Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.295 views

FAQ Management System v1.0 - 'faq' SQL Injection

Exploit Title: FAQ Management System v1.0 - 'faq' SQL Injection Google Dork: N/A Application: FAQ Management System Date: 25.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.301 views

Flashcard Quiz App v1.0 - 'card' SQL Injection

Exploit Title: Flashcard Quiz App v1.0 - 'card' SQL Injection Google Dork: N/A Application: Flashcard Quiz App Date: 25.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.493 views

IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...

5.5CVSS5.5AI score0.00573EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.344 views

Online Shopping System Advanced - Sql Injection

Exploit Title: Online Shopping System Advanced Date: 07.12.2023 Exploit Author: Furkan Gedik Vendor Homepage: https://github.com/PuneethReddyHC/online-shopping-system-advanced Software Link: https://github.com/PuneethReddyHC/online-shopping-system-advanced Version: 1.0 Tested on: Kali Linux 2020....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.297 views

Simple Inventory Management System v1.0 - 'email' SQL Injection

Exploit Title: Simple Inventory Management System v1.0 - 'email' SQL Injection Google Dork: N/A Application: Simple Inventory Management System Date: 26.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.285 views

Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...

9.1CVSS7AI score0.50622EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.284 views

Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLDOSCVE-2024-25736.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability...

7.5CVSS7.6AI score0.04343EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.305 views

Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20ACCOUNTENUMERATIONCVE-2024-25734.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability Type...

7.5CVSS6.8AI score0.04051EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.367 views

taskhub 2.8.7 - SQL Injection

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Date: 05/09/2023 Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth...

8CVSS7.9AI score0.00692EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.436 views

comments-like-dislike < 1.2.0 - Authenticated (Subscriber+) Plugin Setting Reset

Exploit Title: POC-CVE-2023-3244 Date: 9/12/2023 Exploit Author: Diaa Hanna Software Link: download link if available Version: = 1.2.0 comments-like-dislike Tested on: 1.1.6 comments-like-dislike CVE : CVE-2023-3244 References https://nvd.nist.gov/vuln/detail/CVE-2023-3244 The Comments Like Disli...

4.3CVSS4.8AI score0.00787EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/21 12:0 a.m.421 views

WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)

Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Date: 19/10/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE :...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.330 views

Microsoft Windows Defender - VBScript Detection Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERVBSCRIPTTROJANMITIGATIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender Vulnerability Type...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.303 views

phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit

?php / -------------------------------------------------------------- phpFox = 4.8.13 redirect PHP Object Injection Vulnerability -------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................: n0b0d13satgmaildotcom software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.395 views

JFrog Artifactory < 7.25.4 - Blind SQL Injection

Exploit Title: artifactory low-privileged blind sql injection Google Dork: Date: Exploit Author: ardr Vendor Homepage:https://jfrog.com/help/r/jfrog-release-information/cve-2021-3860-artifactory-low-privileged-blind-sql-injection Software Link:...

8.8CVSS8.9AI score0.00997EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.390 views

Wondercms 4.3.2 - XSS to RCE

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.323 views

SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration

Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Date: 05/12/2023 Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp...

5.3CVSS5.4AI score0.01808EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.412 views

XAMPP - Buffer Overflow POC

Exploit Title: XAMPP v3.3.0 — '.ini' Buffer Overflow Unicode + SEH Date: 2023-10-26 Author: Talson @Ripp3rdoc Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.0.28/xampp-windows-x64-8.0.28-0-VS16-installer.exe Version: 3.3.0 Tested on: Windows 11 CVE-2023-46517 \ / \ ...

6.7AI score
Exploits4
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.300 views

Microsoft Windows Defender Bypass - Detection Mitigation Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/WindowsDefenderBackdoorJS.Relvelshe.ADetectionMitigationBypass.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/19 12:0 a.m.304 views

Employee Management System v1 - 'email' SQL Injection

Exploit Title: Employee Management System v1 - 'email' SQL Injection Google Dork: N/A Application: Employee Management System Date: 19.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/15 12:0 a.m.474 views

SISQUALWFM 7.1.319.103 - Host Header Injection

Exploit Title: SISQUALWFM 7.1.319.103 Host Header Injection Discovered Date: 17/03/2023 Reported Date: 17/03/2023 Resolved Date: 13/10/2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://www.sisqualwfm.com Version: 7.1.319.103 Tested on: SISQUAL WFM 7.1.319.103 Affected Versio...

