Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2023/03/28 12:0 a.m.172 views

OPSWAT Metadefender Core - Privilege Escalation

Exploit Title: OPSWAT Metadefender Core - Privilege Escalation Date: 24 October 2022 Exploit Author: Ulascan Yildirim Vendor Homepage: https://www.opswat.com/ Version: Metadefender Core 4.21.1 Tested on: Windows / Linux CVE : CVE-2022-32272...

9.8CVSS9.7AI score0.09095EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.225 views

Canteen-Management v1.0 - XSS-Reflected

Exploit Title: Canteen-Management v1.0 - XSS-Reflected Exploit Author: nu11secur1ty Date: 10.04.2022 Vendor: Free PHP Projects & Ideas with Source Codes for Students | mayurik Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayurik/2022/Canteen-Management/Docs...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.232 views

WebTareas 2.4 - SQL Injection (Unauthorised)

Exploit Title: WebTareas 2.4 - SQL Injection Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.204 views

Grafana <=6.2.4 - HTML Injection

Exploit Title: Grafana Hello...

5.4CVSS5.5AI score0.51915EPSS
Exploits2
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.174 views

Gestionale Open 12.00.00 - 'DB_GO_80' Unquoted Service Path

Exploit Title: Gestionale Open 12.00.00 - 'DBGO80' Unquoted Service Path Exploit by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.gestionaleopen.org/ Software Link : https://www.gestionaleopen.org/download/ Tested Version: 12.00.00 Vulnerability Type: Unquoted Service Pat...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.199 views

MiniDVBLinux <=5.4 - Config Download Exploit

Exploit Title: MiniDVBLinux =5.4 Config Download Exploit Exploit Author: LiquidWorm Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.122 views

AVS Audio Converter 10.3 - Stack Overflow (SEH)

Exploit Title: AVS Audio Converter 10.3 - Stack Overflow SEH Discovered by: Yehia Elghaly - Mrvar0x Discovered Date: 2022-10-16 Tested Version: 10.3.1.633 Tested on OS: Windows 7 Professional x86 pop+ret Address=005154E6 Message= 0x005154e6 : pop ecx pop ebp ret 0x04 | startnull PAGEEXECUTEREAD...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.175 views

Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)

Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.160 views

Explorer32++ v1.3.5.531 - Buffer overflow

Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.263 views

eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)

Exploit Title: eXtplorer= 2.1.14 - Authentication Bypass & Remote Code Execution RCE Exploit Author: ErPaciocco Author Website: https://erpaciocco.github.io Vendor Homepage: https://extplorer.net/ Vendor: ============== extplorer.net Product: ================== eXtplorer = v2.1.14 eXtplorer is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.148 views

Canteen-Management v1.0 - SQL Injection

Exploit Title: Canteen-Management v1.0 - SQL Injection Exploit Author: nu11secur1ty Date: 10.04.2022 Vendor: https://www.mayurik.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayurik/2022/Canteen-Management/Docs/youthappam.zip?raw=true Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.263 views

Clansphere CMS 2011.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.170 views

Frhed (Free hex editor) v1.6.0 - Buffer overflow

Exploit Title: Frhed Free hex editor v1.6.0 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://frhed.sourceforge.net/ Software Link : http://frhed.sourceforge.net/ Tested Version: 1.6.0 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.180 views

MiniDVBLinux 5.4 - Arbitrary File Read

Exploit Title: MiniDVBLinux 5.4 - Arbitrary File Read Exploit Author: LiquidWorm !/usr/bin/env python3 MiniDVBLinux 5.4 Arbitrary File Read Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.178 views

WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities

Exploit Title: WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://wpn-xm.org/ Software Link : https://github.com/WPN-XM/WPN-XM/ Tested Version: 0.8.6 Tested on: Windows 10 using XAMPP Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.187 views

WebTareas 2.4 - RCE (Authorized)

Exploit Title: WebTareas 2.4 - RCE Authorized Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.139 views

Webgrind 1.1 - Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE)

Exploit Title: Webgrind 1.1 - Reflected Cross-Site Scripting XSS & Remote Command Execution RCE Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://github.com/jokkedk/webgrind/ Software Link : http://github.com/jokkedk/webgrind/ Tested Version: 1.1 Tested on: Windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.203 views

