Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.208 views

OctoPrint 1.11.2 - File Upload

Exploit Title: OctoPrint 1.11.2 - File Upload Date: 2025-09-28 Exploit Author: prabhatverma.addada Vendor Homepage: https://octoprint.org Software Link: https://github.com/OctoPrint/OctoPrint Affected Versions: = 1.11.2 Patched Versions: 1.11.3 CVE: CVE-2025-58180 CVSS per advisory: 7.5 Platform:...

8.8CVSS5.2AI score0.19313EPSS
Exploits4
Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.156 views

Redis 8.0.2 - RCE

Exploit Title: Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE Date: 2025-10-07 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://redis.io/ Software Link: https://redis.io/ Version: Affects := 8.0.0, 8 + p8size & 0xff def buildmalformedhll: """ Construct a malformed...

7.8CVSS5.3AI score0.03877EPSS
Exploits4
Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.182 views

aiohttp 3.9.1 - directory traversal PoC

Exploit Title: Python aiohttp directory traversal PoC CVE-2024-23334 Google Dork: N/A Date: 2025-10-06 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.aiohttp.org / https://www.python.org Software Link: https://github.com/aio-libs/aiohttp vulnerable tag: 3.9.1 Version: aiohttp...

7.5CVSS7.3AI score0.76875EPSS
Exploits15
Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.169 views

Docker Desktop 4.44.3 - Unauthenticated API Exposure

Exploit Title: Docker Desktop 4.44.3 - Unauthenticated API Exposure Date: 2025-10-06 Exploit Author: OilSeller2001 Vendor Homepage: https://www.docker.com/ Software Link: https://www.docker.com/products/docker-desktop/ Version: Affected on Windows and macOS versions prior to 4.44.3 Tested on:...

9.3CVSS5.6AI score0.01594EPSS
Exploits15
Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.160 views

FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution

Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win, Ubuntu CVE : CVE-2025-25257 Overvi...

9.8CVSS8.6AI score0.9671EPSS
Exploits18
Exploit DB
Exploit DB
added 2026/02/02 12:0 a.m.182 views

D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)

Exploit Title: D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow DoS Google Dork: N/A Date: 2025-09-25 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.dlink.com/ Software Link: https://tsd.dlink.com.tw/downloads2008detail.asp Version: DIR-825 Rev.B = 2.10 Tested on: DIR-825...

9.8CVSS7.9AI score0.03039EPSS
Exploits3
Exploit DB
Exploit DB
added 2026/02/02 12:0 a.m.182 views

RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: RPi-Jukebox-RFID 2.8.0 - Stored XSS CVE-2025-10370 Date: 2025-09-25 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://github.com/MiczFlor/RPi-Jukebox-RFID Software Link: https://github.com/MiczFlor/RPi-Jukebox-RFID/releases/tag/v2.8.0 Version: 2.8.0 Tested on: Raspber...

5.4CVSS4.9AI score0.00631EPSS
Exploits3
Exploit DB
Exploit DB
added 2026/02/02 12:0 a.m.168 views

Piranha CMS 12.0 - Stored XSS in Text Block

Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting Date: 2025-09-26 Exploit Author: Chidubem Chukwu Terminal Venom LinkedIn : https://www.linkedin.com/in/chidubem-chukwu-20bb202a9? Vendor Homepage: https://piranhacms.org Software Link:...

6.8CVSS5.2AI score0.00298EPSS
Exploits3
Exploit DB
Exploit DB
added 2026/01/17 12:0 a.m.193 views

RPi-Jukebox-RFID 2.8.0 - Remote Command Execution

Exploit Title: RPi-Jukebox-RFID 2.8.0 - Remote Code Execution Date: 2025-09-25 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://github.com/MiczFlor/RPi-Jukebox-RFID Software Link: https://github.com/MiczFlor/RPi-Jukebox-RFID/releases/tag/v2.8.0 Version: 2.8.0 Tested on: Raspberry P...

