Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/05/21 12:0 a.m.21 views

Private Message PHP Script 2.0 - Cross-Site Scripting

Exploit Title: Private Message PHP Script 2.0 - Persistent Cross-Site scripting Date: 2018-05-20 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?srank=1 Version: 2.0 Tested on: Windows Description : Private Message PHP Script...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/21 12:0 a.m.187 views

Microsoft Internet Explorer 11 (Windows 7 x86/x64) - vbscript Code Execution

Dim lIIl Dim IIIlI6,IllII6 Dim IllI Dim IIllI40 Dim lIlIIl,lIIIll Dim IlII Dim llll,IIIIl Dim llllIl,IlIIII Dim NtContinueAddr,VirtualProtectAddr IlII=195948557 lIlIIl=Unescape"%u0001%u0880%u0001%u0000%u0000%u0000%u0000%u0000%uffff%u7fff%u0000%u0000"...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/21 12:0 a.m.33 views

Zenar Content Management System - Cross-Site Scripting

Exploit Title: Zenar Content Management System - Cross-Site Scripting Software Link: https://zenar.io/ Dork: N/A Author: Berk Dusunur Tested Website: http://demo.zenar.io Date: 2018-05-20 Category: Web App PoC GET Request: POST /zenario/ajax.php?methodcall=refreshPlugin&inIframe=true HTTP/1.1 Hos...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/21 12:0 a.m.31 views

Superfood 1.0 - Multiple Vulnerabilities

Exploit Title: Superfood - Restaurants & Online Food Order System 1.0 - Persistent cross site scripting / Cross site request forgery / Admin panel Authentication bypass Date: 2018-05-20 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/20 12:0 a.m.54 views

mySCADA myPRO 7 - Hard-Coded Credentials

mySCADA myPRO 7 - Hard-Coded Credentials. CVE-2018-11311. Remote exploit for Multiple platform Exploit Title: mySCADA myPRO 7 - Hardcoded FTP Username and Password Date: 2018-05-19 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.myscada.org/mypro/ Software Link:...

9.1CVSS9.5AI score0.1593EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/20 12:0 a.m.69 views

D-Link DSL-3782 - Authentication Bypass

Exploit Title: D-Link DSL 3782 - Authentication Bypass Vendor Homepage: https://eu.dlink.com Version: A1WI20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT77616E6771696F6E67" Category: Webapps Exploit Author: Giulio Comi CVE : CVE-2018-8898 Date: 20/05/2018 Description The web panel ...

9.8CVSS9.6AI score0.13282EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/20 12:0 a.m.46 views

Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection

Exploit Title: Joomla! extension EkRishta 2.10 - Persistent Cross-Site Scripting / SQL Injection Dork: N/A Date: 2018-05-18 Exploit Author: Sina Kheirkhah || [email protected] Software Link: https://extensions.joomla.org/extensions/extension/living/dating-a-relationships/ek-rishta/ Vendor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/20 12:0 a.m.40 views

Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH) (DEP Bypass)

!/usr/bin/python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: Easy MPEG to DVD Burner 1.7.11 SEH + DEP Bypass Local Buffer Overflow Date: 2018-05-19 Author: Juan Prescotto Tested Against: Win7 Pro SP1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.31 views

Prime95 29.4b8 - Stack Buffer Overflow (SEH)

Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested on: Windows 10 Pro x64 SPANISH Windows 7 Ho...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.22 views

Healwire Online Pharmacy 3.0 - Cross-Site Scripting / Cross-Site Request Forgery

Exploit Title: Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Date: 2018-05-17 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/healwire-online-pharmacy/16423338?srank=1499 Version: 3.0 Tested on: windows POC 1 : Cross site scripting :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.29 views

SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion

Title: SAP B2B / B2C CRM 2.x 4.x - Local File Inclusion Application:SAP B2B OR B2C is CRM Versions Affected: SAP B2B OR B2C is CRM 2.x 3.x and 4.x with Bakend R/3 to icssb2b Vendor URL: http://SAP.com Bugs: SAP LFI in B2B OR B2C CRM Sent: 2018-05-03 Reported: 2018-05-03 Date of Public Advisory:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.19 views

Monstra CMS < 3.0.4 - Cross-Site Scripting (2)

Exploit Title: Monstra CMS 3.0.4 - Cross-Site Scripting Date: 2018-05-17 Exploit Author: Berk Dusunur Vendor Homepage: https://monstra.org Software Link: https://monstra.org Version: before 3.0.4 Tested on: Pardus / Win10 AppServer Proof Of Concept Monstra is a modern and lightweight Content...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.75 views

HPE iMC 7.3 - Remote Code Execution (Metasploit)

Exploit Title: HPE iMC EL Injection Unauthenticated RCE Date: 6 February, 2018 Exploit Author: TrendyTofu Vendor Homepage: https://www.hpe.com/us/en/home.html Software Link: http://h10145.www1.hpe.com/Downloads/SoftwareReleases.aspx?ProductNumber=JG747AAE&lang=en&cc=us&prodSeriesId=4176535 Versio...

