Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2023/06/13 12:0 a.m.323 views

Sales Tracker Management System v1.0 - Multiple Vulnerabilities

Exploit Title: Sales Tracker Management System v1.0 – Multiple Vulnerabilities Google Dork: NA Date: 09-06-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3184 ============================== CREDENTIAL TO USE...

4.8CVSS5AI score0.02264EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/09 12:0 a.m.400 views

Thruk Monitoring Web Interface 3.06 - Path Traversal

Exploit Title: Thruk Monitoring Web Interface 3.06 - Path Traversal Date: 08-Jun-2023 Exploit Author: Galoget Latorre @galoget CVE: CVE-2023-34096 Galoget Latorre Vendor Homepage: https://thruk.org/ Software Link: https://github.com/sni/Thruk/archive/refs/tags/v3.06.zip Software Link + Exploit +...

8.8CVSS8.8AI score0.62682EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/06/09 12:0 a.m.425 views

WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution

Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Date: 2023-06-01 Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author...

9.8CVSS9.6AI score0.60113EPSS
Exploits9
Exploit DB
Exploit DB
added 2023/06/07 12:0 a.m.299 views

USB Flash Drives Control 4.1.0.0 - Unquoted Service Path

Exploit Title: USB Flash Drives Control 4.1.0.0 - Unquoted Service Path Date: 2023-31-05 Exploit Author: Jeffrey Bencteux Vendor Homepage: https://binisoft.org/ Software Link: https://binisoft.org/wfc Version: 4.1.0.0 Tested on: Microsoft Windows 11 Pro Vulnerability Type: Unquoted Service Path P...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/06 12:0 a.m.278 views

Macro Expert 4.9 - Unquoted Service Path

Exploit Title: Macro Expert 4.9 - Unquoted Service Path Date: 04/06/2023 Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/06 12:0 a.m.289 views

Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)

Exploit Title: Tree Page View Plugin 1.6.7 - Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/cms-tree-page-view/ Date: 2023-04-24 Exploit Author: LEE SE HYOUNG hackintoanetwork Vendor Homepage: https://wordpress.org/plugins/cms-tree-page-view/ Software Link:...

7.1CVSS7.1AI score0.03995EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.303 views

Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Barebones CMS v2.0.2 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-03 Exploit Author: tmrswrr Vendor Homepage: https://barebonescms.com/ Software Link: https://github.com/cubiclesoft/barebones-cms/archive/master.zip Version: v2.0.2 Tested :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.288 views

Total CMS 1.7.4 - Remote Code Execution (RCE)

Exploit Title: Total CMS 1.7.4 - Remote Code Execution RCE Date: 02/06/2023 Exploit Author: tmrswrr Version: 1.7.4 Vendor home page : https://www.totalcms.co/ 1 Go to this page and click edit page button https://www.totalcms.co/demo/soccer/ 2After go down and will you see downloads area 3Add in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.312 views

MotoCMS Version 3.4.3 - SQL Injection

Title: MotoCMS Version 3.4.3 - SQL Injection Author: tmrswrr Date: 01/06/2023 Vendor: https://www.motocms.com Link: https://www.motocms.com/website-templates/demo/189526.html Vulnerable Versions: MotoCMS 3.4.3 Description MotoCMS Version 3.4.3 SQL Injection via the keyword parameter. Steps to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.338 views

STARFACE 7.3.0.10 - Authentication with Password Hash Possible

Exploit Title: STARFACE 7.3.0.10 - Authentication with Password Hash Possible Affected Versions: 7.3.0.10 and earlier versions Fixed Versions: - Vulnerability Type: Broken Authentication Security Risk: low Vendor URL: https://www.starface.de Vendor Status: notified Advisory URL:...

