Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/11/12 12:0 a.m.372 views

WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting XSS Date: 11/12/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://accesspressthemes.com/ Software Link: https://wordpress.org/plugins/accesspress-social-icons/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/12 12:0 a.m.502 views

WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/11 12:0 a.m.2026 views

Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (3)

Exploit Title: Apache HTTP Server 2.4.50 - Remote Code Execution RCE 3 Date: 11/11/2021 Exploit Author: Valentin Lobstein Vendor Homepage: https://apache.org/ Version: Apache 2.4.49/2.4.50 CGI enabled Tested on: Debian GNU/Linux CVE : CVE-2021-41773 / CVE-2021-42013 Credits : Lucas Schnell...

9.8CVSS7.6AI score0.99992EPSS
Exploits175
Exploit DB
Exploit DB
added 2021/11/11 12:0 a.m.512 views

AbsoluteTelnet 11.24 - 'Username' Denial of Service (PoC)

Exploit Title: AbsoluteTelnet 11.24 - 'Username' Denial of Service PoC Discovered by: Yehia Elghaly Discovered Date: 2021-11-10 Vendor Homepage: https://www.celestialsoftware.net/ Software Link: https://www.celestialsoftware.net/telnet/AbsoluteTelnet32.11.24.exe Tested Version: 11.24 Vulnerabilit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/11 12:0 a.m.471 views

FormaLMS 2.4.4 - Authentication Bypass

Exploit Title: FormaLMS 2.4.4 - Authentication Bypass Google Dork: inurl:index.php?r=adm/ Date: 2021-11-10 Exploit Author: Cristian 'void' Giustini @ Hacktive Security Vendor Homepage: https://formalms.org Software Link: https://formalms.org Version: = 2.4.4 Tested on: Linux CVE : CVE-2021-43136...

9.8CVSS9.7AI score0.15725EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/11 12:0 a.m.690 views

YeaLink SIP-TXXXP 53.84.0.15 - 'cmd' Command Injection (Authenticated)

Exploit Title: YeaLink SIP-TXXXP 53.84.0.15 - 'cmd' Command Injection Authenticated Date: 11-10-2021 Exploit Author: tahaafarooq Vendor Homepage: https://www.yealink.com/ Version: 53.84.0.15 Tested on: YeaLink IP Phone SIP-T19P Hadrware VOIP Phone Description: Using Diagnostic tool from the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/11 12:0 a.m.397 views

AbsoluteTelnet 11.24 - 'Phone' Denial of Service (PoC)

Exploit Title: AbsoluteTelnet 11.24 - 'Phone' Denial of Service PoC Discovered by: Yehia Elghaly Discovered Date: 2021-11-10 Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet32.11.24.exe Tested Version: 11.24 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/10 12:0 a.m.582 views

Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting (XSS)

Exploit Title: Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting XSS Date: 10.11.2021 Exploit Author: İlhami Selamet Vendor Homepage: https://www.sourcecodester.com/php/15026/employee-and-visitor-gate-pass-logging-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/10 12:0 a.m.420 views

Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting (XSS)

Exploit Title: Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting XSS Date: 09/11/2021 Exploit Author: Ragavender A G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/edtms.zip Version...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.564 views

FusionPBX 4.5.29 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: FusionPBX 4.5.29 - Remote Code Execution RCE Authenticated Date: 11/08/2021 Exploit Author: Luska Vendor Homepage: https://www.fusionpbx.com/ Software Link: https://github.com/fusionpbx/fusionpbx Version: 4.5.30 Tested on: Debian CVE : CVE-2021-43405 !/usr/bin/python3 import reques...

8.8CVSS8.9AI score0.35628EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.540 views

zlog 1.2.15 - Buffer Overflow

Exploit Title: zlog 1.2.15 - Buffer Overflow Date: 10/23/2021 Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.412 views

Simple Client Management System 1.0 - SQLi (Authentication Bypass)

Exploit Title: Simple Client Management System 1.0 - SQLi Authentication Bypass Exploit Author: Sentinal920 Date: 5-11-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.371 views

Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection (Authenticated)

Exploit Title: Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection Authenticated Google Dork: intitle: "Inicio de Sesión - Kmaleon" Date: 2021-11-05 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.levelprograms.com Software Link: https://www.levelprograms.com/kmaleon-abogados/ Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.431 views

Money Transfer Management System 1.0 - Authentication Bypass

Exploit Title: Money Transfer Management System 1.0 - Authentication Bypass Date: 2021-11-07 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.536 views

Froxlor 0.10.29.1 - SQL Injection (Authenticated)

Exploit Title: Froxlor 0.10.29.1 - SQL Injection Authenticated Exploit Author: Martin Cernac Date: 2021-11-05 Vendor: Froxlor https://froxlor.org/ Software Link: https://froxlor.org/download.php Affected Version: 0.10.28, 0.10.29, 0.10.29.1 Patched Version: 0.10.30 Category: Web Application Teste...

