Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.279 views

MyBB 1.8.29 - MyBB 1.8.29 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: MyBB 1.8.29 - Remote Code Execution RCE Authenticated Date: 2022-05-08 Exploit Author: Altelus Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1829 Version: MyBB 1.8.29 Tested on: Linux CVE : CVE-2022-24734 An RCE can be obtained on...

7.2CVSS6.9AI score0.77677EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.279 views

Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path

Exploit Title: Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-04-11 Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.279 views

Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting (XSS)

Exploit Title: Drupal avataruploader v7.x-1.0-beta8 - Cross Site Scripting XSS Date: 2022-03-22 Author: Milad karimi Software Link: https://www.drupal.org/project/avataruploader Version: v7.x-1.0-beta8 Tested on: Windows 10 CVE: N/A 1. Description: This plugin creates a avataruploader from any po...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.279 views

OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)

Exploit Title: OpenBMCS 2.4 - Cross Site Request Forgery CSRF Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 CSRF Send E-mail Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.280 views

Cloudron 6.2 - 'returnTo ' Cross Site Scripting (Reflected)

Exploit Title: Cloudron 6.2 - 'returnTo ' Cross Site Scripting Reflected Date: 10.06.2021 Exploit Author: Akıner Kısa Vendor Homepage: https://cloudron.io Software Link: https://www.cloudron.io/get.html Version: 6.3 CVE : CVE-2021-40868 Proof of Concept: 1. Go to...

6.1CVSS6.4AI score0.09071EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/06/09 12:0 a.m.279 views

Intelbras Router RF 301K - 'DNS Hijacking' Cross-Site Request Forgery (CSRF)

Exploit Title: Intelbras Router RF 301K - 'DNS Hijacking' Cross-Site Request Forgery CSRF Date: 01/05/2021 Exploit Author: Rodolfo Mariano Version: Firmware 1.1.2-1.1.5 CVE: 2021-32403 Exploit Code: document.forms0.submit;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.279 views

SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS

Exploit Title: SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.279 views

Selea Targa IP OCR-ANPR Camera - CSRF Add Admin

Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/06 12:0 a.m.279 views

RSA IG&L Aveksa 7.1.1 - Remote Code Execution

Exploit Title: RSA IG&L Aveksa 7.1.1 - Remote Code Execution Date: 2019-04-16 Exploit Author: Jakub Palaczynski, Lukasz Plonka Vendor Homepage: https://www.rsa.com/ Version: 7.1.1, prior to P02 CVE : CVE-2019-3759 all vulnerable versions can be found at...

8.1CVSS7.3AI score0.03226EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/10/23 12:0 a.m.279 views

Rocket.Chat 2.1.0 - Cross-Site Scripting

Title: Rocket.Chat 2.1.0 - Cross-Site Scripting Author: 3H34N Date: 2019-10-22 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 2. Open a chat session 3. Send payload with your web server url 4. Token will be written in logs.txt when target seen your message...

6.1CVSS6.5AI score0.04023EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/03 12:0 a.m.279 views

PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass

= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/12 12:0 a.m.279 views

Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts

Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as web browsers and constitutes an attack surface for memory corruption bugs, as it...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.279 views

Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - AsyncResponseService ', 'Description' = %q An unauthenticated attacker with network access to the...

9.8CVSS9AI score0.99964EPSS
Exploits35
Exploit DB
Exploit DB
added 2006/11/21 12:0 a.m.279 views

phpPC 1.04 - Multiple Remote File Inclusions

phpPC 1.04 Multiples Remote File Inclusion Script : PHP Poll Creator Version : 1.04 Vendor URL : http://www.phppc.de Impact : Remote File Inclusion Discovered by : iss4m Contact : [email protected] Vulnerable code in poll.php -------------------------------- ?php if $isphppcincluded != 1 include...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/25 12:0 a.m.279 views

D3Jeeb Pro 3 - 'catogary.php?catid' SQL Injection

source: https://www.securityfocus.com/bid/16853/info D3Jeeb is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/13 12:0 a.m.278 views

Freefloat FTP Server 1.0 - Remote Buffer Overflow

Exploit Title: Freefloat FTP Server 1.0 - Remote Buffer Overflow Date: 22 may 2025 Notification vendor: No reported Discovery by: Fernando Mengali LinkedIn: https://www.linkedin.com/in/fernando-mengali-273504142/ Version: 1.0 Tested on: Windows XP SP3 English - Version 5.1 Build...

9.8CVSS7.4AI score0.10947EPSS
Exploits13
Exploit DB
Exploit DB
added 2025/04/09 12:0 a.m.278 views

Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)

Exploit Title: Apache HugeGraph Server 1.2.0 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://hugegraph.apache.org/docs/download/download/ Version: Apache HugeGraph 1.0.0 - 1.2.0 CVE : CVE-2024–27348 from requests import Request, Session import sys import json d...

