Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/08/18 12:0 a.m.287 views

Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticated)

Exploit Title: Crime records Management System 1.0 - 'Multiple' SQL Injection Authenticated Date: 17/08/2021 Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/osman-yahaya Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/16 12:0 a.m.287 views

Simple Water Refilling Station Management System 1.0 - Remote Code Execution (RCE) through File Upload

Exploit Title: Simple Water Refilling Station Management System 1.0 - Remote Code Execution RCE through File Upload Exploit Author: Matt Sorrell Date: 2021-08-14 Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/10 12:0 a.m.287 views

IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: IPCop 2.1.9 - Remote Code Execution RCE Authenticated Date: 02/08/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipcop.org/ Software Link: https://sourceforge.net/projects/ipcop/files/IPCop/IPCop%202.1.8/ipcop-2.1.8-install-cd.i486.iso -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/14 12:0 a.m.287 views

TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)

Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Date : 2021/09/06 Exploit Author : Mert Daş [email protected] Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/21 12:0 a.m.287 views

DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)

Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...

8.8CVSS7.9AI score0.58132EPSS
Exploits17
Exploit DB
Exploit DB
added 2021/04/26 12:0 a.m.287 views

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 2 Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 04/25/2021 Vendor: https://www.seopanel.org/ Link: https://www.seopanel.org/spdownload/4.8.0 CVE: CVE-2021-28419 + Exploit Source: !/usr/bin/python3 Author: @nu11secur1...

7.2CVSS7AI score0.10672EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.287 views

Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting

Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting Exploit Author: Mesut Cetin Date: 2021-01-10 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/02 12:0 a.m.287 views

Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)

Exploit Title: Stock Management System 1.0 - Cross-Site Request Forgery Change Username Exploit Author: Bobby Cooke & Adeeb Shah @hyd3sec CVE ID: N/A Date: 2020-09-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/07 12:0 a.m.287 views

Daily Expenses Management System 1.0 - 'item' SQL Injection

Exploit Title: Daily Expenses Management System 1.0 - 'item' SQL Injection Date: 2020-08-05 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/19 12:0 a.m.287 views

Victor CMS 1.0 - 'cat_id' SQL Injection

Exploit Title: Victor CMS 1.0 - 'catid' SQL Injection Google Dork: N/A Date: 2020-05-19 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/18 12:0 a.m.287 views

Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload

Exploit Title: Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload Google Dork: N/A Date: 2020-05-18 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://monstra.org Software Link: https://bitbucket.org/awilum/monstra/downloads/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.287 views

Inventory Webapp - 'itemquery' SQL injection

Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /php/add-item.php ========== Vulnerable Source: ========== Line3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/30 12:0 a.m.287 views

Sentrifugo 3.2 - File Upload Restriction Bypass

Exploit Title: Sentrifugo 3.2 - File Upload Restriction Bypass Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15813 Multiple File Upload Restriction Bypass vulnerabilities were found in...

8.8CVSS9AI score0.33236EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/01/09 12:0 a.m.287 views

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)

function main var vArr = new Array; var bigArray = new Array0x20000000; vArr0 = String.prototype.toLowerCase.callbigArray; vArr1 = String.prototype.toLowerCase.callbigArray; vArr2 = String.prototype.toLowerCase.callbigArray;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.286 views

Gitea 1.24.0 - HTML Injection

Exploit Title: Gitea 1.24.0 - HTML Injection Date: 2025-03-09 Exploit Author: Mikail KOCADAĞ Vendor Homepage: https://gitea.com Software Link: https://dl.gitea.io/gitea/1.24.0/ Version: 1.24.0 Tested on: Windows 10, Linux Ubuntu 22.04 CVE : N/A Vulnerability Description: In Gitea 1.24.0, the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.286 views

Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...

9.1CVSS7AI score0.50622EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.286 views

Grocy <=4.0.2 - CSRF

Exploit Title: Grocy history.pushState'','', '/'; document.forms0.submit; If a user is logged into the Grocy Webapp at time of execution, a new user will be created in the app with the following credentials Username: hacker Password: test Note: In order for this to work, the target must have Crea...

