Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/08/18 12:0 a.m.257 views

Savsoft Quiz 5 - Stored Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - Stored Cross-Site Scripting Date: 2020-07-28 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Windows 10 Contact:...

6.1CVSS6.4AI score0.09815EPSS
Exploits1
Exploit DB
Exploit DB
added 2020/02/20 12:0 a.m.257 views

Easy2Pilot 7 - Cross-Site Request Forgery (Add User)

Exploit Title: Easy2Pilot 7 - Cross-Site Request Forgery Add User Author: indoushka Date: 2020-02-20 Tested on: windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor: http://easy2pilot-v7.com/ CVE: N/A poc : + Dorking İn Google Or Other Search Enggine. + save code as poc.html +...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/10 12:0 a.m.257 views

Ricoh Driver - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Ricoh Driver Privilege Escalation', 'Description' = %q Various Ricoh printer drivers allow escalation of privilege...

7.8CVSS7.8AI score0.04566EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.257 views

ipPulse 1.92 - 'Enter Key' Denial of Service (PoC)

Exploit Title: ipPulse 1.92 - 'Enter Key' Denial of Service PoC Discovery by: Diego Buztamante Discovery Date: 2019-11-18 Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link : http://download.netscantools.com/ipls192.zip Tested Version: 1.92 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/29 12:0 a.m.257 views

Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass (MS15-014)

Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows...

3.3CVSS6.7AI score0.08074EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.257 views

Kirona-DRS 5.5.3.5 - Information Disclosure

Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be other versions. Tested On...

6.1CVSS5.8AI score0.49236EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/09/24 12:0 a.m.257 views

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds

When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated object. If initWithCoder: or any method it calls decodes the same object,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.257 views

WordPress Plugin Event Tickets 4.10.7.1 - CSV Injection

Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link: https://downloads.wordpress.org/plugin/event-tickets.4.10.7.1.zip...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/20 12:0 a.m.258 views

BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection

Exploit Title: Out-of-band XML External Entity Injection on BlogEngine.NET Date: 19 June 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10718 1. Description ============== BlogEngine.NET is vulnerable to an Out-of-Band...

7.5CVSS7.8AI score0.02657EPSS
Exploits5
Exploit DB
Exploit DB
added 2009/02/09 12:0 a.m.257 views

TightVNC - Authentication Failure Integer Overflow (PoC)

!/usr/bin/env python [email protected] Modified Andres Lopez Luksenberg's exploit for Authentication Failure scenario in TightVNC. BID 33569 CVE-2009-0388 import socket serversocket = socket.socketsocket.AFINET, socket.SOCKSTREAM serversocket.bind'', 5900 serversocket.listen1 while True:...

10CVSS7AI score0.13334EPSS
Exploits11
Exploit DB
Exploit DB
added 2006/10/29 12:0 a.m.257 views

Faq Administrator 2.1 - 'faq_reply.php' Remote File Inclusion

================================================================== Faq Administrator RFI ================================================================== Info:- Scripts: Faq Administrator http://www.campbus.com/downloads/faqadmin/faqadmin-current.tgz Version : 2.1b Dork & vuln : download script...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.256 views

JetBrains TeamCity 2023.11.4 - Authentication Bypass

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: JetBrains TeamCity 2023.11.4 - Authentication Bypass Date: 2024-02-21 Exploit Author: ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://www.jetbrains.com/teamcity/ Version: =2.25.1 """ import requests import argparse...

9.8CVSS7.4AI score0.99938EPSS
Exploits24
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.256 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field

Exploit Title: LiveHelperChat 4. Save the changes. 5. Revist the Department Assignment settings page and edit the Alias Nick field, the cross site scripting xss will execute...

6.5CVSS7.4AI score0.01532EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.256 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Operator Surname Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software Link:...

