Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2024/03/22 12:0 a.m.362 views

minaliC 2.0.0 - Denied of Service

!/usr/bin/perl use Socket; Exploit Title: minaliC 2.0.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 03 january 2024 Vendor Homepage: http://minalic.sourceforge.net/ Notification vendor: No reported Tested Version: minaliC 2.0.0 Tested on: Window XP Professional - Servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.386 views

CSZCMS v1.3.0 - SQL Injection (Authenticated)

Title: CSZCMS v1.3.0 - SQL Injection Authenticated Author: Abdulaziz Almetairy Date: 27/01/2024 Vendor: https://www.cszcms.com/ Software: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Reference: https://github.com/oh-az Tested on: Windows 11, MySQL, Apache 1 - L...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.368 views

Employee Management System 1.0 - 'admin_id' SQLi

Exploit Title: Employee Management System 1.0 - 'adminid' SQLi Date: 20-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Version: 1.0 Tested on...

9.8CVSS6.8AI score0.01229EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.340 views

Blood Bank 1.0 - 'bid' SQLi

Exploit Title: Blood Bank 1.0 - 'bid' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...

7.8CVSS7.8AI score0.00795EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.402 views

Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi

Exploit Title: Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://phpgurukul.com/teacher-subject-allocation-system-using-php-and-mysql Software Link:...

7.5CVSS7.7AI score0.01079EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.455 views

Simple Task List 1.0 - 'status' SQLi

Exploit Title: Simple Task List 1.0 - 'status' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/simple-task-list-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/12/SimpleTaskListInPHPWithSourceCode.zip Version: 1.0...

6.5CVSS6.6AI score0.00583EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/20 12:0 a.m.384 views

HNAS SMU 14.8.7825 - Information Disclosure

Exploit Title: Hitachi NAS HNAS System Management Unit SMU 14.8.7825 - Information Disclosure CVE: CVE-2023-6538 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host", required=Tru...

7.6CVSS6.7AI score0.01583EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.370 views

Gibbon LMS < v26.0.00 - Authenticated RCE

Exploit Title: Gibbon LMS has a PHP Deserialization vulnerability on the v26.0.00 version Date: 22.01.2024 Exploit Author: SecondX.io Research TeamAli Maharramli,Fikrat Guliev,Islam Rzayev Vendor Homepage: https://gibbonedu.org/ Software Link: https://github.com/GibbonEdu/core Version: v26.0.00...

8.8CVSS6.6AI score0.5132EPSS
Exploits7
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.306 views

TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5 1.9.3 1.5.9 1.4.6 1.3.9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.402 views

TYPO3 11.5.24 - Path Traversal (Authenticated)

Exploit Title: TYPO3 11.5.24 Path Traversal Vulnerability Authenticated Date: Apr 9, 2023 Exploit Author: Saeed reza Zamanian Software Link: https://get.typo3.org/release-notes/11.5.24 Version: 11.5.24 Tested on: Kali 2022.3 CVE : CVE-2023-30451 In TYPO3 11.5.24, the filelist component allows...

4.9CVSS5.4AI score0.01161EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.385 views

Atlassian Confluence < 8.5.3 - Remote Code Execution

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Date: 25/1/2024 Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Teste...

10CVSS9.8AI score0.99984EPSS
Exploits32
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.345 views

WEBIGniter v28.7.23 - Stored XSS

Title: WEBIGniter v28.7.23 XSS Author: RedTeamer IT Security, Mesut Cetin Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting/stored Description: During the user creation process, the 'yourname...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.361 views

Quick.CMS 6.7 - SQL Injection Login Bypass

Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass Google Dork: N/A Date: 02-03-2024 Exploit Author: ./H4X.Forensics - Diyar Vendor Homepage: https://www.opensolution.org Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows CVE...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.305 views

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

!/usr/bin/env python TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection PoC Exploit Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.266 views

xbtitFM 4.1.18 - Multiple Vulnerabilities

Exploit Title: xbtitFM 4.1.18 Multiple Vulnerabilities Date: 22-01-2024 Vendor Homepage: https://xbtitfm.eu Affected versions: 4.1.18 and prior Description: The SQLi and the path traversal are unauthenticated, they don't require any user interaction to be exploited and are present in the default...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.315 views

TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.386 views

WordPress File Upload Plugin < 4.23.3 - Stored XSS

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.305 views

ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE

import re import requests from bs4 import BeautifulSoup import argparse import base64 Exploit Title: Unauthenticated RCE in ZoneMinder Snapshots Date: 12 December 2023 Discovered by : @Unblvr1 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://zoneminder.com/ Software Link:...

