Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2023/04/10 12:0 a.m.•288 views

Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing

Title: Microsoft-Edge-Chromium-based-Webview2-1.0.1661.34-Spoofing-Vulnerability Author: nu11secur1ty Date: 04.10.2023 Vendor: https://developer.microsoft.com/en-us/ Software: https://developer.microsoft.com/en-us/microsoft-edge/webview2/ Reference:...

8.2CVSS8.3AI score0.03525EPSS
Exploits2
Exploit DB
Exploit DB
•added 2023/04/10 12:0 a.m.•276 views

Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...

9.8CVSS9.7AI score0.04353EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•327 views

Microsoft Windows 11 - 'cmd.exe' Denial of Service

Exploit Title: Microsoft Windows 11 - 'cmd.exe' Denial of Service Exploit Author: Milad Karimi Ex3ptionaL Date: 2023-03-30 Vendor Homepage: https://www.microsoft.com/en-us Software Link: https://www.microsoft.com/en-us Tested Version: N/A Tested on OS: Windows 11 Pro About App Microsoft Windows i...

6.8AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•354 views

Icinga Web 2.10 - Arbitrary File Disclosure

!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Arbitrary File Disclosure Date: 2023-03-19 Exploit Author: Jacob Ebben Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2.10 Tested on: Icinga Web 2 Version 2.9.2 on Linux CVE:...

7.5CVSS7.7AI score0.89378EPSS
Exploits8
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•257 views

Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://security.paloaltonetworks.com/CVE-2022-0020 Version: 6.5.0 - 6.2.0 - 6.1.0 Tested on: relevant os CVE : CVE-2022-0020 Author Web: https://www.justsecnow.com Author Socia...

6.8CVSS5.7AI score0.01711EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•251 views

Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation

Exploit Title: Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit Author : TOUHAMI KASBAOUI Vendor Homepage : https://www.forcepoint.com/ Software: Stonesoft VPN Windows Version : 6.2.0 / 6.8.0 Tested on : Windows 10 CVE : N/A Description local privilege escalation vertical...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•243 views

Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://support.broadcom.com/external/content/SecurityAdvisories/0/21117 Version: 10.7.4-10.7.13 Tested on: relevant os CVE : CVE-2022-25630 Author Web:...

5.4CVSS5.6AI score0.01489EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•218 views

X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: X2CRM v6.6/6.9 - Reflected Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: model CVE: Use...

5.4CVSS5.6AI score0.01831EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•228 views

Online Appointment System V1.0 - Cross-Site Scripting (XSS)

Exploit Title: Online Appointment System V1.0 - Cross-Site Scripting XSS Date: 25/02/2023 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14502/online-appointment-system-php-full-source-code-2020.html Tested on: Window...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•323 views

RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution

Exploit Title: RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/RSANETWITNESSEDRAGENTINCORRECTACCESSCONTROLCVE-2022-47529.txt + twitter.com/hyp3rlinx...

6.7CVSS6.6AI score0.0157EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•279 views

Suprema BioStar 2 v2.8.16 - SQL Injection

Exploit Title: Suprema BioStar 2 v2.8.16 - SQL Injection Date: 26/03/2023 Exploit Author: Yuriy Vander Tsarenko https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/ Vendor Homepage: https://www.supremainc.com/ Software Link:...

6.5CVSS6.5AI score0.07496EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•259 views

Online-Pizza-Ordering -1.0 - Remote Code Execution (RCE)

Exploit Title: Online-Pizza-Ordering -1.0 - Remote Code Execution RCE Author: nu11secur1ty Date: 03.30.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•216 views

ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS)

Exploit Title: ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting XSS Date: 2023-03-30 CVE: CVE-2023-26692 Exploit Author: Abdulaziz Saad @b4zb0z Vendor Homepage: https://www.zcbs.nl Version: 4.14k Tested on: LAMP, Ubuntu Google Dork: inurl:objecten.pl?ident=3D --- Vulnerability : $GET'ident'...

6.1CVSS6.4AI score0.0269EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•279 views

Medicine Tracker System v1.0 - Sql Injection

Exploit Title: Medicine Tracker System v1.0 - Sql Injection Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-mts0.zip Version: V1.0.0 Tested on: Windows/Linux Proof of Concept: 1-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•239 views

ENTAB ERP 1.0 - Username PII leak

Exploit Title: ENTAB ERP 1.0 - Username PII leak Date: 17.05.2022 Exploit Author: Deb Prasad Banerjee Vendor Homepage: https://www.entab.in Version: Entab ERP 1.0 Tested on: Windows IIS CVE: CVE-2022-30076 Vulnerability Name: Broken Access control via Rate Limits Description: In the entab softwar...

