Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2018/01/29 12:0 a.m.48 views

systemd (systemd-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation

Product: systemd systemd-tmpfiles Versions-affected: 236 and earlier Author: Michael Orlitzky Fixed-in: commit 5579f85 , version 237 Bug-report: https://github.com/systemd/systemd/issues/7736 Acknowledgments: Lennart Poettering who, instead of calling me an idiot for not realizing that systemd...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.77 views

Linux/x86 - Egghunter Shellcode (12 Bytes)

Linux/x86 - Egghunter Shellcode 12 Bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - EggHunter Shellcode 12 Bytes Description: Smallest Null-Free Egg Hunter Shellcode - 12 Bytes Date : 14/Jan/2018 Author: Nipun Jaswal @nipunjaswal ; SLAE-1080 Details: 1. Works with an executable...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.81 views

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh)+ Null-Free Shellcode (80 bytes)

Linux/ARM - Reverse TCP 192.168.1.1:4444/TCP Shell /bin/sh+ Null-Free Shellcode 80 bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Reverse Shell TCP /bin/sh. Null free shellcode 80 bytes Date: 2018-01-25 Tested: armv7l Raspberry Pi v3 Author: rtmcx - twitter: @rtmcx / .section .tex...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.74 views

Nexpose < 6.4.66 - Cross-Site Request Forgery

Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Release Date: 2017-12-13 Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/download/ Tested on:...

8.8CVSS9AI score0.02746EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.60 views

Joomla! Component JS Support Ticket 1.1.0 - Cross-Site Request Forgery

CODE input type="hidden" name="uid" id="uid"...

8.8CVSS9AI score0.02264EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.44 views

PACSOne Server 6.6.2 DICOM Web Viewer - Directory Trasversal

Exploit Title: PACSOne Server 6.6.2 DICOM Web Viewer Directory Trasversal / Local File Inclusion Date: 08/14/2017 Software Link: http://www.pacsone.net/download.htm Google Dork: inurl:pacs/login.php inurl:pacsone/login.php inurl:pacsone filetype:php home inurl:pacsone filetype:php login Version:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.61 views

Sony Playstation 3 (PS3) 4.82 - 'Jailbreak' (ROP)

EDB Note http://ps3xploit.com/help/dumper.html EDB Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44820.zip Dumper Help Warning: Due to the lack of proper checks after exiting the ROP chain, it is possible in some cases to obtain a success message despit...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.90 views

PACSOne Server 6.6.2 DICOM Web Viewer - SQL Injection

Exploit Title: PACSOne Server 6.6.2 DICOM Web Viewer SQL Injection Date: 08/14/2017 Software Link: http://www.pacsone.net/download.htm Version: PACSOne Server 6.6.2 Exploit Author: Carlos Avila Google Dork: inurl:pacs/login.php inurl:pacsone/login.php inurl:pacsone filetype:php home inurl:pacsone...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.51 views

Werkzeug - 'Debug Shell' Command Execution

!/usr/bin/env python import requests import sys import re import urllib usage : python exploit.py 192.168.56.101 5000 192.168.56.102 4422 if lensys.argv != 5: print "USAGE: python %s " % sys.argv0 sys.exit-1 response = requests.get'http://%s:%s/console' % sys.argv1,sys.argv2 if "Werkzeug " not in...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.67 views

KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery

Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570 Link: https://vuldb.com/?id.109170 Exploit:...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.32 views

TSiteBuilder 1.0 - SQL Injection

Exploit Title: TSiteBuilder 1.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://www.datacomponents.net/ Software Link: http://www.datacomponents.net/products/website/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan Sencan Author Web...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.35 views

Gnew 2018.1 - Cross-Site Request Forgery

Exploit Title: Gnew 2018.1 - Cross-Site Request Forgery Date: 26/01/2018 Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website : http://gnew.xyz/ Software download : http://www.gnew.xyz/pages/download.php Version: 2018.1 Tested on: Windows 10 Home x64 / Kali Linux Product description :...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.66 views

Hot Scripts Clone - 'subctid' SQL Injection

Exploit Title: Hot Scripts Clone Script 1.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/M72g4502563/php-scripts/hot-scripts-clone-:-script-classified Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.87 views

Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Download

Exploit Title: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Download Dork: N/A Date: 27.01.2018 Vendor Homepage: https://joomlatag.com/ Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/members-lists/jtag-members-directory/ Version: 5.3.7...

