Plugin admin-word-count-column 2.2 - Local File Read

Exploit Title: WordPress Plugin admin-word-count-column 2.2 - Local File Read Google Dork: inurl:/wp-content/plugins/admin-word-count-column/ Date: 27-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/admin-word-count-column/ Version: 2.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.297 views

Moodle 3.11.4 - SQL Injection

Exploit Title: Moodle 3.11.4 - SQL Injection Date: 30/01/2022 Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...

9.8CVSS9.8AI score0.44918EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.297 views

RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: RiteCMS 3.1.0 - Arbitrary File Deletion Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.297 views

Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)

Exploit Title: Church Management System 1.0 - 'search' SQL Injection Unauthenticated Exploit Author: Erwin Krazek Nero Date: 17/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/16 12:0 a.m.297 views

Simple Water Refilling Station Management System 1.0 - Authentication Bypass

Exploit Title: Simple Water Refilling Station Management System 1.0 - Authentication Bypass Exploit Author: Matt Sorrell Date: 2021-08-14 Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/26 12:0 a.m.297 views

Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting

Title: Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting Exploit Author: George Tsimpidas Date: 2021-03-25 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/regisinventory.zip Version ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.297 views

Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/09 12:0 a.m.297 views

bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path

Exploit Title: bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Vendor Homepage: https://carolcoral.github.io/no-freevpn/ Software Link: https://github.com/carolcoral/no-freevpn/releases/download/BVPN%4020190225/bVPN251setup.exe Version: Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/27 12:0 a.m.297 views

STVS ProVision 5.9.10 - File Disclosure (Authenticated)

Exploit Title: STVS ProVision 5.9.10 - File Disclosure Authenticated Date: 19.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.stvs.ch STVS ProVision 5.9.10 archive.rb Authenticated File Disclosure Vulnerability Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.297 views

B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution Date: 2020-08-27 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: = 3.6.5 CVE : N/A !/usr/bin/env python3 -- coding: utf-8 -- B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/12 12:0 a.m.297 views

vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution

Exploit Title: vBulletin 5.6.2 - 'widgettabbedContainertabpanel' Remote Code Execution Date: 2020-08-09 Exploit Author: @zenofex Vendor Homepage: https://www.vbulletin.com/ Software Link: None Version: 5.4.5 through 5.6.2 Tested on: vBulletin 5.6.2 on Ubuntu 19.04 CVE : None vBulletin 5.5.4 throu...

9.8CVSS9.8AI score0.99728EPSS
Exploits27
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.297 views

Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path

Exploit Title: Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2020-01-05 Vendor Homepage : http://webcompanion.com/ Link Software :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/11 12:0 a.m.297 views

XML Notepad 2.8.0.4 - XML External Entity Injection

Exploit Title: XML Notepad 2.8.0.4 - XML External Entity Injection Date: 2019-11-11 Exploit Author: 8-Team / daejinoh Vendor Homepage: https://www.microsoft.com/ Software Link: https://github.com/microsoft/XmlNotepad Version: XML Notepad 2.8.0.4 Tested on: Windows 10 Pro CVE : N/A Step 1 File -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.297 views

Kaseya VSA agent 9.5 - Privilege Escalation

Exploit Title: Kaseya VSA agent CVE-2017-12410 found by Filip Palian. A a fix was put in place for the original CVE, however it was specific to binaries and not scripts. The root cause for both issues is allowing a low privileged group excessive permissions to a folder used by a elevated process...

7.4CVSS7.7AI score0.00251EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.297 views

ChaosPro 2.0 - SEH Buffer Overflow

!C:\Python27\python.exe Title : ChaosPro 2.0 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html this needs to be a backwards jump to give us room to call stack jump code jmpback80 = "\x40\x75\x80\x75" jmpforward06 =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.296 views

AC Repair and Services System v1.0 - Multiple SQL Injection

Exploit Title: AC Repair and Services System v1.0 - Multiple SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/16513/ac-repair-and-services-system-using-php-and-mysql-source-code-free-download.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.297 views

Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file

Exploit Title: Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.htm...

6.1CVSS6.6AI score0.01335EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.296 views

dawa-pharma 1.0-2022 - Multiple-SQLi

Title: dawa-pharma-1.0-2022 Multiple-SQLi Author: nu11secur1ty Date: 10/12/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The email...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.296 views

PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS)

Exploit Title: PHPFusion 9.10.30 - Stored Cross-Site Scripting XSS Application: PHPFusion Version: 9.10.30 Bugs: XSS Technology: PHP Vendor URL: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/ Date of found: 28-04-2023 Author: Mirabbas Ağalarov...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/22 12:0 a.m.296 views

Ivanti Endpoint Manager 4.6 - Remote Code Execution (RCE)

Exploit Title: Ivanti Endpoint Manager 4.6 - Remote Code Execution RCE Date: 20/03/2022 Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 - EOF Aug 2021 Tested on: Linux...

9.8CVSS9.6AI score0.99105EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/03/09 12:0 a.m.296 views

Printix Client 1.3.1106.0 - Privilege Escalation

Exploit Title: Printix Client 1.3.1106.0 - Privilege Escalation Date: 3/2/2022 Exploit Author: Logan Latvala Vendor Homepage: https://printix.net Software Link: https://software.printix.net/client/win/1.3.1106.0/PrintixClientWindows.zip Version: = 1.3.1106.0 Tested on: Windows 7, Windows 8, Windo...