9.8CVSS9.6AI score0.11812EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.453 views

Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Sentinal920 Date: 5-11-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/08 12:0 a.m.366 views

WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion

Exploit Title: WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion Date: 11/07/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.miniorange.com/ Software Link: https://wordpress.org/plugins/backup-and-restore-for-wp/ Version: 1.0.3 Tested on : Window...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/05 12:0 a.m.421 views

Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting XSS Date: 2021-11-05 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.criticalgears.com/ Software Link: https://www.criticalgears.com/product/authorize-net-payment-terminal/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/05 12:0 a.m.545 views

ImportExportTools NG 10.0.4 - HTML Injection

Exploit Title: ImportExportTools NG 10.0.4 - HTML Injection Date: 2021-11-05 Exploit Author: Vulnerability Lab Vendor Homepage: https://github.com/thundernest/import-export-tools-ng Software Link: https://addons.thunderbird.net/en-US/thunderbird/addon/importexporttools-ng/ Version: 10.0.4 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/05 12:0 a.m.423 views

10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path Discovery by: Brian Rodriguez Date: 04-11-2021 Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/04 12:0 a.m.427 views

Opencart 3 Extension TMD Vendor System - Blind SQL Injection

Exploit Title: Opencart 3 Extension TMD Vendor System - Blind SQL Injection Author: Muhammad Zaki Sulistya [email protected] Date: 03-11-2021 Product: TMD Vendor System Vendor Homepage: https://www.opencartextensions.in/ Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.376 views

OpenAM 13.0 - LDAP Injection

Exploit Title: OpenAM 13.0 - LDAP Injection Date: 03/11/2021 Exploit Author: Charlton Trezevant, GuidePoint Security Vendor Homepage: https://www.forgerock.com/ Software Link: https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/13.0.0,...

7.5CVSS7.8AI score0.76385EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.333 views

Ultimate POS 4.4 - 'name' Cross-Site Scripting (XSS)

Exploit Title: Ultimate POS 4.4 - 'name' Cross-Site Scripting XSS Date: 2021-10-26 Exploit Author: Vulnerability Lab Vendor Homepage: https://ultimatefosters.com/docs/ultimatepos/ Version: 4.4 Document Title: =============== Ultimate POS v4.4 - Products Persistent XSS Vulnerability References...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.396 views

PHP Melody 3.0 - 'vid' SQL Injection

Exploit Title: PHP Melody 3.0 - 'vid' SQL Injection Date: 2021-10-20 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.phpsugar.com/phpmelody.html Version: v3 Document Title: =============== PHP Melody v3.0 - vid SQL Injection Vulnerability References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.395 views

Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)

Exploit Title: Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting XSS Date: 2021-10-22 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.bdtask.com/multi-store-ecommerce-shopping-cart-software/ Version: 3.5 Document Title: =============== Isshue Shopping Cart v3.5 - Cross Site W...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.360 views

Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection

Exploit Title: Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection Date: 2021-10-22 Exploit Author: Vulnerability Lab Vendor Homepage: https://multecart.com/ Version: 2.4 Document Title: =============== Mult-e-Cart Ultimate v2.4 - SQL Injection Vulnerability References Source: ====================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.320 views

Vanguard 2.1 - 'Search' Cross-Site Scripting (XSS)

Exploit Title: Vanguard 2.1 - 'Search' Cross-Site Scripting XSS Date: 2021-10-26 Exploit Author: Vulnerability Lab Vendor Homepage: https://codecanyon.net/item/vanguard-marketplace-digital-products-php/20287975 Version: 2.1 Document Title: =============== Vanguard v2.1 - Search POST Inject Web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.384 views

Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting XSS Date: 2021-10-19 Exploit Author: Vulnerability Lab Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Tested on: Linux Document Title: =============== Simplephpscripts Simple CMS v2....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.360 views

WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting XSS Date: 03/11/2021 Exploit Author: Luca Schembri Vendor Homepage: https://www.essentialplugin.com/ Software Link: https://wordpress.org/plugins/popup-anything-on-click/ Version: 2.0.4 Summary A user wi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.631 views

Eclipse Jetty 11.0.5 - Sensitive File Disclosure

Exploit Title: Eclipse Jetty 11.0.5 - Sensitive File Disclosure Date: 2021-11-03 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/ Version: 9.4.37 ≤ version ColdFusionX - Web Applicat...