9.8CVSS8.6AI score0.80462EPSS
Exploits11
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.293 views

Backdrop CMS 1.23.0 - Stored XSS

Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field Date: 2023-08-21 Exploit Author: Sinem Şahin Vendor Homepage: https://backdropcms.org/ Version: 1.23.0 Tested on: Windows & XAMPP == Tutorial http://HOST/backdrop/node/add/post 2- Write your xss payload in the body...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.405 views

vm2 - sandbox escape

/ Exploit Title: vm2 Sandbox Escape vulnerability Date: 23/12/2023 Exploit Author: Calil Khalil & Adriel Mc Roberts Vendor Homepage: https://github.com/patriksimek/vm2 Software Link: https://github.com/patriksimek/vm2 Version: vm2 = 3.9.19 Tested on: Ubuntu 22.04 CVE : CVE-2023-37466 / const VM =...

10CVSS9.8AI score0.02342EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.377 views

Nokia BMC Log Scanner - Remote Code Execution

Exploit Title: Nokia BMC Log Scanner Remote Code Execution Google Dork: N/A Date: November 29, 2023 Exploit Author: Carlos Andres Gonzalez, Matthew Gregory Vendor Homepage: https://www.nokia.com/ Software Link: N/A Version: 13 Tested on: Linux CVE : CVE-2022-45899 Description The BMC Log Scanner...

6.5CVSS7AI score0.00826EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.327 views

Karaf v4.4.3 Console - RCE

!/usr/bin/python Exploit Title: Karaf v4.4.3 Console RCE Date: 2023-08-07 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-karaf-exploits.git Vendor Homepage: https://karaf.apache.org Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.505 views

LaborOfficeFree 19.10 - MySQL Root Password Calculator

Exploit Title: LaborOfficeFree 19.10 MySQL Root Password Calculator - CVE-2024-1346 Google Dork: N/A Date: 09/02/2023 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.laborofficefree.com/ Software Link: https://www.laborofficefree.com/plans Version: 19.10 Tested on...

6.8CVSS6.7AI score0.00392EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.327 views

Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

Exploit Title: Winter CMS 1.2.2 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 Tested :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/16 12:0 a.m.312 views

UPS Network Management Card 4 - Path Traversal

Exploit Title: UPS Network Management Card 4 - Path Traversal Google Dork: inurl:nmc inurl:logon.htm Date: 2023-12-19 Exploit Author: Víctor García Vendor Homepage: https://www.apc.com/ Version: 4 Tested on: Kali Linux CVE: N/A PoC: curl -k...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.328 views

KiTTY 0.76.1.13 - Command Injection

Exploit Title: KiTTY 0.76.1.13 - Command Injection Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤ 0.76.1.13 Tested on: Microsoft Windows...

7.8CVSS7.7AI score0.04692EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.332 views

KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow

Exploit Title: KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤...

7.8CVSS7.7AI score0.01777EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.366 views

KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow

Exploit Title: KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.437 views

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

9.8CVSS6.9AI score0.74697EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.419 views

GitLab CE/EE < 16.7.2 - Password Reset

Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...

10CVSS8.9AI score0.94955EPSS
Exploits16
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.470 views

Honeywell PM43 < P10.19.050004 - Remote Code Execution (RCE)

Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...

9.9CVSS9.6AI score0.33094EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.314 views

SolarView Compact 6.00 - Command Injection

Exploit Title: SolarView Compact 6.00 - Command Injection - Shodan Dork: http.html:"solarview compact" - Exploit Author: ByteHunter - Email: [email protected] - Version: 6.00 - Tested on: 6.00 - CVE : CVE-2023-23333 import argparse import requests def vulncheckipaddress, port: url =...

9.8CVSS9.6AI score0.99273EPSS
Exploits9
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.440 views

JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)

Exploit Title: JetBrains TeamCity 2023.05.3 - Remote Code Execution RCE - Shodan Dork: http.title:TeamCity , http.favicon.hash:-1944119648 - Exploit Author: ByteHunter - Vendor: JetBrains - Email: [email protected] - vendor: JetBrains - Version: versions before 2023.05.4 - Tested on:...

9.8CVSS9.8AI score0.99979EPSS
Exploits17
Exploit DB
Exploit DB
added 2024/03/14 12:0 a.m.351 views

Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)

Exploit Title: Ruijie Switch PSG-5124 26293 - Remote Code Execution RCE - Shodan Dork: http.htmlhash:-1402735717 - Fofa Dork: body="img/freeloginge.gif" && body="./img/loginbg.gif" - Exploit Author: ByteHunter - Email: [email protected] - Version: PSG-5124LINK SOFTWARE RELEASE:26293 - Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.303 views

OSGi v3.8-3.18 Console - RCE

!/usr/bin/python Exploit Title: OSGi v3.8-3.18 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.278 views

Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE

Exploit Title: Cisco Firepower Management Center Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 6.2.3.18", "6.4.0.16", "6.6.7.1 CVE : CVE-2023-20048 import requests import json set the variables for the URL, username, and password for the FMC web services interface...

