Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.211 views

Stackposts Social Marketing Tool v1.0 - SQL Injection

Exploit Title: Stackposts Social Marketing Tool v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/stackposts-social-marketing-tool/21747459 Demo Site: https://demo.stackposts.com Tested on: Kali Linux CVE: N/A Request POST /spmo/auth/login...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.234 views

ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)

Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image Authenticated Date: 2023-04-17 Exploit Author: Rahad Chowdhury Vendor Homepage: http://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM/releases/tag/4.5.4 Version: 4.5.4 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE:...

4.8CVSS5.2AI score0.01508EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.210 views

Quicklancer v1.0 - SQL Injection

Exploit Title: Quicklancer v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/quicklancer-freelance-marketplace-php-script/39087135 Demo Site: https://quicklancer.bylancer.com Tested on: Kali Linux CVE: N/A Request POST /php/user-ajax.php...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.218 views

Smart School v1.0 - SQL Injection

Exploit Title: Smart School v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/smart-school-school-management-system/19426018 Demo Site: https://demo.smart-school.in Tested on: Kali Linux CVE: N/A Request POST /course/filterRecords/ HTTP/1....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.488 views

GetSimple CMS v3.3.16 - Remote Code Execution (RCE)

Exploit Title: GetSimple CMS v3.3.16 - Remote Code Execution RCE Data: 18/5/2023 Exploit Author : Youssef Muhammad Vendor: Get-simple Software Link: Version app: 3.3.16 Tested on: linux CVE: CVE-2022-41544 import sys import hashlib import re import requests from xml.etree import ElementTree from...

9.8CVSS9.7AI score0.09442EPSS
Exploits12
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.197 views

LeadPro CRM v1.0 - SQL Injection

Exploit Title: LeadPro CRM v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/leadifly-lead-call-center-crm/43485578 Demo Site: https://demo.leadifly.in Tested on: Kali Linux CVE: N/A Request GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.368 views

CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)

Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS Cross-Site Scripting Date: 2023-02-02 Exploit Author: Andrea Intilangelo Vendor Homepage: https://civicrm.org Software Link: https://civicrm.org/download Version: 5.59.alpha1, 5.58.0 and earlier, 5.57.3 and earlier Tested on: Latest Version of Deskt...

5.4CVSS5.5AI score0.02537EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.231 views

FusionInvoice 2023-1.0 - Stored XSS (Cross-Site Scripting)

Exploit Title: FusionInvoice 2023-1.0 - Stored XSS Cross-Site Scripting Date: 2023-05-24 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.squarepiginteractive.com Software Link: https://www.fusioninvoice.com/store Version: 2023-1.0 Tested on: Latest Version of Desktop Web Browsers...

6.1CVSS6.4AI score0.02246EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.279 views

Bludit CMS v3.14.1 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Bludit CMS v3.14.1 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-04-15 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/releases/tag/3.14.1 Version: 3.14.1 Tested on: Windows 10, PHP 7.4.29, Apache...

5.4CVSS5.5AI score0.02586EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.210 views

MobileTrans 4.0.11 - Weak Service Privilege Escalation

Exploit Title :MobileTrans 4.0.11 - Weak Service Privilege Escalation Date: 20 May 2023 Exploit Author: Thurein Soe Vendor Homepage: https://mobiletrans.wondershare.com/ Software Link: https://mega.nz/file/0Et0ybRSl69LRlvwrwmqDfPGKlHaJ5LmbeKJuwH0xYKD8nSVg Version: MobileTrans version 4.0.11 Teste...

7.8CVSS7.8AI score0.00828EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.219 views

Screen SFT DAB 600/C - Authentication Bypass Erase Account

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Erase Account Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.217 views

Screen SFT DAB 600/C - Authentication Bypass Account Creation

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Account Creation Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.238 views

Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)

Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting XSS Date: 15 May 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://qloapps.com/ Software Link: https://github.com/webkul/hotelcommerce Version: 1.5.2 Tested on: Kali Linux 2022.4 CVE : CVE-2023-30256 Description: A Cross...

6.1CVSS6.3AI score0.08731EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.230 views

Screen SFT DAB 600/C - Authentication Bypass Admin Password Change

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Admin Password Change Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.330 views

PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE)

Exploit Title: PaperCut NG/MG 22.0.4 - Remote Code Execution RCE Date: 13 May 2023 Exploit Author: Mohin Paramasivam Shad0wQu35t and MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests import argparse Grouppayload =...

