Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2016/03/09 12:0 a.m.239 views

Exim 4.84-3 - Local Privilege Escalation

!/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps...

7CVSS5.7AI score0.05901EPSS
Exploits13
Exploit DB
Exploit DB
added 2008/09/20 12:0 a.m.239 views

jPORTAL 2 - 'humor.php' SQL Injection

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu -QKrun1x-P47tr1ck - FeDeReR -MAGE -JeTFyrE-DON-Outlawz and all darkc0de members...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/15 12:0 a.m.238 views

Pymatgen 2024.1 - Remote Code Execution (RCE)

Exploit Title : Pymatgen 2024.1 - Remote Code Execution RCE Google Dork : not applicable Date : 2024-11-13 Exploit Author : Mohammed Idrees Banyamer Vendor Homepage : https ://pymatgen.org Software Link : https ://pypi.org /project /pymatgen/ Version : 2024.1 Tested on : Kali Linux 2024.1 CVE :...

9.3CVSS7AI score0.03816EPSS
Exploits8
Exploit DB
Exploit DB
added 2024/05/31 12:0 a.m.238 views

Aquatronica Control System 5.1.6 - Information Disclosure

!/usr/bin/env python -- coding: utf-8 -- Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Vendor: Aquatronica s.r.l. Product web page: https://www.aquatronica.com Affected version: Firmware: 5.1.6 Web: 2.0 Summary: Aquatronica's electronic AQUARIUM CONTROLLER is easy to use, allowing...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.238 views

TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.238 views

Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)

Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting XSS Date: 15 May 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://qloapps.com/ Software Link: https://github.com/webkul/hotelcommerce Version: 1.5.2 Tested on: Kali Linux 2022.4 CVE : CVE-2023-30256 Description: A Cross...

6.1CVSS6.3AI score0.08731EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.238 views

Optoma 1080PSTX Firmware C02 - Authentication Bypass

Exploit Title: Optoma 1080PSTX Firmware C02 - Authentication Bypass Date: 2023/05/09 Exploit Author: Anthony Cole Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Vendor Homepage: http://optoma.com Version: Optoma 1080PSTX Firmware C02 Tested on: N/A CVE : CVE-2023-27823...

9.8CVSS9.7AI score0.53312EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/07 12:0 a.m.238 views

NotrinosERP 0.7 - Authenticated Blind SQL Injection

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...

8.8CVSS7AI score0.03088EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.238 views

EasyNas 1.1.0 - OS Command Injection

Exploit Title: EasyNas 1.1.0 - OS Command Injection Date: 2023-02-9 Exploit Author: Ivan Spiridonov [email protected] Author Blog: https://xbz0n.medium.com Version: 1.0.0 Vendor home page : https://www.easynas.org Authentication Required: Yes CVE : CVE-2023-0830 !/usr/bin/python3 import...

8.8CVSS7.5AI score0.20862EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/01 12:0 a.m.238 views

Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)

Exploit Title: Reprise Software RLM v14.2BL4 - Cross-Site Scripting XSS Exploit Author: Mohammed A.Siledar Author Company : reprisesoftware Version: rlm.v14.2BL4 Vendor home page : https://reprisesoftware.com Software Link:...

6.1CVSS6.6AI score0.02527EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.238 views

Magento eCommerce CE v2.3.5-p2 - Blind SQLi

Exploit Title: Magento eCommerce CE v2.3.5-p2 - Blind SQLi Date: 2021-4-21 Exploit Author: Aydin Naserifard Vendor Homepage: https://www.adobe.com/ Software Link: https://github.com/magento/magento2/releases/tag/2.3.5-p2 Version: 2.3.5-p2 Tested on: 2.3.5-p2 POC: 1PUT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/05 12:0 a.m.238 views

Tagstoo 2.0.1 - Persistent Cross-Site Scripting

Exploit Title: Tagstoo 2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacOs Software Description: Software to tag folders...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.238 views

Online Shopping Cart System 1.0 - 'id' SQL Injection

Exploit Title: Online Shopping Cart System 1.0 - 'id' SQL Injection Date: 14.1.2021 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/14668/online-shopping-cart-system-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.238 views

WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)

Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBAZ@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/...

9.8CVSS9.2AI score0.8511EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.238 views

Bio Star 2.8.2 - Local File Inclusion

Exploit Title: Bio Star 2.8.2 - Local File Inclusion Authors: SITE Team Rian Saaty, Bashaer AlHarthy, Safeyah Alhazmi Google Dork: N/A Date of Exploit Release: 2020-07-13 Exploit Author: SITE Team Vendor Homepage: https://www.supremainc.com/en/main.asp Software Link:...