9CVSS8.1AI score0.14999EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.180 views

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET packetsetring Privilege Escalation', 'Description' = %q This module exploits a heap-out-of-bounds write in the packetsetring function in...

7.8CVSS8.1AI score0.17827EPSS
Exploits17
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.129 views

DynoRoot DHCP Client - Command Injection

Exploit Title: DynoRoot DHCP - Client Command Injection Date: 2018-05-18 Exploit Author: Kevin Kirsche Exploit Repository: https://github.com/kkirsche/CVE-2018-1111 Exploit Discoverer: Felix Wilhelm Vendor Homepage: https://www.redhat.com/ Version: RHEL 6.x / 7.x and CentOS 6.x/7.x Tested on:...

7.9CVSS7.9AI score0.94457EPSS
Exploits14
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.47 views

Microsoft Edge Chakra JIT - Bound Check Elimination Bug

/ Chakra uses the InvariantBlockBackwardIterator class to backpropagate the information about the hoisted bound checks. But the class follows the linked list instaed of the control flow. This may lead to incorrectly remove the bound checks. In the following code, currentBlock's block number is 4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.34 views

Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery

Exploit Title: Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery Date: 2018-05-18 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/classifieds-multipurpose-portal-infinity-market/16572285?srank=1520 Version: 1.6.2 Tested on: Kali linux Description : CSRF...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.37 views

Cisco SA520W Security Appliance - Path Traversal

Title: Cisco SA520W Security Appliance - Path Traversal Author: Nassim Asrir Contact: [email protected] / https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: https://www.cisco.com/ About Product: =============== Cisco SA 500 Series Security Appliances are designed for businesses with few...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/18 12:0 a.m.38 views

SAP NetWeaver Web Dynpro 6.4 < 7.5 - Information Disclosure

Application: SAP NetWeaver Web Dynpro 6.4 to 7.5 - Information disclosure Versions Affected: SAP NetWeaver 6.4 - 7.5 Vendor URL: http://SAP.com Bugs: Information disclosure Enumerate users Sent: 2016-12-15 Reported: 2016-12-15 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 23445...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.49 views

Jenkins CLI - HTTP Java Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking STAGE1 =...

9.8CVSS7.4AI score0.96943EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.58 views

Intelbras NCLOUD 300 1.0 - Authentication bypass

coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link: http://www.intelbras.com.br/empresarial/wi-fi/para-sua-casa/roteadores/ncloud Version: 1.0 Test...

10CVSS9.6AI score0.35573EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.81 views

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Exploit Title: Nanopool Claymore Dual Miner = 7.3 Remote Code Execution Date: 2018/02/09 Exploit Author: ReverseBrain Vendor Homepage: https://nanopool.org/ Software Link: https://github.com/nanopool/Claymore-Dual-Miner Version: 7.3 and later Tested on: Windows, Linux CVE : 2018-1000049 Suppose t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.31 views

NodAPS 4.0 - SQL injection / Cross-Site Request Forgery

Exploit Title: Online Booking system - NodAPS 4.0 - 'search' SQL injection / Cross-Site Request Forgery Date: 2018-05-16 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/appointment-management-system-nodaps/16197805?srank=1535 Version: 4.0 Tested on: windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.47 views

Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery

Exploit Title: Powerlogic Schneider Electric IONXXXX Series - Cross-Site Request Forgery Date: 2018-05-17 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.schneider-electric.com/ Version: ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, PM5XXX series. Tested o...

8.8CVSS8.8AI score0.02045EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.114 views

Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution', 'Description' = %q This module exploits a remote code execution vulnerability in t...

