Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.207 views

Budget and Expense Tracker System 1.0 - Authenticated Bypass

Exploit Title: Budget and Expense Tracker System 1.0 - Authenticated Bypass Exploit Author: Prunier Charles-Yves Date: September 20, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/20 12:0 a.m.297 views

Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)

Exploit Title: Church Management System 1.0 - 'search' SQL Injection Unauthenticated Exploit Author: Erwin Krazek Nero Date: 17/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/17 12:0 a.m.383 views

WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass

Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Date: 2021-09-16 Exploit Author: Sebastian Kriesten 0xB455 Contact: https://twitter.com/0xB455 Affected Plugin: Booster for WooCommerce Plugin Slug: woocommerce-jetpack Vulnerability disclosure:...

9.8CVSS9.6AI score0.50869EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/09/17 12:0 a.m.239 views

Simple Attendance System 1.0 - Authenticated bypass

Exploit Title: Simple Attendance System 1.0 - Authenticated bypass Exploit Author: Abdullah Khawaja hax.3xploit Date: September 17, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/17 12:0 a.m.250 views

Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)

Exploit Title: Library Management System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Bobby Cooke @0xBoku & Adeeb Shah @hyd3sec Date: 16/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/12469/library-management-system-using-php-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/16 12:0 a.m.489 views

ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.impresscms.org/ Software Link: https://www.impresscms.org/modules/downloads/ Version: 1.4.2 Category: Webapps Tested on: Linux/Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/15 12:0 a.m.291 views

AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)

Exploit Title: AlphaWeb XE - File Upload Remote Code Execution RCE Authenticated Date: 09/09/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor website: https://www.zenitel.com/ Product website: https://wiki.zenitel.com/wiki/AlphaWeb Example: python3 CVE-2021-40845.py -u "http://$ip:80/" -c...

8.8CVSS8.8AI score0.04682EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/09/15 12:0 a.m.259 views

Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)

Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Date: 2021-09-15 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/15 12:0 a.m.276 views

Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Evolution CMS 3.1.6 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://evo.im/ Software Link: https://github.com/evolution-cms/evolution/releases Version: 3.1.6 Category: Webapps Tested on: Linux/Windows Exampl...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/15 12:0 a.m.220 views

Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)

Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Date: 29.08.2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/14 12:0 a.m.355 views

Purchase Order Management System 1.0 - Remote File Upload

Exploit Title: Purchase Order Management System 1.0 - Remote File Upload Date: 2021-09-14 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.284 views

ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() Function

Exploit Title: ECOA Building Automation System - Hidden Backdoor Accounts and backdoor Function Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hidden Backdoor Accounts and backdoor Function Vendor: ECOA Technologies Corp...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.255 views

ECOA Building Automation System - Local File Disclosure

Exploit Title: ECOA Building Automation System - Local File Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Local File Disclosure Vulnerability Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.281 views

ECOA Building Automation System - Remote Privilege Escalation

Exploit Title: ECOA Building Automation System - Remote Privilege Escalation Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Remote Privilege Escalation Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.406 views

Active WebCam 11.5 - Unquoted Service Path

Exploit Title: Active WebCam 11.5 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 09.09.2021 Software Link: https://www.techspot.com/downloads/175-active-webcam.html Vendor Homepage: https://www.pysoft.com/ Version: 11.5 Tested on: Windows 10 Note: "Star...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.274 views

ECOA Building Automation System - Cookie Poisoning Authentication Bypass

Exploit Title: ECOA Building Automation System - Cookie Poisoning Authentication Bypass Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cookie Poisoning Authentication Bypass Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.269 views

ECOA Building Automation System - Weak Default Credentials

Exploit Title: ECOA Building Automation System - Weak Default Credentials Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Weak Default Credentials Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affecte...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.270 views

Men Salon Management System 1.0 - Multiple Vulnerabilities

Exploit Title: Men Salon Management System 1.0 - Multiple Vulnerabilities Date: 2021-09-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql Version: 1.0 Tested on: Windows 10 - XAMPP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.274 views

ECOA Building Automation System - Configuration Download Information Disclosure

Exploit Title: ECOA Building Automation System - Configuration Download Information Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Configuration Download Information Disclosure Vendor: ECOA Technologies Corp. Produc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.311 views

Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai

Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Date: 2021-09-11 Exploit Author: Abhiram V Vendor Homepage: https://parl.ai/ Software Link: https://github.com/facebookresearch/ParlAI Version: 1.1.0 Tested on: Linux CVE: CVE-2021-24040 References :...

