Exploitdb - Page 25 of Exploitdb Vulnerabilities List

ExploitdbRecent

47884 matches found

Exploit DB•added 2023/04/20 12:0 a.m.•328 views

Piwigo 13.6.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Piwigo 13.6.0 - Stored Cross-Site Scripting XSS Application: Piwigo Version: 13.6.0 Bugs: Stored XSS Technology: PHP Vendor URL: https://piwigo.org/ Software Link: https://piwigo.org/get-piwigo Date of found: 18.04.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Detail...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•446 views

Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information

Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Date: 14 April, 2023 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py...

4.3CVSS5.6AI score0.8042EPSS

Exploits4

Exploit DB•added 2023/04/20 12:0 a.m.•400 views

Chitor-CMS v1.1.2 - Pre-Auth SQL Injection

!/usr/bin/python3 Exploit Title: Chitor-CMS v1.1.2 - Pre-Auth SQL Injection Date: 2023/04/13 ExploitAuthor: msd0pe Project: https://github.com/waqaskanju/Chitor-CMS My Github: https://github.com/msd0pe-1 Patched the 2023/04/16: 69d3442 commit description = 'Chitor-CMS 1.1.2 Pre-Auth SQL Injection...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•335 views

ProjeQtOr Project Management System 10.3.2 - Remote Code Execution (RCE)

Exploit Title: ProjeQtOr Project Management System 10.3.2 -Remote Code Execution RCE Application: ProjeQtOr Project Management System Version: 10.3.2 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://www.projeqtor.org Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•371 views

GDidees CMS 3.9.1 - Local File Disclosure

Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 an...

7.5CVSS7.6AI score0.86899EPSS

Exploits4

Exploit DB•added 2023/04/20 12:0 a.m.•333 views

Serendipity 2.4.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Serendipity 2.4.0 - Remote Code Execution RCE Authenticated Application: Serendipity Version: 2.4.0 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•468 views

Franklin Fueling Systems TS-550 - Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Default Password Date: 4/16/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks and access to...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•375 views

Bang Resto v1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip...

4.8CVSS5.2AI score0.01415EPSS

Exploits4

Exploit DB•added 2023/04/20 12:0 a.m.•411 views

Linux Kernel 6.2 - Userspace Processes To Enable Mitigation

Exploit Title: Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit Author: nu11secur1ty CVE ID: CVE-2023-1998 Description Summary The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as...

5.6CVSS7.1AI score0.00113EPSS

Exploits3

Exploit DB•added 2023/04/20 12:0 a.m.•333 views

Bang Resto v1.0 - 'Multiple' SQL Injection

Exploit Title: Bang Resto v1.0 - 'Multiple' SQL Injection Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip Version: 1.0...

8.8CVSS8.9AI score0.0172EPSS

Exploits4

Exploit DB•added 2023/04/20 12:0 a.m.•360 views

Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution (RCE)

!/usr/bin/env python """ Exploit Title: Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution RCE Google Dork: N/A Date: 2023-04-13 Exploit Author: max / Zoltan Padanyi Vendor Homepage: https://exchange.nagios.org/directory/Addons/Configuration/Lilac-2DReloaded/visit Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•330 views

Serendipity 2.4.0 - Cross-Site Scripting (XSS)

Exploit Title: Serendipity 2.4.0 - Cross-Site Scripting XSS Author: Mirabbas Ağalarov Application: Serendipity Version: 2.4.0 Bugs: Stored XSS Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found: 13.04.2023 Tested on: Linux 2. Technic...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•339 views

FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...

7.4AI score

Exploits0

Exploit DB•added 2023/04/20 12:0 a.m.•416 views

AspEmail v5.6.0.2 - Local Privilege Escalation

Exploit Title: AspEmail 5.6.0.2 - Local Privilege Escalation Vulnerability Category: Weak Services Permission - Binary Permission Vulnerability Date: 13/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: https://www.aspemail.com Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•379 views

Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX...

7AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•317 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•283 views

Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08 EXC1000GX 2.07...

7AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•429 views

Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Exploit Title: Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash macOS Exploit Author: LiquidWorm Vendor: Google LLC Product web page: https://www.google.com Affected version: 111.0.5563.64 Official Build x8664 110.0.5481.100 Official Build x8664 108.0.5359.124 Official...

7AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•301 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3 FPGA:10....

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•304 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•271 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit Exploit Author: LiquidWorm Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass Exploit Vendor: Sielco S.r.l Product web page: https://www.sielco.org...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•411 views

Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking

Exploit Title: Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•307 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•367 views

Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery Exploit Author: LiquidWorm Sielco Analog FM Transmitter 2.12 Cross-Site Request Forgery Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10...

