Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2020/08/17 12:0 a.m.211 views

QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.210 views

Webtareas 2.1p - Arbitrary File Upload (Authenticated)

Exploit Title: Webtareas 2.1p - Arbitrary File Upload Authenticated Author: AppleBois Date: 2020-07-10 Exploit author : AppleBois Vendor Hompage:https://sourceforge.net/projects/webtareas/ Version: 2.1 && 2.1p Tested on: Window 10 64 bit environment || XAMPP Authenticated User allowed to upload...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.210 views

SnapGear Management Console SG560 3.1.5 - Cross-Site Request Forgery (Add Super User)

Title: SnapGear Management Console SG560 3.1.5 - Cross-Site Request Forgery Add Super User Author: LiquidWorm Date: 2020-06-04 Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 CSRF Add Super User Vendor: Secure Computing Corp. Product web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.210 views

Unraid 6.8.0 - Auth Bypass PHP Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

8.7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/15 12:0 a.m.210 views

File Transfer iFamily 2.1 - Directory Traversal

Title: File Transfer iFamily 2.1 - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-15 Software Link: http://www.dedecms.com/products/dedecms/downloads/ CVE: N/A Document Title: =============== File Transfer iFamily v2.1 - Directory Traversal Vulnerability References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/27 12:0 a.m.210 views

Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal

Exploit Title: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Date: 2020-03-26 Exploit Author: hongphukt Vendor Homepage: https://www.jinfonet.com/ Software Link: https://www.jinfonet.com/product/download-jreport/ Version: JReport 15.6 Tested on: Linux, Windows Jreport Help function...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.210 views

PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution

Exploit Title: PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version:...

7.2CVSS7AI score0.12339EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.210 views

I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure

Exploit Title: I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://www.revotec.com/ Product Link: CVE: N/A !/usr/bin/perl Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure Copyright 2020 c Tod...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.210 views

FTPGetter Professional 5.97.0.223 - Denial of Service (PoC)

Exploit Title: FTPGetter Professional 5.97.0.223 - Denial of Service PoC Google Dork: N/A Date: 2020-01-03 Exploit Author: FULLSHADE Vendor Homepage: https://www.ftpgetter.com/ Software Link: https://www.ftpgetter.com/ftpgetterprosetup.exe Version: v.5.97.0.223 Tested on: Windows 7 CVE : N/A...

7.5CVSS7.8AI score0.02013EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.210 views

Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path

Exploit Title : Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path Date : 2019-10-15 Exploit Author : Cakes Vendor: LiteManager Team Version : LiteManager 4.5.0 Software: http://html.tucows.com/preview/518015/Mikogo?q=remote+support Tested on Windows 10 CVE : N/A c:\sc qc Mikogo-Service ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/27 12:0 a.m.210 views

Pidgin 2.13.0 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: Pidgin 2.13.0 - Denial of Service PoC Date: 24/05/2019 Author: Alejandra Sánchez Vendor Homepage: https://pidgin.im/ Software https://cfhcable.dl.sourceforge.net/project/pidgin/Pidgin/2.13.0/pidgin-2.13.0.exe Version: 2.13.0 Tested on: Windows 7, Windows 10 Proo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/15 12:0 a.m.210 views

Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting

input type="submit" value="Submit requ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/06/24 12:0 a.m.210 views

Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution

| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components Exploit Author : @u0x Pichaya Morimoto Release dates :...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2011/07/09 12:0 a.m.210 views

phpMyAdmin 3.x - Swekey Remote Code Injection

':'';? . , \ . . ,/ , / , \ \ // / / / \ | | \ / | |\ /| | | | | | | | / | | | | / | | | || | | | | | \ \ | | | || | \ \ | | | | | | | | | | | | / / | | | | | | | | | | | | | | | |// || || | |// || || ||| | || ||| || | ||...

7.5CVSS6.6AI score0.12879EPSS
Exploits16
Exploit DB
Exploit DB
added 2011/04/19 12:0 a.m.210 views

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu.maf?jdeowpBackButtonProtect' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47479/info Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This m...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.209 views

Apache mod_proxy_cluster 1.2.6 - Stored XSS

import requests import argparse from bs4 import BeautifulSoup from urllib.parse import urlparse, parseqs, urlencode, urlunparse from requests.exceptions import RequestException class Colors: RED = '\03391m' GREEN = '\0331;49;92m' RESET = '\0330m' def getclustermanagerurlbaseurl, path:...