8.8CVSS8.9AI score0.00375EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.286 views

101 News 1.0 - Multiple-SQLi

Title: 101 News-1.0 Multiple-SQLi Author: nu11secur1ty Date: 09/16/2023 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/16067/best-online-news-portal-project-php-free-download.html Reference: https://portswigger.net/web-security/sql-injection Description: The searchtitle...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/10 12:0 a.m.286 views

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting XSS Date: 2022-06-05 Exploit Author: Sanjay Singh Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/14 12:0 a.m.286 views

Spy Emergency 25.0.650 - 'Multiple' Unquoted Service Path

Exploit Title: Spy Emergency 25.0.650 - Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2021-06-11 Vendor Homepage: https://www.spy-emergency.com/ Software Link: https://www.spy-emergency.com/download/download.php?id=1 Tested Version: 25.0.650.0 Vulnerability Type: Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.286 views

RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: RemoteClinic 2 - 'Multiple' Cross-Site Scripting XSS Exploit Author: nu11secur1ty Debug: g3ck0dr1v3r Date: 04/21/2021 Vendor Homepage: https://remoteclinic.io/ Software Link: https://github.com/remoteclinic/RemoteClinic CVE: CVE-2021-30044 + Exploit Source:...

5.4CVSS5.6AI score0.01773EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/18 12:0 a.m.286 views

Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)

Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Date: 2020-12-27 Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...

7.2CVSS7AI score0.06772EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/25 12:0 a.m.286 views

CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS

Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS Exploit Author: Anita Gaud Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...

5.4CVSS5.6AI score0.02826EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.286 views

FRITZ!Box 7.20 - DNS Rebinding Protection Bypass

Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.286 views

Siemens Desigo PX 6.00 - Denial of Service (PoC)

Title: Siemens Desigo PX 6.00 - Denial of Service PoC Author: LiquidWorm Date: 2019-11-14 Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version:6.00 Affected version: Model: PXC00-E.D, PXC50-E.D,...

5.3CVSS5.6AI score0.01675EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.286 views

ThinVNC 1.0b1 - Authentication Bypass

Exploit Title: ThinVNC 1.0b1 - Authentication Bypass Date: 2019-10-17 Exploit Author: Nikhith Tumamlapalli Contributor WarMarX Vendor Homepage: https://sourceforge.net/projects/thinvnc/ Software Link: https://sourceforge.net/projects/thinvnc/files/ThinVNC1.0b1/ThinVNC1.0b1.zip/download Version:...

9.8CVSS9.4AI score0.96758EPSS
Exploits11
Exploit DB
Exploit DB
added 2015/04/21 12:0 a.m.286 views

ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution

Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import requests Banner banner = "" banner += " \n" banner +=" | | /...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/02/23 12:0 a.m.286 views

PHP DateTime - Use-After-Free

Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...

7.5CVSS7.4AI score0.42911EPSS
Exploits9
Exploit DB
Exploit DB
added 2010/04/30 12:0 a.m.286 views

Microsoft SQL Server - Hello Overflow (MS02-056) (Metasploit)

$Id: ms02056hello.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.5CVSS7AI score0.77712EPSS
Exploits9
Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.285 views

Windows 2024.15 - Unauthenticated Desktop Screenshot Capture

Exploit Title: Windows 2024.15 - Unauthenticated Desktop Screenshot Capture Date: 2025-05-19 Exploit Author: Chokri Hammedi Vendor Homepage: https://rs.ltd Software Link: https://rs.ltd/latest.php?os=win Version: 2024.15 Tested on: Windows 10/11 with Remote for Windows helper ''' Description: -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/06 12:0 a.m.285 views

Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Casdoor 1.901.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: 1.901.0 Date: 03/07/2024 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v1.901.0.zip Tested on: Windows CVE : N/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.285 views

PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities

Exploit Title: PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities Date: 09/08/2023 Exploit Author: Kerimcan Ozturk Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/business-directory-script/ Version: 3.2 Tested on: Windows 10 Pro Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/31 12:0 a.m.285 views

Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)

Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...

