Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.261 views

Executables Created with perl2exe < V30.10C - Arbitrary Code Execution

Exploit Title: Executables Created with perl2exe safe.pl user@testing:/example$ ./perl2exe-Linux-x64-5.30.1/perl2exe safe.pl Perl2Exe V30.10C 2020-12-11 Copyright c 1997-2020 IndigoSTAR Software ... Generating safe user@testing:/example$ user@testing:/example$ Check that the program executes as...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.261 views

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

9.8CVSS9.8AI score0.85332EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.261 views

craftercms 4.x.x - CORS

Exploit Title: craftercms 4.x.x - CORS Author: nu11secur1ty Date: 03.07.2023 Vendor: https://docs.craftercms.org/en/4.0/index.html Software: https://github.com/craftercms/craftercms/tags = 4.x.x Reference: https://portswigger.net/web-security/cors Description: The application implements an HTML5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.261 views

modoboa 2.0.4 - Admin TakeOver

/ Exploit Title: modoboa 2.0.4 - Admin TakeOver Description: Authentication Bypass by Primary Weakness Date: 02/10/2023 Software Link: https://github.com/modoboa/modoboa Version: modoboa/modoboa prior to 2.0.4 Tested on: Arch Linux Exploit Author: 7h3h4ckv157 CVE: CVE-2023-0777 / package main...

9.8CVSS9.3AI score0.15088EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.261 views

Wondershare Dr.Fone 11.4.10 - Insecure File Permissions

Exploit Title: Wondershare Dr.Fone 11.4.10 - Insecure File Permissions Date: 04/25/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://drfone.wondershare.com/ Software Link: https://download.wondershare.com/drfonefull3360.exe Version: 11.4.10 Tested on: Window...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/18 12:0 a.m.261 views

COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections

Exploit Title: COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections Date: 17-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: V1 Category: Webap...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/16 12:0 a.m.261 views

COMMAX Smart Home Ruvie CCTV Bridge DVR Service - RTSP Credentials Disclosure

Exploit Title: COMMAX Smart Home Ruvie CCTV Bridge DVR Service - RTSP Credentials Disclosure Date: 02.08.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Smart Home Ruvie CCTV Bridge DVR Service RTSP Credentials Disclosure Vendor: COMMAX Co., Ltd. Prodcut web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/19 12:0 a.m.261 views

WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation

Exploit Title: WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation Date: 07-17-2021 Exploit Author: nhattruong or nhattruong.blog Vendor Homepage: https://thimpress.com/learnpress/ Software Link: https://wordpress.org/plugins/learnpress/ Version:...

8.1CVSS8.2AI score0.03209EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/04/08 12:0 a.m.261 views

CMSimple 5.2 - 'External' Stored XSS

Exploit Title: CMSimple 5.2 - 'External' Stored XSS Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: CMSimple 5.2 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.cmsimple.org/en/ Description The CMSimple 5.2 allow stored XSS via the Settings CMS Filebrowser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.261 views

Budget Management System 1.0 - 'Budget title' Stored XSS

Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html Version: 1 Tested on Windows 10 + Xampp 8.0.3 XSS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.261 views

Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...

7.5CVSS7AI score0.97822EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/05/10 12:0 a.m.261 views

Pi-hole < 4.4 - Authenticated Remote Code Execution

!/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard port, for the sake of simplicity and not having to modify...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/20 12:0 a.m.261 views

FreeSWITCH 1.10.1 - Command Execution

Exploit Title: FreeSWITCH 1.10.1 - Command Execution Date: 2019-12-19 Exploit Author: 1F98D Vendor Homepage: https://freeswitch.com/ Software Link: https://files.freeswitch.org/windows/installer/x64/FreeSWITCH-1.10.1-Release-x64.msi Version: 1.10.1 Tested on: Windows 10 x64 FreeSWITCH listens on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.261 views

Alkacon OpenCMS 10.5.x - Cross-Site Scripting

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...

6.1CVSS6.5AI score0.02904EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/08/08 12:0 a.m.261 views

Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/http' class MetasploitModule "Baldr Botnet Panel Shell Upload Exploit", 'Description' = %q This module exploits the file upload vulnerability of baldr malwa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.261 views

Microsoft DirectWrite / AFDKO - NULL Pointer Dereferences in OpenType Font Handling While Accessing Empty dynarrays

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/16 12:0 a.m.261 views

WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of Service

Exploit Title: DoS Wechat with an emoji Date: 16-May-2019 Exploit Author: Hong Nhat Pham Vendor Homepage: http://www.tencent.com/en-us/index.html Software Link: https://play.google.com/store/apps/details?id=com.tencent.mm Version: 7.0.4 Tested on: Android 9.0 CVE : CVE-2019-11419 Description:...

