Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.312 views

Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)

Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.404 views

Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection (Unauthenticated)

Title: Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection Unauthenticated Exploit Author: Yash Mahajan Date: 2021-10-09 Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html Version: 1 Software Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.405 views

Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection

Exploit Title: Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.349 views

Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)

Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting XSS Shodan Dork: Search Logitech Media Server Date: 12.10.2021 Exploit Author: Mert Das Vendor Homepage: www.logitech.com Version: 8.2.0 Tested on: Windows 10, Linux POC: 1. Go to Settings / Interface tab 2. Add payload to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.652 views

Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)

Exploit Title: Keycloak 12.0.1 - 'requesturi ' Blind Server-Side Request Forgery SSRF Unauthenticated Date: 2021-10-09 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.keycloak.org/ Software Link: https://www.keycloak.org/archive/downloads-12.0.1.html Version: versions 192.168.0.1:444...

5.3CVSS5.2AI score0.69724EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.369 views

Simple Payroll System 1.0 - SQLi Authentication Bypass

Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Date: 2021-10-09 Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.2849 views

Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution (RCE)

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if...

9.8CVSS9.2AI score0.99964EPSS
Exploits175
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.242 views

Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass

Exploit Title: Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass Date: 08.10.2021 Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14981/online-employees-work-home-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.266 views

Online Enrollment Management System 1.0 - Authentication Bypass

Exploit Title: Online Enrollment Management System 1.0 - Authentication Bypass Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/12914/online-enrollment-management-system-paypal-payments-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.332 views

Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of Service (PoC)

Exploit Title: Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of Service PoC Date: 2021-10-07 Exploit Author: Aryan Chehreghani Vendor Homepage: https://cmder.net Software Link: https://github.com/cmderdev/cmder/releases/download/v1.3.18/cmder.zip Version: v1.3.18 Tested on: Windows 10 About ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.276 views

Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection

Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.297 views

Loan Management System 1.0 - SQLi Authentication Bypass

Exploit Title: Loan Management System 1.0 - SQLi Authentication Bypass Date: 08.10.2021 Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.232 views

IFSC Code Finder Project 1.0 - SQL injection (Unauthenticated)

Title: IFSC Code Finder Project 1.0 - SQL injection Unauthenticated Exploit Author: Yash Mahajan Date: 2021-10-07 Vendor Homepage: https://phpgurukul.com/ifsc-code-finder-project-using-php/ Version: 1 Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=14478 Tested On: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.450 views

Simple Online College Entrance Exam System 1.0 - Account Takeover

Exploit Title: Simple Online College Entrance Exam System 1.0 - Account Takeover Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.317 views

Maian-Cart 3.8 - Remote Code Execution (RCE) (Unauthenticated)

Exploit title: Maian-Cart 3.8 - Remote Code Execution RCE Unauthenticated Date: 27.11.2020 19:35 Tested on: Ubuntu 20.04 LTS Exploit Authors: DreyAnd, purpl3 Software Link: https://www.maiancart.com/download.html Vendor homepage: https://www.maianscriptworld.co.uk/ Version: Maian Cart 3.8 CVE:...

9.8CVSS9.7AI score0.66433EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.653 views

WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation (Unauthenticated)

Exploit Title: WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation Unauthenticated Google Dork: inurl:/plugins/pie-register/ Date: 08.10.2021 Exploit Author: Lotfi13-DZ Vendor Homepage: https://wordpress.org/plugins/pie-register/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.249 views

Simple Online College Entrance Exam System 1.0 - Unauthenticated Admin Creation

Exploit Title: Simple Online College Entrance Exam System 1.0 - Unauthenticated Admin Creation Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.287 views

django-unicorn 0.35.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: django-unicorn 0.35.3 - Stored Cross-Site Scripting XSS Date: 10/7/21 Exploit Author: Raven Security Associates, Inc. ravensecurity.net Software Link: https://pypi.org/project/django-unicorn/ Version: = 0.35.3 CVE: CVE-2021-42053 django-unicorn = 0.35.3 suffers from a stored XSS...