9.8CVSS7AI score0.10158EPSS
Exploits3
Exploit DB
Exploit DB
added 2026/01/17 12:0 a.m.191 views

Siklu EtherHaul Series EH-8010 - Arbitrary File Upload

Exploit Title: Siklu EtherHaul Series - Unauthenticated Arbitrary File Upload Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 - Andrew James Vendor Homepage: https://www.ceragon.com/products/siklu-by-ceragon Software Link: ftp://ftp.bubakov.net/siklu/ Version: EH-8010...

6.5CVSS7AI score0.00417EPSS
Exploits6
Exploit DB
Exploit DB
added 2026/01/17 12:0 a.m.176 views

Siklu EtherHaul Series EH-8010 - Remote Command Execution

Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 - Andrew James Vendor Homepage: https://www.ceragon.com/products/siklu-by-ceragon Software Link: ftp://ftp.bubakov.net/siklu/ Version: EH-8010 and...

9.8CVSS7AI score0.00986EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/25 12:0 a.m.187 views

FreeBSD rtsold 15.x - Remote Code Execution via DNSSL

Exploit Title: FreeBSD rtsold 15.x - Remote Code Execution via DNSSL Date: 2025-12-16 Exploit Author: Lukas Johannes Möller Vendor Homepage: https://www.freebsd.org/ Version: FreeBSD 13.x, 14.x, 15.x before 2025-12-16 patches Tested on: FreeBSD 14.1-RELEASE CVE: CVE-2025-14558 Description: rtsold...

7.2CVSS7AI score0.06272EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/12/25 12:0 a.m.221 views

WordPress Quiz Maker 6.7.0.56 - SQL Injection

Exploit Title: WordPress Quiz Maker 6.7.0.56 - SQL Injection Date: 2025-12-16 Exploit Author: Rahul Sreenivasan Tr0j4n Vendor Homepage: https://ays-pro.com/wordpress/quiz-maker Software Link: https://wordpress.org/plugins/quiz-maker/ Version: = 6.7.0.56 Tested on: WordPress 6.x with Quiz Maker...

7.5CVSS7AI score0.0088EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/25 12:0 a.m.246 views

Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie

Exploit Title: Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie Date: 19-12-2025 Exploit Author: Karuppiah Sabari Kumar0xsabre Vendor Homepage: https://wordpress.org/plugins/chained-quiz/ Software Link: https://downloads.wordpress.org/plugin/chained-quiz.1.3.3.zip...

5.3CVSS7AI score0.00855EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/16 12:0 a.m.181 views

Summar Employee Portal 3.98.0 - Authenticated SQL Injection

Exploit Title: Summar Employee Portal 3.98.0 - Authenticated SQL Injection Google Dork: inurl:"/MemberPages/quienesquien.aspx" Date: 09/22/2025 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.summar.es/ Software Link: https://www.summar.es/software-recursos-humano...

8.7CVSS7AI score0.00588EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/16 12:0 a.m.180 views

esm-dev 136 - Path Traversal

Exploit Title: esm-dev 136 - Path Traversal Date: 2025-07-11 Exploit Author: Byte Reaper Vendor Homepage: https://github.com/esm-dev/esm.sh Software Link: https://github.com/esm-dev/esm.sh CVE-2025-59342 - File : exploit.c - Date : 09/17/2025 - Target : esm-dev - Version: 136 - Target Endpoint :...

6.9CVSS7AI score0.02829EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/08 12:0 a.m.339 views

Pluck 4.7.7-dev2 - PHP Code Execution

Exploit Title: Pluck 4.7.7-dev2 - PHP Code Execution Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Version: 4.74-dev5 Tested on: Ubuntu Windows CVE : CVE-2018-11736 PoC: 1) 1. Log in to the Pluck...

9.8CVSS7AI score0.08573EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.196 views

Django 5.1.13 - SQL Injection

Exploit Title: Django 5.1.13 - SQL Injection Google Dork: none Not applicable for this vulnerability Date: 2025-12-03 Exploit Author: Wafcontrol Security Team Vendor Homepage: https://www.djangoproject.com/ Software Link: https://www.djangoproject.com/download/ Version: 5.2 before 5.2.8, 5.1 befo...

