Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.262 views

FuguHub 8.1 - Remote Code Execution

Exploit Title: FuguHub 8.1 - Remote Code Execution Date: 6/24/2023 Exploit Author: redfire359 Vendor Homepage: https://fuguhub.com/ Software Link: https://fuguhub.com/download.lsp Version: 8.1 Tested on: Ubuntu 22.04.1 CVE : CVE-2023-24078 import requests from bs4 import BeautifulSoup import...

8.8CVSS8.8AI score0.53239EPSS
Exploits9
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.190 views

Sales of Cashier Goods v1.0 - Cross Site Scripting (XSS)

Exploit Title: Sales of Cashier Goods v1.0 - Cross Site Scripting XSS Date: 2023-06-23 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Dork : /print.php?nmmember= Vendor Homepage:...

6.1CVSS6.3AI score0.05295EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.188 views

Rukovoditel 3.4.1 - Multiple Stored XSS

Exploit Title: Rukovoditel 3.4.1 - Multiple Stored XSS Version: 3.4.1 Bugs: Multiple Stored XSS Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 24-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.192 views

WebsiteBaker v2.13.3 - Stored XSS

Exploit Title: WebsiteBaker v2.13.3 - Stored XSS Application: WebsiteBaker Version: 2.13.3 Bugs: Stored XSS Technology: PHP Vendor URL: https://websitebaker.org/pages/en/home.php Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Date of found: 26.06.2023 Author: Mirabbas Ağalarov...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.324 views

Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit - Remote Code Execution (RCE)

Title: Microsoft 365 MSO Version 2305 Build 16.0.16501.20074 64-bit - Remote Code Execution RCE Author: nu11secur1ty Date: 04.17.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/ Reference:...

7.8CVSS7.8AI score0.03011EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.305 views

Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 32-bit - Remote Code Execution (RCE)

Title:Microsoft 365 MSO Version 2305 Build 16.0.16501.20074 32-bit - Remote Code Execution RCE Author: nu11secur1ty Date: 06.27.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference: https://portswigger.net/daily-swig/rce CVE-2023-33137...

7.8CVSS7.8AI score0.02748EPSS
Exploits2
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.200 views

POS Codekop v2.0 - Authenticated Remote Code Execution (RCE)

Exploit Title: POS Codekop v2.0 - Authenticated Remote Code Execution RCE Date: 25-05-2023 Exploit Author: yuyudhn Vendor Homepage: https://www.codekop.com/ Software Link: https://github.com/fauzan1892/pos-kasir-php Version: 2.0 Tested on: Linux CVE: CVE-2023-36348 Vulnerability description: The...

8.8CVSS9.1AI score0.06366EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.211 views

Alkacon OpenCMS 15.0 - Multiple Cross-Site Scripting (XSS)

Exploit Title: Alkacon OpenCMS 15.0 - Multiple Cross-Site Scripting XSS Date: 1/07/2023 Exploit Author: tmrswrr Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version: v15.0 POC: 1 Login in demo page , go to this url...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.197 views

Prestashop 8.0.4 - Cross-Site Scripting (XSS)

Exploit Title: Prestashop 8.0.4 - Cross-Site Scripting XSS Application: prestashop Version: 8.0.4 Bugs: Stored XSS Technology: PHP Vendor URL: https://prestashop.com/ Software Link: https://prestashop.com/prestashop-edition-basic/ Date of found: 30.06.2023 Author: Mirabbas Ağalarov Tested on: Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.166 views

Vacation Rental 1.8 - Stored Cross-Site Scripting (XSS)

Exploit Title: Vacation Rental 1.8 - Stored Cross-Site Scripting XSS Date: 30/06/2023 Exploit Author: CraCkEr Vendor: GZ Scripts Vendor Homepage: https://gzscripts.com/ Software Link: https://gzscripts.com/vacation-rental-website.html Version: 1.8 Tested on: Windows 10 Pro Impact: Manipulate the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.240 views

TP-Link TL-WR940N V4 - Buffer OverFlow

Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow Date: 2023-06-30 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : hardware Dork : /userRpm/WanDynamicIpV6CfgRpm Tested on: Windows/Linux CVE : CVE-2023-36355 import requests Replace the IP address with the router's IP routerip...

9.9CVSS9.7AI score0.31733EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.198 views

spip v4.1.10 - Spoofing Admin account

Exploit Title: spip v4.1.10 - Spoofing Admin account Author: nu11secur1ty Date: 06.29.2023 Vendor: https://www.spip.net/enrubrique25.html Software: https://files.spip.net/spip/archives/spip-v4.1.10.zip Reference: https://www.crowdstrike.com/cybersecurity-101/spoofing-attacks/ Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.196 views

WP AutoComplete 1.0.4 - Unauthenticated SQLi

Exploit Title: WP AutoComplete 1.0.4 - Unauthenticated SQLi Date: 30/06/2023 Exploit Author: Matin nouriyan matitanium Version: = 1.0.4 CVE: CVE-2022-4297 Vendor Homepage: https://wordpress.org/support/plugin/wp-autosearch/ Tested on: Kali linux --------------------------------------- The WP...