5.4CVSS7.4AI score0.00854EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.256 views

Best Student Result Management System v1.0 - Multiple SQLi

Title: Best Student Result Management System v1.0 - Multiple SQLi Author: nu11secur1ty Date: 04/08/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.256 views

thrsrossi Millhouse-Project 1.414 - Remote Code Execution

sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.256 views

Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery

!-- Exploit Title: Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.256 views

WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting XSS Date: 2/15/2021 Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip Version: 1.3.1 Tested...

6.1CVSS6.3AI score0.10358EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.256 views

Online Library Management System 1.0 - 'Search' SQL Injection

Exploit Title: Online Library Management System 1.0 - 'Search' SQL Injection Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/ols.zip Version: 1.0 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/18 12:0 a.m.257 views

EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Date: 5/17/2021 Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/12 12:0 a.m.256 views

School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14155/school-file-management-system.html Software: : School...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.256 views

Xerox AltaLink C8035 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: Xerox AltaLink C8035 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-17 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/altalink-c8000-series Software : Xerox Printer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.256 views

Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path

Exploit Title: Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path Exploit Author: Debashis Pal Date: 2019-10-17 Vendor Homepage : https://webcompanion.com Source: https://webcompanion.com Version: Web Companion versions 5.1.1035.1047 CVE : N/A Tested on: Windows 7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/28 12:0 a.m.256 views

PHP 7.1 < 7.3 - 'json serializer' disable_functions Bypass

= 8; public function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8; return $out; unable to leak ro segments public function leak1$addr global $spl1; $this-write$this-abc, 8, $addr - 0x10; return strlengetclass$spl1; the real deal public function leak2$addr, $p...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/18 12:0 a.m.256 views

ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.255 views

OpenSSH server (sshd) 9.8p1 - Race Condition

Exploit Title : OpenSSH server sshd 9.8p1 - Race Condition Author : Milad Karimi Ex3ptionaL Date : 2025-04-16 Description: Targets a signal handler race condition in OpenSSH's server sshd on glibc-based Linux systems. It exploits a vulnerability where the SIGALRM handler calls async-signal-unsafe...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/14 12:0 a.m.255 views

SilverStripe 5.3.8 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: SilverStripe 5.3.8 - Stored Cross Site Scripting XSS Authenticated Date: 2025-01-15 Exploit Author: James Nicoll Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download/ Category: Web Application Version: 5.2.22 Tested on: SilverStripe...

5.4CVSS7AI score0.01108EPSS
Exploits2
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.255 views

flatnux 2021-03.25 - Remote Code Execution (Authenticated)

Exploit Title: flatnux-2021-03.25 - Remote Code Execution Authenticated Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://en.altervista.org Software Link: http://flatnux.altervista.org/flatnux.html Version: 2021-03.25 Tested on: Windows/Linux POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.255 views

Auto Dealer Management System v1.0 - SQL Injection on manage_user.php

Exploit Title: Auto Dealer Management System v1.0 - SQL Injection on manageuser.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0915 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System...

8.8CVSS8.9AI score0.01728EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.255 views

ChurchCRM v4.5.3-121fcc1 - SQL Injection

Exploit Title: ChurchCRM v4.5.3-121fcc1 - SQL Injection Author: nu11secur1ty Date: 02.27.2023 Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.255 views

Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload

ADVISORY INFORMATION Exploit Title: Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution RCE via sslcert Upload Date of found: 21 July 2022 Application: Roxy WI .oastify.com;...

10CVSS9.8AI score0.90387EPSS
Exploits15
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.255 views

Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting (XSS)

Exploit Title: Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting XSS Google Dork: NA Date: 03-OCT-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://www.yahoobaba.net/project/library-system-in-php Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.255 views

Hospitals Patient Records Management System 1.0 - 'id' SQL Injection (Authenticated)

Exploit Title: Hospitalss Patient Records Management System 1.0 - 'id' SQL Injection Authenticated Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.255 views

ECOA Building Automation System - Local File Disclosure

Exploit Title: ECOA Building Automation System - Local File Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Local File Disclosure Vulnerability Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/25 12:0 a.m.255 views

Online Leave Management System 1.0 - Arbitrary File Upload to Shell (Unauthenticated)