9.8CVSS9.8AI score0.9921EPSS
Exploits11
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.278 views

Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

Chyrp 2.5.2 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/chyrp/ Software Link: https://github.com/chyrp/chyrp/archive/refs/tags/v2.5.2.zip Version: 2.5.2 Tested on: MacOS Steps to Reproduce - Login from the address:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.278 views

WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution

Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution Date: 2023-07-20 Exploit Author: Mehmet Kelepçe Vendor Homepage: https://wpmudev.com/project/forminator-pro/ Software Link: https://wordpress.org/plugins/forminator/ Version: 1.24.6 Tested on: PHP - Mysql...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.278 views

Webile v1.0.1 - Multiple Cross Site Scripting

Exploit Title: Webile v1.0.1 - Multiple Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================== 2321 Common Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.278 views

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow SEH Date: 18/07/2023 Exploit Author: Andre Nogueira Vendor Homepage: https://www.raidenftpd.com/en/ Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe Version: RaidenFTPD 2.4.4005 Tested on: Microsoft Windows 10 Build 19045 1.-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.278 views

CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.278 views

Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)

Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery CSRF Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows PoCs:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.278 views

Anuko Time Tracker - SQLi (Authenticated)

Exploit Title: Anuko Time Tracker - SQLi Authenticated Date: 2022-05-03 Exploit Author: Altelus Vendor Homepage: https://www.anuko.com/ Software Link: https://github.com/anuko/timetracker/tree/0924ef499c2b0833a20c2d180b04fa70c6484b6d Version: Anuko Time Tracker 1.20.0.5640 Tested on: Linux CVE :...

8.8CVSS8.8AI score0.07159EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/16 12:0 a.m.278 views

H3C SSL VPN - Username Enumeration

Exploit Title: H3C SSL VPN - Username Enumeration Exploit Author: LiquidWorm H3C SSL VPN Username Enumeration Vendor: Hangzhou H3C Technologies Co. | New H3C Technologies Co., Ltd. Product web page: https://www.h3c.com Affected version: n/a Summary: H3C SSL VPN is a secure VPN system based on SSL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.278 views

uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 21/01/2022 Document Title: =============== uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.278 views

WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woocommerc...ts-slider/ Version: 1.13.21 Tested on: Windows 10 CVE: CVE-2021-24300 1. Description: This plugin is a easy...

6.1CVSS6.5AI score0.10587EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.278 views

ECOA Building Automation System - Cookie Poisoning Authentication Bypass

Exploit Title: ECOA Building Automation System - Cookie Poisoning Authentication Bypass Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cookie Poisoning Authentication Bypass Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/16 12:0 a.m.278 views

Teachers Record Management System 1.0 - 'Multiple' SQL Injection (Authenticated)

Exploit Title: Teachers Record Management System 1.0 – Multiple SQL Injection Authenticated Date: 05-10-2021 Exploit Author: nhattruong Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ Version: 1.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/15 12:0 a.m.278 views

Tasks 9.7.3 - Insecure Permissions

Exploit Title: Tasks 9.7.3 - Insecure Permissions Date: 18th of July, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/07/18/how-the-white-box-hacking-works-ok-google-i-wanna-pwn-this-app/ Vendor Homepage: https://tasks.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.278 views

iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path

Exploit Title: iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path Discovery by: Leslie Lara Discovery Date: 7-09-2020 Vendor Homepage: https://www.huawei.com/en/corporate-information Software Links :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.278 views

ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection

Exploit Title: ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection Google Dork: intitle:"Applications Manager Login Screen" Date: 2020-07-23 Exploit Author: aldorm Vendor Homepage: https://www.manageengine.com/ Software Link: Version: 12 and 13 before Build 13200 Tested on:...

9.8CVSS9.6AI score0.04772EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.278 views

ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure

Title: ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: www.escam.cn Product Link: http://www.escam.cn/search/?class1=&class2=&class3=&searchtype=0&searchword=qd-900&lang=en CVE: N/A !/usr/bin/perl ESCAM QD-900 WIFI HD Camera Remote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/24 12:0 a.m.278 views

Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery

Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com CVE: CVE-2019-12624 Description : The application interface allows users to perform certain actions via HTTP...

