Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.295 views

Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.295 views

Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection

Exploit Title: Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection Date: 22/12/2020 Exploit Authors: gx1 lotar Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Affected Themes: shapely - Fixed in version 1.2.9 newsmag - Fix...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.295 views

Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path

Exploit Title: Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : Genexus Version : Genexus Protection Server 9.6.4.2 Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;; Vend...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/06 12:0 a.m.295 views

Victor CMS 1.0 - 'Search' SQL Injection

Exploit Title: Victor CMS 1.0 - 'Search' SQL Injection Date: 2020-08-04 Exploit Author: Edo Maland Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: XAMPP / Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/07 12:0 a.m.295 views

Microsoft Windows mshta.exe 2019 - XML External Entity Injection

Exploit Title: Microsoft Windows mshta.exe 2019 - XML External Entity Injection Date: 2020-07-07 Exploit Author: hyp3rlinx Vendor homepage: https://www.microsofft.com/ CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/30 12:0 a.m.295 views

phpIPAM 1.4 - SQL Injection

!/usr/bin/env python3 Exploit Title: phpIPAM Custom Field Filter SQL Injection Exploit Announcement Date: September 16, 2019 5:18 AM Exploit Creation Date: September 27, 2019 Exploit Author: Kevin Kirsche Vendor Homepage: https://phpipam.net Software Link:...

9.8CVSS7AI score0.10318EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/20 12:0 a.m.295 views

LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)

Exploit Title: LanSpy 2.0.1.159 - Local Buffer Overflow SEH Egghunter Exploit Author: bzyo Date: 12-19-18 Twitter: @bzyo Vulnerable Software: LanSpy 2.0.1.159 Vendor Homepage: https://lizardsystems.com Version: 2.0.1.159 Software Link 1:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/04/13 12:0 a.m.295 views

Samba < 3.6.2 (x86) - Denial of Service (PoC)

!/usr/bin/python """ Exploit for Samba vulnerabilty CVE-2015-0240 by sleepya The exploit only targets vulnerable x86 smbd 3.6.24 which 'creds' is controlled by ReferentID field of PrimaryName ServerName. That means 'talloczero' in libtalloc does not write a value on 'creds' address. Reference: -...

10CVSS8AI score0.87636EPSS
Exploits7
Exploit DB
Exploit DB
added 2009/06/09 12:0 a.m.295 views

phpMyAdmin - '/scripts/setup.php' PHP Code Injection

!/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC script and providing feedback! PoC...

9.8CVSS7AI score0.95438EPSS
Exploits16
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.294 views

InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation

Exploit Title: InfluxDB OSS Operator Privilege Escalation via BusinessLogic Flaw Date: 22/03/2024 Exploit Author: Andrea Pasin Xenom0rph97 Researcher Homepage: https://xenom0rph97.github.io/xeno/ GitHub Exploit repo: https://github.com/XenoM0rph97/CVE-2024-30896 Software Link:...

9.1CVSS7.4AI score0.05208EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/03/29 12:0 a.m.294 views

Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE)

Exploit Title: Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution RCE Date: 11/08/2022 Exploit Author: a-rey Vendor Homepage: http://www.inbit.com/support.html Software Link: http://www.softsea.com/review/Inbit-Messenger-Basic-Edition.html Version: v4.6.0 - v4.9.0 Tested on: Window...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.294 views

Chamilo LMS 1.11.14 - Account Takeover

Exploit Title: Chamilo LMS 1.11.14 - Account Takeover Date: July 21 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://chamilo.org Software Link: https://chamilo.org Version: Chamilo-lms-1.11.x Tested on: Chamilo-lms-1.11.x CVE: CVE-2021-37391 Publication:...

5.4CVSS6AI score0.0214EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/08/05 12:0 a.m.294 views

CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...