5.3CVSS5.4AI score0.03543EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•227 views

ActFax 10.10 - Unquoted Path Services

Exploit Title: ActFax 10.10 - Unquoted Path Services Date: 22/03/2023 Exploit Author: Birkan ALHAN @taftss Vendor Homepage: https://www.actfax.com Software Link: https://www.actfax.com/en/download.html Version: Version 10.10, Build 0551 2023-02-01 Tested on: Windows 10 21H2 OS Build 19044.2728...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•395 views

Joomla! v4.2.8 - Unauthenticated information disclosure

!/usr/bin/env ruby Exploit Title: Joomla! v4.2.8 - Unauthenticated information disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2023-23752 Date: 2023-03-24 Vendor Homepage:...

5.3CVSS5.9AI score0.99827EPSS
Exploits43
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•250 views

WebsiteBaker v2.13.3 - Cross-Site Scripting (XSS)

Exploit Title: WebsiteBaker v2.13.3 - Cross-Site Scripting XSS Application: WebsiteBaker Version: 2.13.3 Bugs: Stored XSS Technology: PHP Vendor URL: https://websitebaker.org/pages/en/home.php Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Date of found: 02.04.2023 Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•251 views

X2CRM v6.6/6.9 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: X2CRM v6.6/6.9 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: Actionssubject CVE:...

5.4CVSS5.6AI score0.01831EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•300 views

pfsenseCE v2.6.0 - Anti-brute force protection bypass

!/usr/bin/python3 Exploit Title: pfsenseCE v2.6.0 - Anti-brute force protection bypass Google Dork: intitle:"pfSense - Login" Date: 2023-04-07 Exploit Author: FabDotNET Fabien MAISONNETTE Vendor Homepage: https://www.pfsense.org/ Software Link:...

9.8CVSS9.7AI score0.09844EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•455 views

Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)

Exploit Title: Microsoft Excel 365 MSO Version 2302 Build 16.0.16130.20186 64-bit - Remote Code Execution RCE Exploit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...

7.8CVSS7.8AI score0.02532EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•271 views

Lucee Scheduled Job v1.0 - Command Execution

Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Date: 3-23-2012 Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref ...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•273 views

Restaurant Management System 1.0 - SQL Injection

Exploit Title: Restaurant Management System 1.0 - SQL Injection Date: 2023-03-20 Exploit Author: calfcrusher [email protected] Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•280 views

Adobe Connect 11.4.5 - Local File Disclosure

Title: Adobe Connect 11.4.5 - Local File Disclosure Author: h4shur date:2021.01.16-2023.02.17 CVE: CVE-2023-22232 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 11.4.5 and earlier, 12.1.5 and earlier User interaction: None Tested...

5.3CVSS5.3AI score0.81875EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•428 views

dotclear 2.25.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•228 views

ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path

Exploit Title: ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2023-04-05 Vendor : https://www.eset.com Version : 16.0.26.0 Tested on OS: Microsoft Windows 11 pro x64 PoC : ============== C:\sc qc ekrn SC QueryServiceConfig SUCCE...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•354 views

Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution RCE Unauthenticated Author: dwbzn Date: 2022-04-04 Vendor: https://www.hitachivantara.com/ Software Link: https://www.hitachivantara.com/en-us/products/lumada-dataops/data-integration-analytics/download-pentaho.html Version:...

9.8CVSS8.4AI score0.9767EPSS
Exploits7
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•258 views

FortiRecorder 6.4.3 - Denial of Service

Exploit Title: FortiRecorder 6.4.3 - Denial of Service Google Dork: N/A Date: 13/03/2023 Exploit Author: Mohammed Adel Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/network-based-video-security/forticam-fortirecorder Version: 6.4.3 and below && 6.0.11...

7.5CVSS7.6AI score0.0723EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•261 views

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

9.8CVSS9.8AI score0.85332EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•330 views

Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE)

// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...

7.2CVSS7.4AI score0.99999EPSS
Exploits12
Exploit DB
Exploit DB
•added 2023/04/08 12:0 a.m.•243 views

Google Chrome 109.0.5414.74 - Code Execution via missing lib file (Ubuntu)

Exploit Title: Google Chrome 109.0.5414.74 - Code Execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•234 views

Rukovoditel 3.3.1 - Remote Code Execution (RCE)

Exploit Title: Rukovoditel 3.3.1 - Remote Code Execution RCE Version: 3.3.1 Bugs: rce via jpeg file upload Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 12-03-2023 Author: Mirabbas AÄźalarov Tested on: Linux 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•215 views

ChurchCRM 4.5.1 - Authenticated SQL Injection

Exploit Title: ChurchCRM 4.5.1 - Authenticated SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Version: 4.5.1...

6.7AI score
Exploits5
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•226 views

Schneider Electric v1.0 - Directory traversal & Broken Authentication

Exploit Title: Schneider Electric v1.0 - Directory traversal & Broken Authentication Google Dork: inurl:/scada-vis Date: 3/11/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: https://www.se.com/ Version: all-versions Tested on: Windows/Linux/Android Attacker can using these dorks and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•238 views

NotrinosERP 0.7 - Authenticated Blind SQL Injection

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...