8.8CVSS9AI score0.18706EPSS
Exploits2
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.278 views

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/28 12:0 a.m.278 views

WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download

Exploit Title: WordPress Plugin ad manager wd v1.0.11 - Arbitrary File Download Google Dork: N/A Date: 25.01.2019 Vendor Homepage: https://web-dorado.com/products/wordpress-ad-manager-wd.html Software: https://wordpress.org/plugins/ad-manager-wd Version: 1.0.11 Tested on: Win7 x64, Exploit Author...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/07/27 12:0 a.m.278 views

QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)

Exploit Title: QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service PoC Discovery by: Luis Martínez Discovery Date: 2018-07-26 Vendor Homepage: https://www.qnapsecurity.com/n/en/ Software Link : http://download.qnap.com/Surveillance/QVRClient/Qmon5.1.1.30070.zip Tested Version: 5.1.1.30070...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/06/01 12:0 a.m.278 views

unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities

Author girex Homepage girex.altervista.org Date 31/05/2009 CMS Unclassified NewsBoard 1.6.4 and maybe lower Dork "This board is powered by the Unclassified NewsBoard software, 1.6.4" Multiple remote vulnerabilities 1 Remote SQL Injection php.ini regardless 2 Logs File Disclosure registerglobals =...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2009/03/05 12:0 a.m.278 views

Libc - 'libc:fts_*()' Local Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 libc:fts:multiple vendors, Denial-of-service Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 21.10.2008 - - Pub.: 04.03.2009 CVE: CVE-2009-0537 We are going informing all vendors, about this problem. Affected Software official: - -...

4.9CVSS6.4AI score0.03592EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/04/17 12:0 a.m.277 views

TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)

Exploit Title: TP-Link VN020 F3vT TTV6.2.1021 - Denial Of Service DOS Date: 10/22/2024 Exploit Author: Mohamed Maatallah Vendor Homepage: https://www.tp-link.com Version: TTV6.2.1021 VN020-F3vT Tested on: VN020-F3vT Router Hardware Version 1.0 CVE: CVE-2024-12342 Description: Two critical...

7.1CVSS7.1AI score0.08886EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/04/05 12:0 a.m.277 views

Kubio AI Page Builder 2.5.1 - Local File Inclusion (LFI)

Exploit Title: Kubio AI Page Builder = 2.5.1 - Local File Inclusion LFI Date: 2025-04-04 Exploit Author: Sheikh Mohammad Hasan https://github.com/4m3rr0r Vendor Homepage: https://wordpress.org/plugins/kubio/ Software Link: https://downloads.wordpress.org/plugin/kubio.2.5.1.zip Reference:...

9.8CVSS7.4AI score0.76761EPSS
Exploits12
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.277 views

Enrollment System v1.0 - SQL Injection

Exploit Title: Enrollment System v1.0 - SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: Obi08 Vendor Homepage: https://github.com/Obi08/EnrollmentSystem Software Link: https://github.com/Obi08/EnrollmentSystem Version: v1.0 Tested on: Mac OSX, XAMPP, Apache,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.277 views

CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)

Exploit Title: CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection SSTI Application: CmsMadeSimple Version: v2.2.17 Bugs: SSTI Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 13-07-2023...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.277 views

Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...

9.8CVSS9.7AI score0.04353EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.277 views

Opmon 9.11 - Cross-site Scripting

Exploit Title: Opmon 9.11 - Cross-site Scripting Date: 2021-06-01 Exploit Author: p3tryx Vendor Homepage: https://www.opservices.com.br/monitoramento-real-time Version: 9.11 Tested on: Chrome, IE and Firefox CVE : CVE-2021-43009 URL POC: alertdocument.cookie; var i=new Image;...

6.1CVSS7AI score0.02293EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.277 views

BattlEye 0.9 - 'BEService' Unquoted Service Path

Exploit Title: BattlEye 0.9 - 'BEService' Unquoted Service Path Date: 09/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.battleye.com/ Software Link: https://www.battleye.com/downloads/ Version: 0.94 Tested: Windows 10 Pro Contact: https://twitter.com/dmaral3noz C:\Users\saudhsc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.277 views

Hasura GraphQL 2.2.0 - Information Disclosure

Exploit Title: Hasura GraphQL 2.2.0 - Information Disclosure Software: Hasura GraphQL Community Software Link: https://github.com/hasura/graphql-engine Version: 2.2.0 Exploit Author: Dolev Farhi Date: 5/05/2022 Tested on: Ubuntu import requests SERVERADDR = 'x.x.x.x' url =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.277 views

Automox Agent 32 - Local Privilege Escalation

Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...

7.8CVSS7.7AI score0.01234EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/12/20 12:0 a.m.277 views

Exponent CMS 2.6 - Multiple Vulnerabilities

Exploit Title: Exponent CMS 2.6 - Multiple Vulnerabilities Exploit Author: heinjame Date: 22/10/2021 Exploit Author: picaroo Vendor Homepage: https://www.exponentcms.org/ Version: http://127.0.0.1:8082/expcms/text/edit/id/id/src/@footer Title, Text Block Payload = " Database credential are...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.277 views

Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection

Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

7AI score
Exploits0
Total number of security vulnerabilities5000