5.4CVSS5.5AI score0.01936EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/18 12:0 a.m.294 views

ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting (XSS)

Exploit Title: ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting XSS Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description The file upload feature in ICE Hrm Version 29.0.0.OS allows remote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.294 views

Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting

Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST /salesADMINtrk/start.swe HTTP/1.1 Content-Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.294 views

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)

!/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/01 12:0 a.m.294 views

DZCP (deV!L`z Clanportal) 1.3.6 - 'Show' SQL Injection

source: https://www.securityfocus.com/bid/21391/info deV!Lz Clanportal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.293 views

Sudo 1.9.17 Host Option - Elevation of Privilege

Exploit Title: Sudo 1.9.17 Host Option - Elevation of Privilege Date: 2025-06-30 Exploit Author: Rich Mirch Vendor Homepage: https://www.sudo.ws Software Link: https://www.sudo.ws/dist/sudo-1.9.17.tar.gz Version: Stable 1.9.0 - 1.9.17, Legacy 1.8.8 - 1.8.32 Fixed in: 1.9.17p1 Vendor Advisory:...

8.8CVSS9.6AI score0.03239EPSS
Exploits76
Exploit DB
Exploit DB
added 2025/03/27 12:0 a.m.293 views

MoziloCMS 3.0 - Remote Code Execution (RCE)

Exploit Title: MoziloCMS 3.0 - Remote Code Execution RCE Date: 10/09/2024 Exploit Author: Secfortress https://github.com/sec-fortress Vendor Homepage: https://mozilo.de/ Software Link: https://github.com/moziloDasEinsteigerCMS/mozilo3.0/archive/refs/tags/3.0.1.zip Version: 3.0 Tested on: Debian...

7.2CVSS7AI score0.16249EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.293 views

Backdrop CMS 1.23.0 - Stored XSS

Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field Date: 2023-08-21 Exploit Author: Sinem Şahin Vendor Homepage: https://backdropcms.org/ Version: 1.23.0 Tested on: Windows & XAMPP == Tutorial http://HOST/backdrop/node/add/post 2- Write your xss payload in the body...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.293 views

TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution Vendor: AAF Digital HD Forum | Atelmo GmbH Product web page: http://www.aaf-digital.info | https://www.atemio.de Affected version: Firmware =2.01 Summary: The Atemio AM 520 HD Full HD...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.293 views

Windows PowerShell - Event Log Bypass Single Quote Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINDOWSPOWERSHELLSINGLEQUOTECODEEXECEVENTLOGBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Windows PowerShell Built on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.293 views

TEM Opera Plus FM Family Transmitter 35.45 - XSRF

CSRF Change Forward Power: ------------------------- input type="submit" val...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/23 12:0 a.m.293 views

Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)

-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.293 views

revive-adserver v5.4.1 - Cross-Site Scripting (XSS)

Exploit Title: revive-adserver v5.4.1 - Cross-Site Scripting XSS Application: revive-adserver Version: 5.4.1 Bugs: XSS Technology: PHP Vendor URL: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/ Date of found: 31-03-2023 Author: Mirabbas Ağalarov Tested o...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.293 views

Private Internet Access 3.3 - 'pia-service' Unquoted Service Path

Exploit Title: Private Internet Access 3.3 - 'pia-service' Unquoted Service Path Date: 04/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.privateinternetaccess.com Software Link: https://www.privateinternetaccess.com/download Version: 3.3.0.100 Tested: Windows 10 x64 Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.293 views

HTTP Commander 3.1.9 - Stored Cross Site Scripting (XSS)

Exploit Title: HTTP Commander 3.1.9 - Stored Cross Site Scripting XSS Date: 07/01/2022 Exploit Author: Oscar Sandén Vendor Homepage: https://www.element-it.com Software Link: https://www.element-it.com/downloads.aspx Version: 3.1.9 Tested on: Windows Server 2016 Description There is a stored XSS ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.293 views

Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass Date: 2021-10-02 Exploit Author: Jordan Glover Vendor Homepage: https://www.sourcecodester.com/php/12684/young-entrepreneur-e-negosyo-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.293 views

ECOA Building Automation System - Directory Traversal Content Disclosure

Exploit Title: ECOA Building Automation System - Directory Traversal Content Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Directory Traversal Content Disclosure Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/31 12:0 a.m.293 views

Umbraco CMS 8.9.1 - Directory Traversal

Exploit Title: Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write Authenticated Exploit Author: BitTheByte Description: Authenticated path traversal vulnerability. Exploit Research: https://www.tenable.com/security/research/tra-2020-59 Vendor Homepage: https://umbraco.com/ Version:...

