Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.329 views

Numbas < v7.3 - Remote Code Execution

Exploit Title: Numbas v7.3 - Remote Code Execution Google Dork: N/A Date: March 7th, 2024 Exploit Author: Matheus Boschetti Vendor Homepage: https://www.numbas.org.uk/ Software Link: https://github.com/numbas/Numbas Version: 7.2 and below Tested on: Linux CVE: CVE-2024-27612 import sys, requests,...

6.2CVSS6.6AI score0.10706EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.360 views

TP-Link TL-WR740N - Buffer Overflow 'DOS'

Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS' Date: 8/12/2023 Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N Description: There exist a buffer overflow vulnerability in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.412 views

Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution

Exploit Title: Lot Reservation Management System Unauthenticated File Upload and Remote Code Execution Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.403 views

CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 17/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.387 views

GLiNet - Router Authentication Bypass

DZONERZY Security Research GLiNet: Router Authentication Bypass ======================================================================== Contents ======================================================================== 1. Overview 2. Detailed Description 3. Exploit 4. Timeline...

9.8CVSS7AI score0.00764EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.400 views

CVE-2023-50071 - Multiple SQL Injection

Exploit Title: Customer Support System 1.0 - Multiple SQL injection vulnerabilities Date: 15/12/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

8.8CVSS8.8AI score0.13754EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.443 views

elFinder Web file manager Version - 2.1.53 Remote Command Execution

Exploit Title: elFinder Web file manager Version: 2.1.53 Remote Command Execution Date: 23/11/2023 Exploit Author: tmrswrr Google Dork: intitle:"elFinder 2.1.53" Vendor Homepage: https://studio-42.github.io/elFinder/ Software Link: https://github.com/Studio-42/elFinder/archive/refs/tags/2.1.53.zi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/06 12:0 a.m.330 views

Lot Reservation Management System - Unauthenticated File Disclosure

Exploit Title: Lot Reservation Management System Unauthenticated File Disclosure Vulnerability Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.htm...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/05 12:0 a.m.287 views

Neontext Wordpress Plugin - Stored XSS

Exploit Title: Wordpress Plugin Neon Text = 1.1 - Stored Cross Site Scripting XSS Date: 2023-11-15 Exploit Author: Eren Car Vendor Homepage: https://www.eralion.com/ Software Link: https://downloads.wordpress.org/plugin/neon-text.zip Category: Web Application Version: 1.0 Tested on: Debian /...

6.4CVSS5.7AI score0.00524EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/05 12:0 a.m.558 views

kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition

Exploit Title: kk Star Ratings Extensions Turbo Intruder Send to turbo intruder. 5- Drop the initial request and turn Intercept off. 6- In the Turbo Intruder window, add "%s" to the end of the connection header e.g. "Connection: close %s". 7- Use the code examples/race.py. 8- Click "Attack" at th...

5.9CVSS5.8AI score0.00414EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/05 12:0 a.m.342 views

Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS

Exploit Title: Stored XSS in Solar-Log 200 3.6.0 web panel Date: 10-30-23 Exploit Author: Vincent McRae, Mesut Cetin - Redteamer IT Security Vendor Homepage: https://www.solar-log.com/en/ Version: Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 Tested on: Proprietary devices:...

5.4CVSS5.6AI score0.00446EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.293 views

TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution Vendor: AAF Digital HD Forum | Atelmo GmbH Product web page: http://www.aaf-digital.info | https://www.atemio.de Affected version: Firmware =2.01 Summary: The Atemio AM 520 HD Full HD...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.413 views

GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

7.5CVSS7.6AI score0.46966EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.320 views

TPC-110W - Missing Authentication for Critical Function

include include include include include include int mainint argc, char argv int sock; struct sockaddrin servaddr; char command512; sock = socketAFINET, SOCKSTREAM, 0; if sock 0 perror"socket"; exit1; memset&servaddr, '0', sizeofservaddr; servaddr.sinfamily = AFINET; servaddr.sinport = htons8888; ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.307 views

A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc

!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.326 views

Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)

Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...