5.4CVSS5.6AI score0.02524EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/08 12:0 a.m.258 views

Online Traffic Offense Management System 1.0 - Privilage escalation (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Privilage escalation Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.579 views

Online Traffic Offense Management System 1.0 - Multiple RCE (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple RCE Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.362 views

Google SLO-Generator 2.0.0 - Code Execution

Exploit Title: Google SLO-Generator 2.0.0 - Code Execution Date: 2021-09-28 Exploit Author: Kiran Ghimire Software Link: https://github.com/google/slo-generator/releases Version: = 2.0.0 Tested on: Linux CVE: CVE-2021-22557 Introduction: Is a tool to compute and export Service Level Objectives...

7.8CVSS7.7AI score0.0158EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.295 views

Online Traffic Offense Management System 1.0 - Multiple SQL Injection (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple SQL Injection Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.314 views

Online Traffic Offense Management System 1.0 - Multiple XSS (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple XSS Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.273 views

Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting

Exploit Title: Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting Date: 2021-10-06 Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-dj-booking-management-system-using-php-and-mysql/ Version: V 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/07 12:0 a.m.221 views

Simple Online College Entrance Exam System 1.0 - SQLi Authentication Bypass

Exploit Title: Simple Online College Entrance Exam System 1.0 - SQLi Authentication Bypass Date: 07.10.2021 Exploit Author: Mevlüt Yılmaz Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/06 12:0 a.m.3840 views

Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution (RCE)

Exploit Title: Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.49 Tested on: 2.4.49 CVE : CVE-2021-41773 Credits: Ash Daulton and the cPanel Security Team...

9.8CVSS8.3AI score0.99992EPSS
Exploits150
Exploit DB
Exploit DB
added 2021/10/06 12:0 a.m.301 views

Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure

Exploit Title: Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure Date 04.10.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://forum.ait-pro.com/read-me-first/ Software Link: https://downloads.wordpress.org/plugin/bulletproof-security.5.1.zip Version: =...

5.3CVSS5.7AI score0.7233EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/10/06 12:0 a.m.263 views

Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection

Exploit Title: Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection Date: 05.10.2021 Exploit Author: Emel Basayar Vendor: Odine Solutions - odinesolutions.com Vendor Homepage: https://odinesolutions.com/software/gatekeeper-simbox-antifraud/ Version: 1.0 Category: Webapps Tested on: Ubunt...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/06 12:0 a.m.738 views

Atlassian Jira Server Data Center 8.16.0 - Arbitrary File Read

Exploit Title: Atlassian Jira Server Data Center 8.16.0 - Arbitrary File Read Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤ version 8.13.6,...

5.3CVSS5.7AI score0.99999EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.315 views

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read

Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ versio...

5.3CVSS5.7AI score0.99937EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.366 views

Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload

Exploit Title: Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/mstore-api/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/mstore-api/ Version: 2.0.6, possibly higher Tested on: Ubuntu 20.04.1 import os.path...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.227 views

Student Quarterly Grading System 1.0 - SQLi Authentication Bypass

Exploit Title: Student Quarterly Grading System 1.0 - SQLi Authentication Bypass Date: 04.10.2021 Exploit Author: Blackhan Vendor Homepage: https://www.sourcecodester.com/php/14953/student-quarterly-grading-system-using-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.506 views

Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation (Unauthenticated)

Exploit Title: Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation Unauthenticated Google Dork: inurl:/wp-content/plugins/thecartpress/ Date: 04/10/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugin/thecartpress Version: spacehen www.github.com/spacehen" def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.250 views

Young Entrepreneur E-Negosyo System 1.0 - 'PRODESC' Stored Cross-Site Scripting (XSS)

Exploit Title: Young Entrepreneur E-Negosyo System 1.0 - 'PRODESC' Stored Cross-Site Scripting XSS Date: 2021-10-03 Exploit Author: Jordan Glover Vendor Homepage: https://www.sourcecodester.com/php/12684/young-entrepreneur-e-negosyo-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.293 views

Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass Date: 2021-10-02 Exploit Author: Jordan Glover Vendor Homepage: https://www.sourcecodester.com/php/12684/young-entrepreneur-e-negosyo-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.415 views

Open Game Panel - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Open Game Panel - Remote Code Execution RCE Authenticated Google Dork: intext:"Open Game Panel 2021" Date: 08/14/2021 Exploit Author: prey Vendor Homepage: https://www.opengamepanel.org/ Software Link: https://github.com/OpenGamePanel/OGP-Website Version: before 14 Aug patch...