7.4AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•368 views

Bludit 4.0.0-rc-2 - Account takeover

Exploit Title: Bludit 4.0.0-rc-2 - Account takeover Author: nu11secur1ty Date: 04.11.2013 Vendor: https://www.bludit.com/ Software: https://github.com/bludit/bludit/releases/tag/4.0.0-rc-2 Reference: https://www.cloudflare.com/learning/access-management/account-takeover/ Reference:...

7AI score

Exploits0

Exploit DB•added 2023/04/14 12:0 a.m.•501 views

InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal

Exploit Title: InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal Date: 11/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: innovastudio.com Product: Asset Manager Version: = Asset Manager ASP Version 5.4 Tested on: Windows 10 and Windows...

7AI score

Exploits0

Exploit DB•added 2023/04/10 12:0 a.m.•365 views

Roxy Fileman 1.4.5 - Arbitrary File Upload

Exploit Title: Roxy Fileman 1.4.5 - Arbitrary File Upload Date: 09/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20190317053437/http://roxyfileman.com/download.php?f=1.4.5-net Version: = 1.4.5 Tested on: Window...

7.4AI score

Exploits0

Exploit DB•added 2023/04/10 12:0 a.m.•244 views

Paradox Security Systems IPR512 - Denial Of Service

!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...

7.5CVSS7.6AI score0.34976EPSS

Exploits9

Exploit DB•added 2023/04/10 12:0 a.m.•281 views

Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing

Title: Microsoft-Edge-Chromium-based-Webview2-1.0.1661.34-Spoofing-Vulnerability Author: nu11secur1ty Date: 04.10.2023 Vendor: https://developer.microsoft.com/en-us/ Software: https://developer.microsoft.com/en-us/microsoft-edge/webview2/ Reference:...

8.2CVSS8.3AI score0.17038EPSS

Exploits2

Exploit DB•added 2023/04/10 12:0 a.m.•270 views

Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...

9.8CVSS9.7AI score0.03977EPSS

Exploits4

Exploit DB•added 2023/04/10 12:0 a.m.•247 views

BrainyCP V1.0 - Remote Code Execution

Exploit Title: BrainyCP V1.0 - Remote Code Execution Date: 2023-04-03 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://brainycp.io Demo: https://demo.brainycp.io Tested on: Kali Linux CVE : N/A import requests credentials url = input"URL: " username = input"Username: " password =...

7.4AI score

Exploits0

Exploit DB•added 2023/04/10 12:0 a.m.•281 views

ever gauzy v0.281.9 - JWT weak HMAC secret

Exploit Title: ever gauzy v0.281.9 - JWT weak HMAC secret Author: nu11secur1ty Date: 04.08.2023 Vendor: https://gauzy.co/ Software: https://github.com/ever-co/ever-gauzy/releases/tag/v0.281.9 Reference: https://portswigger.net/kb/issues/00200903jwt-weak-hmac-secret Description: It was, detected a...

7AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•214 views

ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS)

Exploit Title: ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting XSS Date: 2023-03-30 CVE: CVE-2023-26692 Exploit Author: Abdulaziz Saad @b4zb0z Vendor Homepage: https://www.zcbs.nl Version: 4.14k Tested on: LAMP, Ubuntu Google Dork: inurl:objecten.pl?ident=3D --- Vulnerability : $GET'ident'...

6.1CVSS6.4AI score0.02221EPSS

Exploits5

Exploit DB•added 2023/04/08 12:0 a.m.•252 views

Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://security.paloaltonetworks.com/CVE-2022-0020 Version: 6.5.0 - 6.2.0 - 6.1.0 Tested on: relevant os CVE : CVE-2022-0020 Author Web: https://www.justsecnow.com Author Socia...

6.8CVSS5.7AI score0.00999EPSS

Exploits3

Exploit DB•added 2023/04/08 12:0 a.m.•317 views

Microsoft Windows 11 - 'cmd.exe' Denial of Service

Exploit Title: Microsoft Windows 11 - 'cmd.exe' Denial of Service Exploit Author: Milad Karimi Ex3ptionaL Date: 2023-03-30 Vendor Homepage: https://www.microsoft.com/en-us Software Link: https://www.microsoft.com/en-us Tested Version: N/A Tested on OS: Windows 11 Pro About App Microsoft Windows i...

6.8AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•244 views

WebsiteBaker v2.13.3 - Cross-Site Scripting (XSS)

Exploit Title: WebsiteBaker v2.13.3 - Cross-Site Scripting XSS Application: WebsiteBaker Version: 2.13.3 Bugs: Stored XSS Technology: PHP Vendor URL: https://websitebaker.org/pages/en/home.php Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Date of found: 02.04.2023 Author:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•425 views

dotclear 2.25.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•317 views

RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution

Exploit Title: RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/RSANETWITNESSEDRAGENTINCORRECTACCESSCONTROLCVE-2022-47529.txt + twitter.com/hyp3rlinx...

