Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2022/01/25 12:0 a.m.253 views

Online Project Time Management System 1.0 - Multiple Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: Online Project Time Management System 1.0 - Multiple Stored XSS Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/25 12:0 a.m.339 views

Online Project Time Management System 1.0 - SQLi (Authenticated)

Exploit Title: Online Project Time Management System 1.0 - SQLi Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/24 12:0 a.m.318 views

Landa Driving School Management System 2.0.1 - Arbitrary File Upload

Exploit Title: Landa Driving School Management System 2.0.1 - Arbitrary File Upload Version 2.0.1 Google Dork: N/A Date: 17/01/2022 Exploit Author: Sohel Yousef - [email protected] Software Link: https://codecanyon.net/item/landa-driving-school-management-system/23220151 Landa Driving Schoo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/19 12:0 a.m.397 views

Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 05/01/2022 Document Title: =============== Affiliate Pro v1.7 - Multiple Cross Site Vulnerabilities References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/19 12:0 a.m.366 views

Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)

Exploit Title: Rocket LMS 1.1 - Persistent Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 29/12/2021 Document Title: =============== Rocket LMS 1.1 - Persistent Cross Site Scripting XSS References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/19 12:0 a.m.334 views

uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 15/12/2021 Document Title: =============== uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.316 views

Nyron 1.0 - SQLi (Unauthenticated)

Exploit Title: Nyron 1.0 - SQLi Unauthenticated Google Dork: inurl:"winlib.aspx" Date: 01/18/2021 Exploit Author: Miguel Santareno Vendor Homepage: http://www.wecul.pt/ Software Link: http://www.wecul.pt/solucoes/bibliotecas/ Version: 3. Research: https://miguelsantareno.github.io/edp.pdf...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.284 views

Online Resort Management System 1.0 - SQLi (Authenticated)

Exploit Title: Online Resort Management System 1.0 - SQLi Authenticated Date: 15/01/2022 Exploit Author: Gaurav Grover Vendor Homepage: Software Link: Version: 1.0 Tested on: Linux and windows both Summary: There are a vulnerabilities in Online Resort Management System ORMS 1. The attacker can...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.340 views

Creston Web Interface 1.0.0.2159 - Credential Disclosure

Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...

10CVSS9.7AI score0.75711EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.344 views

OpenBMCS 2.4 - Information Disclosure

Exploit Title: OpenBMCS 2.4 - Information Disclosure Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Secrets Disclosure Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.300 views

OpenBMCS 2.4 - Server Side Request Forgery (SSRF) (Unauthenticated)

Exploit Title: OpenBMCS 2.4 - Server Side Request Forgery SSRF Unauthenticated Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Unauthenticated SSRF / RFI Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.390 views

Simple Chatbot Application 1.0 - Remote Code Execution (RCE)

Exploit Title: Simple Chatbot Application 1.0 - Remote Code Execution RCE Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.279 views

Simple Chatbot Application 1.0 - 'message' Blind SQLi

Exploit Title: Simple Chatbot Application 1.0 - 'message' Blind SQLi Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.279 views

OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)

Exploit Title: OpenBMCS 2.4 - Cross Site Request Forgery CSRF Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 CSRF Send E-mail Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.264 views

WorkTime 10.20 Build 4967 - Unquoted Service Path

Exploit Title: WorkTime 10.20 Build 4967 - Unquoted Service Path Discovery by: Yehia Elghaly Date: 30-12-2021 Vendor Homepage: https://www.worktime.com/ Software Link: https://www.worktime.com/download/worktimecorporate.exe Tested Version: 10.20 Build Build 4967 Vulnerability Type: Unquoted Servi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.285 views

Archeevo 5.0 - Local File Inclusion

Exploit Title: Archeevo 5.0 - Local File Inclusion Google Dork: intitle:"archeevo" Date: 01/15/2021 Exploit Author: Miguel Santareno Vendor Homepage: https://www.keep.pt/ Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/ Version: 5.0 Tested on: windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.288 views

OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation

Exploit Title: OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Create Admin / Remote Privilege Escalation Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.351 views

OpenBMCS 2.4 - SQLi (Authenticated)

Exploit Title: OpenBMCS 2.4 - SQLi Authenticated Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Authenticated SQL Injection Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.289 views

SalonERP 3.0.1 - 'sql' SQL Injection (Authenticated)

