Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.276 views

WebTareas 2.4 - Blind SQLi (Authenticated)

Exploit Title: WebTareas 2.4 - Blind SQLi Authenticated Date: 04/20/2022 Exploit Author: Behrad Taher Vendor Homepage: https://sourceforge.net/projects/webtareas/ Version: 2.4p3 CVE : CVE-2021-43481 The script takes 3 arguments: IP, user ID, session ID Example usage: python3 webtareassqli.py...

9.8CVSS9.8AI score0.05611EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.284 views

TCQ - ITeCProteccioAppServer.exe - Unquoted Service Path

Exploit Title: TCQ - 'ITeCProteccioAppServer.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea - https://twitter.com/ecarrilloeg Discovery Date: 2022-04-25 Vendor Homepage: https://itec.es/programas/ Vulnerability Type: Unquoted Service Path Privilege Escalation Tested on OS: Microsoft...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.254 views

Microfinance Management System 1.0 - 'customer_number' SQLi

Exploit Title: Microfinance Management System 1.0 - 'customernumber' SQLi Date: 2022-25-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/14822/microfinance-management-system.html Software Link:...

9.8CVSS9.8AI score0.13829EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.219 views

ImpressCMS v1.4.4 - Unrestricted File Upload

Exploit Title: ImpressCMS v1.4.4 - Unrestricted File Upload Date: 7/4/2022 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.impresscms.org/ Software Link: https://github.com/ImpressCMS/impresscms Version: v1.4.4 Description: Between lines 152 and 162, we see the function...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.247 views

Akka HTTP 10.1.14 - Denial of Service

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Date: 18/4/2022 Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697...

7.5CVSS7.8AI score0.36139EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/04/26 12:0 a.m.234 views

GitLab 14.9 - Stored Cross-Site Scripting (XSS)

Exploit Title: Gitlab Stored XSS Date: 12/04/2022 Exploit Authors: Greenwolf Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9...

8.7CVSS7.6AI score0.82003EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/04/26 12:0 a.m.677 views

Gitlab 14.9 - Authentication Bypass

Exploit Title: Gitlab 14.9 - Authentication Bypass Date: 12/04/2022 Exploit Authors: Greenwolf Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 Tested on:...

9.8CVSS9.8AI score0.76177EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.2556 views

7-zip - Code Execution / Local Privilege Escalation

Exploit Title: 7-zip - Code Execution / Local Privilege Escalation Exploit Author: Kağan Çapar Date: 2020-04-12 Vendor homepage: https://www.7-zip.org/ Software link: https://www.7-zip.org/a/7z2107-x64.msi Version: 21.07 and all versions Tested On: Windows 10 Pro x64 References:...

7.8CVSS0.4AI score0.01523EPSS
Exploits8
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.423 views

WordPress Plugin Elementor 3.6.2 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WordPress Plugin Elementor 3.6.2 - Remote Code Execution RCE Authenticated Date: 04/16/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://elementor.com/ Software Link: https://wordpress.org/plugins/elementor/advanced/ scroll down to select the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.295 views

REDCap 11.3.9 - Stored Cross Site Scripting

Exploit Title: REDCap 11.3.9 - Stored Cross-Site Scripting Date: 2021-10-11 Exploit Author: Kendrick Lam References: https://github.com/KCL04/XSS-PoCs/blob/main/CVE-2021-42136.js Vendor Homepage: https://projectredcap.org Software Link: https://projectredcap.org Version: Redcap before 11.4.0 Test...

9CVSS7AI score0.04657EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.363 views

Easy Appointments 1.4.2 - Information Disclosure

Exploit Title: Easy Appointments 1.4.2 - Information Disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2022-0482 Date: 2022-04-11 Vendor Homepage:...

9.1CVSS9.3AI score0.38133EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.377 views

Zyxel NWA-1100-NH - Command Injection

Exploit Title: Zyxel NWA-1100-NH - Command Injection Date: 12/4/2022 Exploit Author: Ahmed Alroky Vendor Homepage: https://www.zyxel.com/homepage.shtml Version: ALL BEFORE 2.12 Tested on: Linux CVE : CVE-2021-4039 References :...