4.3CVSS4.7AI score0.00511EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.289 views

Magento ver. 2.4.6 - XSLT Server Side Injection

Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Date: 2023-11-17 Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: Magento 2.4.6-p3 Version: 2.4.6 Tested on: 2.4.6 POC 1. Enter with admin credentials to this URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.317 views

Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting

Exploit Title: Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html...

6.1CVSS7AI score0.01307EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.336 views

Petrol Pump Management Software v.1.0 - SQL Injection

Exploit Title: Petrol Pump Management Software v.1.0 - SQL Injection Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested on:...

9.8CVSS7AI score0.12946EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.296 views

AC Repair and Services System v1.0 - Multiple SQL Injection

Exploit Title: AC Repair and Services System v1.0 - Multiple SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/16513/ac-repair-and-services-system-using-php-and-mysql-source-code-free-download.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.279 views

Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload

Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html...

9.8CVSS6.7AI score0.23581EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.322 views

Easywall 0.3.1 - Authenticated Remote Command Execution

Exploit Title: Easywall 0.3.1 - Authenticated Remote Command Execution Date: 30-11-2023 Exploit Author: Melvin Mejia Vendor Homepage: https://jpylypiw.github.io/easywall/ Software Link: https://github.com/jpylypiw/easywall Version: 0.3.1 Tested on: Ubuntu 22.04 import requests, json, urllib3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.326 views

R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure Vendor: R Radio Network Product web page: http://www.pktc.ac.th Affected version: 1.07 Summary: R Radio FM Transmitter that includes FM Exciter and FM Amplifier parameter setup. Desc: The transmitter suffers from an improper acces...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.297 views

Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file

Exploit Title: Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.htm...

6.1CVSS6.6AI score0.01335EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.345 views

GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

9.8CVSS9.7AI score0.23466EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.373 views

GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 3.216 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

9.8CVSS9.7AI score0.24725EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.277 views

Enrollment System v1.0 - SQL Injection

Exploit Title: Enrollment System v1.0 - SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: Obi08 Vendor Homepage: https://github.com/Obi08/EnrollmentSystem Software Link: https://github.com/Obi08/EnrollmentSystem Version: v1.0 Tested on: Mac OSX, XAMPP, Apache,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.323 views

Simple Student Attendance System v1.0 - Time Based Blind SQL Injection

Exploit Title: Simple Student Attendance System - Time Based Blind SQL Injection Date: 26 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/17018/simple-student-attendance-system-using-php-and-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.292 views

Windows PowerShell - Event Log Bypass Single Quote Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINDOWSPOWERSHELLSINGLEQUOTECODEEXECEVENTLOGBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Windows PowerShell Built on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.325 views

Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection

Exploit Title: Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection Date: 26 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.396 views

Real Estate Management System v1.0 - Remote Code Execution via File Upload

Exploit Title: Real Estate Management System v1.0 - Remote Code Execution via File Upload Date: 2/11/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://codeastro.com Version: V1.0 Tested on: Windows 11 + XAMPP 8.0.30 + Burp Suite Professional v2023.12.1.3 Description This Vulnerability all...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/03 12:0 a.m.352 views

Boss Mini 1.4.0 - local file inclusion

Exploit Title: Boss Mini 1.4.0 - local file inclusion Date: 07/12/2023 Exploit Author: nltt0 https://github.com/nltt-br CVE: CVE-2023-3643 ''' / \ | | / | | / / | | \ --. | | / | |/ | ' \ / |/ / | --. \ | /\ | | | | | | | | | | \ // / /,||,|| ||, |/|// / | |/ ''' from requests import...

