Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.248 views

phpMyFAQ v3.1.12 - CSV Injection

Exploit Title: phpMyFAQ v3.1.12 - CSV Injection Application: phpMyFAQ Version: 3.1.12 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.phpmyfaq.de/ Software Link: https://download.phpmyfaq.de/phpMyFAQ-3.1.12.zip Date of found: 21.04.2023 Author: Mirabbas Ağalarov Tested on: Windows 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.295 views

PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS)

Exploit Title: PHPFusion 9.10.30 - Stored Cross-Site Scripting XSS Application: PHPFusion Version: 9.10.30 Bugs: XSS Technology: PHP Vendor URL: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/ Date of found: 28-04-2023 Author: Mirabbas Ağalarov...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.257 views

PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.261 views

OpenEMR v7.0.1 - Authentication credentials brute force

Exploit Title: OpenEMR v7.0.1 - Authentication credentials brute force Date: 2023-04-28 Exploit Author: abhhi Abhishek Birdawade Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v701.tar.gz Version: 7.0.1 Tested on: Windows ''' Example...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.340 views

PHPJabbers Simple CMS 5.0 - SQL Injection

Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.271 views

GLPI 9.5.7 - Username Enumeration

Exploit Title: GLPI 9.5.7 - Username Enumeration Date: 04/29/2023 Author: Rafael B. Vendor Homepage: https://glpi-project.org/pt-br/ Affected Versions: GLPI version 9.1 = 9.5.7 Software: https://github.com/glpi-project/glpi/releases/download/9.5.7/glpi-9.5.7.tgz import requests from bs4 import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.297 views

Advanced Host Monitor v12.56 - Unquoted Service Path

Exploit Title: Advanced Host Monitor v12.56 - Unquoted Service Path Date: 2023-04-23 CVE: CVE-2023-2417 Exploit Author: MrEmpy Vendor Homepage: https://www.ks-soft.net Software Link: https://www.ks-soft.net/hostmon.eng/downpage.htm Version: 12.56 Tested on: Windows 10 21H2 Title: ================...

7.8CVSS7.8AI score0.00334EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.284 views

Serendipity 2.4.0 - File Inclusion RCE

Exploit Title: Serendipity 2.4.0 - File Inclusion RCE Author: nu11secur1ty Date: 04.26.2023 Vendor: https://docs.s9y.org/index.html Software: https://github.com/s9y/Serendipity/releases/tag/2.4.0 Reference: https://portswigger.net/web-security/file-upload Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.491 views

MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control

Exploit Title: MilleGPG5 5.9.2 Gennaio 2023 - Local Privilege Escalation / Incorrect Access Control Date: 2023-04-28 Exploit Author: Andrea Intilangelo Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it - https://millewin.it/prodotti/governo-clinico-3/ Software Link:...

7.8CVSS7.9AI score0.02094EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/27 12:0 a.m.422 views

ChurchCRM v4.5.3 - Authenticated SQL Injection

Exploit Title: ChurchCRM 4.5.3 - Authenticated SQL Injection Date: 27-04-2023 Exploit Author: Iyaad Luqman K Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Tested Version: 4.5.1 Tested on: Windows, Linux CVE: CVE-2023-24685 ChurchCRM v4.5.3 and belo...

7.2CVSS7AI score0.01023EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.505 views

PaperCut NG/MG 22.0.4 - Authentication Bypass

Exploit Title: PaperCut NG/MG 22.0.4 - Authentication Bypass Date: 21 April 2023 Exploit Author: MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests from bs4 import BeautifulSoup import re def vulnversion: ip = input"Ent...

