Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2022/02/11 12:0 a.m.407 views

Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)

Exploit Title: Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure Unauthenticated Author: Luis Martinez Discovery Date: 2022-02-10 Vendor Homepage: https://www.kyoceradocumentsolutions.com/asia/en/products/business-application/command-center-rx.html Tested Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.262 views

WordPress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/contact-forms-builder/ Version: 1.6.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Contact Form Builder...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.284 views

Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection

Exploit Title: Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.291 views

WordPress Plugin Jetpack 9.1 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Jetpack 9.1 - Cross Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/jetpack Version: 9.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.297 views

Home Owners Collection Management System 1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Remote Code Execution RCE Authenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.269 views

Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Account Takeover Unauthenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.289 views

Cain & Abel 4.9.56 - Unquoted Service Path

Exploit Title: Cain & Abel 4.9.56 - Unquoted Service Path Exploit Author: Aryan Chehreghani Date: 2022-02-08 Software Link: https://www.malavida.com/en/soft/cain-and-abel Version: 4.9.56 Tested on: Windows 10 x64 PoC SERVICENAME: Abel TYPE : 110 WIN32OWNPROCESS interactive STARTTYPE : 2 AUTOSTART...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.557 views

Hospital Management Startup 1.0 - 'Multiple' SQLi

Exploit Title: Hospital Management Startup 1.0 - 'loginid' SQLi Exploit Author: nu11secur1ty Date: 02.10.2022 Vendor: https://github.com/kabirkhyrul Software: https://github.com/kabirkhyrul/HMS CVE-2022-23366 Description: The loginid and password parameters from Hospital Management Startup 1.0...

9.8CVSS9.8AI score0.06708EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.329 views

WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/02/09 12:0 a.m.243 views

Exam Reviewer Management System 1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Exam Reviewer Management System 1.0 - Remote Code Execution RCE Authenticated Date: 2022-02-08 Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/09 12:0 a.m.372 views

Exam Reviewer Management System 1.0 - ‘id’ SQL Injection

Exploit Title: Exam Reviewer Management System 1.0 - ‘id’ SQL Injection Date: 2022-02-18 Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/09 12:0 a.m.244 views

AtomCMS v2.0 - SQLi

Exploit Title: AtomCMS v2.0 - SQLi Date: 08/02/2022 Exploit Author: Luca Cuzzolin aka czz78 Vendor Homepage: https://github.com/thedigicraft/Atom.CMS Version: v2.0 Category: Webapps Tested on: Debian linux CVE : CVE-2022-24223 ==================================================== PoC : SQLi :...

9.8CVSS9.8AI score0.61965EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.395 views

Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wing FTP Server - Authenticated RCE Date: 02/06/2022 Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe Version: " %...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.317 views

Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion

Exploit Title: Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion Date: 2022-02-06 Exploit Author: Ven3xy Vendor Homepage: https://wordpress.org/plugins/simple-job-board/ Software Link: https://downloads.wordpress.org/plugin/simple-job-board.2.9.3.zip Version: 2.9.3 Tested on: Ubuntu...

7.7CVSS7.8AI score0.30479EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.339 views

WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Date: 2022-01-26 Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Test...

4.8CVSS5.5AI score0.05063EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.381 views

WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...

4.8CVSS5.5AI score0.0632EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.283 views

FileBrowser 2.17.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)

Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Date: 5/2/2022 Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...

8.8CVSS9AI score0.06663EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.304 views

Strapi CMS 3.0.0-beta.17.4 - Set Password (Unauthenticated) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Strapi CMS 3.0.0-beta.17.4 - Set Password Unauthenticated Metasploit", 'Description' = %q This exploit module abuses the...

9.8CVSS9.8AI score0.97639EPSS
Exploits13
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.335 views

Hotel Reservation System 1.0 - SQLi (Unauthenticated)

Exploit Title: Hotel Reservation System 1.0 - SQLi Unauthenticated Google Dork: None Date: 01/29/2022 Exploit Author: Nefrit ID Author Website: https://manadocoder.com Vendor Homepage: https://github.com/dhruvmullick Software Link: https://github.com/dhruvmullick/hotel-reservation-system Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.240 views

WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting XSS Date: 2022-02-04 Author: Milad karimi Software Link: https://wordpress.org/plugins/cf7-international-sms-integration/ Version: 1.2 Tested on: Windows 11 CVE: N/A 1. Description: This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.344 views

Hospital Management System 4.0 - 'multiple' SQL Injection

Title: Hospital Management System 4.0 - 'multiple' SQL Injection Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multipl...