Exploit Title: Online Leave Management System 1.0 - Arbitrary File Upload to Shell Unauthenticated Date: 24-08-2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.255 views

Customer Relationship Management (CRM) System 1.0 - 'Category' Persistent Cross site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Date: 14-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.255 views

MagpieRSS 0.72 - 'url' Command Injection

Exploit Title: MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery Date: 24 March 2021 Exploit Author: bl4ckh4ck5 Vendor Homepage: http://magpierss.sourceforge.net/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/14 12:0 a.m.255 views

Microsoft Exchange 2019 - Server-Side Request Forgery

import requests from urllib3.exceptions import InsecureRequestWarning import random import string import sys def idgeneratorsize=6, chars=string.asciilowercase + string.digits: return ''.joinrandom.choicechars for in rangesize if lensys.argv " print"使用方式: python PoC.py mail.btwaf.cn [email protected]...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/04 12:0 a.m.255 views

Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS)

Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.255 views

Netis E1+ V1.2.32533 - Unauthenticated WiFi Password Leak

Exploit Title: Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak Date: 2020-04-25 Author: Besim ALTINOK Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204 Version: V1.2.32533 Tested on: Netis E1+ V1.2.32533 Credit: İsmai...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/21 12:0 a.m.255 views

IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/41030/info IBM WebSphere ILOG JRules is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/10 12:0 a.m.255 views

ProFTPd - 'mod_mysql' Authentication Bypass

Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER %' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account logins c...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/15 12:0 a.m.255 views

phpBurningPortal 1.0.1 - 'lang_path' Remote File Inclusion

!/usr/bin/perl use LWP::UserAgent; use LWP::Simple; $target = @ARGV0; $shellsite = @ARGV1; $shellcmd = @ARGV2; $fileno = @ARGV3; if!$target || !$shellsite usage; header; if $fileno eq 1 $file = "questdelete.php?langpath="; elsif $fileno eq 2 $file = "questedit.php?langpath="; elsif $fileno eq 3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/12/19 12:0 a.m.255 views

CUPS 1.1.x - Negative Length HTTP Header

source: https://www.securityfocus.com/bid/6437/info A vulnerability has been reported for CUPS that if exploited may result in a DoS or the execute of code on affected systems. An attacker can exploit this vulnerability by connecting to a vulnerable system and issuing malformed HTTP headers with ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.254 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via the Chat Transfer Function Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software...

5.4CVSS7.4AI score0.00872EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.254 views

Microsoft Excel Use After Free - Local Code Execution

Titles: Microsoft Excel Use After Free - Local Code Execution Author: nu11secur1ty Date: 06/09/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 Versions: MS Excel 2016, MS Office...

7.8CVSS7.8AI score0.0211EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.254 views

Langflow 1.3.0 - Remote Code Execution (RCE)

Exploit Title: Langflow 1.3.0 - Remote Code Execution RCE Date: 2025-04-17 Exploit Author: VeryLazyTech Vendor Homepage: http://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: Langflow 1.3.0 Tested on: Windows Server 2019 CVE: CVE-2025-3248 CVE-2025-3248 - Remote...

9.8CVSS7.4AI score0.9999EPSS
Exploits33
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.254 views

PyroCMS v3.0.1 - Stored XSS

Exploit Title: PyroCMS v3.0.1 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://pyrocms.com/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/cms/PyroCMS...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/17 12:0 a.m.254 views

SolarView Compact 6.0 - OS Command Injection

Exploit Title: SolarView Compact 6.0 - OS Command Injection Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29303 Tested on: Windows Exploit HTTP Request : POST...

10CVSS9.6AI score0.97961EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.254 views

Microfinance Management System 1.0 - 'customer_number' SQLi

Exploit Title: Microfinance Management System 1.0 - 'customernumber' SQLi Date: 2022-25-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/14822/microfinance-management-system.html Software Link:...

9.8CVSS9.8AI score0.13829EPSS
Exploits4
Total number of security vulnerabilities5000