Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.561 views

WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download

Exploit Title: WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download Google Dork: N/A Date: 07.27.2022 Exploit Author: SecuriTrust Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: 1.4.7 Tested on: Linux, Windows CVE :...

7.5CVSS7.6AI score0.12485EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.487 views

Wavlink WN533A8 - Password Disclosure

Exploit Title: Wavlink WN533A8 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34046 Tested on: Windows Exploit...

7.5CVSS7.8AI score0.16583EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.575 views

Wavlink WN530HG4 - Password Disclosure

Exploit Title: Wavlink WN530HG4 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M30HG4.V5030.191116 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34047 Tested on: Windows Exploit...

7.5CVSS7.6AI score0.17444EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.413 views

Omnia MPX 1.5.0+r1 - Path Traversal

Exploit Title: Omnia MPX 1.5.0+r1 - Path Traversal Date: 24/7/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.telosalliance.com/ Software Link: https://support.telosalliance.com/article/934ixoaz3l-mpx-node-release-notes-and-update-instructions Version: 1.5.0+r1 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.728 views

Webmin 1.996 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Webmin 1.996 - Remote Code Execution RCE Authenticated Date: 2022-07-25 Exploit Author: Emir Polat Technical analysis: https://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165 Vendor Homepage: https://www.webmin.com/ Software Link: https://www.webmin.com/download.html...

9.8CVSS9.6AI score0.96049EPSS
Exploits8
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.584 views

NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.369 views

CuteEditor for PHP 6.6 - Directory Traversal

Exploit Title: CuteEditor for PHP 6.6 - Directory Traversal Google Dork: N/A Date: November 17th, 2021 Exploit Author: Stefan Hesselman Vendor Homepage: http://phphtmledit.com/ Software Link: http://phphtmledit.com/download/phphtmledit.zip Version: 6.6 Tested on: Windows Server 2019 CVE : N/A The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.474 views

mPDF 7.0 - Local File Inclusion

Exploit Title: mPDF 7.0 - Local File Inclusion Google Dork: N/A Date: 2022-07-23 Exploit Author: Musyoka Ian Vendor Homepage: https://mpdf.github.io/ Software Link: https://mpdf.github.io/ Version: CuteNews Tested on: Ubuntu 20.04, mPDF 7.0.x CVE: N/A !/usr/bin/env python3 from urllib.parse impor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.402 views

Wavlink WN533A8 - Cross-Site Scripting (XSS)

Exploit Title: Wavlink WN533A8 - Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34048 Tested on: Windows Poc code history.pushState'', '', '/'...

6.1CVSS6.3AI score0.0509EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.401 views

WordPress Plugin WP-UserOnline 2.87.6 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP-UserOnline 2.87.6 - Stored Cross-Site Scripting XSS Date: 21/07/2022 Exploit Author: Steffin Stanly Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link: https://wordpress.org/plugins/wp-useronline/ Version: WP-UserOnline and enter the data...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.373 views

Dingtian-DT-R002 3.1.276A - Authentication Bypass

Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass Google Dork: NA Date: 13th July 2022 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2022-29593/ Vendor Homepage: https://www.dingtian-tech.com/enus/relay4.html Software Link:...

5.9CVSS5.8AI score0.12907EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.679 views

rpc.py 0.6.0 - Remote Code Execution (RCE)

Exploit Title: rpc.py 0.6.0 - Remote Code Execution RCE Google Dork: N/A Date: 2022-07-12 Exploit Author: Elias Hohl Vendor Homepage: https://github.com/abersheeran Software Link: https://github.com/abersheeran/rpc.py Version: v0.4.2 - v0.6.0 Tested on: Debian 11, Ubuntu 20.04 CVE : CVE-2022-3541...

9.8CVSS9.6AI score0.45862EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.410 views

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) - Remote Code Execution

Exploit Title: Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 - Remote Code Execution Exploit Author: LiquidWorm SpaceLogic.ps1 Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com...