7.5CVSS7.8AI score0.36823EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.42 views

Task Rabbit Clone 1.0 - 'id' SQL Injection

Exploit Title: Task Rabbit Clone 1.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://migrateshop.com/ Software Link: http://migrateshop.com/product/task-rabbit-clone-php-script/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan Sencan...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.44 views

Artifex MuJS 1.0.2 - Integer Overflow

Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex https://www.artifex.com/ Software Link: https://github.com/ccxvii/mujs Version: Mujs - 228719d087aa5e27dcd8627c4acf7273476bdbca Tested on: Linux...

5.5CVSS5.4AI score0.05056EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.69 views

Artifex MuJS 1.0.2 - Denial of Service

Hello, I want to submit the following bug: The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Exploit Title: Integer signedness error leading to Out-of-bounds read that causes crash Date: 2018-01-24 Exploit Author:...

5.5CVSS5.4AI score0.05197EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.90 views

Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code Execution

!/usr/local/bin/python """ Trend Micro Threat Discovery Appliance /opt/TrendMicro/MinorityReport/bin/ Then, all we do is create /engptnstores/prod/sensorSDK/data/si/dlpkill.sh with malicious code and get it executed... Notes: ====== - For this particular PoC, all I did was exec a bind shell using...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.53 views

Netis WF2419 Router - Cross-Site Request Forgery

Exploit Title: Netis-WF2419 Router Cross-Site Request Forgery CSRF Date: 28/01/2018 Exploit Author: Sajibe Kanti Author Contact: https://twitter.com/@sajibekantibd Vendor Homepage: http://www.netis-systems.com/ Version: Netis-WF2419, V2.2.36123 Tested on: Windows 10 Technical Details & Descriptio...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.66 views

Buddy Zone 2.9.9 - SQL Injection

Exploit Title: Vastal I-Tech Facebook Clone 2.9.9 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://vastal.com/ Software Link: http://vastal.com/buddy-zone-social-networking-script.html Version: 2.9.9 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsa...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/28 12:0 a.m.55 views

Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection

Exploit Title: Multilanguage Real Estate MLM Script = 3.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/y2OP4658391/php-scripts/multilanguage-real-estate-mlm-script Version: = 3.0 Category: Webapps...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/26 12:0 a.m.46 views

Linux/x86 - Disable ASLR Security + Obfuscated Shellcode (23 bytes)

Linux/x86 - Disable ASLR Security + Obfuscated Shellcode 23 bytes. Shellcode exploit for Linuxx86 platform ;Title : Linux/x86 - Disable ASLR Security obfuscated shellcode - 23 bytes ;Date : 24 Jan 2018 ;Author : 0xAlaufi ;Tested on : Linux/x86 Ubuntu 12.04.5 global start section .text start: jmp...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/26 12:0 a.m.75 views

WordPress Plugin Learning Management System - 'course_id' SQL Injection

Exploit Title: Good LMS - Learning Management System WP Plugin SQL Injection Date: 2018-01-24 Exploit Author: Esecurity.ir Exploit Author Web Site: http://esecurity.ir Special Thanks : Meisam Monsef [email protected] - Telegram ID : @meisamrce Vendor Homepage: https://goodlayers.com/ Version: A...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/26 12:0 a.m.99 views

Dodocool DC38 N300 - Cross-site Request Forgery

Exploit Title: DODOCOOL DC38 N300 Cross-site Request Forgery Date: 17-01-2018 Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: DODOCOOL Vendor Homepage: www.dodocool.com Version: RTN2-AW.GD.R3465.1.20161103 CVE: CVE-2018-5720 I DESCRIPTION...

8.8CVSS8.8AI score0.02712EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/26 12:0 a.m.99 views

BMC BladeLogic 8.3.00.64 - Remote Command Execution

Exploit Title: BMC BladeLogic RSCD agent remote exec - XMLRPC version Filename: BMCrexec.py Github: https://github.com/bao7uo/bmcbladelogic Date: 2018-01-24 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog Version: BMC RSCD agent 8.3.00.64 CVE: CVE-2016-1542...

