Exploitdb - Page 42 of Exploitdb Vulnerabilities List

ExploitdbRecent

47884 matches found

Exploit DB•added 2021/11/04 12:0 a.m.•420 views

Opencart 3 Extension TMD Vendor System - Blind SQL Injection

Exploit Title: Opencart 3 Extension TMD Vendor System - Blind SQL Injection Author: Muhammad Zaki Sulistya [email protected] Date: 03-11-2021 Product: TMD Vendor System Vendor Homepage: https://www.opencartextensions.in/ Software Link:...

7AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•356 views

WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting XSS Date: 03/11/2021 Exploit Author: Luca Schembri Vendor Homepage: https://www.essentialplugin.com/ Software Link: https://wordpress.org/plugins/popup-anything-on-click/ Version: 2.0.4 Summary A user wi...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•603 views

RDP Manager 4.9.9.3 - Denial-of-Service (PoC)

Exploit Title: RDP Manager 4.9.9.3 - Denial-of-Service PoC Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.cinspiration.de/uebersicht4.html Software Link: https://www.cinspiration.de/download.html Version: 4.9.9.3 Tested on: Linux Document Title: =============== RD...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•611 views

Fuel CMS 1.4.1 - Remote Code Execution (3)

Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Date: 2021-11-03 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...

9.8CVSS9.8AI score0.9391EPSS

Exploits17

Exploit DB•added 2021/11/03 12:0 a.m.•418 views

WordPress Plugin Hotel Listing 3 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Hotel Listing 3 - 'Multiple' Cross-Site Scripting XSS Date: 2021-10-28 Exploit Author: Vulnerability Lab Vendor Homepage: https://hotel.eplug-ins.com/ Software Link: https://hotel.eplug-ins.com/hoteldoc/ Version: v3 Tested on: Linux Document Title: ===============...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•383 views

Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)

Exploit Title: Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting XSS Date: 2021-10-22 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.bdtask.com/multi-store-ecommerce-shopping-cart-software/ Version: 3.5 Document Title: =============== Isshue Shopping Cart v3.5 - Cross Site W...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•382 views

PHP Melody 3.0 - Persistent Cross-Site Scripting (XSS)

Exploit Title: PHP Melody 3.0 - Persistent Cross-Site Scripting XSS Date: 2021-10-21 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.phpsugar.com/phpmelody.html Document Title: =============== PHP Melody v3.0 - Editor Persistent XSS Vulnerability References Source:...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•368 views

Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting XSS Date: 2021-10-19 Exploit Author: Vulnerability Lab Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Tested on: Linux Document Title: =============== Simplephpscripts Simple CMS v2....

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•353 views

Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection

Exploit Title: Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection Date: 2021-10-22 Exploit Author: Vulnerability Lab Vendor Homepage: https://multecart.com/ Version: 2.4 Document Title: =============== Mult-e-Cart Ultimate v2.4 - SQL Injection Vulnerability References Source: ====================...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•395 views

Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting (XSS)

Exploit Title: Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting XSS Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.sonicguard.com/NSV-800.asp Version: 6.5.4 Document Title: =============== Sonicwall SonicOS 6.5.4 - Cross Site Scripting Web Vulnerabilit...

7AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•381 views

PHP Melody 3.0 - 'vid' SQL Injection

Exploit Title: PHP Melody 3.0 - 'vid' SQL Injection Date: 2021-10-20 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.phpsugar.com/phpmelody.html Version: v3 Document Title: =============== PHP Melody v3.0 - vid SQL Injection Vulnerability References Source: ====================...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•614 views

Eclipse Jetty 11.0.5 - Sensitive File Disclosure

Exploit Title: Eclipse Jetty 11.0.5 - Sensitive File Disclosure Date: 2021-11-03 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/ Version: 9.4.37 ≤ version ColdFusionX - Web Applicat...

5.3CVSS6.5AI score0.93778EPSS

Exploits6

Exploit DB•added 2021/11/03 12:0 a.m.•364 views

OpenAM 13.0 - LDAP Injection

Exploit Title: OpenAM 13.0 - LDAP Injection Date: 03/11/2021 Exploit Author: Charlton Trezevant, GuidePoint Security Vendor Homepage: https://www.forgerock.com/ Software Link: https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/13.0.0,...