8.8CVSS8.8AI score0.71084EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.340 views

Geonetwork 4.2.0 - XML External Entity (XXE)

Exploit Title: Geonetwork 4.2.0 - XML External Entity XXE Date: 2022-July-11 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://geonetwork-opensource.org/ Version: Geonetwork 3.10.X through 4.2.0 Tested on: Microsoft Windows Server & Linux Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.330 views

Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal

Exploit Title: Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal Exploit Author: LiquidWorm Vendor: CAREL INDUSTRIES S.p.A. Product web page: https://www.carel.com Affected version: Firmware: A2.1.0 - B2.1.0 Application Software: 2.15.4A Software version: v16 13020200 Summary: pCO...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/29 12:0 a.m.470 views

Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted Service Path

Exploit Title: Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted Service Path Date: 07/14/2022 Exploit Author: Angelo Pio Amirante Version: 1.0.0.4 Tested on: Windows 10 Patched version: 1.0.5.0 CVE: CVE-2022-35899 Step to discover the unquoted service path: wmic service get...

7.8CVSS8.1AI score0.00857EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/07/26 12:0 a.m.404 views

WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi

Title: WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi Author: nu11secur1ty Date: 07.11.2022 Vendor: https://wphive.com/ Software: https://wphive.com/plugins/wp-visual-slidebox-builder/?pluginversion=3.2.9 Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.421 views

Kite 1.2021.610.0 - Unquoted Service Path

Exploit Title: Kite 1.2021.610.0 - Unquoted Service Path Date: 2020-11-6 Exploit Author: Ghaleb Al-otaibi Vendor Homepage: https://www.kite.com/ Version: Version 4.2.0.1 U1 Tested on: Microsoft Windows 10 Pro - 10.0.19044 N/A Build 19044 CVE : NA Service info: C:\Windows\system32\cmd.exesc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.361 views

IOTransfer 4.0 - Remote Code Execution (RCE)

Exploit Title: IOTransfer V4 – Remote Code Execution RCE Date: 06/22/2022 Exploit Author: Tomer Peled Vendor Homepage: https://www.iobit.com Software Link: https://iotransfer.itopvpn.com/ Version: V4 and onward Tested on: Windows 10 CVE : 2022-24562 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.314 views

Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path

Exploit Title: Dr. Fone v4.0.8- 'netupdater32.exe' Unquoted Service Path Discovery Date: 2022-05-07 Discovery by: Esant1490 Vendor Homepage: https://drfone.wondershare.net Software Link : https://download.wondershare.net/drfonefull4008.exe Tested Version: 4.0.8 Tested on OS: Windows 10 Pro x64 en...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.308 views

Magnolia CMS 6.2.19 - Stored Cross-Site Scripting (XSS)

Exploit Title: Magnolia CMS 6.2.19 - Stored Cross-Site Scripting XSS Date: 08/05/2022 Exploit Author: Giulio Garzia 'Ozozuz' Vendor Homepage: https://www.magnolia-cms.com/ Software Link:...

6.1CVSS6.3AI score0.51615EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.414 views

OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE)

Exploit Title: OctoBot WebInterface 0.4.3 - Remote Code Execution RCE Date: 9/2/2021 Exploit Author: Samy Younsi, Thomas Knudsen Vendor Homepage: https://www.octobot.online/ Software Link: https://github.com/Drakkar-Software/OctoBot Version: 0.4.0beta3 - 0.4.3 Tested on: Linux Ubuntu, CentOs CVE ...

9.8CVSS9.6AI score0.15466EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/07/21 12:0 a.m.529 views

CodoForum v5.1 - Remote Code Execution (RCE)

Exploit Title: CodoForum v5.1 - Remote Code Execution RCE Date: 06/07/2022 Exploit Author: Krish Pandey @vikaran101 Vendor Homepage: https://codoforum.com/ Software Link: https://bitbucket.org/evnix/codoforumdownloads/downloads/codoforum.v.5.1.zip Version: CodoForum v5.1 Tested on: Ubuntu 20.04...

7.2CVSS7AI score0.32233EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/07/11 12:0 a.m.1797 views

Nginx 1.20.0 - Denial of Service (DOS)

Exploit Title: Nginx 1.20.0 - Denial of Service DOS Date: 2022-6-29 Exploit Author: Mohammed Alshehri - https://Github.com/M507 Vendor Homepage: https://nginx.org/ Software Link: https://github.com/nginx/nginx/releases/tag/release-1.20.0 Version: 0.6.18 - 1.20.0 Tested on: Ubuntu 18.04.4 LTS bion...