6.7CVSS6.6AI score0.03655EPSS

Exploits5

Exploit DB•added 2023/04/08 12:0 a.m.•226 views

Online Appointment System V1.0 - Cross-Site Scripting (XSS)

Exploit Title: Online Appointment System V1.0 - Cross-Site Scripting XSS Date: 25/02/2023 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14502/online-appointment-system-php-full-source-code-2020.html Tested on: Window...

7AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•272 views

pfsenseCE v2.6.0 - Anti-brute force protection bypass

!/usr/bin/python3 Exploit Title: pfsenseCE v2.6.0 - Anti-brute force protection bypass Google Dork: intitle:"pfSense - Login" Date: 2023-04-07 Exploit Author: FabDotNET Fabien MAISONNETTE Vendor Homepage: https://www.pfsense.org/ Software Link:...

9.8CVSS9.7AI score0.03048EPSS

Exploits5

Exploit DB•added 2023/04/08 12:0 a.m.•216 views

X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: X2CRM v6.6/6.9 - Reflected Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: model CVE: Use...

5.4CVSS5.6AI score0.02523EPSS

Exploits4

Exploit DB•added 2023/04/08 12:0 a.m.•272 views

Medicine Tracker System v1.0 - Sql Injection

Exploit Title: Medicine Tracker System v1.0 - Sql Injection Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-mts0.zip Version: V1.0.0 Tested on: Windows/Linux Proof of Concept: 1-...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•274 views

Suprema BioStar 2 v2.8.16 - SQL Injection

Exploit Title: Suprema BioStar 2 v2.8.16 - SQL Injection Date: 26/03/2023 Exploit Author: Yuriy Vander Tsarenko https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/ Vendor Homepage: https://www.supremainc.com/ Software Link:...

6.5CVSS6.5AI score0.00575EPSS

Exploits4

Exploit DB•added 2023/04/08 12:0 a.m.•277 views

Adobe Connect 11.4.5 - Local File Disclosure

Title: Adobe Connect 11.4.5 - Local File Disclosure Author: h4shur date:2021.01.16-2023.02.17 CVE: CVE-2023-22232 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 11.4.5 and earlier, 12.1.5 and earlier User interaction: None Tested...

5.3CVSS5.3AI score0.84273EPSS

Exploits4

Exploit DB•added 2023/04/08 12:0 a.m.•346 views

Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution RCE Unauthenticated Author: dwbzn Date: 2022-04-04 Vendor: https://www.hitachivantara.com/ Software Link: https://www.hitachivantara.com/en-us/products/lumada-dataops/data-integration-analytics/download-pentaho.html Version:...

9.8CVSS8.4AI score0.93976EPSS

Exploits7

Exploit DB•added 2023/04/08 12:0 a.m.•226 views

ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path

Exploit Title: ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2023-04-05 Vendor : https://www.eset.com Version : 16.0.26.0 Tested on OS: Microsoft Windows 11 pro x64 PoC : ============== C:\sc qc ekrn SC QueryServiceConfig SUCCE...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•233 views

ENTAB ERP 1.0 - Username PII leak

Exploit Title: ENTAB ERP 1.0 - Username PII leak Date: 17.05.2022 Exploit Author: Deb Prasad Banerjee Vendor Homepage: https://www.entab.in Version: Entab ERP 1.0 Tested on: Windows IIS CVE: CVE-2022-30076 Vulnerability Name: Broken Access control via Rate Limits Description: In the entab softwar...

5.3CVSS5.4AI score0.12834EPSS

Exploits4

Exploit DB•added 2023/04/08 12:0 a.m.•271 views

Restaurant Management System 1.0 - SQL Injection

Exploit Title: Restaurant Management System 1.0 - SQL Injection Date: 2023-03-20 Exploit Author: calfcrusher [email protected] Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: 1.0...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•254 views

FortiRecorder 6.4.3 - Denial of Service

Exploit Title: FortiRecorder 6.4.3 - Denial of Service Google Dork: N/A Date: 13/03/2023 Exploit Author: Mohammed Adel Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/network-based-video-security/forticam-fortirecorder Version: 6.4.3 and below && 6.0.11...

7.5CVSS7.6AI score0.19148EPSS

Exploits3

Exploit DB•added 2023/04/08 12:0 a.m.•235 views

Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://support.broadcom.com/external/content/SecurityAdvisories/0/21117 Version: 10.7.4-10.7.13 Tested on: relevant os CVE : CVE-2022-25630 Author Web:...

5.4CVSS5.6AI score0.01879EPSS

Exploits3

Total number of security vulnerabilities47884