Exploitdb - Page 26 of Exploitdb Vulnerabilities List

ExploitdbRecent

47884 matches found

Exploit DB•added 2023/04/08 12:0 a.m.•271 views

Restaurant Management System 1.0 - SQL Injection

Exploit Title: Restaurant Management System 1.0 - SQL Injection Date: 2023-03-20 Exploit Author: calfcrusher [email protected] Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: 1.0...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•257 views

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Date: 15/3/2023 Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests...

9.8CVSS9.8AI score0.93791EPSS

Exploits5

Exploit DB•added 2023/04/08 12:0 a.m.•254 views

FortiRecorder 6.4.3 - Denial of Service

Exploit Title: FortiRecorder 6.4.3 - Denial of Service Google Dork: N/A Date: 13/03/2023 Exploit Author: Mohammed Adel Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/network-based-video-security/forticam-fortirecorder Version: 6.4.3 and below && 6.0.11...

7.5CVSS7.6AI score0.19148EPSS

Exploits3

Exploit DB•added 2023/04/08 12:0 a.m.•233 views

ENTAB ERP 1.0 - Username PII leak

Exploit Title: ENTAB ERP 1.0 - Username PII leak Date: 17.05.2022 Exploit Author: Deb Prasad Banerjee Vendor Homepage: https://www.entab.in Version: Entab ERP 1.0 Tested on: Windows IIS CVE: CVE-2022-30076 Vulnerability Name: Broken Access control via Rate Limits Description: In the entab softwar...

5.3CVSS5.4AI score0.12834EPSS

Exploits4

Exploit DB•added 2023/04/08 12:0 a.m.•224 views

ActFax 10.10 - Unquoted Path Services

Exploit Title: ActFax 10.10 - Unquoted Path Services Date: 22/03/2023 Exploit Author: Birkan ALHAN @taftss Vendor Homepage: https://www.actfax.com Software Link: https://www.actfax.com/en/download.html Version: Version 10.10, Build 0551 2023-02-01 Tested on: Windows 10 21H2 OS Build 19044.2728...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•246 views

X2CRM v6.6/6.9 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: X2CRM v6.6/6.9 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: Actionssubject CVE:...

5.4CVSS5.6AI score0.01915EPSS

Exploits4

Exploit DB•added 2023/04/08 12:0 a.m.•323 views

Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE)

// Exploit Title: Goanywhere Encryption helper 7.1.1 - Remote Code Execution RCE // Google Dork: title:"GoAnywhere" // Date: 3/26/2023 // Exploit Author: Youssef Muhammad // Vendor Homepage: https://www.goanywhere.com/ // Software Link:...

7.2CVSS7.4AI score0.94378EPSS

Exploits12

Exploit DB•added 2023/04/08 12:0 a.m.•259 views

Online-Pizza-Ordering -1.0 - Remote Code Execution (RCE)

Exploit Title: Online-Pizza-Ordering -1.0 - Remote Code Execution RCE Author: nu11secur1ty Date: 03.30.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•247 views

Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation

Exploit Title: Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit Author : TOUHAMI KASBAOUI Vendor Homepage : https://www.forcepoint.com/ Software: Stonesoft VPN Windows Version : 6.2.0 / 6.8.0 Tested on : Windows 10 CVE : N/A Description local privilege escalation vertical...

7.4AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•268 views

Lucee Scheduled Job v1.0 - Command Execution

Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Date: 3-23-2012 Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref ...

7AI score

Exploits0

Exploit DB•added 2023/04/08 12:0 a.m.•387 views

Joomla! v4.2.8 - Unauthenticated information disclosure

!/usr/bin/env ruby Exploit Title: Joomla! v4.2.8 - Unauthenticated information disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2023-23752 Date: 2023-03-24 Vendor Homepage:...

5.3CVSS5.9AI score0.94522EPSS

Exploits42

Exploit DB•added 2023/04/07 12:0 a.m.•224 views

Rukovoditel 3.3.1 - Remote Code Execution (RCE)

Exploit Title: Rukovoditel 3.3.1 - Remote Code Execution RCE Version: 3.3.1 Bugs: rce via jpeg file upload Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 12-03-2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

7.4AI score

Exploits0

Exploit DB•added 2023/04/07 12:0 a.m.•180 views

Franklin Fueling Systems TS-550 - Exploit and Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Exploit and Default Password Date: 3/11/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks an...

