Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2024/05/19 12:0 a.m.378 views

Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)

Title: Rocket LMS 1.9 - Persistent Cross Site Scripting XSS Date: 04/16/2024 Exploit Author: Sergio Medeiros Vendor Homepage: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Software Link: https://lms.rocket-soft.org Version: 1.9 Tested on Firefox and Chrome...

4.8CVSS5.3AI score0.00762EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/05/19 12:0 a.m.433 views

Wordpress Theme XStore 9.3.8 - SQLi

Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent:...

9.3CVSS9.2AI score0.03553EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.254 views

PyroCMS v3.0.1 - Stored XSS

Exploit Title: PyroCMS v3.0.1 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://pyrocms.com/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/cms/PyroCMS...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.377 views

Prison Management System - SQL Injection Authentication Bypass

Exploit : Prison Management System Using PHP -SQL Injection Authentication Bypass Date: 15/03/2024 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/sql/17287/prison-management-system.html Tested on: Windows ,XAMPP CVE :...

7.3CVSS6.8AI score0.0081EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.276 views

Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)

Chyrp 2.5.2 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/chyrp/ Software Link: https://github.com/chyrp/chyrp/archive/refs/tags/v2.5.2.zip Version: 2.5.2 Tested on: MacOS Steps to Reproduce - Login from the address:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.295 views

CrushFTP < 11.1.0 - Directory Traversal

Exploit Title: CrushFTP Directory Traversal Google Dork: N/A Date: 2024-04-30 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Vendor Homepage: https://www.crushftp.com/ Software Link: https://www.crushftp.com/download/ Version: below 10.7.1 and 11.1.0 as well as legacy 9.x Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.303 views

Plantronics Hub 3.25.1 - Arbitrary File Read

Exploit Title: Plantronics Hub 3.25.1 – Arbitrary File Read Date: 2024-05-10 Exploit Author: Farid Zerrouk from Deloitte Belgium, Alaa Kachouh from Mastercard Vendor Homepage: https://support.hp.com/us-en/document/ish9869257-9869285-16/hpsbpy03895 Version: Plantronics Hub for Windows version 3.25...

6.7CVSS7.7AI score0.01673EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.270 views

Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)

Leafpub 1.1.9 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/Leafpub Software Link: https://github.com/Leafpub/leafpub Version: 1.1.9 Tested on: MacOS Steps to Reproduce - Please login from this address:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.209 views

Apache mod_proxy_cluster 1.2.6 - Stored XSS

import requests import argparse from bs4 import BeautifulSoup from urllib.parse import urlparse, parseqs, urlencode, urlunparse from requests.exceptions import RequestException class Colors: RED = '\03391m' GREEN = '\0331;49;92m' RESET = '\0330m' def getclustermanagerurlbaseurl, path:...

5.4CVSS6.4AI score0.02242EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/05/13 12:0 a.m.271 views

CE Phoenix Version 1.0.8.20 - Stored XSS

Exploit Title: CE Phoenix Version 1.0.8.20 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://phoenixcart.org/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/ecommerce/CEPhoenix POC: 1-Login admin panel , go to this url :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/08 12:0 a.m.412 views

Clinic Queuing System 1.0 - RCE

Exploit Title: Clinic Queuing System 1.0 RCE Date: 2024/1/7 Exploit Author: Juan Marco Sanchez Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/16439/clinic-queuing-system-using-php-and-sqlite3-source-code-free-download.html Version: 1.0 Tested on...

9.8CVSS9.4AI score0.20938EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/05/08 12:0 a.m.351 views

iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)

Exploit Title: iboss Secure Web Gateway - Stored Cross-Site Scripting XSS Date: 4/4/2024 Exploit Author: modrnProph3t Vendor Homepage: https://www.iboss.com Version: userName=TEST&x=TEST&action=login&redirectUrl= 3. Insert XSS payload into the "redirectUrl" parameter Example of request with...

6.1CVSS5.1AI score0.22002EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.339 views

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed by a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.333 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offers a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.340 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.362 views

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.193 Revisi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.350 views

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.19...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.369 views

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.364 views

Laravel Framework 11 - Credential Leakage

Exploit Title: Laravel Framework 11 - Credential Leakage Google Dork: N/A Date: 2024-04-19 Exploit Author: Huseein Amer Vendor Homepage: https://laravel.com/ Software Link: N/A Version: 8. - 11. REQUIRED Tested on: N/A CVE : CVE-2024-29291 Proof of concept: Go to any Laravel-based website and...