8.1CVSS8.2AI score0.04421EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.372 views

File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution RCE Date: 05/31/2023 Exploit Author: Mateus Machado Tesser Vendor Homepage: https://advancedfilemanager.com/ Version: File Manager Advanced Shortcode 2.3.2 Tested on: Wordpress 6.1 / Linux Ubuntu 5.15 CVE...

9.8CVSS7AI score0.3962EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/06/04 12:0 a.m.307 views

Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)

Exploit Title: Enrollment System Project v1.0 - SQL Injection Authentication Bypass SQLI Date of found: 18/05/2023 Exploit Author: VIVEK CHOUDHARY @sudovivek Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://www.sourcecodester.com Software Link:...

9.8CVSS9.7AI score0.14242EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.365 views

SCRMS 2023-05-27 1.0 - Multiple SQL Injection

Exploit Title: SCRMS 2023-05-27 1.0 - Multiple SQLi Author: nu11secur1ty Date: 05.27.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15895/simple-customer-relationship-management-crm-system-using-php-free-source-coude.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.295 views

Rukovoditel 3.3.1 - CSV injection

Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.286 views

MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)

Title: MotoCMS Version 3.4.3 - Server-Side Template Injection SSTI Author: tmrswrr Date: 31/05/2023 Vendor: https://www.motocms.com Link: https://www.motocms.com/website-templates/demo/189526.html Vulnerable Versions: MotoCMS 3.0.27 Description MotoCMS Version 3.4.3 Store Category Template was...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.374 views

Pydio Cells 4.1.2 - Server-Side Request Forgery

Exploit Title: Pydio Cells 4.1.2 - Server-Side Request Forgery Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Server-Side Request Forgery Security Risk: medium Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...

6.5CVSS6.5AI score0.03846EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.294 views

Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)

Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow DoS Metasploit Date: 2018-03-09 Exploit Author: Ege Balci Vendor Homepage: https://www.flexense.com/downloads.html Version: 'Flexense HTTP Server Denial Of Service', 'Description' = %q This module triggers a Denial of Service...

7.5CVSS7.6AI score0.76544EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.336 views

Faculty Evaluation System 1.0 - Unauthenticated File Upload

Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Date: 5/29/2023 Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

7.2CVSS7AI score0.14507EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.307 views

unilogies/bumsys v1.0.3 beta - Unrestricted File Upload

Exploit Title: - unilogies/bumsys v1.0.3-beta - Unrestricted File Upload Google Dork : NA Date: 19-01-2023 Exploit Author: AFFAN AHMED Vendor Homepage: https://github.com/unilogies/bumsys Software Link: https://github.com/unilogies/bumsys/archive/refs/tags/v1.0.3-beta.zip Version: 1.0.3-beta Test...

8.8CVSS8.2AI score0.05748EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.345 views

Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download

Exploit Title: Pydio Cells 4.1.2 - Cross-Site Scripting XSS via File Download Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Cross-Site Scripting Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...

5.4CVSS5.5AI score0.02937EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.338 views

Online Security Guards Hiring System 1.0 - Reflected XSS

Exploit Title: Online Security Guards Hiring System 1.0 – REFLECTED XSS Google Dork : NA Date: 23-01-2023 Exploit Author : AFFAN AHMED Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/projects/Online-Security-Guard-Hiring-SystemPHP.zip Version: 1.0 Tested on: Windows ...

6.1CVSS6.3AI score0.06169EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/31 12:0 a.m.355 views

Pydio Cells 4.1.2 - Unauthorised Role Assignments

Exploit Title: Pydio Cells 4.1.2 - Unauthorised Role Assignments Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Privilege Escalation Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...

8.8CVSS7AI score0.14197EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/26 12:0 a.m.375 views

Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)

Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection SSTI Exploit Author: PARAG BAGUL CVE: CVE-2023-30145 Description Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the formats parameter. Affected Component All versions below...