5.3CVSS6.5AI score0.99298EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.619 views

RDP Manager 4.9.9.3 - Denial-of-Service (PoC)

Exploit Title: RDP Manager 4.9.9.3 - Denial-of-Service PoC Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.cinspiration.de/uebersicht4.html Software Link: https://www.cinspiration.de/download.html Version: 4.9.9.3 Tested on: Linux Document Title: =============== RD...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.350 views

Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection

Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection Date: 2021-10-19 Exploit Author: Vulnerability Lab Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Tested on: Linux Document Title: =============== Simplephpscripts Simple CMS v2.1 - SQL Injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.397 views

PHP Melody 3.0 - Persistent Cross-Site Scripting (XSS)

Exploit Title: PHP Melody 3.0 - Persistent Cross-Site Scripting XSS Date: 2021-10-21 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.phpsugar.com/phpmelody.html Document Title: =============== PHP Melody v3.0 - Editor Persistent XSS Vulnerability References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.625 views

Fuel CMS 1.4.1 - Remote Code Execution (3)

Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Date: 2021-11-03 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...

9.8CVSS9.8AI score0.82937EPSS
Exploits17
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.427 views

WordPress Plugin Hotel Listing 3 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Hotel Listing 3 - 'Multiple' Cross-Site Scripting XSS Date: 2021-10-28 Exploit Author: Vulnerability Lab Vendor Homepage: https://hotel.eplug-ins.com/ Software Link: https://hotel.eplug-ins.com/hoteldoc/ Version: v3 Tested on: Linux Document Title: ===============...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.510 views

PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)

Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.407 views

Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting (XSS)

Exploit Title: Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting XSS Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.sonicguard.com/NSV-800.asp Version: 6.5.4 Document Title: =============== Sonicwall SonicOS 6.5.4 - Cross Site Scripting Web Vulnerabilit...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/03 12:0 a.m.451 views

PHP Melody 3.0 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: PHP Melody 3.0 - 'Multiple' Cross-Site Scripting XSS Date: 2021-10-20 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.phpsugar.com/phpmelody.html Version: v3 Tested on: Linux Document Title: =============== PHP Melody v3.0 - Multiple Cross Site Web Vulnerabilities...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.388 views

Codiad 2.8.4 - Remote Code Execution (Authenticated) (4)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 4 Author: P4p4M4n3 Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Type: WebApp ------------------------------------- Proof of Concept: 1- login on codiad 2- go to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.510 views

Ericsson Network Location MPS GMPC21 - Remote Code Execution (RCE) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.436 views

Employee Record Management System 1.2 - 'empid' SQL injection (Unauthenticated)

Title: Employee Record Management System 1.2 - 'empid' SQL injection Unauthenticated Exploit Author: Anubhav Singh Date: 2021-10-31 Vendor Homepage: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/ Version: 1.2 Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.488 views

10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.373 views

Ericsson Network Location MPS GMPC21 - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Privilege Escalation Meow Variant', 'Description' = %q This module exploits privilege escalation vulnerability in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.394 views

YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.432 views

Kingdia CD Extractor 3.0.2 - Buffer Overflow (SEH)

Exploit Title: Kingdia CD Extractor 3.0.2 - Buffer Overflow SEH Date: 31.10.2021 Software Link: https://en.softonic.com/download/kingdia-cd-extractor/windows/post-download Exploit Author: Achilles Tested Version: 3.0.2 Tested on: Windows 7 64bit 1.- Run python code : Kingdia.py 2.- Open EVIL.txt...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.352 views

Dynojet Power Core 2.3.0 - Unquoted Service Path

Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path Exploit Author: Pedro Sousa Rodrigues https://www.0x90.zone/ / @PedroSECR Version: 2.3.0 Build 303 Date: 30.10.2021 Vendor Homepage: https://www.dynojet.com/ Software Link: https://docs.dynojet.com/Document/18762 Tested on: Windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/11/02 12:0 a.m.385 views

i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw

Exploit Title: i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Date: 27.10.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.i3international.com i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/29 12:0 a.m.471 views

Mini-XML 3.2 - Heap Overflow

Exploit Title: Mini-XML 3.2 - Heap Overflow Google Dork: mxml Mini-xml Mini-XML Date: 2020.10.19 Exploit Author: LIWEI Vendor Homepage: https://www.msweet.org/mxml/ Software Link: https://github.com/michaelrsweet/mxml Version: v3.2 Tested on: ubuntu 18.04.2 1.- compile the Mini-XML code to a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/29 12:0 a.m.621 views

WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting (XSS)

Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Date: 4/07/2021 Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the...

6.1CVSS6.5AI score0.10509EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/29 12:0 a.m.658 views

Umbraco v8.14.1 - 'baseUrl' SSRF

Exploit Title: Umbraco v8.14.1 - 'baseUrl' SSRF Date: July 5, 2021 Exploit Author: NgoAnhDuc Vendor Homepage: https://our.umbraco.com/ Software Link: https://our.umbraco.com/download/releases/8141 Version: v8.14.1 Affect: Umbraco CMS v8.14.1, Umbraco Cloud Vulnerable code:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904