7.4AI score

Exploits0

Exploit DB•added 2023/04/07 12:0 a.m.•213 views

ChurchCRM 4.5.1 - Authenticated SQL Injection

Exploit Title: ChurchCRM 4.5.1 - Authenticated SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Version: 4.5.1...

6.7AI score

Exploits5

Exploit DB•added 2023/04/07 12:0 a.m.•215 views

Wondershare Dr Fone 12.9.6 - Privilege Escalation

Exploit Title: Wondershare Dr Fone 12.9.6 - Privilege Escalation Date: 14 March 2023 Exploit Author: Thurein Soe Vendor Homepage: https://drfone.wondershare.com Software Link: https://mega.nz/file/ZFd1TZIRe2WfCXryaH08C3VNGZH1yAIG6DU01p-MrDooq529I Version: Dr Fone version 12.9.6 Tested on: Window ...

7.8CVSS7.7AI score0.00625EPSS

Exploits4

Exploit DB•added 2023/04/07 12:0 a.m.•197 views

Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing

!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Date: 09/03/2023 Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...

9.6CVSS7.3AI score0.46839EPSS

Exploits4

Exploit DB•added 2023/04/07 12:0 a.m.•233 views

NotrinosERP 0.7 - Authenticated Blind SQL Injection

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...

8.8CVSS7AI score0.00872EPSS

Exploits4

Exploit DB•added 2023/04/07 12:0 a.m.•168 views

MAC 1200R - Directory Traversal

Exploit Title: MAC 1200R - Directory Traversal Google Dork: "MAC1200R" && port="8888" Date: 2023/03/09 Exploit Author: Chunlei Shang, Jiangsu Public Information Co., Ltd. Vendor Homepage: https://www.mercurycom.com.cn/ Software Link: https://www.mercurycom.com.cn/product-1-1.html Version: all...

7.5CVSS7.7AI score0.10359EPSS

Exploits3

Exploit DB•added 2023/04/07 12:0 a.m.•224 views

IBM Aspera Faspex 4.4.1 - YAML deserialization (RCE)

Exploit Title: IBM Aspera Faspex 4.4.1 - YAML deserialization RCE Date: 02/02/2023 Exploit Author: Maurice Lambert Vendor Homepage: https://www.ibm.com/ Software Link: https://www.ibm.com/docs/en/aspera-faspex/5.0?topic=welcome-faspex Version: 4.4.1 Tested on: Linux CVE : CVE-2022-47986 """ This...

9.8CVSS9.8AI score0.94303EPSS

Exploits5

Exploit DB•added 2023/04/07 12:0 a.m.•194 views

Docker based datastores for IBM Instana 241-2 243-0 - No Authentication

Exploit Title: Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Google Dork: if applicable Date: 06 March 2023 Exploit Author: Shahid Parvez zippon Vendor Homepage: https://www.instana.com/trial/ and https://www.ibm.com/docs/en/instana-observability Software Link:...

9.1CVSS9.4AI score0.08502EPSS

Exploits3

Exploit DB•added 2023/04/07 12:0 a.m.•221 views

Schneider Electric v1.0 - Directory traversal & Broken Authentication

Exploit Title: Schneider Electric v1.0 - Directory traversal & Broken Authentication Google Dork: inurl:/scada-vis Date: 3/11/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: https://www.se.com/ Version: all-versions Tested on: Windows/Linux/Android Attacker can using these dorks and...

7.4AI score

Exploits0

Exploit DB•added 2023/04/07 12:0 a.m.•171 views

Snitz Forum v1.0 - Blind SQL Injection

Exploit Title: Snitz Forum v1.0 - Blind SQL Injection Date: 13/03/2023 Exploit Author: Emiliano Febbi Vendor Homepage: https://forum.snitz.com/ Software Link: https://sourceforge.net/projects/sf2k/files/ Version: ALL VERSION Tested on: Windows 10 code . . / ///I . / // 0day PoC...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•240 views

Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI

Exploit Title: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI Date: 2022-10-14 Fix Date: 2020-05 Exploit Author: Kahvi-0 Github: https://github.com/Kahvi-0 Vendor Homepage: https://www.mitel.com/ Vendor Security Advisory:...