9.8CVSS9.7AI score0.03595EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.224 views

GZ Forum Script 1.8 - Stored Cross-Site Scripting (XSS)

Exploit Title: GZ Forum Script 1.8 - Stored Cross-Site Scripting XSS Date: 30/06/2023 Exploit Author: CraCkEr Vendor: GZ Scripts Vendor Homepage: https://gzscripts.com/ Software Link: https://gzscripts.com/gz-forum-script.html Version: 1.8 Tested on: Windows 10 Pro Impact: Manipulate the content ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.481 views

Xenforo Version 2.2.13 - Authenticated Stored XSS

Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS Date: 2023-06-24 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: https://x.com/admin.php?smilies Version: 2.2.12 REQUIRED Tested on: Windows/Linux CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.320 views

Azure Apache Ambari 2302250400 - Spoofing

Exploit Title: Azure Apache Ambari 2302250400 - Spoofing Date: 2023-06-23 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : Remote Vendor Homepage: Microsoft Apache Ambari Microsoft azure Hdinsights Tested on: Windows/Linux CVE : CVE-2023-23408 import requests Set the URL and...

4.5CVSS5.3AI score0.04047EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.358 views

Microsoft SharePoint Enterprise Server 2016 - Spoofing

// Exploit Title: Microsoft SharePoint Enterprise Server 2016 - Spoofing // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : Remote // Vendor Homepage: // Microsoft SharePoint Foundation 2013 Service Pack 1 // Microsoft SharePoint Server Subscription...

8.1CVSS8.3AI score0.06233EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.359 views

Windows 11 22h2 - Kernel Privilege Elevation

// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...

7.8CVSS8.8AI score0.02866EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/26 12:0 a.m.301 views

PrestaShop Winbiz Payment module - Improper Limitation of a Pathname to a Restricted Directory

Exploit Title: PrestaShop Winbiz Payment module - Improper Limitation of a Pathname to a Restricted Directory Date: 2023-06-20 Dork: /modules/winbizpayment/downloads/download.php country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Vendor Homepage:...

7.5CVSS7.6AI score0.05523EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/23 12:0 a.m.350 views

MCL-Net 4.3.5.8788 - Information Disclosure

Exploit Title: MCL-Net 4.3.5.8788 - Information Disclosure Date: 5/31/2023 Exploit Author: Victor A. Morales, GM Sectec Inc. Vendor Homepage: https://www.mcl-mobilityplatform.com/net.php Version: 4.3.5.8788 other versions may be affected Tested on: Microsoft Windows 10 Pro CVE: CVE-2023-34834...

5.3CVSS5.7AI score0.03958EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/23 12:0 a.m.358 views

NCH Express Invoice - Clear Text Password Storage and Account Takeover

Exploit Title: NCH Express Invoice - Clear Text Password Storage and Account Takeover Google Dork:: intitle:ExpressInvoice - Login Date: 07/Apr/2020 Exploit Author: Tejas Nitin Pingulkar https://cvewalkthrough.com/ Vendor Homepage: https://www.nchsoftware.com/ Software Link:...

7.8CVSS7.8AI score0.00999EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/23 12:0 a.m.293 views

Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)

-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/22 12:0 a.m.333 views

Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)

Exploit Title: Smart Office Web 20.28 - Remote Information Disclosure Unauthenticated Shodan Dork:: inurl:"https://www.shodan.io/search?query=smart+office" Date: 09/Dec/2022 Exploit Author: Tejas Nitin Pingulkar https://cvewalkthrough.com/ Vendor Homepage: https://smartofficepayroll.com/ Software...

7.5CVSS7.6AI score0.59407EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/06/22 12:0 a.m.368 views

Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing

Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Author: nu11secur1ty Date: 06.22.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...

6.5CVSS6.8AI score0.01649EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/21 12:0 a.m.239 views

HiSecOS 04.0.01 - Privilege Escalation

Exploit Title: HiSecOS 04.0.01 - Privilege Escalation Google Dork: HiSecOS Web Server Vulnerability Allows User Role Privilege Escalation Date: 21.06.2023 Exploit Author: dreizehnutters Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/20 12:0 a.m.1256 views

SPIP v4.2.0 - Remote Code Execution (Unauthenticated)

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: SPIP v4.2.1 - Remote Code Execution Unauthenticated Google Dork: inurl:"/spip.php?page=login" Date: 19/06/2023 Exploit Author: nuts7 https://github.com/nuts7/CVE-2023-27372 Vendor Homepage: https://www.spip.net/ Software Link:...

9.8CVSS9.8AI score0.99637EPSS
Exploits23
Exploit DB
Exploit DB
added 2023/06/20 12:0 a.m.289 views

Super Socializer 7.13.52 - Reflected XSS

Exploit Title: Super Socializer 7.13.52 - Reflected XSS Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=thechampsharingcount&urls%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E=https://www.google.com Date: 2023-06-20 Exploit Author: Amirhossein Bahramizadeh Category :...