9.8CVSS9.8AI score0.99999EPSS
Exploits24
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.233 views

Trend Micro OfficeScan Client 10.0 - ACL Service LPE

Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Date: 2023/05/04 Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client"...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.230 views

PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting (XSS)

Exploit Title: PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting XSS Application: PodcastGenerator Version: v3.2.9 Bugs: Stored Xss Technology: PHP Vendor URL: https://podcastgenerator.net/ Software Link: https://github.com/PodcastGenerator/PodcastGenerator Date of found: 14-05-2023...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.198 views

WBiz Desk 1.2 - SQL Injection

Exploit Title: WBiz Desk 1.2 - SQL Injection Exploit Date: May 12, 2023. CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: WBiz Desk Application Version: 1.2 Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.301 views

WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup

Exploit Title: WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup Google Dork: intitle:"Index of /wp-content/plugins/backup-backup" AND inurl:"plugins/backup-backup/" Date: 2023-05-10 Exploit Author: Wadeek Vendor Homepage: https://backupbliss.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.427 views

Job Portal 1.0 - File Upload Restriction Bypass

/jobportal/applicant/ 2.- Select profile image and load a valid image. 3. Turn Burp/ZAP Intercept On 4. Select webshell - ex: shell.png 5. Alter request in the upload... Update 'filename' to desired extension. ex: shell.php Not neccesary change content type to 'image/png' Example exploitation...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.347 views

Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)

Exploit Title: Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting XSS Date: 27-06-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Version : 2.2...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.322 views

FLEX 1080 < 1085 Web 1.6.0 - Denial of Service

Exploit Title: FLEX 1080 1085 Web 1.6.0 - Denial of Service Date: 2023-05-06 Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested on: Android CVE ID: CVE-2022-2591 !/usr/bin/env python3 import request...

7.5CVSS7.7AI score0.0667EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.290 views

Epson Stylus SX510W Printer Remote Power Off - Denial of Service

Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2020-05-16 Vendor Homepage: https://www.epson.es/ Software Link : https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w Tested Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.360 views

RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: RockMongo 1.1.7 - Stored Cross-Site Scripting XSS Discovery by: Rafael Pedrero Discovery Date: 2020-09-19 Vendor Homepage: https://github.com/iwind/rockmongo/ Software Link : https://github.com/iwind/rockmongo/ Tested Version: 1.1.7 Tested on: Windows 7 and 10 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/13 12:0 a.m.321 views

TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)

Exploit Title: TinyWebGallery v2.5 - Stored Cross-Site Scripting XSS Application: TinyWebGallery Version: v2.5 Bugs: Stored Xss Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.542 views

pluck v4.7.18 - Stored Cross-Site Scripting (XSS)

Exploit Title: pluck v4.7.18 - Stored Cross-Site Scripting XSS Application: pluck Version: 4.7.18 Bugs: XSS Technology: PHP Vendor URL: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Date of found: 01-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.383 views

Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution

Exploit Title: Codigo Markdown Editor v1.0.1 Electron - Arbitrary Code Execution Date: 2023-05-03 Exploit Author: 8bitsec Vendor Homepage: https://alfonzm.github.io/codigo/ Software Link: https://github.com/alfonzm/codigo-app Version: 1.0.1 Tested on: Mac OS 13 Release Date:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.321 views

Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls

Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...

7.5CVSS7AI score0.21127EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.491 views

Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts Date: 28/04/2023 Exploit Author: Syslifters - Christoph Mahrl, Aron Molnar, Patrick Pirker and Michael Wedl Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47876 Introducti...

9.1CVSS9.1AI score0.07048EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.347 views

File Thingie 2.5.7 - Remote Code Execution (RCE)

!/usr/bin/python Exploit Title: File Thingie 2.5.7 - Arbitary File Upload to RCE Google Dork: N/A Date: 27th of April, 2023 Exploit Author: Maurice Fielenbach grimlockx - Hexastrike Cybersecurity UG haftungsbeschränkt Software Link: https://github.com/leefish/filethingie Version: 2.5.7 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.318 views

Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)

Exploit Title: Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting XSS Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: Stored Xss Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.198 views

Ulicms-2023.1-sniffing-vicuna - Privilege escalation

Exploit Title: Ulicms 2023.1 sniffing-vicuna - Privilege escalation Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: Privilege escalation Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.402 views

Online Pizza Ordering System v1.0 - Unauthenticated File Upload

Exploit Title: Online Pizza Ordering System 1.0 - Unauthenticated File Upload Date: 03/05/2023 Exploit Author: URGAN Vendor Homepage: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Link:...

9.8CVSS9.6AI score0.03624EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.360 views

EasyPHP Webserver 14.1 - Multiple Vulnerabilities (RCE and Path Traversal)

Exploit Title: EasyPHP Webserver 14.1 - Multiple Vulnerabilities RCE and Path Traversal Discovery by: Rafael Pedrero Discovery Date: 2022-02-06 Vendor Homepage: https://www.easyphp.org/ Software Link : https://www.easyphp.org/ Tested Version: 14.1 Tested on: Windows 7 and 10 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.364 views

Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks

Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880...