5.3CVSS5.3AI score0.84928EPSS

Exploits3

Exploit DB•added 2023/04/06 12:0 a.m.•257 views

Agilebio Lab Collector Electronic Lab Notebook v4.234 - Remote Code Execution (RCE)

Exploit Title: Agilebio Lab Collector Electronic Lab Notebook v4.234 - Remote Code Execution RCE Date: 2023-02-28 Exploit Author: Anthony Cole Vendor Homepage: https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/ Version: v4.234 Contact: http://twitter.com/acole76...

8.8CVSS8.9AI score0.04938EPSS

Exploits3

Exploit DB•added 2023/04/06 12:0 a.m.•292 views

Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification

!/usr/bin/env python Exploit Title: Osprey Pump Controller v1.0.1 - Authentication Bypass Credentials Modification Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID...

7AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•276 views

Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS

Exploit Title: Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•251 views

Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection

Exploit Title: Osprey Pump Controller 1.0.1 - userName Blind Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mira...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•252 views

ChurchCRM v4.5.3-121fcc1 - SQL Injection

Exploit Title: ChurchCRM v4.5.3-121fcc1 - SQL Injection Author: nu11secur1ty Date: 02.27.2023 Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears ...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•296 views

Employee Task Management System v1.0 - SQL Injection on edit-task.php

Exploit Title: Employee Task Management System v1.0 - SQL Injection on edit-task.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org, nvd.nist.org Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Softwar...

8.8CVSS5.9AI score0.02721EPSS

Exploits10

Exploit DB•added 2023/04/06 12:0 a.m.•273 views

Music Gallery Site v1.0 - SQL Injection on page Master.php

Exploit Title: Music Gallery Site v1.0 - SQL Injection on page Master.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0962 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested...

8.8CVSS8.8AI score0.00306EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•248 views

Music Gallery Site v1.0 - SQL Injection on page view_music_details.php

Exploit Title: Music Gallery Site v1.0 - SQL Injection on page viewmusicdetails.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0961 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com...

9.8CVSS9.7AI score0.0038EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•289 views

Auto Dealer Management System v1.0 - SQL Injection

Exploit Title: Auto Dealer Management System v1.0 - SQL Injection Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Version: v 1.0 Tested...

8.8CVSS8.9AI score0.0054EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•257 views

modoboa 2.0.4 - Admin TakeOver

/ Exploit Title: modoboa 2.0.4 - Admin TakeOver Description: Authentication Bypass by Primary Weakness Date: 02/10/2023 Software Link: https://github.com/modoboa/modoboa Version: modoboa/modoboa prior to 2.0.4 Tested on: Arch Linux Exploit Author: 7h3h4ckv157 CVE: CVE-2023-0777 / package main...

9.8CVSS9.3AI score0.75021EPSS

Exploits4

Exploit DB•added 2023/04/06 12:0 a.m.•299 views

Best pos Management System v1.0 - SQL Injection

Exploit Title: Best pos Management System v1.0 - SQL Injection Google Dork: NA Date: 14/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•271 views

Purchase Order Management-1.0 - Local File Inclusion

Title: Purchase Order Management-1.0 - Local File Inclusion Author: nu11secur1ty Date: 03.06.2023 Vendor: https://www.sourcecodester.com/user/257130/activity Software: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html Reference:...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•252 views

flatnux 2021-03.25 - Remote Code Execution (Authenticated)

Exploit Title: flatnux-2021-03.25 - Remote Code Execution Authenticated Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://en.altervista.org Software Link: http://flatnux.altervista.org/flatnux.html Version: 2021-03.25 Tested on: Windows/Linux POST...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•257 views

Intern Record System v1.0 - SQL Injection (Unauthenticated)

Exploit Title: Intern Record System v1.0 - SQL Injection Unauthenticated Date: 2022-06-09 Exploit Author: Hamdi Sevben Vendor Homepage: https://code-projects.org/intern-record-system-in-php-with-source-code/ Software Link:...