5.5CVSS5.6AI score0.04025EPSS
Exploits4
Exploit DB
Exploit DB
added 2015/03/27 12:0 a.m.261 views

Acunetix 9.5 - OLE Automation Array Remote Code Execution

!/usr/bin/python import BaseHTTPServer, sys, socket Acunetix OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 27 Mar 2015 Version: acunetix.exe Video: https://vid.me/SRCb class...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.260 views

Sony XAV-AX5500 1.13 - Firmware Update Validation Remote Code Execution (RCE)

Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage: https://www.sony.com/et/electronics/in-car-receivers-players/xav-ax5500 Software Link: https://archive.org/details/xav-ax-5500-v-113 Version: 1.13 Tested o...

6.8CVSS7.4AI score0.01761EPSS
Exploits2
Exploit DB
Exploit DB
added 2024/06/03 12:0 a.m.260 views

Dotclear 2.29 - Remote Code Execution (RCE)

Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Discovered Date: 26.04.2024 Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.260 views

Online-Pizza-Ordering -1.0 - Remote Code Execution (RCE)

Exploit Title: Online-Pizza-Ordering -1.0 - Remote Code Execution RCE Author: nu11secur1ty Date: 03.30.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.260 views

Intern Record System v1.0 - SQL Injection (Unauthenticated)

Exploit Title: Intern Record System v1.0 - SQL Injection Unauthenticated Date: 2022-06-09 Exploit Author: Hamdi Sevben Vendor Homepage: https://code-projects.org/intern-record-system-in-php-with-source-code/ Software Link:...

9.8CVSS9.7AI score0.05348EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.260 views

Agilebio Lab Collector Electronic Lab Notebook v4.234 - Remote Code Execution (RCE)

Exploit Title: Agilebio Lab Collector Electronic Lab Notebook v4.234 - Remote Code Execution RCE Date: 2023-02-28 Exploit Author: Anthony Cole Vendor Homepage: https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/ Version: v4.234 Contact: http://twitter.com/acole76...

8.8CVSS8.9AI score0.0454EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.260 views

Responsive FileManager 9.9.5 - Remote Code Execution (RCE)

Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution RCE Date: 02-Feb-2023 Exploit Author: Galoget Latorre @galoget Vendor Homepage: https://responsivefilemanager.com Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.9.5/responsivefilemanager.zip...

8.8CVSS8.8AI score0.08627EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.260 views

openSIS Student Information System 8.0 - 'multiple' SQL Injection

Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/13 12:0 a.m.260 views

HD-Network Real-time Monitoring System 2.0 - Local File Inclusion (LFI)

Exploit Title: HD-Network Real-time Monitoring System 2.0 - Local File Inclusion LFI Google Dork: intitle:"HD-Network Real-time Monitoring System V2.0" Date: 11/12/2021 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: N/A Version: V2.0 Tested on: Nginx NVRDVRIPC Web Server Proof of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/19 12:0 a.m.260 views

WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting XSS Date: 18/07/2021 Exploit Author: Vikas Srivastava Vendor Homepage: Software Link: https://wordpress.org/plugins/mimetic-books/ Version: 0.2.13 Category: Web Application Tested on Ma...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/10 12:0 a.m.260 views

BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path

Exploit Title: BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/bootptdemox64.exe Tested Version: 2.0.0.1253 Vulnerabilit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.260 views

Tenda D151 & D301 - Configuration Download (Unauthenticated)

Exploit Title: Tenda D151 & D301 - Configuration Download Unauthenticated Date: 19-04-2021 Exploit Author: BenChaliah Author link: https://github.com/BenChaliah Vendor Homepage: https://www.tendacn.com Software Link: https://www.tendacn.com/us/download/detail-3331.html Versions: - D301 1.2.11.2EN...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.260 views

python jsonpickle 2.0.0 - Remote Code Execution

Exploit Title: python jsonpickle 2.0.0 - Remote Code Execution Date: 24-2-2021 Vendor Homepage: https://jsonpickle.github.io Exploit Author: Adi Malyanker, Shay Reuven Software Link: https://github.com/jsonpickle/jsonpickle Version: 2.0.0 Tested on: windows, linux Python is an open source languag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/02 12:0 a.m.260 views

Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)

Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 3 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel2.c - Solaris/Intel FMT LPE...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/01 12:0 a.m.260 views

MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting

Exploit Title: MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting Date: 7/23/2018 Author: 0xB9 Software Link: https://github.com/jamiesage123/Thread-Redirect Version: 0.2.1 Tested on: Windows 10 1. Description: This plugin allows threads to redirect to a URL with optional custom text. The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.260 views

Broadcom Wi-Fi Devices - 'KR00K Information Disclosure

Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...