9.1CVSS7AI score0.19396EPSS
Exploits10
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.177 views

MobileDetect 2.8.31 - Cross-Site Scripting (XSS)

Exploit Title: MobileDetect 2.8.31 - Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/ Software Link: https://github.com/serbanghita/Mobile-Detect/ Version: 4da80e5 Tested on: Windows CVE : CVE-2018-25080 Proof Of...

6.1CVSS4.8AI score0.02634EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.201 views

phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)

Exploit Title: phpMyFAQ 2.9.8 Cross-Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Version: 2.9.8 Tested on: Ubuntu Windows CVE : CVE-2017-15735 PoC: While still logged...

8.8CVSS7AI score0.01103EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.173 views

phpIPAM 1.4 - SQL-Injection

Exploit Title: phpIPAM 1.4 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.4 Tested on: Windows CVE : CVE-2019-16693 Proof Of Concept Ensure you have a valid user session...

9.8CVSS7.8AI score0.04338EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.164 views

phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)

Exploit Title: phpMyFaq 2.9.8 - Cross Site Request Forgery CSRF Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ Software Link: https://github.com/thorsten/phpMyFAQ/ Version: 2.9.8 Tested on: Windows 10 CVE : CVE-2017-15808 PoC:...

8.8CVSS7AI score0.01173EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.186 views

OpenRepeater 2.1 - OS Command Injection

Exploit Title: OpenRepeater 2.1 - OS Command Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/OpenRepeater/openrepeater Software Link: https://github.com/OpenRepeater/openrepeater Version: 2.1 Tested on: Ubuntu CVE : CVE-2019-25024 Proof Of Concept PoC for...

10CVSS9.5AI score0.27631EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.177 views

phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)

Exploit Title: phpMyFAQ 2.9.8 - Cross-Site Request ForgeryCSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Version: 2.9.8 Tested on: Ubuntu Windows CVE : CVE-2017-15734 PoC: Get...

8.8CVSS7AI score0.01103EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.179 views

MaNGOSWebV4 4.0.6 - Reflected XSS

Exploit Title: MaNGOSWebV4 4.0.6 - Reflected XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/paintballrefjosh/MaNGOSWebV4 Software Link: https://github.com/paintballrefjosh/MaNGOSWebV4 Version: 4.0.6 Tested on: Ubuntu Windows CVE : CVE-2017-6478 PoC: // Access...

6.1CVSS7AI score0.02574EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.202 views

phpMyAdmin 5.0.0 - SQL Injection

Exploit Title: phpMyAdmin 5.0.0 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpmyadmin/phpmyadmin/ Software Link: https://github.com/phpmyadmin/phpmyadmin/ Version: 5.0.0 Tested on: Windows CVE : CVE-2020-5504 Proof Of Concept GET...

8.8CVSS9.2AI score0.38778EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.162 views

RosarioSIS 6.7.2 - Cross Site Scripting (XSS)

Exploit Title: RosarioSIS 6.7.2 - Cross Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link: https://gitlab.com/francoisjacquet/rosariosis Version: 6.7.2 Tested on: Windows CVE : CVE-2020-15716 Proof Of Concep...

6.1CVSS6.3AI score0.05557EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.170 views

openSIS Community Edition 8.0 - SQL Injection

Exploit Title: openSIS Community Edition 8.0 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/OS4ED/openSIS-Classic Software Link: https://github.com/OS4ED/openSIS-Classic Version: 8.0 Tested on: Windows CVE : CVE-2021-40617 Proof Of Concept GET...

9.8CVSS7AI score0.0521EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.162 views

RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)

Exploit Title: RosarioSIS 6.7.2 - Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link: https://gitlab.com/francoisjacquet/rosariosis Version: 6.7.2 Tested on: Windows CVE : CVE-2020-15718 Proof Of Concep...