9.8CVSS9.6AI score0.45858EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.366 views

Ulicms 2023.1 - create admin user via mass assignment

Exploit Title: Ulicms 2023.1 - create admin user via mass assignment Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: create admin user via mass assignment Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.418 views

Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation

Exploit Title: Filmora 12 version Build 1.0.0.7 - Unquoted Service Paths Privilege Escalation Date: 20 May 2023 Exploit Author: Thurein Soe Vendor Homepage: https://filmora.wondershare.com Software Link: https://mega.nz/file/tQNGGZTQE1u20rdbT4R3pgSoUBG93IPAXqesJ5yyn6T8RlMFxaE Version: Filmora 12...

7.8CVSS8AI score0.01079EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.356 views

Zenphoto 1.6 - Multiple stored XSS

Exploit Title: Zenphoto 1.6 - Multiple stored XSS Application: Zenphoto-1.6 xss poc Version: 1.6 Bugs: XSS Technology: PHP Vendor URL: https://www.zenphoto.org/news/zenphoto-1.6/ Software Link: https://github.com/zenphoto/zenphoto/archive/v1.6.zip Date of found: 01-05-2023 Author: Mirabbas Ağalar...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.405 views

SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated)

!/usr/bin/python3 Exploit Title: SCM Manager 1.60 - Cross-Site Scripting Stored Authenticated Google Dork: intitle:"SCM Manager" intext:1.60 Date: 05-25-2023 Exploit Author: neg0x https://github.com/n3gox/CVE-2023-33829 Vendor Homepage: https://scm-manager.org/ Software Link:...

5.4CVSS5.5AI score0.07258EPSS
Exploits7
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.357 views

Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)

Exploit Title: Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution Metasploit Date: Dec 9 2019 Exploit Author: Ege Balci Vendor Homepage: https://www.seagate.com/de/de/support/external-hard-drives/network-storage/seagate-central/ Version: 2015.0916 CVE : 2020-6627 This...

9.8CVSS9.3AI score0.12453EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/25 12:0 a.m.402 views

WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)

Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting XSS Version: 1.6.1 Bugs: XSS Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/24 12:0 a.m.403 views

Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE) via subprocess_execute

Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE via subprocessexecute Exploit Author: Iyaad Luqman K Application: Roxy WI = v6.1.0.0 Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Tested on: Ubuntu 22.04 CVE : CVE-2022-31137 P...

10CVSS9.6AI score0.90387EPSS
Exploits15
Exploit DB
Exploit DB
added 2023/05/24 12:0 a.m.291 views

Service Provider Management System v1.0 - SQL Injection

Exploit Title: Service Provider Management System v1.0 - SQL Injection Date: 2023-05-23 Exploit Author: Ashik Kunjumon Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.256 views

thrsrossi Millhouse-Project 1.414 - Remote Code Execution

sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.253 views

TinyWebGallery v2.5 - Remote Code Execution (RCE)

Exploit Title: TinyWebGallery v2.5 - Remote Code Execution RCE Application: TinyWebGallery Version: v2.5 Bugs: RCE Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023 Author: Mirabbas...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.238 views

Optoma 1080PSTX Firmware C02 - Authentication Bypass

Exploit Title: Optoma 1080PSTX Firmware C02 - Authentication Bypass Date: 2023/05/09 Exploit Author: Anthony Cole Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Vendor Homepage: http://optoma.com Version: Optoma 1080PSTX Firmware C02 Tested on: N/A CVE : CVE-2023-27823...

9.8CVSS9.7AI score0.53312EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.207 views

e107 v2.3.2 - Reflected XSS

Exploit Title: e107 v2.3.2 - Reflected XSS Date: 11/05/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 2.3.2 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64 OpenSSL/1.1.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.309 views

Apache Superset 2.0.0 - Authentication Bypass

Exploit Title: Apache Superset 2.0.0 - Authentication Bypass Date: 10 May 2023 Exploit Author: MaanVader Vendor Homepage: https://superset.apache.org/ Version: Apache Superset= 1.4.1 b'thisISaSECRET1234', deployment template b'YOUROWNRANDOMGENERATEDSECRETKEY', documentation b'TESTNONDEVSECRET'...