9.8CVSS9.7AI score0.05824EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•234 views

EasyNas 1.1.0 - OS Command Injection

Exploit Title: EasyNas 1.1.0 - OS Command Injection Date: 2023-02-9 Exploit Author: Ivan Spiridonov [email protected] Author Blog: https://xbz0n.medium.com Version: 1.0.0 Vendor home page : https://www.easynas.org Authentication Required: Yes CVE : CVE-2023-0830 !/usr/bin/python3 import...

8.8CVSS7.5AI score0.38532EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•327 views

Dompdf 1.2.1 - Remote Code Execution (RCE)

!/usr/bin/python3 Exploit Title: Dompdf 1.2.1 - Remote Code Execution RCE Date: 16 February 2023 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://dompdf.github.io/ Software Link: https://github.com/dompdf/dompdf Version: 1.2.1 Tested on: Kali linux CVE : CVE-2022-28368 Gith...

9.8CVSS9.6AI score0.88271EPSS

Exploits8

Exploit DB•added 2023/04/06 12:0 a.m.•246 views

Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack

Exploit Title: Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•250 views

Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection

Exploit Title: Osprey Pump Controller 1.0.1 - pseudonym Semi-blind Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/202...

7AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•359 views

pdfkit v0.8.7.2 - Command Injection

!/usr/bin/env python3 Exploit Title: pdfkit v0.8.7.2 - Command Injection Date: 02/23/2023 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pdfkit.org/ Software Link: https://github.com/pdfkit/pdfkit Version: 0.0.0-0.8.7.2 Tested on: pdfkit 0.8.6 CVE: CVE-2022–25765 Source:...

9.8CVSS9.5AI score0.88705EPSS

Exploits11

Exploit DB•added 2023/04/06 12:0 a.m.•350 views

Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS)

Exploit Title: Simple Food Ordering System v1.0 - Cross-Site Scripting XSS Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1...

5.4CVSS5.1AI score0.02721EPSS

Exploits9

Exploit DB•added 2023/04/06 12:0 a.m.•285 views

Music Gallery Site v1.0 - Broken Access Control

Exploit Title: Music Gallery Site v1.0 - Broken Access Control Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested on: Windows...

9.8CVSS7AI score0.03844EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•266 views

Employee Task Management System v1.0 - SQL Injection on (task-details.php?task_id=?)

Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task...

8.8CVSS7AI score0.00378EPSS

Exploits5

Exploit DB•added 2023/04/06 12:0 a.m.•285 views

Auto Dealer Management System 1.0 - Broken Access Control Exploit

Exploit Title: Auto Dealer Management System 1.0 - Broken Access Control Exploit It leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account Date: 18 February 2023 CVE Assigned: CVE-2023-0916 mitre.org nvd.nist.org Author: Muhammad Navaid...

8.8CVSS7.6AI score0.02244EPSS

Exploits4

Exploit DB•added 2023/04/06 12:0 a.m.•269 views

atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE

Exploit Title: atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Date: 02.16.2023 Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The...

7.4AI score

Exploits0

Exploit DB•added 2023/04/06 12:0 a.m.•264 views

TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution (RCE)

Exploit Title: TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution RCE Date: 02.14.2023 Exploit Author: Andreas Finstad Vendor Homepage: https://titanftp.com/ Version: 2.0.1.2102 Tested on: Windows 2022 Server CVE : CVE-2023-22629 Exploit and description here: https://f20.be/blog/titanf...

8.8CVSS8.9AI score0.65083EPSS

Exploits4

Exploit DB•added 2023/04/06 12:0 a.m.•272 views

Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Date: 17/11/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://www.commscope.com/ Version: 9.1.103 Tested on: TG2482A, TG2492, SBG10 CVE : CVE-2022-45701 import requests import base64 routerhost =...

8.8CVSS8.9AI score0.35297EPSS

Exploits6

Exploit DB•added 2023/04/06 12:0 a.m.•258 views

Art Gallery Management System Project in PHP v 1.0 - SQL injection

Exploit Title: Art Gallery Management System Project in PHP v 1.0 - SQL injection Date: 31-01-2023 Exploit Author: Yogesh Verma Vendor Homepage: https://y0gesh-verma.github.io/ Software Link: https://phpgurukul.com/art-gallery-management-system-using-php-and-mysql/,...

9.8CVSS9.7AI score0.03654EPSS

Exploits3

Total number of security vulnerabilities47884