9.8CVSS9.7AI score0.75387EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.327 views

WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Google Dork: NA Date: 28/10/2023 Exploit Author: Rachit Arora Vendor Homepage: Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.392 views

Blood Bank v1.0 - Multiple SQL Injection

Exploit Title: Blood Bank v1.0 SQL Injection Vulnerability Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...

5.5CVSS5.5AI score0.00394EPSS
Exploits9
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.434 views

WP Rocket < 2.10.3 - Local File Inclusion (LFI)

Paulos Yibelo discovered and reported this Local File Inclusion vulnerability in WordPress WP Rocket Plugin. This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.444 views

WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection

Exploit Title: Unauthenticated SQL Injection in WP Fastest Cache 1.2.2 Date: 14.11.2023 Exploit Author: Meryem Taşkın Vendor Homepage: https://www.wpfastestcache.com/ Software Link: https://wordpress.org/plugins/wp-fastest-cache/ Version: WP Fastest Cache 1.2.2 Tested on: WP Fastest Cache 1.2.2...

7.5CVSS7.6AI score0.73708EPSS
Exploits11
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.388 views

(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]

Exploit Title: Linux-x64 - create a shell with execve sending argument using XOR /bin//sh 55 bytes Shellcode Author: Alexys 0x177git Tested on: Linux x8664 Shellcode Description: creating a new process using execve syscall sending bin//sh as argument | encrypted using XOR operation was QWORD size...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/28 12:0 a.m.316 views

Saflok - Key Derication Function Exploit

// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.422 views

Moodle 4.3 - Reflected XSS

Exploit Title: Moodle 4.3 Reflected XSS Date: 21/10/2023 Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3 Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the application with the given...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.261 views

Executables Created with perl2exe < V30.10C - Arbitrary Code Execution

Exploit Title: Executables Created with perl2exe safe.pl user@testing:/example$ ./perl2exe-Linux-x64-5.30.1/perl2exe safe.pl Perl2Exe V30.10C 2020-12-11 Copyright c 1997-2020 IndigoSTAR Software ... Generating safe user@testing:/example$ user@testing:/example$ Check that the program executes as...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.320 views

Automatic-Systems SOC FL9600 FastLine - Directory Transversal

Exploit Title: Automatic-Systems SOC FL9600 FastLine - Directory Transversal Google Dork: Date: 12/9/2023 Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN =...

7.5CVSS7.6AI score0.01374EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.312 views

Zoo Management System 1.0 - Unauthenticated RCE

Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Date: 16.10.2023 Exploit Author: Çağatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.350 views

Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

10CVSS9.8AI score0.99156EPSS
Exploits39
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.296 views

dawa-pharma 1.0-2022 - Multiple-SQLi

Title: dawa-pharma-1.0-2022 Multiple-SQLi Author: nu11secur1ty Date: 10/12/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The email...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.582 views

SuperStoreFinder - Multiple Vulnerabilities

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title SuperStoreFinder - Multiple Vulnerabilities .:. Google Dorks .:. "designed and built by Joe Iz." "Super Store Finder is designed and built by Joe Iz from Highwarden Huntsman." inurl:/superstorefinder/index.php ....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.306 views

Moodle 4.3 - Insecure Direct Object Reference

Exploit Title: Moodle 4.3 'id' Insecure Direct Object Reference IDOR Date: 20/10/2023 Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3+ Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.312 views

Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin

Exploit Title: Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin Google Dork: Date: 12/9/2023 Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on:...

7.5CVSS7.6AI score0.00857EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.293 views

TEM Opera Plus FM Family Transmitter 35.45 - XSRF

CSRF Change Forward Power: ------------------------- input type="submit" val...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.629 views

Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

Exploit Title: Wordpress Plugin Canto " def createadminfilelocaldir, localshell=None: if not os.path.existslocaldir: os...

9.8CVSS9.4AI score0.0562EPSS
Exploits7
Exploit DB
Exploit DB
added 2024/02/27 12:0 a.m.238 views

TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...

7.4AI score
Exploits0
Total number of security vulnerabilities47904