9.8CVSS9.6AI score0.17353EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.267 views

Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload

Exploit Title: Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/download-from-files Date: 10/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/download-from-files/ Version: spacehen www.github.com/spacehen" def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.289 views

Apartment Visitor Management System (AVMS) 1.0 - 'username' SQL Injection

Exploit Title: Apartment Visitor Management System AVMS 1.0 - 'username' SQL Injection Date: 2021-08-13 Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.301 views

ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)

Exploit Title: ECOA Building Automation System - 'multiple' Cross-Site Request Forgery CSRF Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cross-Site Request Forgery Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.472 views

ECOA Building Automation System - Path Traversal Arbitrary File Upload

Exploit Title: ECOA Building Automation System - Path Traversal Arbitrary File Upload Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Path Traversal Arbitrary File Upload Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.293 views

ECOA Building Automation System - Directory Traversal Content Disclosure

Exploit Title: ECOA Building Automation System - Directory Traversal Content Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Directory Traversal Content Disclosure Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.263 views

ECOA Building Automation System - Missing Encryption Of Sensitive Information

Exploit Title: ECOA Building Automation System - Missing Encryption Of Sensitive Information Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Missing Encryption Of Sensitive Information Vendor: ECOA Technologies Corp. Product we...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.284 views

ECOA Building Automation System - Hard-coded Credentials SSH Access

Exploit Title: ECOA Building Automation System - Hard-coded Credentials SSH Access Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hard-coded Credentials SSH Access Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.234 views

ECOA Building Automation System - Arbitrary File Deletion

Exploit Title: ECOA Building Automation System - Arbitrary File Deletion Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Arbitrary File Deletion Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/09 12:0 a.m.341 views

Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)

Exploit Title: Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting XSS Date: 2021-09-08 Exploit Author: Emre Aslan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/wp-content/uploads/2021/07/Bus-Pass-Management-System-Using-PHP-MySQL.zip Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/08 12:0 a.m.450 views

WordPress Plugin TablePress 1.14 - CSV Injection

Exploit Title: WordPress Plugin TablePress 1.14 - CSV Injection Date: 07/09/2021 Exploit Author: Nikhil Kapoor Vendor Homepage: Software Link: https://wordpress.org/plugins/tablepress/ Version: 1.14 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1. Install...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/07 12:0 a.m.372 views

WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection (2)

Exploit Title: WordPress Plugin Survey & Poll 1.5.7.3 - 'sssparams' SQL Injection 2 Date: 2021-09-07 Exploit Author: Mohin Paramasivam Shad0wQu35t Vendor Homepage: http://modalsurvey.pantherius.com/ Software Link: https://downloads.wordpress.org/plugin/wp-survey-and-poll.zip Version: 1.5.7.3 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/07 12:0 a.m.145 views

WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting XSS Date: 07/09/2021 Exploit Author: Nikhil Kapoor Software Link: https://wordpress.org/plugins/wp-sitemap-page/ Version: 1.6.4 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.233 views

Antminer Monitor 0.5.0 - Authentication Bypass

Exploit Title: Antminer Monitor 0.5.0 - Authentication Bypass Date: 09/06/2021 Dork:https://www.zoomeye.org/searchResult?q=%22antminer%20monitor%22 Exploit Author: CQR.company / Vulnz. Vendor Homepage: https://github.com/anselal/antminer-monitor,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.138 views

SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service (PoC)

Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service Date: 9/5/2021 Exploit Author: Eric Salario Vendor Homepage: https://www.smartftp.com/en-us/ Software Link: https://www.smartftp.com/en-us/download Version: 10.0.2909.0 32 and 64 bit Tested on: Microsoft Windows 10 32 bit a...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.170 views

Patient Appointment Scheduler System 1.0 - Persistent Cross-Site Scripting

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.139 views

Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload

Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.586 views

FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: FlatCore CMS 2.0.7 - Remote Code Execution RCE Authenticated Date: 04/10/2021 Exploit Author: Mason Soroka-Gill @sgizoid Vendor Homepage: https://flatcore.org/ Software Link: https://github.com/flatCore/flatCore-CMS/archive/refs/tags/v2.0.7.tar.gz Version: 2.0.7 Tested on: Ubuntu...