9CVSS8.9AI score0.01311EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.400 views

Lodging Reservation Management System 1.0 - Authentication Bypass

Exploit Title: Lodging Reservation Management System 1.0 - Authentication Bypass Date: 2021-09-20 Exploit Author: Nitin Sharmavidvansh Vendor Homepage: https://www.sourcecodester.com/php/14883/lodging-reservation-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/04 12:0 a.m.407 views

Payara Micro Community 5.2021.6 - Directory Traversal

Exploit Title: Payara Micro Community 5.2021.6 - Directory Traversal Date: 01/10/2021 Exploit Author: Yasser Khan N3Thunt3r Vendor Homepage: https://docs.payara.fish/community/docs/release-notes/release-notes-2021-6.html Software Link:...

7.5CVSS7.6AI score0.52926EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.324 views

Exam Form Submission System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Exam Form Submission System 1.0 - SQL Injection Authentication Bypass Date: 30-09-2021 Exploit Author: Nitin Sharma Vidvansh Vendor Homepage: https://code-projects.org Product link: https://code-projects.org/exam-form-submission-in-php-with-source-code/ Version: 1.0 Tested on: XAMP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.302 views

Phpwcms 1.9.30 - Arbitrary File Upload

Exploit Title: Phpwcms 1.9.30 - Arbitrary File Upload Date: 30/9/2021 Exploit Author: Okan Kurtulus | okankurtulus.com.tr Software Link: http://www.phpwcms.org/ Version: 1.9.30 Tested on: Ubuntu 16.04 Steps: 1- You need to login to the system. http://target.com/phpwcms/login.php 2- Creating paylo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.298 views

Blood Bank System 1.0 - Authentication Bypass

Exploit Title: Blood Bank System 1.0 - Authentication Bypass Date: 30-9-2021 Exploit Author: Nitin Sharma vidvansh Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code/ Software Link : https://download.code-projects.org/details/f44a4ba9-bc33-48c3-b030-02f62117d230 Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.276 views

Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation

Exploit Title: Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation via XML Signature Wrapping Date: 09/07/2021 Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://www.miniorange.com/ Software Link: https://www.drupal.org/project/miniorangesaml Version: 8.x-2.22 REQUIRED...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.316 views

Directory Management System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Directory Management System 1.0 - SQL Injection Authentication Bypass Date: 2021-10-01 Exploit Author: SUDONINJA Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/directory-management-system-using-php-and-mysql/ Version: v1.0 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.321 views

CMSimple_XH 1.7.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Date: 01-10-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleX...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.307 views

Dairy Farm Shop Management System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Dairy Farm Shop Management System 1.0 - SQL Injection Authentication Bypass Date: 2021-09-30 Exploit Author: sanjay singh Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/ Version: v1.0 Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.431 views

Vehicle Service Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Vehicle Service Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 30.09.2021 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/01 12:0 a.m.365 views

WhatsUpGold 21.0.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: WhatsUpGold 21.0.3 - Stored Cross-Site Scripting XSS Date: 09.17.2021 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.21.0.3, Build 188 Tested on: Windows 2019 Server CVE : CVE-2021-41318 Reference:...

6.1CVSS6.4AI score0.05881EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/30 12:0 a.m.271 views

PlaceOS 1.2109.1 - Open Redirection

Exploit Title: PlaceOS 1.2109.1 - Open Redirection Date: 29-09-2021 Exploit Author: Hamza Khedr @ Accenture Austalia AARO Team Vendor Homepage: https://place.technology/ Software Link: https://github.com/PlaceOS Version: 1.29.10 Tested on: Ubuntu 20.04 CVE: CVE-2021-41826 PoC:...

6.4AI score0.11872EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/30 12:0 a.m.245 views

Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation

Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/30 12:0 a.m.486 views

Cyber Cafe Management System Project (CCMS) 1.0 - SQL Injection Authentication Bypass

Exploit Title: Cyber Cafe Management System Project CCMS 1.0 - SQL Injection Authentication Bypass Date: 29-09-2021 Exploit Author: sudoninja Vendor Homepage: https://phpgurukul.com Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Version: 1.0 Tested on: XAMPP /...

7.4AI score
Exploits0
Total number of security vulnerabilities47904