Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2025/05/25 12:0 a.m.273 views

ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation

!/usr/bin/env python Exploit Title: ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalabl...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/10 12:0 a.m.274 views

CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)

Exploit Title: CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting XSS Date: 2024-08-15 Exploit Author: Raj Nandi Vendor Homepage: https://codeastro.com/ Software Link: https://codeastro.com/online-railway-reservation-system-in-php-with-source-code/ Version: 1.0 Tested on: Any ...

5.1CVSS5.2AI score0.01128EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.273 views

Human Resource Management System 1.0 - 'employeeid' SQL Injection

Exploit Title: Human Resource Management System - SQL Injection Date: 13-01-2024 Exploit Author: Srikar Exp1o1t9r Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.273 views

Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting

Exploit Title: Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting Date: 2021-10-06 Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-dj-booking-management-system-using-php-and-mysql/ Version: V 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.273 views

Library System 1.0 - 'student_id' SQL injection (Authenticated)

Exploit Title: Library System 1.0 - 'studentid' SQL injection Authenticated Google Dork: intitle: "Library System by YahooBaba" Date: 26/08/2021 Exploit Author: Vinay Bhuria Vendor Homepage: https://www.yahoobaba.net Software Link: https://www.yahoobaba.net/project/library-system-in-php Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.273 views

ECOA Building Automation System - Configuration Download Information Disclosure

Exploit Title: ECOA Building Automation System - Configuration Download Information Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Configuration Download Information Disclosure Vendor: ECOA Technologies Corp. Produc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/23 12:0 a.m.273 views

RaspAP 2.6.6 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: RaspAP 2.6.6 - Remote Code Execution RCE Authenticated Date: 23.08.2021 Exploit Author: Moritz Gruber Vendor Homepage: https://raspap.com/ Software Link: https://github.com/RaspAP/raspap-webgui Version: 2.6.6 Tested on: Linux raspberrypi 5.10.52-v7+ import requests from requests.ap...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.273 views

Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)

Exploit Title: Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting XSS Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25679...

5.4CVSS5.9AI score0.02682EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/02/17 12:0 a.m.273 views

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.htm...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.273 views

CyberArk PSMP 10.9.1 - Policy Restriction Bypass

Exploit Title: CyberArk PSMP 10.9.1 - Policy Restriction Bypass Google Dork: NA Date: 2020-02-25 Exploit Author: LAHBAL Said Vendor Homepage: https://www.cyberark.com/ Software Link: https://www.cyberark.com/ Version: PSMP = 11.1 Prerequisites Policy allows us to overwrite PSMRemoteMachine...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/06/21 12:0 a.m.273 views

PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution

!/usr/bin/python Exploit Title: RCE for PHPMailer 5.2.20 with Exim MTA Date: 16/06/2017 Exploit Author: @phacktul Software Link: https://github.com/PHPMailer/PHPMailer Version: 5.2.20 Tested on: Debian x86/x64 CVE : CVE-2016-10033,CVE-2016-10074,CVE-2016-10034,CVE-2016-10045 @phacktul -...

9.8CVSS10AI score0.99714EPSS
Exploits71
Exploit DB
Exploit DB
added 2011/10/03 12:0 a.m.273 views

JBoss & JMX Console - Misconfigured Deployment Scanner

!/usr/bin/perl Exploit Title: JBoss, JMX Console, misconfigured DeploymentScanner Date: Oct 3 2011 Author: y0ug codsec.com Version: Tested on: Linux CVE : CVE-2010-0738 POC against misconfigured JBoss JMX Console It use the addUrl method in DeploymentScanner module More information...

5.3CVSS6.4AI score0.79415EPSS
Exploits28
Exploit DB
Exploit DB
added 2004/04/12 12:0 a.m.273 views

eMule 0.42d - IRC Remote Buffer Overflow

!/usr/bin/perl eMule = 0.42d Remote Exploit by kcope exploits the DecodeBase16 buffer overflow tested on WinXP SP1 / Win2k SP4 bindport/connectback shellcode thanks Kostya Kortchinsky for his posting to bugtraq greetings to sander, blackzero, beginna, adize, A-cru and wY :p have fun! kcope,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.272 views

Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege

Exploit Title: Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ CVE: CVE-2024-49138 include...

7.8CVSS7.4AI score0.25414EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/15 12:0 a.m.272 views

Ivanti Connect Secure 22.7R2.5 - Remote Code Execution (RCE)

Exploit Title: Ivanti Connect Secure 22.7R2.5 - Remote Code Execution RCE Date: 2025-01-11 Exploit Author: @absholi7ly CVE: CVE-2025-0282 import requests import sys import struct import socket import ssl import urllib3 import time Disable SSL warnings...

9CVSS7.2AI score0.99971EPSS
Exploits13
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.272 views

LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection

Exploit Title: LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection Google Dork: inurl:"/wp-json/learnpress/v1/" OR inurl:"/wp-content/plugins/learnpress/" OR "powered by LearnPress" AND "version 4.2.7" Date: Current Date, e.g., October 30, 2024 Exploit Author: Your Name or Username Vendor...