9.8CVSS9.8AI score0.08244EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.250 views

WordPress Plugin IP2Location Country Blocker 2.26.7 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin IP2Location Country Blocker 2.26.7 - Stored Cross Site Scripting XSS Authenticated Date: 02-02-2022 Exploit Author: Ahmet Serkan Ari Software Link: https://wordpress.org/plugins/ip2location-country-blocker/ Version: 2.26.7 Tested on: Linux CVE: N/A Thanks: Ceylan...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.331 views

WBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WBCE CMS 1.5.2 - Remote Code Execution RCE Authenticated Date: 02/01/2022 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: 1.5.2 Tested on: Linux - PHP Version: 8.0.14 Github repo:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.406 views

Servisnet Tessa - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Privilege Escalation Metasploit', 'Description' = %q This module exploits privilege escalation in Servisnet Tessa, triggered by...

10CVSS9.8AI score0.14058EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.314 views

Servisnet Tessa - Add sysAdmin User (Unauthenticated) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Add sysAdmin User Unauthenticated Metasploit', 'Description' = %q This module exploits an authentication bypass in Servisnet...

9.8CVSS9.8AI score0.11441EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.418 views

Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/mqtt' class MetasploitModule 'Servisnet Tessa - MQTT Credentials Dump...

7.5CVSS7.8AI score0.11484EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/04 12:0 a.m.220 views

FLAME II MODEM USB - Unquoted Service Path

Exploit Title: FLAME II MODEM USB - Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-02-2022 Vendor Homepage: https://www.telcel.com/personas/equipos/modems-usb/alcatel/x602a Software Links : N/A Is a BAM Tested Version: N/A Vulnerability Type: Unquoted Service Path Tested on OS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.294 views

Chamilo LMS 1.11.14 - Account Takeover

Exploit Title: Chamilo LMS 1.11.14 - Account Takeover Date: July 21 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://chamilo.org Software Link: https://chamilo.org Version: Chamilo-lms-1.11.x Tested on: Chamilo-lms-1.11.x CVE: CVE-2021-37391 Publication:...

5.4CVSS6AI score0.0214EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.243 views

WordPress Plugin Post Grid 2.1.1 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Post Grid 2.1.1 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/post-grid/ Version: 2.1.1 Tested on: Windows 10 CVE: CVE-2021-24488 1. Description: This plugin creates a post grid from any post types. The slider...

6.1CVSS6.2AI score0.11241EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.278 views

WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woocommerc...ts-slider/ Version: 1.13.21 Tested on: Windows 10 CVE: CVE-2021-24300 1. Description: This plugin is a easy...

6.1CVSS6.5AI score0.10587EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.435 views

PHP Unit 4.8.28 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: PHP Unit 4.8.28 - Remote Code Execution RCE Unauthenticated Date: 2022/01/30 Exploit Author: souzo Vendor Homepage: phpunit.de Version: 4.8.28 Tested on: Unit CVE : CVE-2017-9841 import requests from sys import argv phpfiles = "/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php",...

9.8CVSS9.2AI score0.99999EPSS
Exploits19
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.263 views

WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control

Exploit Title: WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control Date: 2/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/contact-fo...ck-tester/ Version: 1.0.2 Tested on: Windows 10 CVE: CVE-2021-24247 1. Description: The plugin settings are visible to all...

5.4CVSS5.8AI score0.04682EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.365 views

Huawei DG8045 Router 1.0 - Credential Disclosure

Title: Huawei DG8045 Router 1.0 - Credential Disclosure Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 HardwareVersion: VER.A CVE: N/A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the bac...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.269 views

Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection (Authenticated)

Exploit Title: Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection Authenticated Date 30.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://de.wordpress.org/plugins/404-to-301/ Software Link: https://downloads.wordpress.org/plugin/404-to-301.2.0.2.zip Version: = 2.0.2 Tested on:...