10CVSS9.7AI score0.71048EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.251 views

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection Date: 2022-04-11 Exploit Author: Mohsen Dehghani aka 0xProfessional Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.282 views

Verizon 4G LTE Network Extender - Weak Credentials Algorithm

Exploit Title: Verizon 4G LTE Network Extender - Weak Credentials Algorithm Exploit Author: LiquidWorm Vendor: Verizon Communications Inc. Product web page: https://www.verizon.com Affected version: GA4.38 - V0.4.038.2131 Summary: An LTE Network Extender enhances your indoor and 4G LTE data and...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.406 views

WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.351 views

ManageEngine ADSelfService Plus 6.1 - User Enumeration

Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.463 views

Scriptcase 9.7 - Remote Code Execution (RCE)

Exploit Title: Scriptcasr 9.7 arbitrary file upload getshell Date: 2022-04-08 Exploit Author: luckyt0mat0 Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 9.7 Tested on: Windows Server 2019 Proof of Concept: POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.375 views

Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path

Exploit Title: Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-04-11 Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.688 views

EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path

Exploit Title: EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.easeus.com/ Tested Version: 15.1.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.330 views

Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting (XSS)

Exploit Title: Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting XSS Exploit Author: LiquidWorm enteliTouch XSS input type="hidden" nam...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.253 views

Fuel CMS 1.5.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Date: 11/03/2022 Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.419 views

PTPublisher v2.3.4 - Unquoted Service Path

Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.primera.com/ Tested Version: 2.3.4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.282 views

Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF)

Exploit Tile: Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery CSRF Exploit Author: LiquidWorm enteliTouch CSRF CSRF Add User: form action="http://192.168.0.210/deltaweb/hmiuseredit.asp?formActio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.247 views

WordPress Plugin Popup Maker 1.16.5 - Stored Cross-Site Scripting (Authenticated)

Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.278 views

Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path

Exploit Title: Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-04-11 Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.264 views

Delta Controls enteliTOUCH 3.40.3935 - Cookie User Password Disclosure

Exploit Title: Delta Controls enteliTOUCH 3.40.3935 - Cookie User Password Disclosure Exploit Author: LiquidWorm Vendor: Delta Controls Inc. Product web page: https://www.deltacontrols.com Affected version: 3.40.3935 3.40.3706 3.33.4005 Summary: enteliTOUCH - Touchscreen Building Controller. Get...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.349 views

PKP Open Journals System 3.3 - Cross-Site Scripting (XSS)

Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...

6.1CVSS6.3AI score0.0608EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.360 views

SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference (IDOR)

Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...

8.1CVSS8.2AI score0.06693EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.393 views

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)

Exploit Title: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion LFI Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.franklinfueling.com/ Version: 1.8.19.8580 Tested on: Linux Firefox CVE : CVE-2021-46417 Proof of Concept...

7.8CVSS7.6AI score0.59753EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.363 views

Razer Sila - Local File Inclusion (LFI)

Exploit Title: Razer Sila - Local File Inclusion LFI Google Dork: N/A Date: 4/9/2022 Exploit Author: Kevin Randall Vendor Homepage: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Software Link: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.373 views

Telesquare TLR-2855KS6 - Arbitrary File Creation

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Creation Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46418 Proof of Concept PUT /cgi-bin/testingcve.txt HTTP/1.1 Host:...

7.5CVSS7.6AI score0.23945EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.321 views

Razer Sila - Command Injection

Exploit Title: Razer Sila - Command Injection Google Dork: N/A Date: 4/9/2022 Exploit Author: Kevin Randall Vendor Homepage: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Software Link: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.460 views

MiniTool Partition Wizard - Unquoted Service Path

Exploit Title: MiniTool Partition Wizard - Unquoted Service Path Date: 07/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.0 Tested: Windows 10 Pro x64 es PoC : C:\Users\saudhsc qc MTSchedulerServi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/11 12:0 a.m.331 views

Telesquare TLR-2855KS6 - Arbitrary File Deletion

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Deletion Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46419 Proof of Concept DELETE /cgi-bin/test.cgi HTTP/1.1 Host:...

9.1CVSS9.4AI score0.71384EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.477 views

Kramer VIAware - Remote Code Execution (RCE) (Root)

Exploit Title: Remote Code Execution as Root on KRAMER VIAware Date: 31/03/2022 Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys,...

10CVSS9.6AI score0.70753EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.292 views

minewebcms 1.15.2 - Cross-site Scripting (XSS)

Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...

6.8CVSS5.2AI score0.03506EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.297 views

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Deletion Date: 29/03/2022 Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 CVE:...