8.8CVSS7AI score0.03088EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•223 views

Wondershare Dr Fone 12.9.6 - Privilege Escalation

Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Date: 14 March 2023 Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window ...

7.8CVSS7.7AI score0.01016EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•202 views

Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing

!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Date: 09/03/2023 Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...

9.6CVSS7.3AI score0.35005EPSS
Exploits4
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•171 views

MAC 1200R - Directory Traversal

Exploit Title: MAC 1200R - Directory Traversal Google Dork: "MAC1200R" && port="8888" Date: 2023/03/09 Exploit Author: Chunlei Shang, Jiangsu Public Information Co., Ltd. Vendor Homepage: https://www.mercurycom.com.cn/ Software Link: https://www.mercurycom.com.cn/product-1-1.html Version: all...

7.5CVSS7.7AI score0.078EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•199 views

Docker based datastores for IBM Instana 241-2 243-0 - No Authentication

Exploit Title: Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Google Dork: if applicable Date: 06 March 2023 Exploit Author: Shahid Parvez zippon Vendor Homepage: https://www.instana.com/trial/ and https://www.ibm.com/docs/en/instana-observability Software Link:...

9.1CVSS9.4AI score0.08573EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•183 views

Franklin Fueling Systems TS-550 - Exploit and Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Exploit and Default Password Date: 3/11/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•172 views

Snitz Forum v1.0 - Blind SQL Injection

Exploit Title: Snitz Forum v1.0 - Blind SQL Injection Date: 13/03/2023 Exploit Author: Emiliano Febbi Vendor Homepage: https://forum.snitz.com/ Software Link: https://sourceforge.net/projects/sf2k/files/ Version: ALL VERSION Tested on: Windows 10 code . . / ///I . / // 0day PoC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/07 12:0 a.m.•227 views

IBM Aspera Faspex 4.4.1 - YAML deserialization (RCE)

Exploit Title: IBM Aspera Faspex 4.4.1 - YAML deserialization RCE Date: 02/02/2023 Exploit Author: Maurice Lambert Vendor Homepage: https://www.ibm.com/ Software Link: https://www.ibm.com/docs/en/aspera-faspex/5.0?topic=welcome-faspex Version: 4.4.1 Tested on: Linux CVE : CVE-2022-47986 """ This...

9.8CVSS9.8AI score0.99968EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•281 views

WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated RCE

Exploit Title: WIMAX SWC-5100W Firmware V1.11.0.1 :1.9.9.4 - Authenticated RCE Vulnerability Name: Ballin' Mada Date: 4/3/2023 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.seowonintech.co.kr/eng/main Version: Bootloader1.18.19.0 , HW 0.0.7.0, FW1.11.0.1 : 1.9.9.4 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•282 views

atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE

Exploit Title: atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Date: 02.16.2023 Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•306 views

Best pos Management System v1.0 - SQL Injection

Exploit Title: Best pos Management System v1.0 - SQL Injection Google Dork: NA Date: 14/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•260 views

Intern Record System v1.0 - SQL Injection (Unauthenticated)

Exploit Title: Intern Record System v1.0 - SQL Injection Unauthenticated Date: 2022-06-09 Exploit Author: Hamdi Sevben Vendor Homepage: https://code-projects.org/intern-record-system-in-php-with-source-code/ Software Link:...

9.8CVSS9.7AI score0.05348EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•339 views

Dompdf 1.2.1 - Remote Code Execution (RCE)

!/usr/bin/python3 Exploit Title: Dompdf 1.2.1 - Remote Code Execution RCE Date: 16 February 2023 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://dompdf.github.io/ Software Link: https://github.com/dompdf/dompdf Version: 1.2.1 Tested on: Kali linux CVE : CVE-2022-28368 Gith...

9.8CVSS9.6AI score0.82438EPSS
Exploits8
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•264 views

Art Gallery Management System Project in PHP v 1.0 - SQL injection

Exploit Title: Art Gallery Management System Project in PHP v 1.0 - SQL injection Date: 31-01-2023 Exploit Author: Yogesh Verma Vendor Homepage: https://y0gesh-verma.github.io/ Software Link: https://phpgurukul.com/art-gallery-management-system-using-php-and-mysql/,...

9.8CVSS9.7AI score0.03684EPSS
Exploits3
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•297 views

Auto Dealer Management System v1.0 - SQL Injection

Exploit Title: Auto Dealer Management System v1.0 - SQL Injection Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Version: v 1.0 Tested...

8.8CVSS8.9AI score0.01635EPSS
Exploits5
Exploit DB
Exploit DB
•added 2023/04/06 12:0 a.m.•281 views

Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS

Exploit Title: Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...

7.4AI score
Exploits0
Total number of security vulnerabilities47904