9.8CVSS9.6AI score0.99999EPSS
Exploits24
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.474 views

Wondershare Filmora 12.2.9.2233 - Unquoted Service Path

Exploit Title: Wondershare Filmora 12.2.9.2233 - Unquoted Service Path Date: 2023/04/23 Exploit Author: msd0pe Vendor Homepage: https://www.wondershare.com My Github: https://github.com/msd0pe-1 Wondershare Filmora: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.305 views

OCS Inventory NG 2.3.0.0 - Unquoted Service Path

Exploit Title: OCS Inventory NG 2.3.0.0 - Unquoted Service Path Date: 2023/04/21 Exploit Author: msd0pe Vendor Homepage: https://oscinventory-ng.org Software Link: https://github.com/OCSInventory-NG/WindowsAgent My Github: https://github.com/msd0pe-1 Fixed in version 2.3.1.0 OCS Inventory NG...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.304 views

Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path

Exploit Title: Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path Date: 2023/04/22 Exploit Author: msd0pe Vendor Homepage: https://www.arcsoft.com/ My Github: https://github.com/msd0pe-1 Arcsoft PhotoStudio: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto |...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.289 views

Mars Stealer 8.3 - Admin Account Takeover

Exploit Title: Mars Stealer 8.3 - Admin Account Takeover Product: Mars Stelaer Technology: PHP Version: 8.3 Google Dork: N/A Date: 20.04.2023 Tested on: Linux Author: Sköll - twitter.com/skoll import argparse import requests parser = argparse.ArgumentParserdescription='Mars Stealer Account Takeov...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.307 views

Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution

Exploit Title: Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution RCE Date: 4/23/2023 Author: Or4nG.M4n Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.336 views

KodExplorer 4.49 - CSRF to Arbitrary File Upload

Exploit Title: KodExplorer | | | | | | | / | | |\ \ | /| | | //|/ //\ ./||/|| || | | // | | || KODExplorer = v4.49 Remote Code Executon Coded by MrEmpy ''' def httpd: port = 8080 httpddir = os.path.joinos.path.dirnamefile, 'http' os.chdirhttpddir Handler =...

8.8CVSS8.8AI score0.02666EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.321 views

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

9.8CVSS9.8AI score0.99999EPSS
Exploits10
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.374 views

GDidees CMS 3.9.1 - Local File Disclosure

Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 an...

7.5CVSS7.6AI score0.60793EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.332 views

Piwigo 13.6.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Piwigo 13.6.0 - Stored Cross-Site Scripting XSS Application: Piwigo Version: 13.6.0 Bugs: Stored XSS Technology: PHP Vendor URL: https://piwigo.org/ Software Link: https://piwigo.org/get-piwigo Date of found: 18.04.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.457 views

Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information

Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Date: 14 April, 2023 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py...

4.3CVSS5.6AI score0.42326EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.341 views

FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.424 views

AspEmail v5.6.0.2 - Local Privilege Escalation

Exploit Title: AspEmail 5.6.0.2 - Local Privilege Escalation Vulnerability Category: Weak Services Permission - Binary Permission Vulnerability Date: 13/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: https://www.aspemail.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.474 views

Franklin Fueling Systems TS-550 - Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Default Password Date: 4/16/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks and access to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.339 views

ProjeQtOr Project Management System 10.3.2 - Remote Code Execution (RCE)

Exploit Title: ProjeQtOr Project Management System 10.3.2 -Remote Code Execution RCE Application: ProjeQtOr Project Management System Version: 10.3.2 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://www.projeqtor.org Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.380 views

Bang Resto v1.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip...

4.8CVSS5.2AI score0.01926EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.331 views

File Replication Pro 7.5.0 - Privilege Escalation/Password reset due Incorrect Access Control

Exploit Title: File Replication Pro 7.5.0 - Privilege Escalation/Password reset due Incorrect Access Control Date: 2023-04-13 Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.diasoft.net - https://www.filereplicationpro.com Software Link:...

9.8CVSS9.7AI score0.06051EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.332 views

Serendipity 2.4.0 - Cross-Site Scripting (XSS)

Exploit Title: Serendipity 2.4.0 - Cross-Site Scripting XSS Author: Mirabbas Ağalarov Application: Serendipity Version: 2.4.0 Bugs: Stored XSS Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found: 13.04.2023 Tested on: Linux 2. Technic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.340 views

Serendipity 2.4.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Serendipity 2.4.0 - Remote Code Execution RCE Authenticated Application: Serendipity Version: 2.4.0 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.334 views

Bang Resto v1.0 - 'Multiple' SQL Injection

Exploit Title: Bang Resto v1.0 - 'Multiple' SQL Injection Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip Version: 1.0...