6.5CVSS6.5AI score0.0057EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.277 views

Opmon 9.11 - Cross-site Scripting

Exploit Title: Opmon 9.11 - Cross-site Scripting Date: 2021-06-01 Exploit Author: p3tryx Vendor Homepage: https://www.opservices.com.br/monitoramento-real-time Version: 9.11 Tested on: Chrome, IE and Firefox CVE : CVE-2021-43009 URL POC: alertdocument.cookie; var i=new Image;...

6.1CVSS7AI score0.02293EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.360 views

Zenario CMS 9.0.54156 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Zenario CMS 9.0.54156 - Remote Code Execution RCE Authenticated Date: 04/02/2022 Exploit Author: minhnq22 Vendor Homepage: https://zenar.io/ Software Link: https://zenar.io/download-page Version: 9.0.54156 Tested on: Ubuntu 21.04 CVE : CVE-2021–42171 Python3 import os import sys...

7.2CVSS7.4AI score0.02484EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.271 views

KLiK Social Media Website 1.0 - 'Multiple' SQLi

Exploit Title: KLiK Social Media Website 1.0 - 'Multiple' SQLi Date: April 1st, 2022 Exploit Author: corpse Vendor Homepage: https://github.com/msaad1999/KLiK-SocialMediaWebsite Software Link: https://github.com/msaad1999/KLiK-SocialMediaWebsite Version: 1.0 Tested on: Debian 11 Parameter: poll G...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.452 views

binutils 2.37 - Objdump Segmentation Fault

Exploit Title: binutils 2.37 - Objdump Segmentation Fault Date: 2021-11-03 Exploit Author: p3tryx Vendor Homepage: https://www.gnu.org/software/binutils/ Version: binutils 2.37 Tested on: Ubuntu 18.04 CVE : CVE-2021-43149 Payload file %223"\972\00\0083=Q333A11111111411111333333A $$$\FF$\80 1114...

6.7AI score
Exploits3
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.378 views

qdPM 9.2 - Cross-site Request Forgery (CSRF)

Exploit Title: qdPM 9.2 - Cross-site Request Forgery CSRF Google Dork: NA Date: 03/27/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: KALI OS CVE :...

8.8CVSS8.9AI score0.0375EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/04/07 12:0 a.m.289 views

Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path

Exploit Title: Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path Exploit Author: Manthan Chhabra netsectuna, Harshit fumenoid Version: 2020.2.20328.2050 Date: 02/04/2022 Vendor Homepage: http://gimmal.com/ Vulnerability Type: Unquoted Service Path Tested on: Windows 10 CVE:...

7.8CVSS7.9AI score0.01027EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.270 views

WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF)

Exploit Title: WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery CSRF Date: 24-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Summary: Cross site forgery vulnerability has been identified...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.356 views

Atom CMS 2.0 - Remote Code Execution (RCE)

Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...

9.8CVSS9.6AI score0.54766EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.279 views

Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting (XSS)

Exploit Title: Drupal avataruploader v7.x-1.0-beta8 - Cross Site Scripting XSS Date: 2022-03-22 Author: Milad karimi Software Link: https://www.drupal.org/project/avataruploader Version: v7.x-1.0-beta8 Tested on: Windows 10 CVE: N/A 1. Description: This plugin creates a avataruploader from any po...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.460 views

ImpressCMS 1.4.2 - Remote Code Execution (RCE)

Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Exploit Author: Egidio Romano aka EgiX Date: 30/03/2022 Version: = 1.4.2 Venor: https://www.impresscms.org CVE: CVE-2021-26599 ?php / ---------------------------------------------------------- ImpressCMS = 1.4.2 SQL Injection to Remote...

9.8CVSS6.4AI score0.21509EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.297 views

WordPress Plugin admin-word-count-column 2.2 - Local File Read

Exploit Title: WordPress Plugin admin-word-count-column 2.2 - Local File Read Google Dork: inurl:/wp-content/plugins/admin-word-count-column/ Date: 27-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/admin-word-count-column/ Version: 2.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.350 views

WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion

Exploit Title: WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion Google Dork: inurl:/wp-content/plugins/cab-fare-calculator/ Date: 24-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/cab-fare-calculator/ Version: 1.0.3 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.302 views

WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion

Exploit Title: WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 26-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/video-synchro-pdf/ Version: 1.7.4 Tested on:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904