9.8CVSS7.4AI score0.98931EPSS
Exploits19
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.49 views

Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall

/ Commit 3a4d44b61625 "ntp: Move adjtimex related compat syscalls to native counterparts" removed the memset in compatgettimex. Since then, the compat adjtimex syscall can invoke doadjtimex with an uninitialized -tai. If doadjtimex doesn't write to -tai e.g. because the arguments are invalid,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.35 views

SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass

Exploit Title: SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass Date: 2018-05-17 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/supercom-online-shopping-ecommerce-cart/17085987?srank=1442 Version: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.83 views

RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity Injection / Cross-Site Flashing / DOM Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS vulnerabilities product: RSA Authentication Manager vulnerable version: 8.2.1.4.0-build1394922, 8.3 P1 fixed version: 8.3 P1 and later CVE number: CVE-2018-1247...

7.1CVSS6.7AI score0.16359EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.62 views

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery

Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy communication partners or with those who have neither an appropriate...

8.8CVSS8.8AI score0.02401EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.52 views

WhatsApp 2.18.31 - Memory Corruption

!/usr/bin/env python -- coding: utf-8 -- Exploit Author: Juan Sacco at Exploit Pack - http://www.exploitpack.com This vulnerability has been discovered and exploited using Exploit Pack - Framework Tested on: iPhone 5/6s/X iOS 10 and 11.3 Latest release of iOS at the date of writing this code...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.31 views

WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery

Press submit on a page containing the following HTML snippet: alert1" !-- In a real attack, the form can be made to autosubmit so the victim only has to follow a link. Mitigations ================ Upgrade to version 1.2.9 or later. Disclosure policy ================ dxw believes in respon...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.66 views

Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution

''' Any authenticated user can modify the configuration for it in a way which allows them to read and append to any file as root. This leads to information disclosure and remote code execution. This vulnerability has been assigned the CVE ID: CVE-2018-10123. This PoC requires Python 3.6 and a...

9CVSS8.8AI score0.10889EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.40 views

Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation

Windows: Token Trust SID Access Check Bypass EOP Platform: Windows 10 1709 also tested current build of RS4 Class: Elevation of Privilege Summary: A token’s trust SID isn’t reset when setting a token after process creation allowing a user process to bypass access checks for trust labels...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.33 views

Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery

Exploit Title: Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery Date: 2018-05-15 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/horse-market-sell-rent-portal/14174352?srank=1725 CVE: N/A Version: 1.5.7 Tested on: Kali linux Details: Horse Market Sell &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.39 views

VirtueMart 3.1.14 - Persistent Cross-Site Scripting

Exploit Title: VirtueMart 3.1.14 - Persistent Cross-Site Scripting Date: 2018-02-25 Software Link: http://virtuemart.net/ Exploit Author: Mattia Furlani CVE: CVE-2018-7465 Category: webapps 1. Description An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the admin area...

5.4CVSS5.5AI score0.0237EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.28 views

MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery

Exploit Title: MyBB Admin Notes Plugin - CSRF Date: 2018-05-14 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1106 Version: 1.1 Tested on: Ubuntu 18.04 1. Description: The plugin allows administrators to save notes...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.56 views

Rockwell Scada System 27.011 - Cross-Site Scripting

Exploit Title: Rockwell Scada System - Cross-Site Scripting Date: 2018-05-16 Exploit Author: t4rkd3vilz Vendor Homepage: https://rockwellautomation.com/ Software Link: http://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?famID=4 Version: 1769-L16ER-BB1B, Version 27.011 and...

6.1CVSS6.3AI score0.07531EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.47 views

Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting

Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting Date: 2018-05-16 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/multiplayer-blackjack-online-casino-game/15411706?srank=1628 CVE: N/A Version: 2.5 Description : Multiplayer BlackJack...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.46 views

Libuser - 'roothelper' Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Libuser roothelper Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Red Hat based Linux systems, includi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/14 12:0 a.m.30 views

2345 Security Guard 3.7 - '2345NsProtect.sys' Denial of Service

Exploit Title: BSOD by IOCTL 0x8000200D in 2345NsProtect.sys of 2345 Security Guard 3.7 Date: 20180513 Exploit Author: anhkgg Vendor Homepage: http://safe.2345.cc/ Software Link: http://dl.2345.cc/2345pcsafe/2345pcsafev3.7.0.9345.exe Version: v3.7 REQUIRED Tested on: Windows X64 CVE : CVE-2018-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/14 12:0 a.m.36 views

XATABoost 1.0.0 - SQL Injection

Exploit Title: XATABoost CMS Sql Injection Google Dork: inurl:php?id= Powered by XATABOOST Date: 02.01.2018 Exploit Author: MgThuraMoeMyint Vendor Homepage: http://www2.xataboost.com Version: 1.0.0 Tested on: Kali Linux SQL Injection Type: Union Based Example URL:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/14 12:0 a.m.42 views

Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)

Linux/x86 - Reverse 127.0.0.1:4444/TCP Shell /bin/sh Shellcode 96 Bytes. Shellcode exploit for Linuxx86 platform / ; Title: Linux/x86 - TCP reverse shell ; Author: Paolo Perego ; Website: https://codiceinsicuro.it ; Blog post: https://codiceinsicuro.it/slae/assignment-2-create-a-reverse-shellcode...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/14 12:0 a.m.79 views

Monstra CMS 3.0.4 - Remote Code Execution

Monstra CMS 3.0.4 - Remote Code Execution. CVE-2018-9037. Webapps exploit for PHP platform Exploit Title: Monstra CMS 3.0.4 Upload Plugin Remote code execution CVE-2018-9037 Date: 2018-05-14 Exploit Author: Jameel Nabbo Vendor Homepage: https://github.com/monstra-cms/monstra Software Link:...

8.8CVSS9.2AI score0.02919EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/13 12:0 a.m.54 views

Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- Tested in Windows Server 2003 SP2 ES - Only works when RRAS service is enabled. The exploited vulnerability is an arbitraty pointer deference affecting the dwVarID field of the MIBOPAQUEQUERY structure. dwVarID sent by the client is used as a pointer to an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/13 12:0 a.m.39 views

WUZHI CMS 4.1.0 - 'tag[pinyin]' Cross-Site Scripting

Exploit Title: WUZHI CMS 4.1.0 XSS Vulnerability Date: 2018-4-23 Exploit Author: jiguang [email protected] Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE: CVE-2018-10311 An issue was discovered in WUZHI CMS 4.1.0...

6.1CVSS6.3AI score0.02582EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/13 12:0 a.m.68 views

WUZHI CMS 4.1.0 - 'form[qq_10]' Cross-Site Scripting

Exploit Title: WUZHI CMS 4.1.0 XSS Vulnerability Date: 2018-4-23 Exploit Author: jiguang [email protected] Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE: CVE-2018-10313 An issue was discovered in WUZHI CMS 4.1.0...

5.4CVSS5.5AI score0.02237EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/11 12:0 a.m.40 views

EMC RecoverPoint 4.3 - 'Admin CLI' Command Injection

Exploit Title: EMC RecoverPoint 4.3 - Admin CLI Command Injection Version: RecoverPoint prior to 5.1.1 RecoverPoint for VMs prior to 5.0.1.3 Date: 2018-05-11 Exploit Author: Paul Taylor Github: https://github.com/bao7uo Tested on: RecoverPoint for VMs 4.3, RecoverPoint 4.4.SP1.P1 CVE: CVE-2018-11...

7.2CVSS6.6AI score0.06308EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/11 12:0 a.m.35 views

Open-AudIT Community 2.2.0 - Cross-Site Scripting

Exploit Title: Open-AudIT Community - 2.2.0 – Cross-Site Scripting Exploit Author: Tejesh Kolisetty Vendor Homepage: https://opmantek.com/ Software Link: https://opmantek.com/network-tools-download/ Affected Version: 2.2.0 Category: WebApps Tested on: Win7 Professional CVE : CVE-2018-10314 1...

5.4CVSS5.5AI score0.01867EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/11 12:0 a.m.40 views

Open-AudIT Professional - 2.1.1 - Cross-Site Scripting

Exploit Title: Open-AudIT Professional 2.1.1 – Multiple Cross-Site Scripting Exploit Author: Tejesh Kolisetty Vendor Homepage: https://opmantek.com/ Software Link: https://opmantek.com/network-tools-download/ Affected Version: 2.1.1 Category: WebApps Tested on: Win7 Professional CVE : CVE-2018-91...

5.4CVSS5.5AI score0.01179EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/05/11 12:0 a.m.64 views

2345 Security Guard 3.7 - '2345BdPcSafe.sys' Denial of Service

Exploit Title: BSOD by IOCTL 0x002220e0 in 2345BdPcSafe.sys of 2345 Security Guard 3.7 Date: 20180509 Exploit Author: anhkgg Vendor Homepage: http://safe.2345.cc/ Software Link: http://dl.2345.cc/2345pcsafe/2345pcsafev3.7.0.9345.exe Version: v3.7 REQUIRED Tested on: Windows X64 CVE : CVE-2018-...

7.4AI score
Exploits0
Total number of security vulnerabilities47904