Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2025/04/04 12:0 a.m.310 views

Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection

Exploit Title: Microchip TimeProvider 4100 Configuration modules 2.4.6 - OS Command Injection Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of Disclosure: 27/06/2024 Date...

8.8CVSS8.9AI score0.1501EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.185 views

Vite 6.2.2 - Arbitrary File Read

Exploit Title: Vite Arbitrary File Read - CVE-2025-30208 Date: 2025-04-03 Exploit Author: Sheikh Mohammad Hasan https://github.com/4m3rr0r Vendor Homepage: https://vitejs.dev/ Software Link: https://github.com/vitejs/vite Version: = 6.2.2, = 6.1.1, = 6.0.11, = 5.4.14, = 4.5.9 Tested on: Ubuntu...

7.5CVSS7.4AI score0.74998EPSS
Exploits28
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.338 views

Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure

Exploit Title: Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...

9.1CVSS6.8AI score0.19534EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.245 views

ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials

Exploit Title : ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.01 Summary: ASPECT is an award-winning scalable building energy...

8.8CVSS8.9AI score0.01511EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.180 views

Webmin Usermin 2.100 - Username Enumeration

Exploit Title: Webmin Usermin 2.100 - Username Enumeration Date: 10.02.2024 Exploit Author: Kjesper Vendor Homepage: https://www.webmin.com/usermin.html Software Link: https://github.com/webmin/usermin Version: = 2.100 Tested on: Kali Linux CVE: CVE-2024-44762...

5.3CVSS5.4AI score0.02621EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.180 views

Nagios Log Server 2024R1.3.1 - Stored XSS

Exploit Title: Stored XSS Vulnerability in Nagios Log Server Privilege Escalation to Admin Date: 2025-04-02 Exploit Author: Seth Kraft Vendor Homepage: https://www.nagios.com/ Vendor Changelog: https://www.nagios.com/changelog/log-server Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.171 views

ABB Cylon Aspect 3.07.02 - File Disclosure

Exploit Title : ABB Cylon Aspect 3.07.02 - File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building energy management and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.172 views

ollama 0.6.4 - Server Side Request Forgery (SSRF)

Exploit Title: ollama 0.6.4 - SSRF Date: 2025-04-03 Exploit Author: sud0 Vendor Homepage: https://ollama.com/ Software Link: https://github.com/ollama/ollama/releases Version: =0.6.4 Tested on: CentOS 8 import argparse import requests import json from urllib.parse import urljoin def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.195 views

AppSmith 1.47 - Remote Code Execution (RCE)

Exploit Title: AppSmith 1.47 - Remote Code Execution RCE Original Author: Rhino Security Labs Exploit Author: Nishanth Anand Exploit Date: April 2, 2025 Vendor Homepage: https://www.appsmith.com/ Software Link: https://github.com/appsmithorg/appsmith Version: Prior to v1.52 Tested Versions: v1.47...

6.5CVSS7.4AI score0.27733EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/04/02 12:0 a.m.246 views

ProSSHD 1.2 - Denial of Service (DOS)

Exploit Title: ProSSHD 1.2 20090726 - Denial of Service DoS Google Dork: N/A Date: 13 january 2024 Exploit Author: Fernando Mengali Vendor Homepage: https://prosshd.com/ Software Link: N/A Version: 1.2 20090726 Tested on: Windows XP CVE: CVE-2024-0725 $sis="$^O"; if $sis eq "windows" $cmd="cls";...

7.5CVSS7.4AI score0.03649EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/02 12:0 a.m.345 views

ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)

Exploit Title : ABB Cylon Aspect 3.08.01 - Remote Code Execution RCE Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy manageme...

10CVSS9.6AI score0.1901EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/02 12:0 a.m.296 views

Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS

Exploit Title: Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS Date: 09/2024 Exploit Author: Haythem Arfaoui CBTW Team Vendor Homepage: https://www.elaine.io/ Software Link: https://www.elaine.io/en/products/elaine-marketing-automation/ Version: 6.18.17 and below Tested on: Windows, Linu...

6.1CVSS6.4AI score0.00834EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/02 12:0 a.m.340 views

ABB Cylon Aspect 3.08.01 - Arbitrary File Delete

Exploit Title : ABB Cylon Aspect 3.08.01 - Arbitrary File Delete Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management a...