7.5CVSS7.7AI score0.74618EPSS
Exploits8
exploitdb
exploitdb
added 2018/01/25 12:0 a.m.53 views

Exodus Wallet (ElectronJS Framework) - Remote Code Execution

window.location = 'exodus://aaaaaaaaa" --gpu-launcher="cmd" --aaaaa='...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/25 12:0 a.m.43 views

ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password

import requests import sys import urllib3 ip = sys.argv1 user = sys.argv2 newPassword = sys.argv3 requests.packages.urilib3.disablewarnings urllib3.disablewarningsurllib3.exceptions.InsecureRequestWarning data = "groupid": '', "actionmode": "apply", "currentpage": "MainPassword.asp", "nextpage":...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.36 views

Professional Local Directory Script 1.0 - SQL Injection

Exploit Title: Professional Local Directory Script 1.0 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://www.eihitech.com/ Software Link: http://www.eihitech.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5973 Exploit Author: Ihsan Sencan Author...

9.8CVSS9.8AI score0.20097EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.85 views

Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - Guest to Host Escape

SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle VirtualBox version 5.1.30, and VirtualBox version 5.2-rc1...

8.8CVSS5.9AI score0.01658EPSS
Exploits6
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.60 views

Kaltura - Remote PHP Code Execution over Cookie (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kaltura Remote PHP Code Execution over Cookie', 'Description' = %q This module exploits an Object Injection vulnerability in Kaltura. By exploiti...

9.8CVSS7AI score0.75497EPSS
Exploits12
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.140 views

Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload

Exploit Title: Telerik UI for ASP.NET AJAX RadAsyncUpload uploader Filename: RAUcrypto.py Github: https://github.com/bao7uo/RAUcrypto Date: 2018-01-23 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog Version: Telerik UI for ASP.NET AJAX CVE: CVE-2017-11317,...

9.8CVSS9.8AI score0.83476EPSS
Exploits9
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.38 views

Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Sync Breeze...

7.8CVSS7.4AI score0.53651EPSS
Exploits11
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.50 views

RAVPower 2.000.056 - Root Remote Code Execution

""" Exploit Title: RAVPower - remote root Date: 23/01/2018 Exploit Authors: Daniele Linguaglossa Vendor Homepage: https://www.ravpower.com/ Software Link: https://www.ravpower.com/ Version: 2.000.056 Tested on: OSX CVE : CVE-2018-5997 """ import requests import time import telnetlib PATHPASSWD =...

10CVSS9.8AI score0.23537EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.65 views

WordPress Plugin Email Subscribers & Newsletters 3.4.7 - Information Disclosure

Exploit Title: WordPress Plugin Email Subscribers & Newsletters 3.4.7 - Information Disclosure Google Dork: Date: 2018-01-23 Exploit Author: ThreatPress Security Vendor Homepage: http://icegram.com/ Software Link: https://wordpress.org/plugins/email-subscribers/ Version: 3.4.7 Tested on: WordPres...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.63 views

GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Arbitrary Module Load (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GoAhead Web Server LDPRELOAD Arbitrary Module Load', 'Description' = %q This module triggers an arbitrary shared library load vulnerability in...

8.1CVSS8.1AI score0.96327EPSS
Exploits15
exploitdb
exploitdb
added 2018/01/24 12:0 a.m.331 views

Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Encryption Keys Disclosure

Exploit Title: Telerik UI for ASP.NET AJAX DialogHandler Dialog cracker Filename: dpcrypto.py Github: https://github.com/bao7uo/dpcrypto Date: 2018-01-23 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog Version: Telerik UI for ASP.NET AJAX CVE: CVE-2017-9248 Vend...