7.5CVSS7AI score0.50734EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/05/07 12:0 a.m.239 views

Car Park Management System 1.0 - Authentication Bypass

Exploit Title: Car Park Management System 1.0 - Authentication Bypass Date: 2020-05-07 Exploit Author: Tarun Sehgal Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/razormist/car-park-management-system.zip Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/19 12:0 a.m.238 views

Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation

Exploit Title: Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Date: 2019-12-18 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.bahn.de/dbvertrieb/view/leistungen/automaten-fahrkartenentwerter.shtml Tested on: Windows XP Document Title: ===============...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/18 12:0 a.m.238 views

Hospital-Management 1.26 - 'fname' SQL Injection

Exploit Title: Hospital-Management 1.26 - 'fname' SQL Injection Author: Cakes Discovery Date: 2019-09-18 Vendor Homepage: https://github.com/Mugerwa-Joseph/hospital-management Software Link: https://github.com/Mugerwa-Joseph/hospital-management/archive/master.zip Tested Version: 1.26 Tested on OS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/16 12:0 a.m.238 views

GetGo Download Manager 6.2.2.3300 - Denial of Service

Exploit Title : GetGo Download Manager 6.2.2.3300 - Denial of Service Date: 2019-08-15 Author - Malav Vyas Vulnerable Software: GetGo Download Manager 6.2.2.3300 Vendor Home Page: www.getgosoft.com Software Link: http://www.getgosoft.com/getgodm/ Tested On: Windows 7 64Bit, Windows 10 64Bit Attac...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.238 views

CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities

Exploit Title: CISCO Small Business 200, 300, 500 Switches Multiple Vulnerabilities. Shodan query: /config/logoffpage.html Discovered Date: 07/03/2014 Reported Date: 08/04/2019 Exploit Author: Ramikan Website: http://fact-in-hack.blogspot.com Vendor...

6.1CVSS5.8AI score0.1051EPSS
Exploits3
Exploit DB
Exploit DB
added 2016/07/29 12:0 a.m.238 views

phpMyAdmin 4.6.2 - (Authenticated) Remote Code Execution

!/usr/bin/env python """cve-2016-5734.py: PhpMyAdmin 4.3.0 - 4.6.2 authorized user RCE exploit Details: Working only at PHP 4.3.0-5.4.6 versions, because of regex break with null byte fixed in PHP 5.4.7. CVE: CVE-2016-5734 Author: https://twitter.com/iamsecurity run: ./cve-2016-5734.py -u root...

9.8CVSS9.6AI score0.81373EPSS
Exploits8
Exploit DB
Exploit DB
added 2012/12/06 12:0 a.m.238 views

Oracle MySQL / MariaDB - Insecure Salt Generation Security Bypass

source: https://www.securityfocus.com/bid/56837/info MySQL and MariaDB are prone to a security-bypass weakness. An attacker may be able to exploit this issue to aid in brute-force attacks; other attacks may also be possible. use Net::MySQL; $|=1; my $mysql = Net::MySQL-new hostname = '192.168.2.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/08 12:0 a.m.238 views

Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)

!/bin/sh EDB Note: Updated exploit https://www.exploit-db.com/exploits/14339/ Exploit Title: Ubuntu PAM MOTD file tampering privilege escalation Date: July 7, 2010 Author: Kristian Erik Hermansen Software Link: http://packages.ubuntu.com/ Version: pam-1.1.0 Tested on: Ubuntu 10.04 LTS Lucid Lynx...

6.9CVSS6.4AI score0.00941EPSS
Exploits11
Exploit DB
Exploit DB
added 2004/04/30 12:0 a.m.238 views

Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied inp...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/06/03 12:0 a.m.237 views

Sitefinity 15.0 - Cross-Site Scripting (XSS)

Exploit Title: Sitefinity 15.0 - Cross-Site Scripting XSS Date: 2023-12-05 Exploit Author: Aldi Saputra Wahyudi Vendor Homepage: https://www.progress.com/sitefinity-cms Version:...

6.5CVSS7AI score0.01302EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.237 views

Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path

Exploit Title: Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path Date: 2024-04-2 Exploit Author: Saud Alenazi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/ Version: 6.6.240 Tested: Windows 10 x64 Step to discover Unquoted Service Path:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.237 views

GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin

ADVISORY INFORMATION Exploit Title: GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin Date of found: 11 Jun 2022 Application: GLPI Manageentities 4.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

7.5CVSS7.6AI score0.06715EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.237 views

WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE

!/usr/bin/env Exploit Title: WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE Date: 22-01-2023 Exploit Author: BLY Vendor Homepage: https://wpscan.com/vulnerability/10389 Version: File Manager plugin 6.0-6.9 Tested on: Debian CVE : CVE-2020-25213 import...

10CVSS9.6AI score0.97328EPSS
Exploits14
Exploit DB
Exploit DB
added 2023/03/29 12:0 a.m.237 views

Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting XSS Author: Bleron Rrustemi Discovery Date: 2022-11-15 Vendor Homepage: https://www.uniview.com/tr/Products/NVR/Easy/NVR301-04S2-P4/ Datasheet:: https://www.uniview.com/download.do?id=1761643 Device Firmware:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/17 12:0 a.m.237 views

Simple Attendance System 1.0 - Authenticated bypass

Exploit Title: Simple Attendance System 1.0 - Authenticated bypass Exploit Author: Abdullah Khawaja hax.3xploit Date: September 17, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.237 views

Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated)

Exploit Title: Compro Technology IP Camera - RTSP stream disclosure Unauthenticated Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40379 Some devices have...