10CVSS7.8AI score0.17159EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/02 12:0 a.m.335 views

SAP NetWeaver - 7.53 - HTTP Request Smuggling

Exploit Title: SAPGateBreaker Exploit - CVE-2022-22536 - HTTP Request Smuggling Through SAP's Front Door Google Dork: https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit/blob/main/dorks Date: Tuesday, April 2, 2025 Exploit Author: @C41Tx90 - Victor de Queiroz - Beco do Exploit - Elytron...

10CVSS7.4AI score0.97945EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/03/29 12:0 a.m.286 views

XWiki Standard 14.10 - Remote Code Execution (RCE)

Exploit Title: CVE-2023-48292 Remote Code Execution Exploit Google Dork: N/A Date: 23 March 2025 Exploit Author: Mehran Seifalinia Vendor Homepage: https://www.xwiki.org/ Software Link: https://www.xwiki.org/xwiki/bin/view/Download/ Version: XWiki Standard 14.10 Tested on: Ubuntu 20.04 LTS with...

9.6CVSS9.4AI score0.22938EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/03/29 12:0 a.m.280 views

Solstice Pod 6.2 - API Session Key Extraction via API Endpoint

Exploit Title: Solstice Pod API Session Key Extraction via API Endpoint Google Dork: N/A Date: 1/17/2025 Exploit Author: The Baldwin School Ethical Hackers Vendor Homepage: https://www.mersive.com/ Software Link: https://documentation.mersive.com/en/solstice/about-solstice.html Versions: 5.5, 6.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.243 views

Sonatype Nexus Repository 3.53.0-01 - Path Traversal

Exploit Title: Sonatype Nexus Repository 3.53.0-01 - Path Traversal Google Dork: header="Server: Nexus/3.53.0-01 OSS" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4956 Vendor Homepage: https://www.sonatype.com/nexus-repository Software Link:...

7.5CVSS7.7AI score0.18245EPSS
Exploits16
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.228 views

Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass

Exploit Title: Progress Telerik Report Server 2024 Q1 10.0.24.305 - Authentication Bypass Fofa Dork: title="Telerik Report Server" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4358 Vendor Homepage: https://www.telerik.com/report-server Software...

9.8CVSS9.7AI score0.97482EPSS
Exploits14
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.232 views

Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)

Exploit Title: Rejetto HTTP File Server 2.3m - Remote Code Execution RCE Fofa Dork: "HttpFileServer" && server=="HFS 2.3m" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-23692 Vendor Homepage: http://rejetto.com/hfs/ Software Link:...

9.8CVSS8.8AI score0.99485EPSS
Exploits20
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.291 views

CodeCanyon RISE CRM 3.7.0 - SQL Injection

Exploit Title: CodeCanyon RISE CRM 3.7.0 - SQL Injection Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed Author Homepage: https://bytium.com Vulnerable Version: 3.7 Patched Version: 3.7.1 Tested on: Ubuntu 24.04, Debian Testing CVE: CVE-2024-8945 Instruction 1. Login to...

8.8CVSS7.2AI score0.14545EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.221 views

Litespeed Cache 6.5.0.1 - Authentication Bypass

Exploit Title: Litespeed Cache 6.5.0.1 - Authentication Bypass Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://github.com/gbrsh/CVE-2024-44000?tab=readme-ov-file Version: 6.5.0.1 Tested on:...

9.8CVSS9.8AI score0.83178EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/03/27 12:0 a.m.262 views

KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)

Exploit Title: KubeSphere 3.4.0 - Insecure Direct Object Reference IDOR Date: 3 September Exploit Author: Okan Kurtulus Vendor Homepage: https://kubesphere.io Software Link: https://github.com/kubesphere/kubesphere Version: = 4.0.0 & = 3.0.0 & 3.4.1 Tested on: Ubuntu 22.04 CVE : CVE-2024-46528 1-...

4.3CVSS4.6AI score0.01618EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/03/27 12:0 a.m.292 views

MoziloCMS 3.0 - Remote Code Execution (RCE)

Exploit Title: MoziloCMS 3.0 - Remote Code Execution RCE Date: 10/09/2024 Exploit Author: Secfortress https://github.com/sec-fortress Vendor Homepage: https://mozilo.de/ Software Link: https://github.com/moziloDasEinsteigerCMS/mozilo3.0/archive/refs/tags/3.0.1.zip Version: 3.0 Tested on: Debian...