6.5CVSS6.5AI score0.09369EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/16 12:0 a.m.293 views

Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting

Exploit Title: Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting Date: 2021-15-06 Exploit Author: Fatih İLGİN Vendor Homepage: cotonti.com Vulnerable Software: https://www.cotonti.com/download/siena0919 Affected Version: 0.9.19 Tested on: Windows 10 Vulnerable Parameter Type: POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.293 views

TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a unauthenticated command execution...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.293 views

Nsauditor 3.1.8.0 - 'Name' Denial of Service (PoC)

Exploit Title: Nsauditor 3.1.8.0 - 'Name' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerability Type: Denial of Service DoS Local Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.293 views

Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Schneider Electric U.Motion Builder Vendor URL: www.schneider-electric.com Type: OS Command Injection CWE-78 Date found: 2018-11-15 Date published: 2019-05-13 CVSSv3 Score: 9.8...

9.8CVSS7AI score0.72486EPSS
Exploits6
Exploit DB
Exploit DB
added 2015/07/03 12:0 a.m.293 views

CuteNews 2.0.3 - Arbitrary File Upload

CuteNews 2.0.3 Remote File Upload Vulnerability ================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/10 12:0 a.m.292 views

Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover

Exploit Title: Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover Google Dork: N/A Date: 21/07/2024 Exploit Author: Mohammed Adel Vendor Homepage: https://www.cisco.com Software Link:...

10CVSS7.2AI score0.80635EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.292 views

CodeCanyon RISE CRM 3.7.0 - SQL Injection

Exploit Title: CodeCanyon RISE CRM 3.7.0 - SQL Injection Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed Author Homepage: https://bytium.com Vulnerable Version: 3.7 Patched Version: 3.7.1 Tested on: Ubuntu 24.04, Debian Testing CVE: CVE-2024-8945 Instruction 1. Login to...

8.8CVSS7.2AI score0.14545EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.292 views

TP-Link TL-WR740N - Authenticated Directory Transversal

Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Date: 13/7/2023 Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/15 12:0 a.m.292 views

Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)

Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload Unauthenticated Google Dork: n/a Date: 14/06/2023 Exploit Author: Ramil Mustafayev Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.292 views

Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Date: 17/11/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://www.commscope.com/ Version: 9.1.103 Tested on: TG2482A, TG2492, SBG10 CVE : CVE-2022-45701 import requests import base64 routerhost =...

8.8CVSS8.9AI score0.42326EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.292 views

Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path

Exploit Title: Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2023-01-18 Vendor : Microsoft Version : 15.02.1118.007 Tested on OS: Microsoft Exchange Server 2019 CU12 PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.292 views

minewebcms 1.15.2 - Cross-site Scripting (XSS)

Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...

6.8CVSS5.2AI score0.03506EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.292 views

WordPress Plugin Jetpack 9.1 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Jetpack 9.1 - Cross Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/jetpack Version: 9.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/07 12:0 a.m.292 views

WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)

Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...

9CVSS8.7AI score0.7699EPSS
Exploits11
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.292 views

Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)

Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail .jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.292 views

IPeakCMS 3.5 - Boolean-based blind SQLi

Exploit Title: IPeakCMS 3.5 - Boolean-based blind SQLi Date: 07.12.2020 Exploit Author: MoeAlbarbari Vendor Homepage: https://ipeak.ch/ Software Link: N/A Version: 3.5 Tested on: BackBox Linux CVE : CVE-2021-3018 Check the CMS version :goto www.site.com/cms/ and you will notice that in the login...

9.8CVSS9.8AI score0.19506EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/26 12:0 a.m.292 views

ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure

Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/12 12:0 a.m.292 views

Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)

Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Date: 2019-12-11 Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor : https://www.lenovo.com/us/en/ Ref :...

4.4CVSS5.1AI score0.01742EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.292 views

ScanGuard Antivirus 2020 - Insecure Folder Permissions

Exploit Title: ScanGuard Antivirus 2020 - Insecure Folder Permissions Date: 2019-10-10 Exploit Author: hyp3rlinx Vendor Homepage: https://www.scanguard.com/ Software Link: https://support.scanguard.com/en/kb/22/upgrades-available Version: 2020 Tested on: Windows CVE : N/A Category: exploit...

7.8CVSS7.9AI score0.00518EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.292 views

FusionPBX 4.4.8 - Remote Code Execution

!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 '''...

7.4AI score
Exploits0
Total number of security vulnerabilities5000