Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.80 views

Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell

!/usr/bin/env python Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell Vendor: Ilevia Srl. Product web page: https://www.ilevia.com Affected version: = 4.7.18.0.eden Logic ver: 6.00 Summary: EVE is a smart home and building automation solution designed for both residential and commercial...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.338 views

GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)

Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution RCE Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Version: 6.1.2.0 or less Tested on:...

8.8CVSS9.5AI score0.19519EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.234 views

Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass

!/usr/bin/env python3 Exploit Title: Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass Google Dork: inurl:/mifs "Ivanti" OR "EPM" OR "Endpoint Manager" Date: 2025-01-21 Exploit Author: Your Name https://github.com/your-username Vendor Homepage: https://www.ivanti.com/ Software Link:...

8.8CVSS8.6AI score0.99891EPSS
Exploits10
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.225 views

Lingdang CRM 8.6.4.7 - SQL Injection

Exploit Title: Lingdang CRM 8.6.4.7 - SQL Injection Google Dork: N/A Date: 2025-08-19 Exploit Author: Beatriz Fresno Naumova Vendor: Shanghai Lingdang Information Technology Software Link: N/A – commercial product Version: = 8.6.4.7 fixed in 8.6.5.x per vendor advisory Tested on: Generic LAMP...

8.8CVSS6.4AI score0.00448EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.257 views

GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure

Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Version: 6.1.2.0 or less Tested on:...

5.1CVSS9.5AI score0.01278EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.411 views

StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload

Exploit Title: StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload Exploit Author: xpl0dec Vendor Homepage: https://www.storychief.io/wordpress-content-scheduler Software Link: https://github.com/Story-Chief/wordpress/ Version: ”; ? 2. Adjust the echo phpinfo section as needed 3. Host it o...

9.8CVSS6.5AI score0.37349EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/08/26 12:0 a.m.337 views

Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure

/ Exploit Title : Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-6082 Software Link : https://frp.wordpress.org/plugins/birth-chart-compatibility/ Description : Proof‑of‑Concept exploits the Full Path Disclosure bu...

5.3CVSS9.5AI score0.01567EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.332 views

Tenda AC20 16.03.08.12 - Command Injection

/ Exploit Title : Tenda AC20 16.03.08.12 - Command Injection Author : Byte Reaper CVE : CVE-2025-9090 Description: A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. target endpoint :...

9.8CVSS7.4AI score0.14105EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.297 views

Soosyze CMS 2.0 - Brute Force Login

Exploit Title: Soosyze CMS 2.0 - Brute Force Login Google Dork: N/A Date: 2025-08-13 Exploit Author: Beatriz Fresno Naumova beafn28 Vendor Homepage: https://soosyze.com/ Software Link: https://github.com/soosyze/soosyze Version: 2.0 tested Tested on: macOS Sonoma 14.x Apple Silicon M1, /bin/bash...

5.4CVSS7.4AI score0.0081EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.645 views

PHPMyAdmin 3.0 - Bruteforce Login Bypass

""" Exploit-Title: PHPMyAdmin 3.0 - Bruteforce Login Bypass Author: Nikola Markovic [email protected] Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: 3.0 & 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 Tested on: win/linux/unix Python-Version: 3.0 CVE...

5CVSS7.4AI score0.0979EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.399 views

BigAnt Office Messenger 5.6.06 - SQL Injection

Exploit Title: BigAnt Office Messenger 5.6.06 - SQL Injection Date: 01.09.2025 Exploit Author: Nicat Abbasov Vendor Homepage: https://www.bigantsoft.com/ Software Link: https://www.bigantsoft.com/download.html Version: 5.6.06 Tested on: 5.6.06 CVE : CVE-2024-54761 Github repo:...

6.3CVSS7.4AI score0.01759EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.287 views

Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure

Exploit Title: Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure Date: 13/08/2025 Exploit Author: Ruben Enkaoua Author link: https://x.com/RubenLabs, https://github.com/rubenformation Original Blog: https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/...

6.5CVSS7.4AI score0.58974EPSS
Exploits21
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.336 views

Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection (XXE)

/ Exploit Title: Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection XXE Google Dork: N/A Date: 2025-08-17 Exploit Author: Byte Reaper Vendor Homepage: https://www.lantronix.com/ Software Link: https://www.lantronix.com/products/lantronix-provisioning-manager/ Version:...

8.6CVSS7.4AI score0.01667EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/18 12:0 a.m.437 views

RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)

Exploit Title: RiteCMS 3.0.0 – Reflected Cross-Site Scripting XSS Google Dork: N/A Date: 2024-08-12 Exploit Author: GURJOT SINGH Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.0.0/ritecms.v3.0.0.zip Version: Steps: 1. Log in or...