9.9CVSS9.7AI score0.15821EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.286 views

SnipeIT 6.2.1 - Stored Cross Site Scripting

Exploit Title: SnipeIT 6.2.1 - Stored Cross Site Scripting Date: 06-Oct-2023 Exploit Author: Shahzaib Ali Khan Vendor Homepage: https://snipeitapp.com Software Link: https://github.com/snipe/snipe-it/releases/tag/v6.2.1 Version: 6.2.1 Tested on: Windows 11 22H2 and Ubuntu 20.04 CVE: CVE-2023-5452...

5.5CVSS5.5AI score0.00527EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.272 views

Human Resource Management System 1.0 - 'employeeid' SQL Injection

Exploit Title: Human Resource Management System - SQL Injection Date: 13-01-2024 Exploit Author: Srikar Exp1o1t9r Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.345 views

Client Details System 1.0 - SQL Injection

Exploit Title: CVE-2023-7137ClientDetailsSystem-SQLInjection1 + Date: 2023-26-12 + Exploit Author: Hamdi Sevben + Vendor Homepage: https://code-projects.org/client-details-system-in-php-with-source-code/ + Software Link:...

8.8CVSS8.9AI score0.17026EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.258 views

OSGi v3.7.2 (and below) Console - RCE

!/usr/bin/python Exploit Title: OSGi v3.7.2 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.470 views

VMware Cloud Director 10.5 - Bypass identity verification

Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...

9.8CVSS10AI score0.01345EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.290 views

Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR

!/usr/bin/python3 Title: Hitachi NAS HNAS System Management Unit SMU Backup & Restore IDOR Vulnerability CVE: CVE-2023-5808 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host",...

7.6CVSS6.7AI score0.00544EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.324 views

Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART2.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.355 views

WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover

Exploit Title: WordPress Plugin Duplicator 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover Google Dork: inurl:"plugins/duplicator/" Date: 2023-12-04 Exploit Author: Dmitrii Ignatyev Vendor Homepage:...

7.5CVSS7.6AI score0.30894EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.283 views

Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

Exploit Title: File Read Arbitrary Exploit for CVE-2023-26360 Google Dork: not Date: 12/28/2023 Exploit Author: Youssef Muhammad Vendor Homepage: https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html Software Link: https://drive.google.com/drive/folders/17ryBnFhswxiE1sHrNByxMVPKfUnwqmp0...

9.8CVSS8.8AI score0.97339EPSS
Exploits13
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.348 views

Sitecore - Remote Code Execution v8.2

!/usr/bin/env python3 Exploit Title: Sitecore - Remote Code Execution v8.2 Exploit Author: abhishek morla Google Dork: N/A Date: 2024-01-08 Vendor Homepage: https://www.sitecore.com/ Software Link: https://dev.sitecore.net/ Version: 10.3 Tested on: windows64bit / mozila firefox CVE : CVE-2023-358...

9.8CVSS9.6AI score0.86685EPSS
Exploits7
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.404 views

DataCube3 v1.0 - Unrestricted file upload 'RCE'

Exploit Title: DataCube3 v1.0 - Unrestricted file upload 'RCE' Date: 7/28/2022 Exploit Author: Samy Younsi - NS Labs https://neroteam.com Vendor Homepage: https://www.f-logic.jp Software Link: https://www.f-logic.jp/pdf/support/manualproduct/manualproductdatacube3ver1.0sc.pdf Version: Ver1.0 Test...

9.8CVSS6.9AI score0.2403EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.360 views

TP-Link TL-WR740N - Buffer Overflow 'DOS'

Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS' Date: 8/12/2023 Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N Description: There exist a buffer overflow vulnerability in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.329 views

Numbas < v7.3 - Remote Code Execution

Exploit Title: Numbas v7.3 - Remote Code Execution Google Dork: N/A Date: March 7th, 2024 Exploit Author: Matheus Boschetti Vendor Homepage: https://www.numbas.org.uk/ Software Link: https://github.com/numbas/Numbas Version: 7.2 and below Tested on: Linux CVE: CVE-2024-27612 import sys, requests,...

6.2CVSS6.6AI score0.10706EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.309 views

Hide My WP < 6.2.9 - Unauthenticated SQLi

Exploit Title: Wordpress Plugin Hide My WP 6.2.9 - Unauthenticated SQLi Publication Date: 2023-01-11 Original Researcher: Xenofon Vassilakopoulos Exploit Author: Xenofon Vassilakopoulos Submitter: Xenofon Vassilakopoulos Vendor Homepage: https://wpwave.com/ Version: Hide My WP v6.2.8 and prior...

9.8CVSS9.7AI score0.03824EPSS
Exploits5
Total number of security vulnerabilities47904