Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/09/30 12:0 a.m.271 views

PlaceOS 1.2109.1 - Open Redirection

Exploit Title: PlaceOS 1.2109.1 - Open Redirection Date: 29-09-2021 Exploit Author: Hamza Khedr @ Accenture Austalia AARO Team Vendor Homepage: https://place.technology/ Software Link: https://github.com/PlaceOS Version: 1.29.10 Tested on: Ubuntu 20.04 CVE: CVE-2021-41826 PoC:...

6.4AI score0.11872EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/30 12:0 a.m.245 views

Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation

Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.256 views

WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting XSS Date: 2/15/2021 Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip Version: 1.3.1 Tested...

6.1CVSS6.3AI score0.10358EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.694 views

Mitrastar GPT-2541GNAC-N1 - Privilege escalation

Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Date: 10-08-2021 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.231 views

Storage Unit Rental Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Storage Unit Rental Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 28.09.2021 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.sourcecodester.com/php/14932/storage-unit-rental-management-system-using-php-free-source-code.html Software Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.189 views

OpenSIS 8.0 - 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)

Exploit Title: OpenSIS 8.0 - 'cpidmissattn' Reflected Cross-Site Scripting XSS Date: 9/24/2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux CVE : CVE-2021-40310 OpenSIS Community Edition...

5.4CVSS5.5AI score0.00812EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.215 views

WordPress Plugin Redirect 404 to Parent 1.3.0 - Reflected Cross-Site Scripting

Exploit Title: WordPress Plugin Redirect 404 to Parent 1.3.0 - Reflected Cross-Site Scripting XSS Date: 2/3/2021 Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/redirect-404-to-parent.1.3.0.zip Version: 1.3.0 Tested on: Windows 10 CVE: CVE-2021-24286 1. Description: This plugin...

6.1CVSS6.3AI score0.13942EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/29 12:0 a.m.225 views

Pet Shop Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Title: Pet Shop Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 28.09.2021 Author: Mr.Gedik Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14962/petshop-management-system-using-phppdo-oop-full-source-code-complete.html...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.229 views

WordPress Plugin Contact Form 1.7.14 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Contact Form 1.7.14 - Reflected Cross-Site Scripting XSS Date: 3/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/contact-form-by-supsystic/ Version: 1.7.14 Tested on: Windows 10 CVE: CVE-2021-24276 1. Description: The Contact Form by Supsystic...

6.1CVSS6.3AI score0.16044EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.221 views

FatPipe Networks WARP 10.2.2 - Authorization Bypass

Exploit Title: FatPipe Networks WARP 10.2.2 - Authorization Bypass Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com FatPipe Networks WARP 10.2.2 Authorization Bypass Vendor: FatPipe Networks Inc. Product web page: https://www.fatpipeinc.com Affected version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.259 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery (CSRF)

Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery CSRF Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com !-- FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 CSRF Add Admin Exploit Vendor: FatPipe Networks Inc. Product w...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.229 views

WordPress Plugin Ultimate Maps 1.2.4 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Ultimate Maps 1.2.4 - Reflected Cross-Site Scripting XSS Date: 3/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/ultimate-maps-by-supsystic/ Version: 1.2.4 Tested on: Windows 10 CVE: CVE-2021-24274 1. Description: The plugin did not sanitize the t...

6.1CVSS6.3AI score0.17638EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.233 views

WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting XSS Date: 3/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/popup-by-supsystic/ Version: 1.10.4 Tested on: Windows 10 CVE: CVE-2021-24275 1. Description: The plugin did not sanitize the tab parameter o...

6.1CVSS6.3AI score0.18165EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.233 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download (Unauthenticated)

Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download Unauthenticated Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Unauthenticated Config Download Vendor: FatPipe Networks Inc. Product web page...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.208 views

WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Date: 06-08-2021 Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...

4.8CVSS5.1AI score0.05432EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.243 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Hidden Backdoor Account (Write Access)

Exploit Title: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Hidden Backdoor Account Write Access Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Hidden Backdoor Account Write Access Vendor: FatPipe Networks Inc. Produc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.235 views

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Remote Privilege Escalation

Exploit Title: FatPipe Networks MPVPN 10.2.2 - Remote Privilege Escalation Date: 25.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.fatpipeinc.com !/usr/bin/env python3 FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Remote Privilege Escalation Vendor: FatPipe Networks Inc. Product web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.271 views

Apache James Server 2.3.2 - Remote Command Execution (RCE) (Authenticated) (2)