Tftpd32_SE 4.60 - 'Tftpd32_svc' Unquoted Service Path

Exploit Title: Tftpd32SE 4.60 - 'Tftpd32svc' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 10-13-2022 Vendor Homepage: https://pjo2.github.io/tftpd64/ Software Links : https://bitbucket.org/phjounin/tftpd64/downloads/Tftpd32SE-4.60-setup.exe Tested Version: 4.60 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.613 views

WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.215 views

Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass

Exploit Title: Zoneminder v1.36.26 - Log Injection - CSRF Bypass - Stored Cross-Site Scripting XSS Date: 10/01/2022 Exploit Author: Trenches of IT Vendor Homepage: https://github.com/ZoneMinder/zoneminder Version: v1.36.26 Tested on: Linux/Windows CVE: CVE-2022-39285, CVE-2022-39290, CVE-2022-392...

8CVSS6.2AI score0.05444EPSS
Exploits6
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.135 views

WebTareas 2.4 - Reflected XSS (Unauthorised)

Exploit Title: WebTareas 2.4 - Reflected XSS Unauthorised Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.185 views

Zentao Project Management System 17.0 - Authenticated Remote Code Execution (RCE)

Exploit Title: Zentao Project Management System 17.0 - Authenticated Remote Code Execution RCE Exploit Author: mister0xf Date: 2022-10-8 Software Link: https://github.com/easysoft/zentaopms Version: tested on 17.0 probably works also on newer/older versions Tested On: Kali Linux 2022.2 Exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.122 views

FlatCore CMS 2.1.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: FlatCore CMS 2.1.1 -Stored Cross Site Scripting Date: 2020-09-24 Exploit Author: Sinem Şahin Vendor Homepage: https://flatcore.org/ Version: 2.1.1 Tested on: Windows & XAMPP == Tutorial http://HOST/install/index.php 2- Write XSS Payload into the username of the user account. 3- Pre...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.195 views

Aero CMS v0.0.1 - PHP Code Injection (auth)

Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.148 views

Resource Hacker v3.6.0.92 - Buffer overflow

Exploit Title: Resource Hacker 3.6.0.92 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.angusj.com/resourcehacker/ Software Link : http://www.angusj.com/resourcehacker/ Tested Version: 3.6.0.92 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.175 views

Aero CMS v0.0.1 - SQL Injection (no auth)

Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.161 views

Scdbg 1.0 - Buffer overflow DoS

Exploit Title: Scdbg 1.0 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2021-06-13 Vendor Homepage: http://sandsprite.com/blogs/index.php?uid=7&pid=152 Software Link : https://github.com/dzzie/VSLIBEMU Tested Version: 1.0 - Compile date: Jun 3 2021 20:57:45 Tested on: Windows ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.161 views

Hex Workshop v6.7 - Buffer overflow DoS

Exploit Title: Hex Workshop v6.7 - Buffer overflow DoS Discovery by: Rafael Pedrero Discovery Date: 2022-01-06 Vendor Homepage: http://www.bpsoft.com, http://www.hexworkshop.com Software Link : http://www.bpsoft.com, http://www.hexworkshop.com Tested Version: v6.7 Tested on: Windows 10 CVSS v3: 7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.218 views

Desktop Central 9.1.0 - Multiple Vulnerabilities

Exploit Title: Desktop Central 9.1.0 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2021-02-14 Software Link : http://www.desktopcentral.com Tested Version: 9.1.0 Build No: 91084 Tested on: Windows 10 Vulnerability Type: CRLF injection CRLF - 1 CVSS v3: 6.1 CVSS vector:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.195 views

MiniDVBLinux 5.4 - Remote Root Command Injection

Exploit Title: MiniDVBLinux 5.4 - Remote Root Command Injection Exploit Author: LiquidWorm !/usr/bin/env python3 MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.175 views

MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution (RCE)

Exploit Title: MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution RCE Exploit Author: LiquidWorm MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP svdrpsend.sh Exploit Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.204 views

FortiOS, FortiProxy, FortiSwitchManager v7.2.1 - Authentication Bypass

Exploit Title: Fortinet Authentication Bypass v7.2.1 - FortiOS, FortiProxy, FortiSwitchManager Date: 13/10/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.fortinet.com/ Version: FortiOS from 7.2.0 to 7.2.1 FortiOS from 7.0.0 to 7.0.6 FortiProxy 7.2.0 FortiProxy from...