3.1CVSS6.2AI score0.07709EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.260 views

Dolibarr ERP-CRM 10.0.1 - 'elemid' SQL Injection

Exploit Title: Dolibarr ERP/CRM - elemid Sql Injection Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for Linux Software Description : Dolibarr ERP & CRM ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/29 12:0 a.m.260 views

Jobberbase 2.0 - 'subscribe' SQL Injection

!/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is vulnerable for SQL injection. Simply mak...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/26 12:0 a.m.260 views

systemd - DynamicUser can Create setuid Binaries when Assisted by Another Process

This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the service. This bug probably has relatively low severity, given that there aren't...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/08 12:0 a.m.260 views

Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution

history.pushState'', '', '/' function exploit var target = "http://127.0.0.1" var boltadminurl = target + "/bolt"; var xhr = new XMLHttpRequest; xhr.open"POST", boltadminurl + "/upload", true; xhr.setRequestHeader"Accept", "application/json, text/javascript, /; q=0.01";...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/23 12:0 a.m.260 views

Joomla! Component vRestaurant 1.9.4 - SQL Injection

Exploit Title: Joomla! Component vRestaurant 1.9.4 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/food-a-beverage/vrestaurant/ Version: 1.9.4 Category:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/18 12:0 a.m.260 views

AnyBurn 4.3 - Local Buffer Overflow (PoC)

Exploit Title: AnyBurn Date: 15-12-2018 Vendor Homepage: http://www.anyburn.com/ Software Link : http://www.anyburn.com/anyburnsetup.exe Exploit Author: Achilles Tested Version: 4.3 32-bit Tested on: Windows 7 x64 Vulnerability Type: Denial of Service DoS Local Buffer Overflow Steps to Produce th...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.259 views

Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting (XSS)

Exploit Title: Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting XSS Exploit Author: Ayato Shitomi @ Fore-Z co.ltd Demo Video: https://www.youtube.com/watch?v=udQgVogsmhA Vendor Homepage: https://teedy.io/ Software Link: https://github.com/Tomblib0/Teedy Version: 1.11 Tested on: Linux...

8.4CVSS7.4AI score0.02628EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/02/16 12:0 a.m.259 views

Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path

Exploit Title: Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-13 Vendor Homepage: https://www.emerson.com/en-us Software Link : https://www.opertek.com/descargar-software/?prc=326 Tested Version: 9.80 Build 869...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.259 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery (CSRF)

Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery CSRF Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com !-- FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 CSRF Add Admin Exploit Vendor: FatPipe Networks Inc. Product w...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/15 12:0 a.m.259 views

Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)

Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Date: 2021-09-15 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/14 12:0 a.m.259 views

Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References (IDOR)

Exploit Title: Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References IDOR Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE: CVE-2021-34369...

6.5CVSS6.5AI score0.08236EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/05/06 12:0 a.m.259 views

b2evolution 7-2-2 - 'cf_name' SQL Injection

Exploit Title: b2evolution 7-2-2 - 'cfname' SQL Injection Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Date: 05.06.2021 Vendor: https://b2evolution.net/ Link: https://b2evolution.net/downloads/7-2-2 CVE: CVE-2021-28242 Proof: https://streamable.com/x51kso + Exploit Source:...

8.8CVSS8.8AI score0.04962EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.259 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/01 12:0 a.m.259 views

Roundcube Webmail 1.2 - File Disclosure

Exploit Title: Roundcube Webmail 1.2 - File Disclosure Date: 09-11-2017 Exploit Author: stonepresto Vendor Homepage: https://roundcube.net/ Software Link: https://sourceforge.net/projects/roundcubemail/files/roundcubemail-beta/1.2-beta/ Version: 1.1.0 - 1.1.9, 1.2.0 - 1.2.6, 1.3.0 - 1.3.2 Tested...

7.8CVSS7.8AI score0.42831EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/01/18 12:0 a.m.259 views

Life Insurance Management System 1.0 - 'client_id' SQL Injection

Exploit Title: Life Insurance Management System 1.0 - 'clientid' SQL Injection Date: 15/1/2021 Exploit Author: Aitor Herrero Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14665/life-insurance-management-system-php-full-source-code.html Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/22 12:0 a.m.259 views

Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting

Exploit Title: Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting Date: 2020-09-19 Exploit Author: Alperen Ergel Vendor Homepage: https://www.flatpress.org/ Software Link: https://github.com/evacchi/flatpress/releases/tag/v1.0.3 Version: 1.0.3 Tested on: windows 10 / xampp CVE :...

4.8CVSS5.5AI score0.02146EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/08/17 12:0 a.m.259 views

QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9 Cleartext...

7.4AI score
Exploits0
Total number of security vulnerabilities5000