Exploit Title: Apache James Server 2.3.2 - Remote Command Execution RCE Authenticated 2 Date: 27/09/2021 Exploit Author: shinris3n Vendor Homepage: http://james.apache.org/server/ Software Link: http://ftp.ps.pl/pub/apache/james/server/apache-james-2.3.2.zip Version: Apache James Server 2.3.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.210 views

Cyberfox Web Browser 52.9.1 - Denial of Service (PoC)

Exploit Title: Cyberfox Web Browser 52.9.1 - Denial of Service PoC Date: 2021-09-26 Exploit Author: Aryan Chehreghani Vendor Homepage: https://cyberfox.8pecxstudios.com Software Link: https://www.techspot.com/downloads/6568-cyberfox-web-browser.html Version: v52.9.1 Possibly all versions Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.337 views

Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers

Exploit Title: Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers Date: 24/09/2021 Exploit Author: Michael Alamoot Vendor Homepage: https://www.cisco.com/ Version: RV130W 1.0.3.44 Tested on: Kali linux ! /usr/bin/env python3 from scapy.contrib.eigrp import EIGRPAuthData from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.273 views

Library System 1.0 - 'student_id' SQL injection (Authenticated)

Exploit Title: Library System 1.0 - 'studentid' SQL injection Authenticated Google Dork: intitle: "Library System by YahooBaba" Date: 26/08/2021 Exploit Author: Vinay Bhuria Vendor Homepage: https://www.yahoobaba.net Software Link: https://www.yahoobaba.net/project/library-system-in-php Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.380 views

XAMPP 7.4.3 - Local Privilege Escalation

Exploit Title: XAMPP 7.4.3 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Original Author: Maximilian Barz @S1lkys Date: 27/09/2021 Vendor Homepage: https://www.apachefriends.org Version: XAMPP 7.2.29, 7.3.x 7.3.16 & 7.4.x 7.4.4 Tested on: Windows 10 +...

8.8CVSS9.1AI score0.2247EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.911 views

WordPress Plugin Wappointment 2.2.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Wappointment 2.2.4 - Stored Cross-Site Scripting XSS Date: 2021-07-31 Exploit Author: Renos Nikolaou Software Link: https://downloads.wordpress.org/plugin/wappointment.2.2.4.zip Version: 2.2.4 Tested on: Windows Description : Wappointment is prone to Stored Cross...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/27 12:0 a.m.224 views

Ether_MP3_CD_Burner 1.3.8 - Buffer Overflow (SEH)

Exploit Title: EtherMP3CDBurner 1.3.8 - Buffer Overflow SEH Date: 24.09.2021 Software Link: https://mp3-avi-mpeg-wmv-rm-to-audio-cd-burner.software.informer.com/download/?caa8ec-1.2 Software Link 2: https://anonfiles.com/X2Ff36J6ue/ethercdburnerexe Exploit Author: Achilles Tested Version: 1.3.8...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/24 12:0 a.m.308 views

Microsoft Windows cmd.exe - Stack Buffer Overflow

Title: Microsoft Windows cmd.exe - Stack Buffer Overflow Author: John Page aka hyp3rlinx Date: 15/09/2021 Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CMD.EXE-STACK-BUFFER-OVERFLOW.txt ISR: ApparitionSec Vendor www.microsoft.com Product cmd.exe is the default command-line...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/24 12:0 a.m.182 views

Pharmacy Point of Sale System 1.0 - SQLi Authentication BYpass

Exploit Title: Pharmacy Point of Sale System 1.0 - SQLi Authentication Bypass Date: 23.09.2021 Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/php/14957/pharmacy-point-sale-system-using-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/24 12:0 a.m.195 views

SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure

Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure Google Dork: intext:"Powered by SmarterTrack" Date: 23/01/2020 Exploit Author: Andrei Manole Vendor Homepage: https://www.smartertools.com/ Software Link: https://www.smartertools.com/smartertrack Version: TESTED ON...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.227 views

WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting XSS Date: 15/2/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woo-order-export-lite/ Version: 3.1.7 Tested on: Windows 10 CVE: CVE-2021-24169 1. Description: This plugin...