5.4CVSS6.4AI score0.02242EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.210 views

Quicklancer v1.0 - SQL Injection

Exploit Title: Quicklancer v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/quicklancer-freelance-marketplace-php-script/39087135 Demo Site: https://quicklancer.bylancer.com Tested on: Kali Linux CVE: N/A Request POST /php/user-ajax.php...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.209 views

AmazCart CMS 3.4 - Cross-Site-Scripting (XSS)

Exploit Title: AmazCart CMS 3.4 - Cross-Site-Scripting XSS Date: 17/01/2023 Exploit Author: Sajibe Kanti Vendor Name: CodeThemes Vendor Homepage: https://spondonit.com/ Software Link: https://codecanyon.net/item/amazcart-laravel-ecommerce-system-cms/34962179 Version: 3.4 Tested on: Live Demo Demo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/01 12:0 a.m.209 views

Splashtop 8.71.12001.0 - Unquoted Service Path

Exploit Title: Splashtop 8.71.12001.0 - Unquoted Service Path Date: 12/20/2022 Exploit Author: A.I. hernandez Version: 8.71.12001.0 Vendor Homepage: https://www.splashtop.com Version: current version Tested on: Windows 10 21H2 Step to discover Unquoted Service Path: C:\wmic service get...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.209 views

Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial of Service (PoC)

Exploit Title: Redragon Gaming Mouse - 'REDRAGONMOUSE.sys' Denial of Service PoC Date: 27/08/2021 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.redragonzone.com/pages/download Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/28 12:0 a.m.209 views

Trixbox 2.8.0.4 - 'lang' Path Traversal

Exploit Title: Trixbox 2.8.0.4 - 'lang' Path Traversal Date: 27.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/ Credits to: Sachin Wagh Vendor Homepage:...

6.5CVSS6.5AI score0.39486EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/02 12:0 a.m.209 views

Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)

Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc.c - Solaris/SPARC FMT PoC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/08/13 12:0 a.m.209 views

Artica Proxy 4.3.0 - Authentication Bypass

Exploit Title: Artica Proxy 4.3.0 - Authentication Bypass Google Dork: N/A Date: 2020-08-13 Exploit Author: Dan Duffy Vendor Homepage: http://articatech.net/ Software Link: http://articatech.net/download2x.php?IsoOnly=yes Version: 4.30.00000000 REQUIRED Tested on: Debian CVE : CVE-2020-17506 impo...

9.8CVSS9.6AI score0.93967EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.209 views

Online shopping system advanced 1.0 - 'p' SQL Injection

Exploit Title: Online shopping system advanced 1.0 - 'p' SQL Injection Exploit Author : Majid kalantari Date: 2020-04-26 Vendor Homepage : https://github.com/PuneethReddyHC/online-shopping-system-advanced Software link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/10 12:0 a.m.209 views

Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal

Exploit Title: Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal Date: 2020-04-10 Exploit Author: Basim Alabdullah Software Link: https://sourceforge.net/projects/zenloadbalancer/files/Distro/zenloadbalancer-distro3.10.1.iso/download Version: 3.10.1 Tested on: Debian8u2 Technical Details...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.209 views

PHPKB Multi-Language 9 - Authenticated Remote Code Execution

Exploit Title: PHPKB Multi-Language 9 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version: Multi-Language v9 Tested on...

7.2CVSS7AI score0.04884EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/02/06 12:0 a.m.209 views

Cisco Data Center Network Manager 11.2.1 - 'getVmHostData' SQL Injection

!/usr/bin/python """ Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date: 18-Jun-2019 - FileName: dcnm-installer-x64-windows.11.2.1.exe.zip - Siz...

10CVSS7.4AI score0.92835EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.209 views

Rukovoditel Project Management CRM 2.5.2 - 'reports_id' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'reportsid' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/01 12:0 a.m.209 views

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery

FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 build 539 Algorithm A14 Summary: FaceSentry 5AN is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/24 12:0 a.m.209 views

SeedDMS < 5.1.11 - 'out.GroupMgr.php' Cross-Site Scripting

Exploit Title: Persistent Cross-Site Scripting or Stored XSS in out/out.GroupMgr.php in SeedDMS before 5.1.11 Google Dork: NA Date: 17-June-2019 Exploit Author: Nimit Jainhttps://secfolks.blogspot.com Vendor Homepage: https://www.seeddms.org Software Link:...

6.1CVSS6.5AI score0.01918EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.209 views

WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection

Exploit Title: WP AutoSuggest 0.24 - SQL Injection Date: 01-12-2018 Software Link: https://wordpress.org/plugins/wp-autosuggest/ Exploit Author: Kaimi Website: https://kaimi.io Version: 0.24 Category: webapps SQL Injection File: autosuggest.php Vulnerable code: if isset$GET'wpaskeys' $wpaskeys =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/07/05 12:0 a.m.209 views

ADB Broadband Gateways / Routers - Local Root Jailbreak

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local root jailbreak via network file sharing flaw product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202...