6.1CVSS6.3AI score0.06325EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.190 views

PluckCMS 4.7.10 - Unrestricted File Upload

Exploit Title: PluckCMS 4.7.10 - Unrestricted File Upload Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/pluck-cms/pluck/ Software Link: https://github.com/pluck-cms/pluck/ Version: 4.7.10 Tested on: Windows CVE : CVE-2020-20969 Proof Of Concept GET...

7.2CVSS7AI score0.06258EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.171 views

phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)

Exploit Title: phpIPAM 1.6 - Reflected Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windows CVE : CVE-2024-41358 Proof Of Concept GET...

6.1CVSS7AI score0.01502EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.180 views

phpIPAM 1.5.1 - SQL Injection

Exploit Title: phpIPAM 1.5.1 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windows CVE : CVE-2023-1211 Proof Of Concept POST...

7.2CVSS7AI score0.0305EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.164 views

phpIPAM 1.6 - Reflected-Cross-Site Scripting (XSS)

Exploit Title: phpIPAM 1.6 - Reflected Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windows CVE : CVE-2024-41357 Proof Of Concept PoC to trigge...

7.1CVSS7AI score0.01119EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.181 views

YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)

Exploit Title: YOURLS 1.8.2 - Cross-Site Request Forgery CSRF Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/yourls/yourls/ Software Link: https://github.com/yourls/yourls/ Version: 1.8.2 Tested on: Windows CVE : CVE-2022-0088 Proof Of Concept CSRF PoC CSRF Proof ...

7.4CVSS7AI score0.01994EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.167 views

phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)

Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpmyfaq/ Software Link: https://github.com/thorsten/phpmyfaq/ Version: 3.1.7 Tested on: Windows CVE : CVE-2022-3766 Proof Of Concept GET...

7.3CVSS7AI score0.05743EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.164 views

Piwigo 13.6.0 - SQL Injection

Exploit Title: Piwigo 13.6.0 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/Piwigo/Piwigo Software Link: https://github.com/Piwigo/Piwigo Version: 13.6.0 Tested on: Windows CVE : CVE-2023-33362 Proof Of Concept: GET /admin.php?page=profile&userid='...

9.8CVSS7AI score0.09058EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/10/31 12:0 a.m.524 views

Flowise 3.0.4 - Remote Code Execution (RCE)

Exploit Title: Flowise 3.0.4 - Remote Code Execution RCE Date: 10/11/2025 Exploit Author: nltt0 https://github.com/nltt-br Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise Version: 3.0.5 CVE: CVE-2025-59528 from requests import post, session from argpars...

10CVSS7AI score0.90183EPSS
Exploits21
Exploit DB
Exploit DB
added 2025/10/29 12:0 a.m.137 views

Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Casdoor 2.95.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: v2.95.0 2025-10-22 Date: 2025-10-23 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v2.95.0.zip Tested on: Windows...

6.5CVSS7AI score0.03093EPSS
Exploits10
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.80 views

Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell

!/usr/bin/env python Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell Vendor: Ilevia Srl. Product web page: https://www.ilevia.com Affected version: = 4.7.18.0.eden Logic ver: 6.00 Summary: EVE is a smart home and building automation solution designed for both residential and commercial...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.110 views

ClipBucket 5.5.0 - Arbitrary File Upload

Exploit Title: ClipBucket 5.5.0 - Arbitrary File Upload Google Dork: N/A Date: 2025-09-11 Exploit Author: Mukundsinh Solanki r00td3str0y3r Vendor Homepage: https://clipbucket.com Software Link: https://github.com/MacWarrior/clipbucket-v5 Version: ------BOUND-- The file is uploaded without...

7.3CVSS7AI score0.01448EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.248 views

HTTP/2 2.0 - Denial Of Service (DOS)

!/usr/bin/env python3 """ Exploit Title: HTTP/2 2.0 - Denial Of Service DOS Google Dork: -NA- Date: 29th August 2025 Exploit Author: Madhusudhan Rajappa Vendor Homepage: -NA- Software Link: -NA- Version: HTTP/2.0 Tested on: -NA- CVE : CVE-2023-44487 """ import asyncio import ssl import time impor...