6.1CVSS7.4AI score0.01317EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.429 views

Microsoft SharePoint Server 2019 (16.0.10383.20020) - Remote Code Execution (RCE)

Exploit Title: Microsoft SharePoint Server 2019 – Remote Code Execution RCE Google Dork: intitle:"Microsoft SharePoint" inurl:"/layouts/15/ToolPane.aspx" Date: 2025-08-07 Exploit Author: Agampreet Singh RedRoot Tool Maker – https://github.com/Agampreet-Singh/RedRoot Vendor Homepage:...

9.8CVSS7.4AI score0.99979EPSS
Exploits41
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.242 views

Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials

/ Title : Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials Author : Byte Reaper CVE : CVE-2025-8730 Description : Exploit demonstrating an authentication bypass vulnerability in the web interface of Belkin F9K1009 and F9K1010 routers. The flaw resides in improper session validation...

10CVSS7.4AI score0.03245EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.269 views

Ghost CMS 5.59.1 - Arbitrary File Read

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link: https://github.com/TryGhost/Ghost Version: =2.28.1, zipfile, tempfile Usag...

6.5CVSS7.4AI score0.57565EPSS
Exploits12
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.256 views

JetBrains TeamCity 2023.11.4 - Authentication Bypass

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: JetBrains TeamCity 2023.11.4 - Authentication Bypass Date: 2024-02-21 Exploit Author: ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://www.jetbrains.com/teamcity/ Version: =2.25.1 """ import requests import argparse...

9.8CVSS7.4AI score0.99938EPSS
Exploits24
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.360 views

Ghost CMS 5.42.1 - Path Traversal

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.42.1 - Path Traversal Date: 2023-06-15 Exploit Author:ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://ghost.org Software Link: https://github.com/TryGhost/Ghost Version: =2.28.1 """ import requests import s...

7.5CVSS7.4AI score0.39078EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.334 views

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Exploit Title: VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Date: 2025-08-08 - Exploit Author: Imraan Khan Lich-Sec - Vendor Homepage: https://www.vmware.com - Version: vSphere Client 8.0.3.0 - Tested On:...

4.3CVSS7.4AI score0.00785EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.391 views

Cisco ISE 3.0 - Remote Code Execution (RCE)

Exploit Title: Cisco ISE 3.0 - Remote Code Execution RCE Exploit Author: @ibrahimsql ibrahimsql.com Exploit Author's github: https://github.com/ibrahmsql Description: Cisco ISE API Java Deserialization RCE CVE: CVE-2025-20124 Vendor Homepage: https://www.cisco.com/ Requirements: requests=2.25.0,...

9.9CVSS7.4AI score0.17218EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.268 views

Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure

Exploit Title: Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure Exploit Author: Yesith Alvarez Vendor Homepage: hhttps://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420 CVE: CVE-2025-5777 Link: https://github.com/yealvarez/CVE/blob/main/CVE-2025-5777/exploit.py impor...

9.3CVSS7.4AI score0.9987EPSS
Exploits18
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.506 views

Microsoft Windows - Storage QoS Filter Driver Checker

Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...

7.8CVSS7.4AI score0.00586EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.276 views

projectworlds Online Admission System 1.0 - SQL Injection

/ Title : projectworlds Online Admission System 1.0 - SQL Injection Author : Byte Reaper CVE : CVE-2025-8471 / include include include include include "argparse.h" include define FULL 2200 int verbose = 0; int selCookie = 0; const char cookies; void sleepAssemblyvoid struct timespec s ; s.tvsec =...

9.8CVSS7.4AI score0.00621EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.273 views

Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape

Titles: Microsoft Edge Renderer Process Mojo IPC 134.0.6998.177 - Sandbox Escape Author: nu11secur1ty Date: 08/07/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730...

8.3CVSS7.4AI score0.08404EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.274 views

atjiu pybbs 6.0.0 - Cross Site Scripting (XSS)

/ Exploit Title : atjiu pybbs 6.0.0 - Cross Site Scripting XSS Exploit Author: Byte Reaper Vendor Homepage: https://github.com/atjiu/pybbs Tested on: Kali Linux CVE: CVE-2025-8550...

5.4CVSS7.4AI score0.00625EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.299 views

Cisco ISE 3.0 - Authorization Bypass

Exploit Title: Cisco ISE 3.0 - Authorization Bypass Exploit Author: @ibrahimsql ibrahimsql.com Exploit Author's github: https://github.com/ibrahmsql Description: Cisco ISE API Authorization Bypass CVE: CVE-2025-20125 Vendor Homepage: https://www.cisco.com/ Requirements: requests=2.25.0,...