7.8CVSS7AI score0.01583EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/11/30 12:0 a.m.209 views

Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page (1)

// EDB Note: Source https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0 // EDB Note: Source https://github.com/bindecy/HugeDirtyCowPOC // Author Note: Before running, make sure to set transparent huge pages to "always": // echo always | sudo tee...

7CVSS7.8AI score0.02841EPSS
Exploits9
Exploit DB
Exploit DB
added 2017/11/06 12:0 a.m.209 views

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/10/19 12:0 a.m.209 views

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (Write Access Method)

/ dirtyc0w.c $ sudo -s echo this is not a test foo chmod 0404 foo $ ls -lah foo -r-----r-- 1 root root 19 Oct 20 15:23 foo $ cat foo this is not a test $ gcc -pthread dirtyc0w.c -o dirtyc0w $ ./dirtyc0w foo m00000000000000000 mmap 56123000 madvise 0 procselfmem 1800000000 $ cat foo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/07 12:0 a.m.209 views

DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)

$Id: ddwrtcgibinexec.rb 9719 2010-07-07 17:38:59Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

8.3CVSS6.7AI score0.82504EPSS
Exploits7
Exploit DB
Exploit DB
added 2009/12/06 12:0 a.m.209 views

iWeb HTTP Server - Directory Traversal

iWeb HTTP server Directory Transversal Vulnerability Found By: mrme Download: http://www.ashleybrown.co.uk/iweb/ Tested On: Windows XPSP3 POC: http://server/..%5C..%5C..%5Cboot.ini...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/09 12:0 a.m.209 views

Apache mod_perl - 'Apache::Status' / 'Apache2::Status' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34383/info The Apache 'modperl' module is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/15 12:0 a.m.209 views

MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection

!/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific: "Powered By MyBB" "2006 MyBB Group"\n\n"; / works...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/07/11 12:0 a.m.209 views

Spid 1.3 - 'lang_path' File Inclusion

source: https://www.securityfocus.com/bid/14208/info SPiD is a gallery management application written in PHP. SPiD is prone to a remote file include vulnerability, due to lack of validation of user input. An attacker may leverage this issue to execute arbitrary server-side script code on an...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2005/07/01 12:0 a.m.209 views

XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection

tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc drupal exploit, but James sais xoop...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/14 12:0 a.m.208 views

GestioIP 3.5.7 - Cross-Site Scripting (XSS)

Exploit Title: GestioIP 3.5.7 - GestioIP Vulnerability: Auth. Cross-Site Scripting XSS Exploit Author: m4xth0r Maximiliano Belino Author website: https://maxibelino.github.io/ Author email max.cybersecurity at belino.com GitHub disclosure link:...

4.8CVSS7.1AI score0.01172EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.208 views

Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Exploit Title: Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow Exploit Date: 22.01.2023 Discovered and Written by: Knursoft Vendor Homepage: https://www.rockstargames.com/ Version: v1.1 Tested on: Windows XP SP2/SP3, 7, 10 21H2 CVE : N/A 1 - Run this python script to generate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/31 12:0 a.m.208 views

ProLink PRS1841 PLDT Home fiber - Default Password

Exploit Title: Router backdoor - ProLink PRS1841 PLDT Home fiber Date: 12/8/2022 Exploit Author: Lawrence Amer @zux0x3a Vendor Homepage: https://prolink2u.com/product/prs1841/ Firmware : PRS1841 U V2 research:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/17 12:0 a.m.208 views

Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

6.9CVSS5.5AI score0.03274EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/07/15 12:0 a.m.208 views

Aruba Instant (IAP) - Remote Code Execution

import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def racepapimessageip: global CONTINUERACE payload =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/13 12:0 a.m.208 views

Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 12 July 2021 Exploit Author: Subhadip Nag mrl0s3r Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14858/invoice-system-using-phpoop-free-source-code.html Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/20 12:0 a.m.208 views

Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution)

Exploit Title: Voting System 1.0 - File Upload RCE Authenticated Remote Code Execution Date: 19/01/2021 Exploit Author: Richard Jones Vendor Homepage:https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.208 views

Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...

6.1CVSS6.4AI score0.01616EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.208 views

Alumni Management System 1.0 - "Course Form" Stored XSS

Exploit Title: Alumni Management System 1.0 - "Course Form" Stored XSS Exploit Author: Aakash Madaan Date: 2020-12-10 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

7AI score
Exploits0
Total number of security vulnerabilities5000