9.3CVSS8.2AI score0.11011EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.296 views

Online Traffic Offense Management System 1.0 - Multiple SQL Injection (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple SQL Injection Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.296 views

CMS Made Simple 2.2.15 - RCE (Authenticated)

Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.296 views

Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection

Exploit Title: Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection Date: 22/12/2020 Exploit Authors: gx1 lotar Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Affected Themes: shapely - Fixed in version 1.2.9 newsmag - Fix...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.296 views

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=707779e0...

9.8CVSS9.8AI score0.16837EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/12/03 12:0 a.m.296 views

Revive Adserver 4.2 - Remote Code Execution

Exploit Title: Revive Adserver 4.2 - Remote Code Execution Google Dork: "inurl:www/delivery filetype:php" Exploit Author: crlf Vendor Homepage: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/archive/ Version: 4.1.x '' : @list$x, $url, $code = $argv;...

9.8CVSS9.4AI score0.57022EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/09/13 12:0 a.m.296 views

Folder Lock 7.7.9 - Denial of Service

Exploit Title: Folder Lock v7.7.9 Denial of Service Exploit Date: 12.09.2019 Vendor Homepage:https://www.newsoftwares.net/folderlock/ Software Link: https://www.newsoftwares.net/download/folderlock7-en/folder-lock-en.exe Exploit Author: Achilles Tested Version: 7.7.9 Tested on: Windows 7 x64 1.-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/24 12:0 a.m.296 views

E-topbiz ViralDX 2.07 - 'bannerid' SQL Injection

Viral DX 1 SQL Injection Vulnerability ======================================================== Author: Hussin X Home : www.tryag.cc/cc email: darkangelg85atYahooDoTcom hussin.xathotmailDoTcom ======================================================== HomE script : http://e-topbiz.com/ Demo :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/01 12:0 a.m.296 views

Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation

/ sendmail 8.11.x exploit i386-Linux by [email protected] sd@ircnet This code exploits well-known local-root bug in sendmail 8.11.x, 8.12.x may be vulnerable too, but I didn't test it. It gives instant root shell with +s sendmail 8.11.x, x 6 We're using objdump, gdb & grep in order to obtain VECT, so make...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.295 views

InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation

Exploit Title: InfluxDB OSS Operator Privilege Escalation via BusinessLogic Flaw Date: 22/03/2024 Exploit Author: Andrea Pasin Xenom0rph97 Researcher Homepage: https://xenom0rph97.github.io/xeno/ GitHub Exploit repo: https://github.com/XenoM0rph97/CVE-2024-30896 Software Link:...

9.1CVSS7.4AI score0.05208EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/03/22 12:0 a.m.295 views

Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)

Exploit Title: Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change Unauthenticated Date: 2025-02-26 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.aztech.com Version: DSL5005EN Tested on: Linux CVE: N/A import requests import argparse print''' aztech DSL5005EN...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.295 views

CrushFTP < 11.1.0 - Directory Traversal

Exploit Title: CrushFTP Directory Traversal Google Dork: N/A Date: 2024-04-30 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Vendor Homepage: https://www.crushftp.com/ Software Link: https://www.crushftp.com/download/ Version: below 10.7.1 and 11.1.0 as well as legacy 9.x Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.295 views

FAQ Management System v1.0 - 'faq' SQL Injection

Exploit Title: FAQ Management System v1.0 - 'faq' SQL Injection Google Dork: N/A Application: FAQ Management System Date: 25.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/01/29 12:0 a.m.295 views

Typora v1.7.4 - OS Command Injection

Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 13.09.2023 Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.295 views

Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)

Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow DoS Metasploit Date: 2018-03-09 Exploit Author: Ege Balci Vendor Homepage: https://www.flexense.com/downloads.html Version: 'Flexense HTTP Server Denial Of Service', 'Description' = %q This module triggers a Denial of Service...

7.5CVSS7.6AI score0.76544EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.295 views

Rukovoditel 3.3.1 - CSV injection

Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.295 views

Solaris 10 libXm - Buffer overflow Local privilege escalation

/ Exploit Title: Solaris 10 libXm - Buffer overflow Local privilege escalation raptordtprintlibXmas.c - Solaris 10 CDE ForeverDay LPE Copyright c 2023 Marco Ivaldi "What has been will be again, what has been done will be done again; there is nothing new under the Sun." -- Ecclesiastes 1:9 Solaris...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.295 views

REDCap 11.3.9 - Stored Cross Site Scripting

Exploit Title: REDCap 11.3.9 - Stored Cross-Site Scripting Date: 2021-10-11 Exploit Author: Kendrick Lam References: https://github.com/KCL04/XSS-PoCs/blob/main/CVE-2021-42136.js Vendor Homepage: https://projectredcap.org Software Link: https://projectredcap.org Version: Redcap before 11.4.0 Test...

9CVSS7AI score0.04657EPSS
Exploits5
Total number of security vulnerabilities5000