Exploit Title: SalonERP 3.0.1 - 'sql' SQL Injection Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://salonerp.sourceforge.io/ Software Link: https://sourceforge.net/projects/salonerp/files/latest/download Version: SalonERP v3.0.1 Tested on: Ubuntu Mate 20.04 Vulnerable...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.377 views

Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)

Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomtypes' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.372 views

Hospitals Patient Records Management System 1.0 - 'room_list' Stored Cross Site Scripting (XSS)

Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomlist' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.298 views

Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting (XSS)

Exploit Title: Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.465 views

Online Diagnostic Lab Management System 1.0 - SQL Injection (Unauthenticated)

Exploit Title: Online Diagnostic Lab Management System 1.0 - SQL Injection Unauthenticated Date: 11/01/2022 Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.477 views

Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting XSS Date: 11/01/2022 Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.379 views

Online Diagnostic Lab Management System 1.0 - Account Takeover (Unauthenticated)

Exploit Title: Online Diagnostic Lab Management System 1.0 - Account Takeover Unauthenticated Date: 11/01/2022 Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/13 12:0 a.m.1532 views

WordPress Core 5.8.2 - 'WP_Query' SQL Injection

Exploit Title: WordPress Core 5.8.2 - 'WPQuery' SQL Injection Date: 11/01/2022 Exploit Author: Aryan Chehreghani Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/download/releases Version: 5.8.3 Tested on: Windows 10 CVE : CVE-2022-21661 VULNERABILITY DETAILS : This...

8CVSS7.8AI score0.97795EPSS
Exploits14
Exploit DB
Exploit DB
added 2022/01/12 12:0 a.m.275 views

WordPress Plugin Frontend Uploader 1.3.2 - Stored Cross Site Scripting (XSS) (Unauthenticated)

Exploit Title: WordPress Plugin Frontend Uploader 1.3.2 - Stored Cross Site Scripting XSS Unauthenticated Date: 10/01/2022 Exploit Author: Veshraj Ghimire Vendor Homepage: https://wordpress.org/plugins/frontend-uploader/ Software Link: https://plugins.trac.wordpress.org/browser/frontend-uploader/...

6.1CVSS6.3AI score0.26379EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/01/12 12:0 a.m.391 views

Microsoft Windows Defender - Detections Bypass

Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERDETECTIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSec Vendor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/12 12:0 a.m.362 views

Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass

Exploit Title: Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSREGFILEDIALOGSPOOFMITIGATIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.250 views

Online Railway Reservation System 1.0 - Admin Account Creation (Unauthenticated)

Exploit Title: Online Railway Reservation System 1.0 - Admin Account Creation Unauthenticated Date: 07/01/2022 Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.280 views

Online Railway Reservation System 1.0 - 'id' SQL Injection (Unauthenticated)

Exploit Title: Online Railway Reservation System 1.0 - 'id' SQL Injection Unauthenticated Date: 07/01/2022 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.299 views

Online Railway Reservation System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Railway Reservation System 1.0 - Remote Code Execution RCE Unauthenticated Date: 07/01/2022 Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.454 views

CoreFTP Server build 725 - Directory Traversal (Authenticated)

Exploit Title: CoreFTP Server build 725 - Directory Traversal Authenticated Date: 08/01/2022 Exploit Author: LiamInfosec Vendor Homepage: http://coreftp.com/ Version: build 725 and below Tested on: Windows 10 CVE : CVE-2022-22836 Description: CoreFTP Server before 727 allows directory traversal f...

6.5CVSS6.6AI score0.05369EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.293 views

HTTP Commander 3.1.9 - Stored Cross Site Scripting (XSS)

Exploit Title: HTTP Commander 3.1.9 - Stored Cross Site Scripting XSS Date: 07/01/2022 Exploit Author: Oscar Sandén Vendor Homepage: https://www.element-it.com Software Link: https://www.element-it.com/downloads.aspx Version: 3.1.9 Tested on: Windows Server 2016 Description There is a stored XSS ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.360 views

VUPlayer 2.49 - '.wax' Local Buffer Overflow (DEP Bypass)

Exploit Title: VUPlayer 2.49 - '.wax' Local Buffer Overflow DEP Bypass Date: 26/06/2021 Exploit Author: Bryan Leong Vendor Homepage: http://www.vuplayer.com/ Software Link: Null Version: VUPlayer 2.49 Tested on: Windows 7 x64 CVE : CVE-2009-0182 VUPlayer 2.49 Local Buffer Overflow to Arbitrary Co...