9CVSS7AI score0.45948EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.387 views

Argus Surveillance DVR 4.0 - Unquoted Service Path

Exploit Title: Argus Surveillance DVR 4.0 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 03.09.2021 Version: Argus Surveillance DVR 4.0 Tested on: Windows 10 Note: "Start as service on Windows Startup" must be enabled in Program Options Proof of Concept...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.243 views

OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference (IDOR)

Exploit Title: OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference IDOR Date: 31/08/2021 Exploit Author: Allen Enosh Upputori Vendor Homepage: https://www.open-emr.org Software Link: https://www.open-emr.org/wiki/index.php/OpenEMRDownloads Version: 6.0.0 Tested on: Linux CVE : CVE-2021-4035...

6.5CVSS6.5AI score0.09709EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/06 12:0 a.m.211 views

Bus Pass Management System 1.0 - 'viewid' Insecure direct object references (IDOR)

Exploit Title: Bus Pass Management System 1.0 - 'viewid' Insecure direct object references IDOR Date: 2021-09-05 Exploit Author: sudoninja Vendor Homepage: https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/03 12:0 a.m.460 views

OpenSIS 8.0 'modname' - Directory Traversal

Exploit Title: OpenSIS 8.0 'modname' - Directory/Path Traversal Date: 09-02-2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux CVE: CVE-2021-40651 The 'modname' parameter in the 'Modules.php' ...

6.5CVSS6.6AI score0.18415EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/09/03 12:0 a.m.200 views

Remote Mouse 4.002 - Unquoted Service Path

Exploit Title: Remote Mouse 4.002 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 03.09.2021 Software Link: https://www.remotemouse.net/downloads/RemoteMouse.exe Vendor Homepage: https://www.remotemouse.net/ Version: Remote Mouse 3.008 & 4.002 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.350 views

WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting XSS Date: 02/09/2021 Exploit Author: Nikhil Kapoor Software Link: https://wordpress.org/plugins/duplicate-page/ Version: 4.4.1 Category: Web Application Tested on Windows How to Reproduce this Vulnerability: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.247 views

Compro Technology IP Camera - ' index_MJpeg.cgi' Stream Disclosure

Exploit Title: Compro Technology IP Camera - ' indexMJpeg.cgi' Stream Disclosure Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40381 Has an unauthorized acce...

7.5CVSS7.7AI score0.22724EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.249 views

Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure

Exploit Title: Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40382 There is an...

7.5CVSS7.7AI score0.22724EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.218 views

Compro Technology IP Camera - 'Multiple' Credential Disclosure

Exploit Title: Compro Technology IP Camera - 'Multiple' Credential Disclosure Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40380 There are unauthorized acce...

7.5CVSS7.7AI score0.22724EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.238 views

Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated)

Exploit Title: Compro Technology IP Camera - RTSP stream disclosure Unauthenticated Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40379 Some devices have...

7.5CVSS7.7AI score0.21631EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.201 views

Compro Technology IP Camera - 'killps.cgi' Denial of Service (DoS)

Exploit Title: Compro Technology IP Camera - 'killps.cgi' Denial-of-Service DoS Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40378 There is a backdoor...

8.5CVSS8.2AI score0.15023EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.221 views

OpenSIS Community 8.0 - 'cp_id_miss_attn' SQL Injection

Exploit Title: OpenSIS Community 8.0 - 'cpidmissattn' SQL Injection Date: 09/01/2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux A SQL injection vulnerability exists in the Take Attendance...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/02 12:0 a.m.229 views

Dolibarr ERP 14.0.1 - Privilege Escalation

Exploit Title: Dolibarr ERP/CRM 14.0.1 - Privilege Escalation Date: April 8, 2021 Exploit Author: Vishwaraj101 Vendor Homepage: https://www.dolibarr.org/ Affected Version: = 14.0.1 Patch: https://github.com/Dolibarr/dolibarr/commit/489cff46a37b04784d8e884af7fc2ad623bee17d Summary: Using the below...

7.4AI score
Exploits0
Total number of security vulnerabilities47904