7.5CVSS7.8AI score0.88708EPSS

Exploits5

Exploit DB•added 2021/11/03 12:0 a.m.•322 views

Ultimate POS 4.4 - 'name' Cross-Site Scripting (XSS)

Exploit Title: Ultimate POS 4.4 - 'name' Cross-Site Scripting XSS Date: 2021-10-26 Exploit Author: Vulnerability Lab Vendor Homepage: https://ultimatefosters.com/docs/ultimatepos/ Version: 4.4 Document Title: =============== Ultimate POS v4.4 - Products Persistent XSS Vulnerability References...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•310 views

Vanguard 2.1 - 'Search' Cross-Site Scripting (XSS)

Exploit Title: Vanguard 2.1 - 'Search' Cross-Site Scripting XSS Date: 2021-10-26 Exploit Author: Vulnerability Lab Vendor Homepage: https://codecanyon.net/item/vanguard-marketplace-digital-products-php/20287975 Version: 2.1 Document Title: =============== Vanguard v2.1 - Search POST Inject Web...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•343 views

Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection

Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection Date: 2021-10-19 Exploit Author: Vulnerability Lab Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Tested on: Linux Document Title: =============== Simplephpscripts Simple CMS v2.1 - SQL Injection...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•437 views

PHP Melody 3.0 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: PHP Melody 3.0 - 'Multiple' Cross-Site Scripting XSS Date: 2021-10-20 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.phpsugar.com/phpmelody.html Version: v3 Tested on: Linux Document Title: =============== PHP Melody v3.0 - Multiple Cross Site Web Vulnerabilities...

7.4AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•492 views

PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)

Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•477 views

10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•427 views

Employee Record Management System 1.2 - 'empid' SQL injection (Unauthenticated)

Title: Employee Record Management System 1.2 - 'empid' SQL injection Unauthenticated Exploit Author: Anubhav Singh Date: 2021-10-31 Vendor Homepage: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/ Version: 1.2 Software Link:...

7AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•364 views

Ericsson Network Location MPS GMPC21 - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Privilege Escalation Meow Variant', 'Description' = %q This module exploits privilege escalation vulnerability in...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•495 views

Ericsson Network Location MPS GMPC21 - Remote Code Execution (RCE) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•372 views

Codiad 2.8.4 - Remote Code Execution (Authenticated) (4)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•341 views

Dynojet Power Core 2.3.0 - Unquoted Service Path

Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path Exploit Author: Pedro Sousa Rodrigues https://www.0x90.zone/ / @PedroSECR Version: 2.3.0 Build 303 Date: 30.10.2021 Vendor Homepage: https://www.dynojet.com/ Software Link: https://docs.dynojet.com/Document/18762 Tested on: Windows 1...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•371 views

i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw

Exploit Title: i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Date: 27.10.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.i3international.com i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page:...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•412 views

Kingdia CD Extractor 3.0.2 - Buffer Overflow (SEH)

Exploit Title: Kingdia CD Extractor 3.0.2 - Buffer Overflow SEH Date: 31.10.2021 Software Link: https://en.softonic.com/download/kingdia-cd-extractor/windows/post-download Exploit Author: Achilles Tested Version: 3.0.2 Tested on: Windows 7 64bit 1.- Run python code : Kingdia.py 2.- Open EVIL.txt...

7.4AI score

Exploits0

Exploit DB•added 2021/11/02 12:0 a.m.•382 views

YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...

7.4AI score

Exploits0

Exploit DB•added 2021/10/29 12:0 a.m.•643 views

Umbraco v8.14.1 - 'baseUrl' SSRF

Exploit Title: Umbraco v8.14.1 - 'baseUrl' SSRF Date: July 5, 2021 Exploit Author: NgoAnhDuc Vendor Homepage: https://our.umbraco.com/ Software Link: https://our.umbraco.com/download/releases/8141 Version: v8.14.1 Affect: Umbraco CMS v8.14.1, Umbraco Cloud Vulnerable code:...

7.4AI score

Exploits0

Exploit DB•added 2021/10/29 12:0 a.m.•457 views

Mini-XML 3.2 - Heap Overflow

Exploit Title: Mini-XML 3.2 - Heap Overflow Google Dork: mxml Mini-xml Mini-XML Date: 2020.10.19 Exploit Author: LIWEI Vendor Homepage: https://www.msweet.org/mxml/ Software Link: https://github.com/michaelrsweet/mxml Version: v3.2 Tested on: ubuntu 18.04.2 1.- compile the Mini-XML code to a...

7.4AI score

Exploits0

Exploit DB•added 2021/10/29 12:0 a.m.•825 views

Movable Type 7 r.5002 - XMLRPC API OS Command Injection (Metasploit)

class MetasploitModule "Movable Type XMLRPC API Remote Command Injection", 'Description' = %q This module exploit Movable Type XMLRPC API Remote Command Injection. , 'License' = MSFLICENSE, 'Author' = 'Etienne Gervais', author & msf module, 'Charl-Alexandre Le Brun' author & msf module ,...

9.8CVSS7.4AI score0.94187EPSS

Exploits11

Exploit DB•added 2021/10/29 12:0 a.m.•603 views

WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting (XSS)

Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Date: 4/07/2021 Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the...

6.1CVSS6.5AI score0.4107EPSS

Exploits4

Exploit DB•added 2021/10/28 12:0 a.m.•509 views

WordPress Plugin Supsystic Contact Form 1.7.18 - 'label' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.18 - 'label' Stored Cross-Site Scripting XSS Date: 10/27/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://supsystic.com/ Software Link: https://wordpress.org/plugins/contact-form-by-supsystic/ Version: 1.7.18...