9.8CVSS9.8AI score0.99984EPSS
Exploits25
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.153 views

MiniDVBLinux 5.4 - Unauthenticated Stream Disclosure

Exploit Title: MiniDVBLinux 5.4 - Unauthenticated Stream Disclosure Exploit Author: LiquidWorm MiniDVBLinux 5.4 Unauthenticated Stream Disclosure Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: /dev/null...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.150 views

MiniDVBLinux 5.4 - Change Root Password

Exploit Title: MiniDVBLinux 5.4 - Change Root Password Exploit Author: LiquidWorm MiniDVBLinux 5.4 Change Root Password PoC Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.189 views

Atom CMS v2.0 - SQL Injection (no auth)

Exploit Title: Atom CMS v2.0 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/27 12:0 a.m.154 views

Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path

Exploit Title: Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path Exploit Author: Luis Martinez Discovery Date: 2022-10-05 Vendor Homepage: https://www.infonetsoftware.com Software Link : https://www.infonetsoftware.com/soft/instalarMedicontx.exe Tested Version: 3.7.27 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.220 views

Online Diagnostic Lab Management System v1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Diagnostic Lab Management System v1.0 - Remote Code Execution RCE Unauthenticated Google Dork: N/A Date: 2022-9-23 Exploit Author: yousef alraddadi - https://twitter.com/y0usef11 Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.192 views

MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution

Exploit Title: MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 26th Feb'2022 CVE ID: CVE-2022-26149 Confirmed on release 2.8.3-pl Reference: https://github.com/sartlabs/0days/blob/main/Modx/Exploit.txt Vendor...

7.2CVSS7AI score0.09314EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.249 views

NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle

Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...

9.8CVSS7AI score0.08529EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.213 views

Composr-CMS Version <=10.0.39 - Authenticated Remote Code Execution

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

8.8CVSS8.9AI score0.09183EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.144 views

PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS

Exploit Title: PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS Date: 2022-10-02 Exploit Author: Prasheek Kamble Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/ Version: V 1.2 Vulnerable endpoint:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.138 views

Password Manager for IIS v2.0 - XSS

Exploit Title: Password Manager for IIS v2.0 - XSS Exploit Author: VP4TR10T Vendor Homepage: http://passwordmanager.adiscon.com/en/manual/ Software Link: http://passwordmanager.adiscon.com/ Version: Version 2.0 Tested on: WINDOWS CVE : CVE-2022-36664 Affected URI when changing user password: POST...

6.1CVSS6.3AI score0.03767EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.155 views

SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution

Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...

7.2CVSS7.1AI score0.09186EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.169 views

Abantecart v1.3.2 - Authenticated Remote Code Execution

Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...

7.2CVSS7AI score0.09615EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.244 views

Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...

8.8CVSS8.8AI score0.03851EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.138 views

Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal

Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Date: 09.29.2022 Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.170 views

GuppY CMS v6.00.10 - Remote Code Execution

Exploit Title: GuppY CMS v6.00.10 - Remote Code Execution Date: Sep 30, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.freeguppy.org/ Software Link: https://www.freeguppy.org/fgy6dn.php?lng=en&pg=279927&tconfig=0z2 Version: 6.00.10 Tested on: Linux !/usr/bin/php ?php $username =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.149 views

D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution

Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.187 views

"camp" Raspberry Pi camera server 1.0 - Authentication Bypass

Exploit Title: "camp" Raspberry Pi camera server 1.0 - Authentication Bypass Date: 2022-07-25 Exploit Author: Elias Hohl Vendor Homepage: https://github.com/patrickfuller Software Link: https://github.com/patrickfuller/camp Version: bf6af5c2e5cf713e4050c11c52dd4c55e89880b1 Tested on: Ubuntu 20.04...

9.8CVSS9.7AI score0.49201EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.188 views

Bus Pass Management System 1.0 - Cross-Site Scripting (XSS)

Exploit Title: Bus Pass Management System 1.0 - Cross-Site Scripting XSS Date: 2022-07-02 Exploit Author: Ali Alipour Vendor Homepage: https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql Software Link:...

6.1CVSS6.4AI score0.02007EPSS
Exploits2
Total number of security vulnerabilities47904