6.1CVSS7AI score0.05991EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/20 12:0 a.m.249 views

WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS)

Exploit Title: WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting XSS Dork: inurl:/admin/views/admin.php Date: 2023-06-20 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage: https://wordpress.org/plugins/wp-sticky-social Version: 1.0.1...

8.8CVSS7.5AI score0.02304EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/20 12:0 a.m.263 views

Nokia ASIKA 7.13.52 - Hard-coded private key disclosure

// Exploit Title: Nokia ASIKA 7.13.52 - Hard-coded private key disclosure // Date: 2023-06-20 // Exploit Author: Amirhossein Bahramizadeh // Category : Hardware // Vendor Homepage: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25187/ // Version: 7.13.52...

7CVSS6.5AI score0.00956EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.481 views

Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Diafan CMS 6.0 - Reflected Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya Karabag Vendor Homepage: https://www.diafancms.com/ Version: 6.0 Tested on: https://demo.diafancms.com Description: 1 https://demo.diafancms.com/ Go to main page and write your payload in Search in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.333 views

Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)

Exploit Title: Symantec SiteMinder WebAgent v12.52 - Cross-site scripting XSS Google Dork: N/A Date: 18-06-2023 Exploit Author: Harshit Joshi Vendor Homepage: https://community.broadcom.com/home Software Link: https://www.broadcom.com/products/identity/siteminder Version: 12.52 Tested on: Linux,...

6.1CVSS5.6AI score0.03083EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.329 views

Groomify v1.0 - SQL Injection

Exploit Title: Groomify v1.0 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/groomify-barbershop-salon-spa-booking-and-ecommerce-platform/45808114 Demo Site: https://script.bugfinder.net/groomify Tested on: Kali Linux CVE: N/A Vulnerable URL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.289 views

The Shop v2.5 - SQL Injection

Exploit Title: The Shop v2.5 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.343 views

Student Study Center Management System v1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Student Study Center Management System v1.0 - Stored Cross-Site Scripting XSS Date of found: 12/05/2023 Exploit Author: VIVEK CHOUDHARY @sudovivek Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://phpgurukul.com Software Link:...

4.8CVSS5.2AI score0.03663EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.361 views

Jobpilot v2.61 - SQL Injection

Exploit Title: Jobpilot v2.61 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.374 views

WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password

Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...

8.1CVSS8.3AI score0.13625EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/15 12:0 a.m.291 views

Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)

Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload Unauthenticated Google Dork: n/a Date: 14/06/2023 Exploit Author: Ramil Mustafayev Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.344 views

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

9.8CVSS7.1AI score0.95845EPSS
Exploits13
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.308 views

Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution

Exploit Title: Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.20, 3.2.9 Hardware revision 1.1, 1.0 SoapLive 2.4.1, 2.0.3 SoapSystem 1.3.1 Summary: Flamingo XL, a new modula...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.310 views

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

9.8CVSS9.8AI score0.95845EPSS
Exploits13
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.303 views

Textpattern CMS v4.8.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Textpattern CMS v4.8.8 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-13 Exploit Author: tmrswrr Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/filedownload/118/textpattern-4.8.8.zip Version: v4.8.8 Tested :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.328 views

Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution

Exploit Title: Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.5 Hardware revision: 1.1 SoapLive 2.4.0 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.306 views

projectSend r1605 - Stored XSS

Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & P...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.307 views

projectSend r1605 - CSV injection

Exploit Title: projectSend r1605 - CSV injection Version: r1605 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Windows 2. Technical Details & POC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.368 views

Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak

Exploit Title: Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak Exploit Author: LiquidWorm Product web page: https://www.ateme.com Affected version: 3.2.9 Hardware revision 1.0 SoapLive 2.0.3 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.321 views

Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Xoops CMS 2.5.10 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-12 Exploit Author: tmrswrr Vendor Homepage: https://xoops.org/ Software https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10 Version: 2.5.10 Tested : https://www.softaculous.com/apps/cms/Xoops ---...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.323 views

Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Monstra 3.0.4 - Stored Cross-Site Scripting XSS Date: 2023-06-13 Exploit Author: tmrswrr Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested : https://www.softaculous.com/softaculous/demos/Monstra --- Description --- 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/14 12:0 a.m.308 views

Online Thesis Archiving System v1.0 - Multiple-SQLi

Exploit Title: Online Thesis Archiving System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 06.12.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/13 12:0 a.m.335 views

Teachers Record Management System 1.0 - File Upload Type Validation

Exploit Title: Teachers Record Management System 1.0 – File Upload Type Validation Date: 17-01-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3187 =============================== STEPSTOREPRODUCE...

6.5CVSS5.7AI score0.02556EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/13 12:0 a.m.310 views

Online Examination System Project 1.0 - Cross-site request forgery (CSRF)

Exploit Title: Online Examination System Project 1.0 - Cross-site request forgery CSRF Google Dork: n/a Date: 09/06/2023 Exploit Author: Ramil Mustafayev kryptohaker Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904