7.2CVSS7AI score0.16249EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/03/27 12:0 a.m.232 views

X2CRM 8.5 - Stored Cross-Site Scripting (XSS)

Exploit Title: X2CRM 8.5 - Stored Cross-Site Scripting XSS Date: 12 September 2024 Exploit Author: Okan Kurtulus Vendor Homepage: https://x2engine.com/ Software Link: https://github.com/X2Engine/X2CRM Version: X2CRM v8.5 Tested on: Ubuntu 22.04 CVE : CVE-2024-48120 1- Log in to the system with an...

6.5CVSS5.6AI score0.00624EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/03/26 12:0 a.m.214 views

NVIDIA Container Toolkit 1.16.1 - Time-of-check Time-of-Use (TOCTOU)

Exploit Title: Container Breakout with NVIDIA Container Toolkit Date: 17/02/2025 Exploit Author: r0binak Software Link Homepage: https://github.com/NVIDIA/nvidia-container-toolkit Version: 1.16.1 Tested on: NVIDIA Container Tooklit 1.16.1 CVE: CVE-2024-0132 Description: NVIDIA Container Toolkit...

9CVSS7.4AI score0.37055EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/03/22 12:0 a.m.362 views

Microsoft Windows - NTLM Hash Leak Malicious Windows Theme

Exploit Title: CVE-2024-21320 - NTLM Hash Leak via Malicious Windows Theme Date: 02/03/2025 Exploit Author: Abinesh Kamal K U CVE : CVE-2024-21320 Ref: https://www.cve.org/CVERecord?id=CVE-2024-21320 Step 1: Install Responder Responder is a tool to capture NTLM hashes over SMB. git clone...

6.5CVSS7.4AI score0.22773EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/03/22 12:0 a.m.295 views

Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)

Exploit Title: Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change Unauthenticated Date: 2025-02-26 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.aztech.com Version: DSL5005EN Tested on: Linux CVE: N/A import requests import argparse print''' aztech DSL5005EN...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/22 12:0 a.m.465 views

TeamPass 3.0.0.21 - SQL Injection

Exploit Title: TeamPass SQL Injection Google Dork: intitle:"Teampass" + inurl:index.php?page=items Date: 02/23/2025 Exploit Author: Max Meyer - Rivendell Vendor Homepage: http://www.teampass.net Software Link: https://github.com/nilsteampassnet/TeamPass Version: 2.1.24 and prior Tested on:...

7.5CVSS7AI score0.08354EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/03/21 12:0 a.m.244 views

Jasmin Ransomware - SQL Injection Login Bypass

Exploit Title: Jasmin Ransomware SQL Injection Login Bypass Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez Vendor Homepage: https://github.com/codesiddhant/Jasmin-Ransomware Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: N/A Tested on: Windows How t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/20 12:0 a.m.271 views

FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)

Exploit Title: FluxBB 1.5.11 Stored xss Date: 3/8/2025 Exploit Author: Chokri Hammedi Vendor Homepage: www.fluxbb.org Software Link: https://www.softaculous.com/apps/forums/FluxBB Version: FluxBB 1.5.11 Tested on: Windows XP 1. login to admin panel 2. go to /adminforums.php 3. click on "add forum...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/20 12:0 a.m.373 views

JUX Real Estate 3.4.0 - SQL Injection

Exploit Title: JUX Real Estate 3.4.0 - SQL Injection Exploit Author: CraCkEr Date: 26/02/2025 Vendor: JoomlaUX Vendor Homepage: https://joomlaux.com/ Software Link: https://extensions.joomla.org/extension/jux-real-estate/ Demo Link: http://demo.joomlaux.com/jux-real-estate Tested on: Windows 11 P...

8.8CVSS7.4AI score0.09369EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.276 views

VeeVPN 1.6.1 - Unquoted Service Path

Exploit Title: VeeVPN 1.6.1 - 'VeePNService' Unquoted Service Path Date: 2024-12-27 Exploit Author: Doğukan Orhan Vendor Homepage: https://veepn.com/ Version: 1.6.1 Tested on: Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\Users\PCwmic service where 'name like "%VeePNService%"' get...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.313 views

Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)

Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested on: windows, linux CVE ID : CVE-2023-0159 Vulnerability Type: Remote Code Execution...