8.8CVSS8.9AI score0.03165EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.366 views

Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution (RCE)

!/usr/bin/env python """ Exploit Title: Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution RCE Google Dork: N/A Date: 2023-04-13 Exploit Author: max / Zoltan Padanyi Vendor Homepage: https://exchange.nagios.org/directory/Addons/Configuration/Lilac-2DReloaded/visit Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.414 views

Linux Kernel 6.2 - Userspace Processes To Enable Mitigation

Exploit Title: Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit Author: nu11secur1ty CVE ID: CVE-2023-1998 Description Summary The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as...

5.6CVSS7.1AI score0.01377EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.404 views

Chitor-CMS v1.1.2 - Pre-Auth SQL Injection

!/usr/bin/python3 Exploit Title: Chitor-CMS v1.1.2 - Pre-Auth SQL Injection Date: 2023/04/13 ExploitAuthor: msd0pe Project: https://github.com/waqaskanju/Chitor-CMS My Github: https://github.com/msd0pe-1 Patched the 2023/04/16: 69d3442 commit description = 'Chitor-CMS 1.1.2 Pre-Auth SQL Injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.465 views

Microsoft Word 16.72.23040900 - Remote Code Execution (RCE)

Exploit Title: Microsoft Word 16.72.23040900 - Remote Code Execution RCE Author: nu11secur1ty Date: 04.14.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/word?activetab=tabs%3afaqheaderregion3 Reference:...

7.8CVSS7.8AI score0.02719EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.385 views

Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.289 views

Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08 EXC1000GX 2.07...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.509 views

InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal

Exploit Title: InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal Date: 11/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: innovastudio.com Product: Asset Manager Version: = Asset Manager ASP Version 5.4 Tested on: Windows 10 and Windows...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.369 views

Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery Exploit Author: LiquidWorm Sielco Analog FM Transmitter 2.12 Cross-Site Request Forgery Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.445 views

Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Exploit Title: Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash macOS Exploit Author: LiquidWorm Vendor: Google LLC Product web page: https://www.google.com Affected version: 111.0.5563.64 Official Build x8664 110.0.5481.100 Official Build x8664 108.0.5359.124 Official...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.275 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit Exploit Author: LiquidWorm Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass Exploit Vendor: Sielco S.r.l Product web page: https://www.sielco.org...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.310 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.320 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.306 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.305 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3 FPGA:10....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.417 views

Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking

Exploit Title: Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/14 12:0 a.m.376 views

Bludit 4.0.0-rc-2 - Account takeover

Exploit Title: Bludit 4.0.0-rc-2 - Account takeover Author: nu11secur1ty Date: 04.11.2013 Vendor: https://www.bludit.com/ Software: https://github.com/bludit/bludit/releases/tag/4.0.0-rc-2 Reference: https://www.cloudflare.com/learning/access-management/account-takeover/ Reference:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.286 views

ever gauzy v0.281.9 - JWT weak HMAC secret

Exploit Title: ever gauzy v0.281.9 - JWT weak HMAC secret Author: nu11secur1ty Date: 04.08.2023 Vendor: https://gauzy.co/ Software: https://github.com/ever-co/ever-gauzy/releases/tag/v0.281.9 Reference: https://portswigger.net/kb/issues/00200903jwt-weak-hmac-secret Description: It was, detected a...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.376 views

Roxy Fileman 1.4.5 - Arbitrary File Upload

Exploit Title: Roxy Fileman 1.4.5 - Arbitrary File Upload Date: 09/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20190317053437/http://roxyfileman.com/download.php?f=1.4.5-net Version: = 1.4.5 Tested on: Window...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.251 views

BrainyCP V1.0 - Remote Code Execution

Exploit Title: BrainyCP V1.0 - Remote Code Execution Date: 2023-04-03 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://brainycp.io Demo: https://demo.brainycp.io Tested on: Kali Linux CVE : N/A import requests credentials url = input"URL: " username = input"Username: " password =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.245 views

Paradox Security Systems IPR512 - Denial Of Service

!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...

7.5CVSS7.6AI score0.44171EPSS
Exploits9
Total number of security vulnerabilities47904