7.7CVSS6.9AI score0.53461EPSS
Exploits10
Exploit DB
Exploit DB
added 2022/07/01 12:0 a.m.727 views

WiFi Mouse 1.7.8.5 - Remote Code Execution(v2)

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Date: 25-02-2021 Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 ​ Python 3 port done by RedHatAugust Original exploit:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/27 12:0 a.m.345 views

WSO2 Management Console (Multiple Products) - Unauthenticated Reflected Cross-Site Scripting (XSS)

Exploit Title: WSO2 Management Console Multiple Products - Unauthenticated Reflected Cross-Site Scripting XSS Date: 21 Apr 2022 Exploit Author: cxosmo Vendor Homepage: https://wso2.com Software Link: API Manager https://wso2.com/api-manager/, Identity Server https://wso2.com/identity-server/,...

6.1CVSS6.3AI score0.41078EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/06/27 12:0 a.m.504 views

Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Date: 06.18.2022 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/27 12:0 a.m.543 views

WordPress Plugin Weblizar 8.9 - Backdoor

Exploit Title: WordPress Plugin Weblizar 8.9 - Backdoor Google Dork: 'wp-json/am-member/license' Exploit Author: Sobhan Mahmoodi Vendor Homepage: https://weblizar.com/plugins/school-management/ Version: 8.9 Tested on: windows/linux Vulnerable code: addaction 'restapiinit', function...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.387 views

ChurchCRM 4.4.5 - SQLi

Exploit Title: ChurchCRM 4.4.5 - SQLi Exploit Author: nu11secur1ty Date: 05.11.2022 Vendor: https://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-31325 Description: There is a SQL Injection vulnerability in...

7.2CVSS7AI score0.04968EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.306 views

Pandora FMS v7.0NG.742 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Pandora FMS v7.0NG.742 - Remote Code Execution RCE Authenticated Date: 05/20/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://pandorafms.com/ Software Link:...

7.2CVSS7AI score0.30254EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.481 views

phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Date: 2022-04-10 Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.362 views

Old Age Home Management System 1.0 - SQLi Authentication Bypass

Exploit Title: Old Age Home Management System 1.0 - SQLi Authentication Bypass Date: 12/06/2022 Exploit Author: twseptian Vendor Homepage: https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/Old-Age-Home-MS-using-PHP.zip Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.435 views

Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.337 views

SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)

Exploit Title: SolarView Compact 6.00 - 'pow' Cross-Site Scripting XSS Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29301 Tested on: Windows Proof Of Concept:...

6.6AI score
Exploits3
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.329 views

SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting (XSS)

Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...

6.6AI score
Exploits3
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.289 views

HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path

Exploit Title: HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path Date: 2022-06-06 Exploit Author: Ali Alipour Vendor Homepage: https://support.hp.com/us-en/document/c01998934 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.304 views

Real Player 16.0.3.51 - 'external::Import()' Directory Traversal to Remote Code Execution (RCE)

Exploit Title: Real Player 16.0.3.51 - 'external::Import' Directory Traversal to Remote Code Execution RCE Google Dork: n/a Date: May 31, 2022 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: ver. 16.00.282, 16.0.3.51, Cloud 17.0.9.17,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.338 views

TP-Link Router AX50 firmware 210730 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: TP-Link Router AX50 firmware 210730 - Remote Code Execution RCE Authenticated Exploit Author: Tomas Melicher Technical Details: https://github.com/aaronsvk/CVE-2022-30075 Date: 2022-06-08 Vendor Homepage: https://www.tp-link.com/ Tested On: Tp-Link Archer AX50 Vulnerability...

8.8CVSS8.8AI score0.32355EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.277 views

Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)

Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery CSRF Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows PoCs:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.328 views

Sourcegraph Gitserver 3.36.3 - Remote Code Execution (RCE)

Exploit Title: Sourcegraph Gitserver 3.36.3 - Remote Code Execution RCE Date: 2022-06-10 Exploit Author: Altelus Vendor Homepage: https://about.sourcegraph.com/ Version: 3.63.3 Tested on: Linux CVE : CVE-2022-23642 Docker Container: sourcegraph/server:3.36.3 Sourcegraph prior to 3.37.0 has a remo...