7AI score0.01341EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.449 views

Flowise 1.6.5 - Authentication Bypass

Exploit Title: Flowise 1.6.5 - Authentication Bypass Date: 17-April-2024 Exploit Author: Maerifat Majeed Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise/releases Version: 1.6.5 Tested on: mac-os CVE : CVE-2024-31621 The flowise version if...

7.6CVSS7.5AI score0.59867EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.282 views

SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Exploit Title: SofaWiki 3.9.2 - Remote Command Execution RCE Authenticated Discovered by: Ahmet Ümit BAYRAM Discovered Date: 18.04.2024 Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Tested Version: v3.9.2 latest Tested on: MacOS import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.395 views

Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation

Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...

10CVSS9.8AI score0.99999EPSS
Exploits43
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.381 views

Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.312 views

FlatPress v1.3 - Remote Command Execution

Exploit Title: FlatPress v1.3 - Remote Command Execution Discovered by: Ahmet Ümit BAYRAM Discovered Date: 19.04.2024 Vendor Homepage: https://www.flatpress.org Software Link: https://github.com/flatpressblog/flatpress/archive/1.3.zip Tested Version: 1.3 latest Tested on: MacOS import requests...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/15 12:0 a.m.330 views

OpenClinic GA 5.247.01 - Path Traversal (Authenticated)

Exploit Title: OpenClinic GA 5.247.01 - Path Traversal Authenticated Date: 2023-08-14 Exploit Author: V. B. Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11...

7.5CVSS6.7AI score0.0338EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/15 12:0 a.m.337 views

OpenClinic GA 5.247.01 - Information Disclosure

Exploit Title: OpenClinic GA 5.247.01 - Information Disclosure Date: 2023-08-14 Exploit Author: VB Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11 CVE:...

7.5CVSS7.6AI score0.03002EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/15 12:0 a.m.338 views

Jenkins 2.441 - Local File Inclusion

Exploit Title: Jenkins 2.441 - Local File Inclusion Date: 14/04/2024 Exploit Author: Matisse Beckandt Backendt Vendor Homepage: https://www.jenkins.io/ Software Link: https://github.com/jenkinsci/jenkins/archive/refs/tags/jenkins-2.441.zip Version: 2.441 Tested on: Debian 12 Bookworm CVE:...

9.8CVSS9.7AI score0.99999EPSS
Exploits46
Exploit DB
Exploit DB
added 2024/04/15 12:0 a.m.320 views

djangorestframework-simplejwt 5.3.1 - Information Disclosure

Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...

5.5CVSS6.4AI score0.00804EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/13 12:0 a.m.299 views

BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE

!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/13 12:0 a.m.321 views

Online Fire Reporting System OFRS - SQL Injection Authentication Bypass

Exploit Title: Online Fire Reporting System SQL Injection Authentication Bypass Date: 02/10/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://phpgurukul.com/online-fire-reporting-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/13 12:0 a.m.428 views

Stock Management System v1.0 - Unauthenticated SQL Injection

Exploit Title: Stock Management System v1.0 - Unauthenticated SQL Injection Date: February 6, 2024 Exploit Author: Josué Mier aka blu3ming Security Researcher & Penetration Tester @wizlynx group Vendor Homepage:...

9.8CVSS9.8AI score0.0135EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/13 12:0 a.m.331 views

Savsoft Quiz v6.0 Enterprise - Stored XSS

Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting Date: 2024-01-03 Exploit Author: Eren Sen Vendor: SAVSOFT QUIZ Vendor Homepage: https://savsoftquiz.com Software Link: https://savsoftquiz.com/web/index.php/online-demo/ Version: 6.0 CVE-ID: N/A Tested on: Kali Linux /...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.269 views

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...

8.8CVSS8.7AI score0.34086EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.290 views

Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting XSS Date: 12 April 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.1.1 Proof Of Concept: 1. Click Add Video part and enter the XSS payload as below into the first input of form or Reques...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.313 views

HTMLy Version v2.9.6 - Stored XSS

Exploit Title: HTMLy Version v2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see XSS alert...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.289 views

Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter

Exploit Title: Moodle Authenticated Time-Based Blind SQL Injection - "sort" Parameter Google Dork: Date: 04/11/2023 Exploit Author: Julio Ángel Ferrari Aka. T0X1Cx Vendor Homepage: https://moodle.org/ Software Link: Version: 3.10.1 Tested on: Linux CVE : CVE-2021-36393 import requests import stri...