6.8CVSS5.4AI score0.02902EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.368 views

Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path

Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47878...

9.1CVSS7AI score0.35716EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.325 views

Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module

Exploit Title: Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE : CVE-2022-47877 Introduction...

9.6CVSS5.6AI score0.02631EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.331 views

Jedox 2022.4.2 - Code Execution via RPC Interfaces

Exploit Title: Jedox 2022.4.2 - Code Execution via RPC Interfaces Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47879 Introduction...

7.5CVSS7.6AI score0.06247EPSS
Exploits7
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.318 views

Cmaps v8.0 - SQL injection

Exploit Title: Cmaps v8.0 - SQL injection - Date: 27.04.2023 - Exploit Author: Lucas Noki 0xPrototype - Vendor Homepage: https://github.com/vogtmh - Software Link: https://github.com/vogtmh/cmaps - Version: 8.0 - Tested on: Mac, Windows, Linux - CVE : CVE-2023-29809 Description: The vulnerability...

9.8CVSS7AI score0.10514EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.377 views

Jedox 2022.4.2 - Remote Code Execution via Directory Traversal

Exploit Title: Jedox 2022.4.2 - Remote Code Execution via Directory Traversal Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47875 Introductio...

8.8CVSS8.9AI score0.1016EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.399 views

Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)

Exploit Title: Wolf CMS 0.8.3.1 - Remote Code Execution RCE Date: 2023-05-02 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wolf-cms.readthedocs.io Software Link: https://github.com/wolfcms/wolfcms Version: 0.8.3.1 Tested on: Kali Linux Steps to Reproduce Firstly, go to the "Files" ta...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.353 views

KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution (RCE)

Title: KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution RCE Author: nu11secur1ty Date: 04.30.2023 Vendor: https://kodcloud.com/ Software: https://github.com/kalcaddle/KodExplorer/releases/tag/4.51.03 Reference: https://portswigger.net/web-security/file-upload Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.347 views

Ulicms-2023.1 sniffing-vicuna - Remote Code Execution (RCE)

Exploit Title: Ulicms-2023.1 sniffing-vicuna - Remote Code Execution RCE Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: RCE Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link: https://www.ulicms.de/content/files/Releases/2023.1/ulicms-2023.1-sniffing-vicuna-full.zip Date o...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.275 views

PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting

Exploit Title: PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting XSS Google Dork: None Date: 4/26/2023 Exploit Author: Or4nG.M4n Vendor Homepage: https://github.com/jcwebhole Software Link: https://github.com/jcwebhole/phprestaurants Version: 1.0 functions.php function login...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.287 views

Companymaps v8.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Companymaps V8.0 - Stored Cross Site Scripting XSS Date: 27.04.2023 Exploit Author: Lucas Noki 0xPrototype Vendor Homepage: https://github.com/vogtmh Software Link: https://github.com/vogtmh/cmaps Version: 8.0 Tested on: Mac, Windows, Linux CVE : CVE-2023-29983 Steps to reproduce: ...

5.4CVSS5.5AI score0.05097EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.292 views

revive-adserver v5.4.1 - Cross-Site Scripting (XSS)

Exploit Title: revive-adserver v5.4.1 - Cross-Site Scripting XSS Application: revive-adserver Version: 5.4.1 Bugs: XSS Technology: PHP Vendor URL: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/ Date of found: 31-03-2023 Author: Mirabbas Ağalarov Tested o...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.319 views

projectSend r1605 - Private file download

Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.332 views

FS-S3900-24T4S - Privilege Escalation

Exploit Title: FS-S3900-24T4S Privilege Escalation Date: 29/04/2023 Exploit Author: Daniele Linguaglossa & Alberto Bruscino Vendor Homepage: https://www.fs.com/ Software Link: not available Version: latest Tested on: latest CVE : CVE-2023-30350 import sys import telnetlib def exploitargs: printar...

8.8CVSS9.1AI score0.05343EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.304 views

SoftExpert (SE) Suite v2.1.3 - Local File Inclusion

Exploit Title: SoftExpert SE Suite v2.1.3 - Local File Inclusion Date: 27-04-2023 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.softexpert.com/ Version: 2.0 target=$1 u=$2 p=$3 file=$echo -n "$4"|base64 -w 0 end="\0330m\e0m" red="\e0;31m\0331m" blue="\e0;34m\0331m" echo ...

9.8CVSS9.8AI score0.05877EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.283 views

admidio v4.2.5 - CSV Injection

Exploit Title: admidio v4.2.5 - CSV Injection Application: admidio Version: 4.2.5 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.admidio.org/ Software Link: https://www.admidio.org/download.php Date of found: 26.04.2023 Author: Mirabbas Ağalarov Tested on: Windows 2. Technical Detail...

7.4AI score
Exploits0
Total number of security vulnerabilities47904