8.8CVSS7AI score0.7431EPSS
Exploits8
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.393 views

Virtua Software Cobranca 12S - SQLi

Exploit Title: Virtua Software Cobranca 12S - SQLi Shodan Query: http.favicon.hash:876876147 Date: 13/08/2021 Exploit Author: Luca Regne Vendor Homepage: https://www.virtuasoftware.com.br/ Software Link: https://www.virtuasoftware.com.br/downloads/Cobranca12S1308.exe Version: 12S Tested on: Windo...

7.5CVSS7.6AI score0.29667EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.320 views

Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.329 views

Real Player v.20.0.8.310 G2 Control - 'DoGoToURL()' Remote Code Execution (RCE)

Exploit Title: Real Player v.20.0.8.310 G2 Control - 'DoGoToURL' Remote Code Execution RCE Google Dork: n/a Date: May 31, 2022 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: v.20.0.8.310 Tested on: Windows 7, 8.1, 10 CVE : N/A Full...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/14 12:0 a.m.327 views

Avantune Genialcloud ProJ 10 - Cross-Site Scripting (XSS)

Exploit Title: Avantune Genialcloud ProJ 10 - Cross-Site Scripting XSS Date: 2022-06-01 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.avantune.com Software Link: https://www.genialcloud.com - https://www.genialcloud.com/discover-genialcloud-proj - https://store.genialcloud.com...

6.1CVSS6.3AI score0.02363EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/06/10 12:0 a.m.286 views

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting XSS Date: 2022-06-05 Exploit Author: Sanjay Singh Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/06/10 12:0 a.m.520 views

Confluence Data Center 7.18.0 - Remote Code Execution (RCE)

Exploit Title: Confluence Data Center 7.18.0 - Remote Code Execution RCE Google Dork: N/A Date: 06/006/2022 Exploit Author: h3v0x Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: All 7.4.17 versions before 7.18.1...

9.8CVSS10AI score0.99999EPSS
Exploits76
Exploit DB
Exploit DB
added 2022/06/03 12:0 a.m.383 views

Zyxel USG FLEX 5.21 - OS Command Injection

Exploit Title: Zyxel USG FLEX 5.21 - OS Command Injection Shodan Dork: title:"USG FLEX 100" title:"USG FLEX 100W" title:"USG FLEX 200" title:"USG FLEX 500" title:"USG FLEX 700" title:"USG20-VPN" title:"USG20W-VPN" title:"ATP 100" title:"ATP 200" title:"ATP 500" title:"ATP 700" title:"ATP 800" Dat...

10CVSS9.8AI score0.99938EPSS
Exploits27
Exploit DB
Exploit DB
added 2022/06/03 12:0 a.m.270 views

Microweber CMS 1.2.15 - Account Takeover

Exploit Title: Microweber CMS 1.2.15 - Account Takeover Date: 2022-05-09 Exploit Author: Manojkumar J Vendor Homepage: https://github.com/microweber/microweber Software Link: https://github.com/microweber/microweber/releases/tag/v1.2.15 Version: =1.2.15 Tested on: Windows10 CVE : CVE-2022-1631...

8.8CVSS8.8AI score0.08958EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/06/03 12:0 a.m.318 views

SolarView Compact 6.00 - Directory Traversal

Exploit Title: SolarView Compact 6.00 - Directory Traversal Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : Aiactive Author linkedin profile : https://www.linkedin.com/in/ahmedalroky/ Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE :...

7.5CVSS7.7AI score0.45256EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/06/03 12:0 a.m.246 views

Telesquare SDT-CW3B1 1.1.0 - OS Command Injection

!/usr/bin/python3 Exploit Title: Telesquare SDT-CW3B1 1.1.0 - OS Command Injection Date: 24th May 2022 Exploit Author: Bryan Leong Vendor Homepage: http://telesquare.co.kr/ CVE : CVE-2021-46422 Authentication Required: No import requests import argparse import sys from xml.etree import ElementTre...

10CVSS9.6AI score0.9475EPSS
Exploits20
Total number of security vulnerabilities47904