9.8CVSS9.8AI score0.75098EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.26 views

Linux/x86 - execve(/bin/sh) + ROT-N + Shift-N + XOR-N Encoded Shellcode (77 bytes)

Linux/x86 - execve/bin/sh + ROT-N + Shift-N + XOR-N Encoded Shellcode 77 bytes. Shellcode exploit for Linuxx86 platform / Description ; Title : ROT-N + Shift-N + XOR-N encoded /bin/sh - Shellcode ; Author : Hashim Jawad ; Blog Post :...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.36 views

Zechat 1.5 - SQL Injection

Exploit Title: Facebook Style Php Ajax Chat - Zechat 1.5 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://bylancer.com/ Software Link: https://codecanyon.net/item/facebook-style-php-ajax-chat-zechat/16491266 Version: 1.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

9.8CVSS9.8AI score0.02652EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.31 views

Easy Car Script 2014 - SQL Injection

Exploit Title: Easy Car Script 2014 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://www.easyphotostore.com/ Software Link: http://www.easycarscript.com/ Version: 2014 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5986 Exploit Author: Ihsan Sencan Author Web:...

9.8CVSS9.8AI score0.0259EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.90 views

NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download

NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download Vendor: NEC Corporation Product web page: http://www.nec.com Affected version: WebPro =10.00 DSP Firmware Version: 12.11.00.02 Summary: NEC's UNIVERGE® SV9100 is the unified communications UC solution of choice for small and...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.31 views

MixPad 5.00 - Buffer Overflow

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: NCH Software MixPad v5.00 - Unicode Buffer Overflow Date: 21-01-2017 Vulnerable Software: NCH Software MixPad Vendor Homepage: http://www.nch.com.au/mixpad Version: v5.00 Software Link: http://www.nch.com.au/mixpad/mpsetup.exe...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.37 views

HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation

Tested on HP Connected Backup version 8.8.2.0 on Windows 7 x64 import os import sys import time import requests from bs4 import BeautifulSoup def sendrequestbody: url="http://localhost:16386/" headers = "Content-Type": "text/xml; charset=utf-8", 'SOAPAction': '""', "Set-Cookie":...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.36 views

CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection

Document Title: =============== CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1833 Release Date: ============= 2018-01-22 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.31 views

RAVPower 2.000.056 - Memory Disclosure

""" Exploit Title: RAVPower - remote stack disclosure Date: 22/01/2018 Exploit Author: Daniele Linguaglossa Vendor Homepage: https://www.ravpower.com/ Software Link: https://www.ravpower.com/ Version: 2.000.056 Tested on: OSX CVE : CVE-2018-5319 """ import socket import sys import re author =...

7.5CVSS7.8AI score0.12362EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.35 views

Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin)

New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val, password1:$".efe password1".val, password2:$".efe password2".val, email:$".e...

8.8CVSS9AI score0.01385EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.39 views

Tumder 2.1 - SQL Injection

Exploit Title: Tumder - An Arcade Games Platform 2.1 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://sndr.co.ve/ Software Link: https://codecanyon.net/item/tumder-an-arcade-games-platform/18726994 Version: 2.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5984...

9.8CVSS9.8AI score0.02652EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.50 views

Flexible Poll 1.2 - SQL Injection

Exploit Title: Flexible Poll 1.2 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://ddywpro.com/ Software Link: https://codecanyon.net/item/flexible-poll/4363114 Version: 1.2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5988 Exploit Author: Ihsan Sencan Author...

9.8CVSS9.6AI score0.1915EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.29 views

Quickad 4.0 - SQL Injection

Exploit Title: Classified Ads CMS - Quickad 4.0 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://bylancer.com/ Software Link: https://codecanyon.net/item/quickad-classified-ads-php-script/19960675 Version: 4.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5972...

9.8CVSS9.8AI score0.1915EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.27 views

Wchat 1.5 - SQL Injection

Exploit Title: Wchat - Fully Responsive PHP AJAX Chat Script 1.5 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://bylancer.com/ Software Link: https://codecanyon.net/item/wchat-fully-responsive-phpajax-chat/18047319 Version: 1.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

9.8CVSS7AI score0.15243EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.28 views

LiveCRM SaaS Cloud 1.0 - SQL Injection

Exploit Title: LiveCRM SaaS Cloud 1.0 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://livecrm.co/ Software Link: https://codecanyon.net/item/livecrm-saas-cloud-cloud-based-open-source-complete-business-management-solution-crm/21219419 Version: 1.0 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.1915EPSS
Exploits5
Total number of security vulnerabilities47904