9.8CVSS8.4AI score0.52299EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.395 views

PrusaSlicer 2.6.1 - Arbitrary code execution

Exploit Title: PrusaSlicer 2.6.1 - Arbitrary code execution on g-code export Date: 16/01/2024 Exploit Author: Kamil Breński Vendor Homepage: https://www.prusa3d.com Software Link: https://github.com/prusa3d/PrusaSlicer Version: PrusaSlicer up to and including version 2.6.1 Tested on: Windows and...

5.3CVSS6.8AI score0.0072EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.298 views

WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)

Exploit Title: WBCE CMS Version : 1.6.1 Remote Command Execution Date: 30/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.1.zip Version: 1.6.1 Tested on: https://www.softaculous.com/apps/cms/WBCECMS POC: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.365 views

WBCE 1.6.0 - Unauthenticated SQL injection

Exploit Title: |Unauthenticated SQL injection in WBCE 1.6.0 Date: 15.11.2023 Exploit Author: young pope Vendor Homepage: https://github.com/WBCE/WBCECMS Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.0.zip Version: 1.6.0 Tested on: Kali linux CVE : CVE-2023-39796 There is an...

9.8CVSS9.8AI score0.06096EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.315 views

PopojiCMS Version 2.0.1 - Remote Command Execution

Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Date: 27/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.248 views

Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Playlist for Youtube - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.32 Proof Of Concept: 1. Click Add a new playlist and enter the XSS payload as below into the properties named "Name" or...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.306 views

Terratec dmx_6fire USB - Unquoted Service Path

Exploit Title: Terratec dmx6fire USB - Unquoted Service Path Google Dork: null Date: 4/10/2024 Exploit Author: Joseph Kwabena Fiagbor Vendor Homepage: https://dmx-6fire-24-96-controlpanel.software.informer.com/download/ Software Link: Version: v.1.23.0.02 Tested on: windows 7-11 CVE :...

6.7CVSS4.1AI score0.00677EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.334 views

Ray OS v2.6.3 - Command Injection RCE(Unauthorized)

Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...

9.8CVSS8.7AI score0.7463EPSS
Exploits15
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.367 views

GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

Exploit Title: GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload Date: 2024-02-04 Exploit Author: Georgios Tsimpidas Vendor Homepage: https://www.openeclass.org/ Software Link: https://download.openeclass.org/files/3.15/ Version: 3.15 2024 Tested on: Debian Kali...

9.8CVSS6.7AI score0.03821EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.310 views

Human Resource Management System v1.0 - Multiple SQLi

Title: Human Resource Management System v1.0 - Multiple SQLi Author: nu11secur1ty Date: 04/02/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.255 views

Best Student Result Management System v1.0 - Multiple SQLi

Title: Best Student Result Management System v1.0 - Multiple SQLi Author: nu11secur1ty Date: 04/08/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.389 views

Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

Exploit Title: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload Date: 2024-04-01 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys import os.path import requests import re import urllib3 from requests.exceptions import SSLError from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.287 views

AnyDesk 7.0.15 - Unquoted Service Path

Exploit Title: AnyDesk 7.0.15 - Unquoted Service Path Date: 2024-04-01 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: http://anydesk.com Software Link: http://anydesk.com/download Version: Software Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.279 views

Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

Exploit Title: Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass Author: LiquidWorm Vendor: Positron srl Product web page: https://www.positron.it https://www.positron.it/prodotti/apparati-broadcast/stereo-multicoder/tra-7005/ Affected version: 1.20 TRA7K5REV107 TRA7K5REV1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/08 12:0 a.m.309 views

Open Source Medicine Ordering System v1.0 - SQLi

Exploit Title : Open Source Medicine Ordering System v1.0 - SQLi Author : Onur Karasalihoğlu Date : 27/02/2024 Sample Usage % python3 omossqliexploit.py https://target.com Available Databases: 1. informationschema 2. omosdb Please select a database to use enter number: 2 You selected: omosdb...

7.4AI score
Exploits0
Total number of security vulnerabilities47904