9.3CVSS8.8AI score0.48398EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.252 views

Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting (XSS) (Unauthenticated)

Exploit Title: Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting XSS Unauthenticated Date: 07/01/2022 Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Softwar...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/10 12:0 a.m.345 views

Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Open-AudIT Community 4.2.0 - Cross-Site Scripting XSS Authenticated Date: 01/11/2021 Exploit Author: Dominic Clark parzival Vendor Homepage: https://opmantek.com/ Software Link: https://www.open-audit.org/downloads.php Category: WebApps Version: = 4.2.0 Tested on: Windows 10 CVE:...

6.1CVSS6.3AI score0.03709EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/07 12:0 a.m.390 views

Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection

Exploit Title: Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection Date: 05/01/20222 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15119/online-veterinary-appointment-system-using-phpoop-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.322 views

Vodafone H-500-s 3.5.10 - WiFi Password Disclosure

Exploit Title: Vodafone H-500-s 3.5.10 - WiFi Password Disclosure Date: 01/01/2022 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.vodafone.es/ Software Link: N/A Version: Firmware version Vodafone-H-500-s-v3.5.10 Hardware model: Sercomm VFH500 The WiFi access point password...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.261 views

openSIS Student Information System 8.0 - 'multiple' SQL Injection

Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.537 views

Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...

9.8CVSS8.7AI score0.55331EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.284 views

Dixell XWEB 500 - Arbitrary File Write

Exploit Title: Dixell XWEB-500 - Arbitrary File Write Google Dork: inurl:"xweb500.cgi" Date: 03/01/2022 Exploit Author: Roberto Palamaro Vendor Homepage: https://climate.emerson.com/it-it/shop/1/dixell-electronics-sku-xweb500-evo-it-it Version: XWEB-500 Tested on: Dixell XWEB-500 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.269 views

WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting XSS Authenticated Date: 04/01/2022 Exploit Author: Andrea Bocchetti Vendor Homepage: https://getaawp.com/ Software Link: https://getaawp.com/ Version: 3.16 Tested on: Windows 10 - Chrome, WordPress 5.8.2 Proof of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.253 views

Projeqtor v9.3.1 - Stored Cross Site Scripting (XSS)

Exploit Title: Projeqtor v9.3.1 - Stored Cross Site Scripting XSS Exploit Author: Oscar Gutierrez m4xp0w3r Date: January 4, 2021 Vendor Homepage: https://www.projeqtor.org/en/ Software Link: https://www.projeqtor.org/en/product-en/downloads Tested on: Ubuntu, LAAMP Vendor: Projeqtor Version: v9.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.234 views

TermTalk Server 3.24.0.2 - Arbitrary File Read (Unauthenticated)

Exploit Title: TermTalk Server 3.24.0.2 - Arbitrary File Read Unauthenticated Date: 03/01/2022 Exploit Author: Fabiano Golluscio @ Swascan Vendor Homepage: https://www.solari.it/it/ Software Link: https://www.solari.it/it/solutions/other-solutions/access-control/ Version: 3.24.0.2 Fixed Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.304 views

WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection

Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Date 22/12/2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CV...

8.8CVSS8.8AI score0.38298EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.254 views

CMSimple 5.4 - Cross Site Scripting (XSS)

Exploit Title: CMSimple 5.4 - Cross Site Scripting XSS Date: 22/10/2021 Exploit Author: heinjame Vendor Homepage: https://www.cmsimple.org/en/ Software Link: https://www.cmsimple.org/en/?Downloads Version: images Upload a file Attack vector '-alert1// need to encode ' When the victim clicks the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.274 views

Movie Rating System 1.0 - SQLi to RCE (Unauthenticated)

Exploit Title: Movie Rating System 1.0 - SQLi to RCE Unauthenticated Date: 22/12/2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Tested on: Ubuntu This exploit only...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.271 views

Siemens S7 Layer 2 - Denial of Service (DoS)

Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Date: 21/10/2021 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.310 views

RiteCMS 3.1.0 - Arbitrary File Overwrite (Authenticated)

Exploit Title: RiteCMS 3.1.0 - Arbitrary File Overwrite Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: Browse...

7.4AI score
Exploits0
Total number of security vulnerabilities47904