10CVSS9.6AI score0.63134EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/03/20 12:0 a.m.272 views

FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)

Exploit Title: FluxBB 1.5.11 Stored xss Date: 3/8/2025 Exploit Author: Chokri Hammedi Vendor Homepage: www.fluxbb.org Software Link: https://www.softaculous.com/apps/forums/FluxBB Version: FluxBB 1.5.11 Tested on: Windows XP 1. login to admin panel 2. go to /adminforums.php 3. click on "add forum...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.272 views

CE Phoenix Version 1.0.8.20 - Stored XSS

Exploit Title: CE Phoenix Version 1.0.8.20 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://phoenixcart.org/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/ecommerce/CEPhoenix POC: 1-Login admin panel , go to this url :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/15 12:0 a.m.272 views

ProjeQtOr Project Management System v10.4.1 - Multiple XSS

Exploit Title: ProjeQtOr Project Management System V10.4.1 - Multiple XSS Version: V10.4.1 Bugs: Multiple XSS Technology: PHP Vendor URL: https://www.projeqtor.org Software Link: https://sourceforge.net/projects/projectorria/files/projeqtorV10.4.1.zip/download Date of found: 09.07.2023 Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.272 views

Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE)

ADVISORY INFORMATION Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE Date of found: 21 July 2022 Application: Roxy WI = v6.1.0.0 Author: Nuri Çilengir Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Advisory:...

10CVSS9.6AI score0.90387EPSS
Exploits15
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.272 views

WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF)

Exploit Title: WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery CSRF Date: 24-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Summary: Cross site forgery vulnerability has been identified...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.272 views

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (1)

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 1 Date: 17/02/2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.272 views

HiSilicon Video Encoders - Full admin access via backdoor password

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...

9.8CVSS9.7AI score0.1976EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.272 views

D-Link DIR-615 T1 20.10 - CAPTCHA Bypass

Exploit Title: D-Link DIR-615 T1 20.10 - CAPTCHA Bypass Date: 2019-10-12 Exploit Author: huzaifa hussain Vendor Homepage: https://in.dlink.com/ Version: DIR-615 T1 ver:20.10 Tested on: D-LINK ROUTER "MODEL NO: DIR-615" with "FIRMWARE VERSION:20.10" & "HARDWARE VERSION:T1 CVE: CVE-2019-17525 D-LIN...

8.8CVSS8.8AI score0.0584EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/05/26 12:0 a.m.272 views

Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated)

Exploit Title: Open-AudIT 3.3.0 - Reflective Cross-Site Scripting Authenticated Date: 2020-04-26 Exploit Author: Kamaljeet Kumar Vendor Homepage: https://opmantek.com/network-discovery-inventory-software/ Software Link: https://www.open-audit.org/downloads.php Version: 3.3.0 CVE : CVE-2020-12261...

5.4CVSS6AI score0.02587EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/03/06 12:0 a.m.272 views

ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path

Exploit Title: ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.asus.com/ Software Link : https://www.microsoft.com/en-us/p/asus-giftbox/9wzdncrdrb6s?activetab=pivot:overviewtab Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/05 12:0 a.m.272 views

JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects

The following sample was found by Fuzzilli and then slightly modified. It crashes JSC in debug builds: function main const v2 = 1337,1337; const v3 = 1337,v2,v2,0; Object.proto = v3; for let v10 = 0; v10 inheritscell-JSC::JSCell::vm, std...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.272 views

ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service

Exploit Title: ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service Date: 2019-10-12 Vendor Homepage: https://www.actfax.com/ Software Link : https://www.actfax.com/download/actfaxsetupx64ge.exe Exploit Author: Achilles Tested Version: 6.92 Tested on: Windows 7 x64 Vulnerability Typ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/27 12:0 a.m.272 views

WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting

Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/21 12:0 a.m.272 views

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can be found here: https://www.youtube.com/watch?v=CxyOtsNVgFg A Tenable Research...

7.5CVSS7.6AI score0.15697EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/12/29 12:0 a.m.272 views

Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) - Local Privilege Escalation (KASLR / SMEP)

// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and 4.8.0 kernels // - Linux Mint rosa 4.4.0 kernels // - Linux Mint sarah 4.8.0 kernels // - Zorin OS 12.1...

7CVSS7.9AI score0.20797EPSS
Exploits19
Exploit DB
Exploit DB
added 2005/09/06 12:0 a.m.272 views

Microsoft Windows - CSRSS Privilege Escalation (MS05-018)

include include include pragma comment lib,"Advapi32.lib" typedef struct CONSOLESTATEINFO / 0x00 / DWORD cbSize; / 0x04 / COORD ScreenBufferSize; / 0x08 / COORD WindowSize; / 0x0c / POINT WindowPosition; / 0x14 / COORD FontSize; / 0x18 / DWORD FontFamily; / 0x1c / DWORD FontWeight; / 0x20 / WCHAR...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.271 views

Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation

Exploit Title: Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation Date: 16 December, 2024 Exploit Author: Jun Takemura Author's GitHub: https://github.com/JunTakemura Author's Blog: juntakemura.dev Vendor Homepage: https://themehunk.com Software Link:...