7.5CVSS7.7AI score0.21631EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/07/29 12:0 a.m.237 views

Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection

Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection Date: 29.07.2021 Exploit Author: securityforeveryone.com Vendor Homepage: https://care2x.org Software Link: https://sourceforge.net/projects/care2002/ Version: = 2.7 Alpha Tested on: Linux/Windows Researchers :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/13 12:0 a.m.237 views

WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting XSS Date: 11/07/2021 Exploit Author: Swapnil Subhash Bodekar Vendor Homepage: Software Link: https://wordpress.org/plugins/wpfront-notification-bar/ Version: 1.9.1.04012 Tested on Windows Category:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/15 12:0 a.m.237 views

Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path

Exploit Title: Brother BRAgent 1.38 - 'WBAAgentClient' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://brother.com Software Link: https://support.brother.com/g/b/downloadhowto.aspx?c=us&lang=en&prod=ads1000wus&os=10013&dlid=dlf002778000&flang=4&type3=...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/19 12:0 a.m.237 views

Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal

Exploit Title: Ruijie Networks Switch eWeb S29RGOS 11.4 - Directory Traversal Exploit Author: Tuygun Date: 2020-08-19 Vendor Homepage: https://www.ruijienetworks.com/ Version: eWeb S29RGOS 11.41B12P11 Source : https://faruktuygun.com/directorytraversal.html Proof of Concept Request: GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.237 views

Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)

Exploit Title: Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow SEH Date: 2020-07-26 Author: Felipe Winsnes Software Link: https://nidesoft-dvd-ripper.softonic.com/ Version: 5.2.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/09 12:0 a.m.237 views

CompleteFTP Professional 12.1.3 - Remote Code Execution

Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...

4.3CVSS4.7AI score0.03679EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/07/02 12:0 a.m.237 views

ZenTao Pro 8.8.2 - Command Injection

Exploit Title: ZenTao Pro 8.8.2 - Command Injection Date: 2020-07-01 Exploit Author: Daniel Monzón & Melvin Boers Vendor Homepage: https://www.zentao.pm/ Version: 8.8.2 Tested on: Windows 10 / WampServer Other versions like pro or enterprise edition could be affected aswell Netcat is needed to us...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.237 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...

5.4CVSS5.6AI score0.03566EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.237 views

Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS Strings

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/10 12:0 a.m.237 views

Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

9.3CVSS7.3AI score0.81716EPSS
Exploits8
Exploit DB
Exploit DB
added 2008/07/24 12:0 a.m.237 views

BIND 9.x - Remote DNS Cache Poisoning

from scapy import import random Copyright C 2008 Julien Desfossez http://www.solisproject.net/ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, o...

6.8CVSS7.1AI score0.95182EPSS
Exploits20
Exploit DB
Exploit DB
added 2004/06/08 12:0 a.m.237 views

Squid 2.5.x/3.x - NTLM Buffer Overflow (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Squid NTLM...

10CVSS6.7AI score0.7107EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/06/05 12:0 a.m.236 views

ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)

ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution RCE Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.04 Summary: ASPECT is an award-winning scalable building energy management...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/02 12:0 a.m.236 views

Blood Bank v1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Blood Bank v1.0 Stored Cross Site Scripting XSS Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...

6.1CVSS6.4AI score0.00479EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.236 views

Screen SFT DAB 600/C - Authentication Bypass Password Change

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Password Change Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.236 views

Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking

Exploit Title: Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking Author: nu11secur1ty Date: 02.23.2023 Vendor: https://www.kimai.org/ Software: https://github.com/kimai/kimai/releases/tag/1.30.10 Reference:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/30 12:0 a.m.236 views

WPForms 1.7.8 - Cross-Site Scripting (XSS)

Exploit Title: WPForms 1.7.8 - Cross-Site Scripting XSS Date: 2022-12-05 Author: Milad karimi Software Link: https://wordpress.org/plugins/wpforms-lite Version: 1.7.8 Tested on: Windows 10 CVE: N/A 1. Description: This plugin creates a WPForms from any post types. The slider import search feature...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.236 views

DLINK DIR850 - Open Redirect

Exploit Title: DLINK DIR850 - Open Redirect Product: Dlink Model: DIR850 Date: 14/1/2022 CVE: CVE-2021-46379 Exploit Author: AhmedAlroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit...

6.1CVSS6.3AI score0.15701EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/08/10 12:0 a.m.236 views

Xiaomi browser 10.2.4.g - Browser Search History Disclosure

Exploit Title: Xiaomi browser 10.2.4.g - Browser Search History Disclosure Date: 27-Dec-2018 Exploit Author: Vishwaraj101 Vendor Homepage: https://www.mi.com/us Software Link: https://www.apkmirror.com/apk/xiaomi-inc/mi-browse/mi-browse-10-2-4-release/ Version: 10.2.4.g Tested on: Tested in Andro...

5.3CVSS7AI score0.10009EPSS
Exploits4
Total number of security vulnerabilities5000