6.1CVSS6.3AI score0.10348EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.198 views

Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)

Exploit Title: Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery CSRF Exploit Author: V1n1v131r4 Date: 2021-09-22 Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.20.0/backdrop.zip Version: 1.20.0 Tested On: Kali Linux,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.209 views

Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial of Service (PoC)

Exploit Title: Redragon Gaming Mouse - 'REDRAGONMOUSE.sys' Denial of Service PoC Date: 27/08/2021 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.redragonzone.com/pages/download Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.210 views

Police Crime Record Management Project 1.0 - Time Based SQLi

Exploit Title: Police Crime Record Management Project 1.0 - Time Based SQLi Exploit Author: t//\1 Date: 23/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Tested on: Linux Version: 1.0 Exploit Description: The application is prone to an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.240 views

Budget and Expense Tracker System 1.0 - Arbitrary File Upload

Exploit Title: Budget and Expense Tracker System 1.0 - Arbitrary File Upload Exploit Author: t//\1 Date: 23/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Tested on: Linux Version: 2.0 Exploit Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.257 views

Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control

Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...

7.5CVSS7.6AI score0.48417EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.219 views

WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery (CSRF)

Exploit Title: WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery CSRF Date: 2/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/fitness-calculators/ Version: 1.9.5 Tested on: Windows 10 CVE: CVE-2021-24272 1. Description: The plugin add calculators for Water...

4.3CVSS4.7AI score0.01815EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/23 12:0 a.m.1069 views

Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload

Exploit Title: Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/3dprint-lite/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/3dprint-lite/ Version: spacehen www.github.com/spacehen" def printusage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.249 views

Online Reviewer System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Reviewer System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Date: 2021-09-21 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.280 views

Cloudron 6.2 - 'returnTo ' Cross Site Scripting (Reflected)

Exploit Title: Cloudron 6.2 - 'returnTo ' Cross Site Scripting Reflected Date: 10.06.2021 Exploit Author: Akıner Kısa Vendor Homepage: https://cloudron.io Software Link: https://www.cloudron.io/get.html Version: 6.3 CVE : CVE-2021-40868 Proof of Concept: 1. Go to...

6.1CVSS6.4AI score0.09071EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.231 views

e107 CMS 2.3.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: e107 CMS 2.3.0 - Remote Code Execution RCE Authenticated Date: 21-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 2.3.0 Category: Webapps Tested on: Linux/Windows e107 is a free website content...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.244 views

Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.239 views

OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection (XXE)

Exploit Title: OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection XXE Date: 2021-09-20 Exploit Author: Jake Ruston Vendor Homepage: https://opencats.org Software Link: https://github.com/opencats/OpenCATS/releases/download/0.9.4-2/opencats-0.9.4-2-full.zip Version: w:document...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.516 views

TotalAV 5.15.69 - Unquoted Service Path

Exploit Title: TotalAV 5.15.69 - Unquoted Service Path Date: 22/09/2021 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.totalav.com Software Link: https://download.totalav.com/windows/beta-trial or https://install.protected.net/windows/cdn3/5.15.69/TotalAV.exe Version: 5.15.69...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.540 views

Simple Attendance System 1.0 - Unauthenticated Blind SQLi

Exploit Title: Simple Attendance System 1.0 - Unauthenticated Blind SQLi Exploit Author: t//\1 Date: September 21, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Tested on: Linux Version: v1.0 Exploit Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/22 12:0 a.m.249 views

Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Sentry 8.2.0 - Remote Code Execution RCE Authenticated Date: 22/09/2021 Exploit Author: Mohin Paramasivam Shad0wQu35t Vulnerability Discovered By : Clement Berthaux SYNACKTIV Software Link: https://sentry.io/welcome/ Advisory:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/21 12:0 a.m.205 views

Budget and Expense Tracker System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Budget and Expense Tracker System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-21 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/21 12:0 a.m.513 views

WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: WebsiteBaker 2.13.0 - Remote Code Execution RCE Authenticated Date: 18-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://websitebaker.org/ Software Link: http://wiki.websitebaker.org/doku.php/en/downloads Version: 2.13.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/21 12:0 a.m.346 views

Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service (PoC)

Exploit Title: Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service PoC Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.yenkee.eu/gaming-mouse-hornet-aim/yms-3029 Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.225 views

Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Church Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.308 views

Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Lin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.458 views

WordPress 5.7 - 'Media Library' XML External Entity Injection (XXE) (Authenticated)

Exploit Title: WordPress 5.7 - 'Media Library' XML External Entity Injection XXE Authenticated Date: 16/09/2021 Exploit Author: David Utón M3n0sD0n4ld Vendor Homepage: https://wordpress.com Affected Version: WordPress 5.6-5.7 & PHP8 Tested on: Linux Ubuntu 18.04.5 LTS CVE : CVE-2021-29447...

7.1CVSS6.7AI score0.85719EPSS
Exploits20
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.295 views

Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)

Exploit Title: Church Management System 1.0 - 'search' SQL Injection Unauthenticated Exploit Author: Erwin Krazek Nero Date: 17/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904