6.1CVSS6.3AI score0.00507EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/15 12:0 a.m.360 views

DS Wireless Communication - Remote Code Execution

Exploit Title: DS Wireless Communication Remote Code Execution Date: 11 Oct 2023 Exploit Author: MikeIsAStar Vendor Homepage: https://www.nintendo.com Version: Unknown Tested on: Wii CVE: CVE-2023-45887 """This code will inject arbitrary code into a client's game. You are fully responsible for al...

9.8CVSS9.7AI score0.01566EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/15 12:0 a.m.484 views

Metabase 0.46.6 - Pre-Auth Remote Code Execution

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...

9.8CVSS9.6AI score0.97924EPSS
Exploits36
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.421 views

Splunk 9.0.4 - Information Disclosure

Exploit Title: Splunk 9.0.4 - Information Disclosure Date: 2023-09-18 Exploit Author: Parsa rezaie khiabanloo Vendor Homepage: https://www.splunk.com/ Version: 9.0.4 Tested on: Windows OS Splunk through 9.0.4 allows information disclosure by appending...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.411 views

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 doreboot Remote Denial Of Service Vendor: Video Medios, S.A. VIMESA Product web page: https://www.vimesa.es Affected version: img:v9.7.1 Html:v2.4 RS485:v2.5 Summary: The transmitter Blue Plus is designed with all the latest technologies, such as high...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.411 views

ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure

Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...

6.5CVSS6.6AI score0.05312EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/13 12:0 a.m.471 views

Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over

Exploit Title: Lost and Found Information System v1.0 - idor leads to Account Take over Date: 2023-12-03 Exploit Author: OR4NG.M4N Category : webapps CVE : CVE-2023-38965 Python p0c : import argparse import requests import time parser = argparse.ArgumentParserdescription='Send a POST request to t...

9.8CVSS9.7AI score0.01264EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.426 views

Zyxel zysh - Format string

!/usr/bin/expect -f raptorzyshfhtagn.exp - zysh format string PoC exploit Copyright c 2022 Marco Ivaldi "We live on a placid island of ignorance in the midst of black seas of infinity, and it was not meant that we should voyage far." -- H. P. Lovecraft, The Call of Cthulhu "Multiple improper inpu...

7.8CVSS6.9AI score0.05805EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.323 views

Rail Pass Management System 1.0 - Time-Based SQL Injection

Exploit Title: Rail Pass Management System - 'searchdata' Time-Based SQL Injection Date: 02/10/2023 Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/rail-pass-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17479...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.331 views

Online Nurse Hiring System 1.0 - Time-Based SQL Injection

Exploit Title: Online Nurse Hiring System 1.0 - 'bookid' Time-Based SQL Injection Date: 03/10/2023 Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17826...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.373 views

Wordpress Seotheme - Remote Code Execution Unauthenticated

Exploit Title: Wordpress Seotheme - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys , requests, re from multiprocessing.dummy import Pool from colorama import Fore from colorama import init...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.410 views

Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Date: 11.10.2023 Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.572 views

Elasticsearch - StackOverflow DoS

Exploit Author: TOUHAMI KASBAOUI Vendor Homepage: https://elastic.co/ Version: 8.5.3 / OpenSearch Tested on: Ubuntu 20.04 LTS CVE : CVE-2023-31419 Ref: https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419 import requests import random import string esurl =...

7.5CVSS7AI score0.60679EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/09 12:0 a.m.333 views

Wordpress Augmented-Reality - Remote Code Execution Unauthenticated

Exploit Title: Wordpress Augmented-Reality - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import requests as req import json import sys import random import uuid import urllib.parse import urllib3 from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.480 views

Wordpress 'simple urls' Plugin < 115 - XSS

Exploit Title: simple urls alertorigin...