9.8CVSS9.6AI score0.46125EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.297 views

Moodle 3.11.4 - SQL Injection

Exploit Title: Moodle 3.11.4 - SQL Injection Date: 30/01/2022 Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...

9.8CVSS9.8AI score0.44918EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.233 views

PHP Restaurants 1.0 - SQLi (Unauthenticated)

Exploit Title: PHP Restaurants 1.0 - SQLi Unauthenticated Google Dork: None Date: 01/29/2022 Exploit Author: Nefrit ID Vendor Homepage: https://github.com/jcwebhole Software Link: https://github.com/jcwebhole/phprestaurants Version: 1.0 Tested on: Kali Linux & Windows 10 SQL injection is a code...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.239 views

Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption (Denial of Service)

Exploit Title: Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption Denial of Service Exploit Author: liquidworm !/usr/bin/env python Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption Denial of Service Vendor: Fetch Softworks Product web page: https://www.fetchsoftworks.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.253 views

WordPress Plugin Domain Check 1.0.16 - Reflected Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin Domain Check 1.0.16 - Reflected Cross-Site Scripting XSS Authenticated Date: 30-10-2021 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://domaincheckplugin.com/ Software Link:...

6.1CVSS6.5AI score0.12857EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.323 views

Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection (Authenticated)

Exploit Title: Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection Authenticated Date 28.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.download-monitor.com/ Software Link: https://downloads.wordpress.org/plugin/download-monitor.4.4.4.zip Version: 4.4.5...

7.2CVSS7.2AI score0.17484EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.322 views

WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming

Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...

4.3CVSS5AI score0.03205EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.1212 views

Mozilla Firefox 67 - Array.pop JIT Type Confusion

Exploit Title: Mozilla Firefox 67 - Array.pop JIT Type Confusion Date: 2021-12-07 Type: RCE Platform: Windows Exploit Author: deadlock Forrest Orr Author Homepage: https://forrest-orr.net Vendor Homepage: https://www.mozilla.org/en-US/ Software Link:...

10CVSS9.3AI score0.55874EPSS
Exploits14
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.244 views

CONTPAQi(R) AdminPAQ 14.0.0 - Unquoted Service Path

Exploit Title: CONTPAQi® AdminPAQ 14.0.0 - Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2022-01-16 Software Link: https://www.contpaqi.com/descargas Tested Version: 14.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 pro x64 english Step to discover...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.278 views

uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 21/01/2022 Document Title: =============== uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.307 views

Ametys CMS v4.4.1 - Cross Site Scripting (XSS)

Exploit Title: Ametys CMS v4.4.1 - Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 21/01/2022 Document Title: =============== Ametys v4.4.1 CMS - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2275...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.322 views

PolicyKit-1 0.105-31 - Privilege Escalation

Exploit Title: PolicyKit-1 0.105-31 - Privilege Escalation Exploit Author: Lance Biggerstaff Original Author: ryaagard https://github.com/ryaagard Date: 27-01-2022 Github Repo: https://github.com/ryaagard/CVE-2021-4034 References: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt...

7.8CVSS8.3AI score0.94921EPSS
Exploits152
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.321 views

WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)

Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...

7.2CVSS7.2AI score0.73293EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.408 views

Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion

Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Date: 25/1/2022 Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0,...

7.5CVSS7.6AI score0.92331EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.271 views

WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting XSS Authenticated Date: 25-10-2021 Exploit Author: Ceylan Bozogullarindan Vendor Homepage: https://lenderd.com/ Software Link: https://mortgagecalculatorsplugin.com/ Version: 1.52 Tested on: Linux CVE :...

4.8CVSS5.1AI score0.05063EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.325 views

WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection (Unauthenticated)

Exploit Title: WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection Unauthenticated Date 26.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.6.1.0.zi...

9.8CVSS9.6AI score0.728EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/01/25 12:0 a.m.376 views

PHPIPAM 1.4.4 - SQLi (Authenticated)

Exploit Title: PHPIPAM 1.4.4 - SQLi Authenticated Google Dork: if applicable Date: 20/01/2022 Exploit Author: Rodolfo "Inc0gbyt3" Tavares Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.4.4 Tested on: Linux/Windows CVE :...

7.2CVSS7AI score0.25243EPSS
Exploits7
Total number of security vulnerabilities47904