7.5CVSS7AI score0.99999EPSS
Exploits19
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.81 views

Mbed TLS 3.6.4 - Use-After-Free

/ Exploit Title: Mbed TLS 3.6.4 - Use-After-Free Google Dork: N/A Date: 2025-08-29 Exploit Author: Byte Reaper Vendor Homepage: https://github.com/Mbed-TLS/mbedtls Software Link: https://github.com/Mbed-TLS/mbedtls Version: ≤ 3.6.4 Tested on: Kali Linux CVE: CVE-2025-47917 / include include inclu...

9.8CVSS7AI score0.0199EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.103 views

ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection

/ Exploit Title : ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection Author : Byte Reaper Cve id : CVE-2025-10046 Service : plugin wordpress Plugin : ELEX WooCommerce Google Shopping Version : 1.4.3 Type : SQL injection Parameter injection : filetodelete Location file :...

4.9CVSS7AI score0.00666EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.122 views

XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)

Exploit Title: XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution RCE Date: 09/01/2025 Exploit Author: Maksim Rogov Vendor Homepage: https://www.xwiki.org/ Software Link: https://www.xwiki.org/xwiki/bin/view/Download/ Version: 5.3‑milestone‑2 ≤ v 'Remote Code Execution...

9.8CVSS7AI score0.99898EPSS
Exploits51
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.94 views

Tourism Management System 2.0 - Arbitrary Shell Upload

Exploit Title: Tourism Management System 2.0 - Arbitrary Shell Upload Date: 2025-10-09 Exploit Author: Debug Security Vendor Homepage: https://kodcloud.com/ Software Link: https://github.com/sohamjuhin/Tourism-Management-System Version: v2.0 Tested on: Windows 11, PHP 8.2.4, Apache 2.4.56 CVE:...

7.2CVSS7AI score0.0148EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.88 views

dotCMS 25.07.02-1 - Authenticated Blind SQL Injection

!/usr/bin/env python3 Exploit Title: dotCMS 25.07.02-1 - Authenticated Blind SQL Injection Google Dork: N/A Date: 2025-09-09 Exploit Author: Matan Sandori OSCP, OSEP, OSWE Vendor Homepage:https://www.dotcms.com/ Software Link: https://github.com/dotCMS/core/releases/tag/v25.07.02-1 tested on:...

9.4CVSS7AI score0.01558EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.131 views

Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege

Exploit Title: Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege Date: 2025-09-10 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL CVE : CVE-2025-21333 include include include include...

7.8CVSS7AI score0.09798EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.79 views

HTMLDOC 1.9.13 - Stack Buffer Overflow

!/usr/bin/env python3 Exploit Title: HTMLDOC 1.9.13 - Stack Buffer Overflow Google Dork: N/A Date: 2025-08-26 Exploit Author: wulfgarpro Vendor Homepage: https://github.com/michaelrsweet/htmldoc Software Link: https://github.com/michaelrsweet/htmldoc/releases/tag/v1.9.13 Version: 256. Negative...

7.8CVSS7AI score0.07349EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.104 views

Concrete CMS 9.4.3 - Stored XSS

Exploit Title: Concrete CMS 9.4.3 - Stored XSS Date: 2/09/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.concretecms.org/ Software Link: https://www.concretecms.org/downloadfile/8e11ad24-cc1e-4880-8553-7c18ede22c50/2658 Version: 9.4.3 CVE : CVE-2025-8573 Tested on: Windows XP ''...

4.8CVSS7AI score0.0044EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.93 views

ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)

Exploit Title: ClipBucket 5.5.2 Build 90 - Server-Side Request Forgery SSRF Google Dork: N/A Date: 2025-09-11 Exploit Author: Mukundsinh Solanki r00td3str0y3r Vendor Homepage: https://clipbucket.com Software Link: https://github.com/MacWarrior/clipbucket-v5 Version: 5.5.2 Build 90 Tested on: Ubun...

6.5CVSS7AI score0.00998EPSS
Exploits4
Total number of security vulnerabilities47904