7.4AI score

Exploits0

Exploit DB•added 2021/10/28 12:0 a.m.•429 views

PHPGurukul Hostel Management System 2.1 - Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)

Exploit Title: PHPGurukul Hostel Management System 2.1 - Cross-site request forgery CSRF to Cross-site Scripting XSS Date: 2021-10-27 Exploit Author: Anubhav Singh Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hostel-management-system/ Version: V 2.1 Vulnerable...

7AI score

Exploits0

Exploit DB•added 2021/10/26 12:0 a.m.•351 views

WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting XSS Date: 10/25/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.filterable-portfolio.com/ Software Link: https://wordpress.org/plugins/fg-gallery/ Version: 1.0...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•364 views

Gestionale Open 11.00.00 - Local Privilege Escalation

Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•292 views

Online Event Booking and Reservation System 1.0 - 'reason' Stored Cross-Site Scripting (XSS)

Exploit Title: Online Event Booking and Reservation System 1.0 - 'reason' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•1361 views

Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (2)

Exploit: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 2 Credits: Ash Daulton & cPanel Security Team Date: 24/07/2021 Exploit Author: TheLastVvV.com Vendor Homepage: https://apache.org/ Version: Apache 2.4.50 with CGI enable Tested on : Debian 5.10.28 CVE : CVE-2021-42013 !/bin/bash echo...

9.8CVSS9.2AI score0.9441EPSS

Exploits60

Exploit DB•added 2021/10/25 12:0 a.m.•435 views

Engineers Online Portal 1.0 - File Upload Remote Code Execution (RCE)

Exploit Title: Engineers Online Portal 1.0 - File Upload Remote Code Execution RCE Date: 10/23/2021 Exploit Author: SadKris Venor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Version: 1.0 Tested on: XAMPP, Windo...

7AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•316 views

WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting XSS Authenticated Date: 23-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: Software Link: https://wordpress.org/plugins/simple-tags/ Tested on Windows CVE: CVE-2021-24444...

4.8CVSS5.1AI score0.01572EPSS

Exploits5

Exploit DB•added 2021/10/25 12:0 a.m.•405 views

Balbooa Joomla Forms Builder 2.0.6 - SQL Injection (Unauthenticated)

Exploit Title: Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Unauthenticated Date: 24.10.2021 Exploit Author: blockomat2100 Vendor Homepage: https://www.balbooa.com/ Version: 2.0.6 Tested on: Docker An example request to trigger the SQL-Injection: POST /index.php?option=combaforms HTTP/1.1...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•356 views

Engineers Online Portal 1.0 - 'id' SQL Injection

Exploit Title: Engineers Online Portal 1.0 - 'id' SQL Injection Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•407 views

Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) (2)

Exploit Title: Wordpress 4.9.6 - Arbitrary File Deletion Authenticated 2 Date: 04/08/2021 Exploit Author: samguy Vulnerability Discovery By: Slavco Mihajloski & Karim El Ouerghemmi Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/wordpress-4.9.6.tar.gz Version: 4.9.6...

8.8CVSS7.9AI score0.89594EPSS

Exploits4

Exploit DB•added 2021/10/25 12:0 a.m.•377 views

WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/ninja-tables/ Software Link: https://wpmanageninja.com/downloads/ninja-tables-pro-add-on/ Version: 4.1.7 Tested...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•1142 views

Hikvision Web Server Build 210702 - Command Injection

Exploit Title: Hikvision Web Server Build 210702 - Command Injection Exploit Author: bashis Vendor Homepage: https://www.hikvision.com/ Version: 1.0 CVE: CVE-2021-36260 Reference: https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html All credit to WatchfulIP...

9.8CVSS9.6AI score0.94436EPSS

Exploits22

Exploit DB•added 2021/10/25 12:0 a.m.•769 views

phpMyAdmin 4.8.1 - Remote Code Execution (RCE)

Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Date: 17/08/2021 Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested o...

8.8CVSS8.8AI score0.94262EPSS

Exploits20

Exploit DB•added 2021/10/25 12:0 a.m.•490 views

Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

5.4CVSS5.5AI score0.01891EPSS

Exploits6

Exploit DB•added 2021/10/25 12:0 a.m.•382 views

Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Unauthenticated)

Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Date: 24/10/2021 Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 ...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•347 views

WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on...

7.4AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•399 views

Netgear Genie 2.4.64 - Unquoted Service Path

Exploit Title: Netgear Genie 2.4.64 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 2.4.64 Date: 23.10.2021 Vendor Homepage: https://www.netgear.com/ Tested on: Windows 10 C:\Users\Mertsc qc NETGEARGenieDaemon SC QueryServiceConfig SUCCESS SERVICENAME: NETGEARGenieDaemon TYPE : 10...

7AI score

Exploits0

Exploit DB•added 2021/10/25 12:0 a.m.•444 views

Engineers Online Portal 1.0 - 'multiple' Authentication Bypass

Exploit Title: Engineers Online Portal 1.0 - 'multiple' Authentication Bypass Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

7.4AI score

Exploits0

Total number of security vulnerabilities47884