9.8CVSS7.4AI score0.54754EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.271 views

GLPI 9.5.7 - Username Enumeration

Exploit Title: GLPI 9.5.7 - Username Enumeration Date: 04/29/2023 Author: Rafael B. Vendor Homepage: https://glpi-project.org/pt-br/ Affected Versions: GLPI version 9.1 = 9.5.7 Software: https://github.com/glpi-project/glpi/releases/download/9.5.7/glpi-9.5.7.tgz import requests from bs4 import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.271 views

Lucee Scheduled Job v1.0 - Command Execution

Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Date: 3-23-2012 Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.271 views

Employee Task Management System v1.0 - SQL Injection on (task-details.php?task_id=?)

Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task...

8.8CVSS7AI score0.01684EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.271 views

KLiK Social Media Website 1.0 - 'Multiple' SQLi

Exploit Title: KLiK Social Media Website 1.0 - 'Multiple' SQLi Date: April 1st, 2022 Exploit Author: corpse Vendor Homepage: https://github.com/msaad1999/KLiK-SocialMediaWebsite Software Link: https://github.com/msaad1999/KLiK-SocialMediaWebsite Version: 1.0 Tested on: Debian 11 Parameter: poll G...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.271 views

Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Account Takeover Unauthenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.271 views

WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting XSS Authenticated Date: 25-10-2021 Exploit Author: Ceylan Bozogullarindan Vendor Homepage: https://lenderd.com/ Software Link: https://mortgagecalculatorsplugin.com/ Version: 1.52 Tested on: Linux CVE :...

4.8CVSS5.1AI score0.05063EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.271 views

Siemens S7 Layer 2 - Denial of Service (DoS)

Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Date: 21/10/2021 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/30 12:0 a.m.271 views

PlaceOS 1.2109.1 - Open Redirection

Exploit Title: PlaceOS 1.2109.1 - Open Redirection Date: 29-09-2021 Exploit Author: Hamza Khedr @ Accenture Austalia AARO Team Vendor Homepage: https://place.technology/ Software Link: https://github.com/PlaceOS Version: 1.29.10 Tested on: Ubuntu 20.04 CVE: CVE-2021-41826 PoC:...

6.4AI score0.11872EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/08/13 12:0 a.m.271 views

Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 12/08/2021 Exploit Author: Ömer Hasan Durmuş Software Link: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Version: v1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/10 12:0 a.m.271 views

WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting XSS Date: 2021-08-06 Exploit Author: Aryan Chehreghani Software Link: https://wordpress.org/plugins/picture-gallery/ Version: 1.4.2 Tested on: Windows 10 How to Reproduce this Vulnerability: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/01 12:0 a.m.271 views

Ubee EVW327 - 'Enable Remote Access' Cross-Site Request Forgery (CSRF)

Exploit Title: Ubee EVW327 - 'Enable Remote Access' Cross-Site Request Forgery CSRF Date: 2021-05-30 Exploit Author: lated Vendor Homepage: https://www.ubeeinteractive.com Version: EVW327 document.forms0.submit;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.271 views

Printable Staff ID Card Creator System 1.0 - 'email' SQL Injection

Exploit Title: Printable Staff ID Card Creator System 1.0 - SQLi & RCE via Arbitrary File Upload Date: 2021-05-16 Exploit Author : bwnz Software Link: https://www.sourcecodester.com/php/12802/php-staff-id-card-creation-and-printing-system.html Version: 1.0 Tested on: Ubuntu 20.04.2 LTS Printable...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.271 views

DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path

Exploit Title: DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : DigitalPersona U. are U. One Touch Version : DigitalPersona Pro 4.5.0.2213 Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS: Windows 10 Home...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.271 views

Sysax Multi Server 5.50 - Denial of Service (PoC)

Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi Server 5.50 Tested on: WIndow 7 CVE : if...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.271 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 7f2c.8be8: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/19 12:0 a.m.271 views

GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting

Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting Author: Cakes Discovery Date: 2019-09-19 Vendor Homepage: https://goautodial.org/ Software Link: https://downloads2.goautodial.org/centos/7/isos/x8664/GOautodial-4-x8664-Pre-Release-20180929-0618.iso Tested Version: 4.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.271 views

Enigma NMS 65.0.0 - SQL Injection

-------------------------------------------------------------------- Exploit Title: Enigma NMS searchpattern SQL Injection Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software Link:...

9CVSS9AI score0.0281EPSS
Exploits5
Total number of security vulnerabilities5000