9.8CVSS9.8AI score0.97405EPSS
Exploits20
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.300 views

WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup

Exploit Title: WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup Google Dork: intitle:"Index of /wp-content/plugins/backup-backup" AND inurl:"plugins/backup-backup/" Date: 2023-05-10 Exploit Author: Wadeek Vendor Homepage: https://backupbliss.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.258 views

PnPSCADA v2.x - Unauthenticated PostgreSQL Injection

Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Date: 15/5/2023 Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...

9.8CVSS7.8AI score0.08079EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.232 views

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Date: 2023-10-05 Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Softwar...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.236 views

Screen SFT DAB 600/C - Authentication Bypass Password Change

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Password Change Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.258 views

Screen SFT DAB 600/C - Authentication Bypass Reset Board Config

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Reset Board Config Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.250 views

Prestashop 8.0.4 - CSV injection

Exploit Title: Prestashop 8.0.4 - CSV injection Application: prestashop Version: 8.0.4 Bugs: CSV Injection Technology: PHP Vendor URL: https://prestashop.com/ Software Link: https://prestashop.com/prestashop-edition-basic/ Date of found: 14.05.2023 Author: Mirabbas Ağalarov Tested on: Windows 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.288 views

SitemagicCMS 4.4.3 - Remote Code Execution (RCE)

Exploit Title: SitemagicCMS 4.4.3 Remote Code Execution RCE Application: SitemagicCMS Version: 4.4.3 Bugs: RCE Technology: PHP Vendor URL: https://sitemagic.org/Download.html Software Link: https://github.com/Jemt/SitemagicCMS Date of found: 14-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.228 views

Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking

Exploit Title: Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking Date: 14/05/2023 Exploit Author: Ahsan Azad Vendor Homepage: https://hubstaff.com/ Software Link: https://app.hubstaff.com/download Version: 1.6.13, 1.6.14 Tested On: 64-bit operating system, x64-based processor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.229 views

Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)

Exploit Title: Screen SFT DAB 600/C - Unauthenticated Information Disclosure userManager.cgx Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.253 views

eScan Management Console 14.0.1400.2281 - SQL Injection (Authenticated)

Exploit Title: eScan Management Console 14.0.1400.2281 - SQL Injection Authenticated Date: 16/05/2023 Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31702 Step of...

7.2CVSS7.1AI score0.04312EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.233 views

Best POS Management System v1.0 - Unauthenticated Remote Code Execution

Exploit Title: Best POS Management System v1.0 - Unauthenticated Remote Code Execution Google Dork: NA Date: 15/5/2023 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.265 views

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

Exploit Title: Yank Note v3.52.1 Electron - Arbitrary Code Execution Date: 2023-04-27 Exploit Author: 8bitsec CVE: CVE-2023-31874 Vendor Homepage: yank-note.com Software Link: https://github.com/purocean/yn Version: 3.52.1 Tested on: Ubuntu 22.04 | Mac OS 13 Release Date: 2023-04-27 Product &...

8.8CVSS8.9AI score0.04898EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.239 views

Affiliate Me Version 5.0.1 - SQL Injection

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection Exploit Date: May 16, 2023. CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.243 views

eScan Management Console 14.0.1400.2281 - Cross Site Scripting

Exploit Title: eScan Management Console 14.0.1400.2281 - Cross Site Scripting Date: 2023-05-16 Exploit Author: Sahil Ojha Vendor Homepage: https://www.escanav.com Software Link: https://cl.escanav.com/ewconsole.dll Version: 14.0.1400.2281 Tested on: Windows CVE : CVE-2023-31703 Step of...

9CVSS9.3AI score0.04475EPSS
Exploits4
Total number of security vulnerabilities47904