7.8CVSS7.8AI score0.01091EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.285 views

Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)

Exploit Title: Joomla! combooking component 2.4.9 - Information Leak Account enumeration Google Dork: inurl:"index.php?option=combooking" Date: 07/12/2023 Exploit Author: qw3rTyTy Vendor Homepage: http://www.artio.net/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.285 views

Serendipity 2.4.0 - File Inclusion RCE

Exploit Title: Serendipity 2.4.0 - File Inclusion RCE Author: nu11secur1ty Date: 04.26.2023 Vendor: https://docs.s9y.org/index.html Software: https://github.com/s9y/Serendipity/releases/tag/2.4.0 Reference: https://portswigger.net/web-security/file-upload Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.285 views

Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection

Exploit Title: Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.285 views

Archeevo 5.0 - Local File Inclusion

Exploit Title: Archeevo 5.0 - Local File Inclusion Google Dork: intitle:"archeevo" Date: 01/15/2021 Exploit Author: Miguel Santareno Vendor Homepage: https://www.keep.pt/ Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/ Version: 5.0 Tested on: windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.285 views

Online Resort Management System 1.0 - SQLi (Authenticated)

Exploit Title: Online Resort Management System 1.0 - SQLi Authenticated Date: 15/01/2022 Exploit Author: Gaurav Grover Vendor Homepage: Software Link: Version: 1.0 Tested on: Linux and windows both Summary: There are a vulnerabilities in Online Resort Management System ORMS 1. The attacker can...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.285 views

WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read (Unauthenticated)

Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Date: 23/12/2021 Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Versio...

7.5CVSS7.6AI score0.77944EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.285 views

Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. CVE: CVE-2021-42071 Reference:...

10CVSS9.7AI score0.69882EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/03/25 12:0 a.m.285 views

Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting

Exploit Title: Genexis Platinum-4410 P4410-V2-1.31A - 'startaddr' Persistent Cross-Site Scripting Date: 03/25/2020 Exploit Author: Jithin KS Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: Platinum-4410 Software version - P4410-V2-1.31A Tested on: Windows 10 Author Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/10 12:0 a.m.285 views

Node.JS - 'node-serialize' Remote Code Execution (2)

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...

9.8CVSS9.6AI score0.61025EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.285 views

Online Shop Project 1.0 - 'p' SQL Injection

Exploit Title: Online Shop Project 1.0 - 'p' SQL Injection Date: 2020-09-20 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14448/online-shop-project-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/26 12:0 a.m.285 views

Pi-hole 4.4.0 - Remote Code Execution (Authenticated)

Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on: https://github.com/Frichetten/CVE-2020-11108-PoC/blob/master/cve-2020-11108-rce.py File na...

9CVSS8.7AI score0.78262EPSS
Exploits17
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.285 views

NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths

Exploit Title: NCPSecureEntryClient 9.2 - Unquoted Service Paths Date: 2019-11-17 Exploit Author: Akif Mohamed Ik Vendor Homepage: http://software.ncp-e.com/ Software Link: http://software.ncp-e.com/NCPSecureEntryClient/Windows/9.2x/ Version: 9.2x Tested on: Windows 7 SP1 CVE : NA C:\Users\userwm...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/11 12:0 a.m.285 views

Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 5708.4564: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/08 12:0 a.m.285 views

Adive Framework 2.0.7 - Privilege Escalation

Exploit Title: Adive Framework 2.0.7 - Privilege Escalation Date: 2019-08-02 Exploit Author: Pablo Santiago Vendor Homepage: https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.7 Tested on: Windows 10 CVE : CVE-2019-14347 Exploit import requests import...

8.8CVSS9AI score0.09313EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/20 12:0 a.m.285 views

PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control

Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Date: 14/01/2019 Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-incorrect-access-control/ Vendor: ChinaMobile Category: Hardware Version: GPN2.4P21-C-C...

8.8CVSS8.8AI score0.07526EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/01/21 12:0 a.m.285 views

Coman 1.0 - 'id' SQL Injection

Exploit Title: Coman - Company Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-20 Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/coman-company-management-system/17799270 Version: 1.0 Category: Webapps Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/10 12:0 a.m.285 views

Linux Kernel UDEV < 1.4.1 - 'Netlink' Local Privilege Escalation (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

7.2CVSS7AI score0.81528EPSS
Exploits12
Total number of security vulnerabilities5000