7.5CVSS7AI score0.55736EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.266 views

TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version: 3.2.41.10.26 Tested on: Window Server 2016 1. Login to web application 2. Click on Entire...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.227 views

Loaded Commerce 6.6 - Client-Side Template Injection(CSTI)

Exploit Title: Loaded Commerce 6.6 Client-Side Template InjectionCSTI Date: 03/13/2025 Exploit Author: tmrswrr Vendor Homepage: https://loadedcommerce.com/ Version: 6.6 Tested on: https://www.softaculous.com/apps/ecommerce/LoadedCommerce Injecting 77 into the search parameter...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/19 12:0 a.m.286 views

Gitea 1.24.0 - HTML Injection

Exploit Title: Gitea 1.24.0 - HTML Injection Date: 2025-03-09 Exploit Author: Mikail KOCADAĞ Vendor Homepage: https://gitea.com Software Link: https://dl.gitea.io/gitea/1.24.0/ Version: 1.24.0 Tested on: Windows 10, Linux Ubuntu 22.04 CVE : N/A Vulnerability Description: In Gitea 1.24.0, the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/03/18 12:0 a.m.364 views

Chamilo LMS 1.11.24 - Remote Code Execution (RCE)

Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version: 1.11.24 Beersel Tested Versions: 1.11.24 Beersel - August 31, 2023...

8.1CVSS7AI score0.76084EPSS
Exploits27
Exploit DB
Exploit DB
added 2024/11/15 12:0 a.m.617 views

SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)

Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/10/01 12:0 a.m.391 views

openSIS 9.1 - SQLi (Authenticated)

Exploit Title: openSIS 9.1 - SQLi Authenticated Google Dork: intext:"openSIS is a product" Date: 09.09.2024 Exploit Author: Devrim Dıragumandan d0ub1edd Vendor Homepage: https://www.os4ed.com/ Software Link: https://github.com/OS4ED/openSIS-Classic/releases/tag/V9.1 Version: 9.1 Tested on: Linux ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/10/01 12:0 a.m.412 views

dizqueTV 1.5.3 - Remote Code Execution (RCE)

Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/10/01 12:0 a.m.328 views

reNgine 2.2.0 - Command Injection (Authenticated)

Exploit Title: reNgine 2.2.0 - Command Injection Authenticated Date: 2024-09-29 Exploit Author: Caner Tercan Vendor Homepage: https://rengine.wiki/ Software Link: https://github.com/yogeshojha/rengine Version: v2.2.0 Tested on: macOS POC : 1. Login the Rengine Platform 2. Click the Scan Engine 3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/08/28 12:0 a.m.475 views

Gitea 1.22.0 - Stored XSS

Exploit Title: Stored XSS in Gitea Date: 27/08/2024 Exploit Authors: Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/go-gitea/gitea Version: 1.22.0 Tested on: Linux 5.15.0-107, Go 1.23.0 CVE: CVE-2024-6886 Vulnerability Description Gitea 1.22.0 is vulnerable to a Stored...

10CVSS7.4AI score0.40321EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/08/28 12:0 a.m.201 views

Invesalius3 - Remote Code Execution

Exploit Title: Invesalius 3.1 - Remote Code Execution RCE Discovered By: Alessio Romano sfoffo, Riccardo Degli Esposti partywave Exploit Author: Alessio Romano sfoffo, Riccardo Degli Esposti partywave Date: 23/08/2024 Vendor Homepage: https://invesalius.github.io/ Software Link:...

8CVSS7.4AI score0.02655EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/08/28 12:0 a.m.386 views

Windows TCP/IP - RCE Checker and Denial of Service

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Windows IPv6 CVE-2024-38063 Checker and Denial-Of-Service Date: 2024-08-07 Exploit Author: Photubias Vendor Homepage: https://microsoft.com Vendor Advisory: 1 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 Version:...

9.8CVSS7.4AI score0.70564EPSS
Exploits24
Exploit DB
Exploit DB
added 2024/08/28 12:0 a.m.231 views

NoteMark < 0.13.0 - Stored XSS

Exploit Title: Stored XSS in NoteMark Date: 07/29/2024 Exploit Author: Alessio Romano sfoffo Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/ Version: 0.13.0 and below Tested on: Linux References: https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,...

8.7CVSS7.4AI score0.00824EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.185 views

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.207 views

Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.251 views

HughesNet HT2000W Satellite Modem - Password Reset

Exploit Title: HughesNet HT2000W Satellite Modem Arcadyan httpd 1.0 - Password Reset Date: 7/16/24 Exploit Author: Simon Greenblatt Vendor: HughesNet Version: Arcadyan httpd 1.0 Tested on: Linux CVE: CVE-2021-20090 import sys import requests import re import base64 import hashlib import urllib re...

9.8CVSS7AI score0.99983EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.223 views

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.169 views

Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver...

7.4AI score
Exploits0
Total number of security vulnerabilities47904