6.1CVSS7.1AI score0.01726EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.373 views

TASKHUB-2.8.8 - XSS-Reflected

Title: TASKHUB-2.8.8-XSS-Reflected Author: nu11secur1ty Date: 09/22/2023 Vendor: https://codecanyon.net/user/infinitietech Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Reference: https://portswigger.net/web-security/cross-site-scripting Description: T...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.409 views

Curfew e-Pass Management System 1.0 - FromDate SQL Injection

Exploit Title: Curfew e-Pass Management System 1.0 - FromDate SQL Injection Date: 28/9/2023 Exploit Author: Puja Dey Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/curfew-e-pass-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10/Wamp 1 login...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.476 views

WhatsUp Gold 2022 (22.1.0 Build 39) - XSS

Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...

6.1CVSS6.3AI score0.0213EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.442 views

Milesight Routers UR5X, UR32L, UR32, UR35, UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption

!/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password Encryption CVE: CVE-2023-43261 Script Author: Bipin Jitiya @win3zz Vendor: Milesight IoT - https://www.milesight-iot.com/ Formerly Xiamen Ursalink Technology Co., Ltd...

7.5CVSS7.6AI score0.59342EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.388 views

Clinic's Patient Management System 1.0 - Unauthenticated RCE

Exploit Title: Clinic's Patient Management System 1.0 - Unauthenticated RCE Date: 07.10.2023 Exploit Author: Oğulcan Hami Gül Vendor Homepage: https://www.sourcecodester.com/php-clinics-patient-management-system-source-code Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.368 views

MISP 2.4.171 - Stored XSS

Exploit Title: MISP 2.4.171 Stored XSS CVE-2023-37307 Authenticated Date: 8th October 2023 Exploit Author: Mücahit Çeri Vendor Homepage: https://www.circl.lu/ Software Link: https://github.com/MISP/MISP Version: 2.4.171 Tested on: Ubuntu 20.04 CVE : CVE-2023-37307 Exploit: Logged in as low...

5.4CVSS7AI score0.00502EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/02/05 12:0 a.m.380 views

GYM MS - GYM Management System - Cross Site Scripting (Stored)

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.460 views

mooSocial 3.1.8 - Cross-Site Scripting (XSS) on User Login Page

Exploit Title: mooSocial 3.1.8 - Cross-Site Scripting XSS on User Login Page Date: 26 September 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://moosocial.com Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 11 CVE : CVE-2023-43325 Description: A Cro...

6.1CVSS6.4AI score0.01857EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.323 views

TP-LINK TL-WR740N - Multiple HTML Injection

Exploit Title: TP-LINK TL-WR740N - Multiple HTML Injection Vulnerabilities Date: 25/9/2023 Exploit Author: Shujaat Amin ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.311 views

Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure

Electrolink FM/DAB/TV Transmitter controlloLogin.js Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.325 views

Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass

Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.337 views

PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow

Exploit Title: PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow Date: 09/25/2023 Exploit Author: Waqas Ahmed Faroouqi ZEROXINN Vendor Homepage: http://pcman.openfoundry.org/ Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Version: 2.0 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.328 views

TP-Link TL-WR740N - UnAuthenticated Directory Transversal

Exploit Title: TP-Link TL-WR740N UnAuthenticated Directory Transversal Date: 25/9/2023 Exploit Author: Syed Affan Ahmed ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.301 views

Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure

Electrolink FM/DAB/TV Transmitter login.htm/mail.htm Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.350 views

WebCatalog 48.4 - Arbitrary Protocol Execution

Exploit Title: WebCatalog 48.4 - Arbitrary Protocol Execution Date: 9/27/2023 Exploit Author: ItsSixtyN3in Vendor Homepage: https://webcatalog.io/en/ Software Link: https://cdn-2.webcatalog.io/webcatalog/WebCatalog%20Setup%2052.3.0.exe Version: 48.4.0 Tested on: Windows CVE : CVE-2023-42222...

8.8CVSS8.9AI score0.01418EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/02/02 12:0 a.m.314 views

Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS

Electrolink FM/DAB/TV Transmitter Unauthenticated Remote DoS Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W, 1kW, 2...

7.4AI score
Exploits0
Total number of security vulnerabilities47904