9.1CVSS7.4AI score0.14982EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.269 views

Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 - Command Injection

/ Title : Tigo Energy Cloud Connect Advanced CCA 4.0.1 - Command Injection Author : Byte Reaper CVE : CVE-2025-7769 / include include include include "argparse.h" include include include define FULLURL 2500 define POSTPAYLOAD 5500 const char baseurl = NULL; const char cookies = NULL; const char i...

8.7CVSS7.4AI score0.15849EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.373 views

ServiceNow Multiple Versions - Input Validation & Template Injection

!/usr/bin/env python3 """ Title : ServiceNow Multiple Versions - Input Validation & Template Injection Date: 2025-01-31 Author: ibrahimsql Vendor: ServiceNow Version: Vancouver, Washington DC, Utah various patches affected from 0 before Utah Patch 10 Hot Fix 3 affected from 0 before Utah Patch 10...

9.8CVSS7.4AI score0.99976EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.418 views

Grav CMS 1.7.48 - Remote Code Execution (RCE)

Exploit Title: Grav CMS 1.7.48 - Remote Code Execution RCE Date: 2025-08-07 Exploit Author: binneko https://github.com/binneko Vendor Homepage: https://getgrav.org/ Software Link: https://github.com/getgrav/grav/releases/tag/1.7.48 Version: Grav CMS v1.7.48 / Admin Plugin v1.10.48 Tested on: Debi...

8.1CVSS7.4AI score0.09319EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.444 views

Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE)

Titles: Microsoft Virtual Hard Disk VHDX 11 - Remote Code Execution RCE Author: nu11secur1ty Date: 07/23/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/windows/windows-11?r=1 Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-49683 Base Score: 7.8 HIGHVector:...

7.8CVSS6.3AI score0.01916EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.489 views

Gandia Integra Total 4.4.2236.1 - SQL Injection

/ Author : Byte Reaper CVE : CVE-2025-41373 Vulnerability : SQL Affected Path : /encuestas/integrawebv4/integra/html/view/hislistadoacciones.php?idestudio= Affected Versions : 2.1.2217.3 to v4.4.2236.1 Description: This endpoint concatenates the idestudio parameter directly into an SQL query...

8.8CVSS6.4AI score0.0107EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.473 views

Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure

Titles: Microsoft Edge Chromium-based 135.0.7049.114/.115 - Information Disclosure Date: 08/02/2025 Vendor: Microsoft Software: https://www.microsoft.com/bg-bg/edge/download?form=MA13FJ Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49741 Description CVE-2025-49741...

7.5CVSS6.4AI score0.03375EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.466 views

Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation

!/usr/bin/env python3 Exploit Title: Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation Exploit Author: Gurjot Singh CVE: CVE-2023-3460 Description : The attached PoC demonstrates how an unauthenticated attacker can escalate privileges to admin by abusing unsanitized input in...

9.8CVSS9.7AI score0.72306EPSS
Exploits12
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.475 views

LPAR2RRD 8.04 - Remote Code Execution (RCE)

/ Author : Byte Reaper Title : LPAR2RRD 8.04 - Remote Code Execution RCE CVE : CVE-2025-54769 Vulnerability: RCE && directory traversal Description : Uploads a malicious Perl script via the LPAR2RRD upgrade endpoint, exploits directory traversal to place it in a CGI-executable path, then triggers...

8.8CVSS6.5AI score0.03038EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.423 views

Copyparty 1.18.6 - Reflected Cross-Site Scripting (XSS)

/ Author : Byte Reaper CVE : CVE-2025-54589 Title : Copyparty 1.18.6 - Reflected Cross-Site Scripting XSS CVE-2025-54589 is a reflected cross-site scripting XSS vulnerability in Copyparty ≤ 1.18.6 where the filter parameter is inserted into the HTML response without proper sanitization, allowing ...

6.3CVSS6.4AI score0.02393EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/08/03 12:0 a.m.472 views

Swagger UI 1.0.3 - Cross-Site Scripting (XSS)

/ Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-8191 Title : Swagger UI 1.0.3 - Cross-Site Scripting XSS Description : CVE-2025-8191, a vulnerability in the Swagger UI service due to poor description parameter filtering, leading to command execution on a remote server. / include...

5.4CVSS3.9AI score0.01646EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/28 12:0 a.m.337 views

Mezzanine CMS 6.1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Mezzanine CMS 6.1.0 Stored Cross Site Scripting XSS via component /blog/blogpost/add Date: 23/07/2025 Exploit Author: Kevin Dicks Vendor Homepage: https://github.com/stephenmcd/mezzanine Software Link: https://github.com/stephenmcd/mezzanine Version: 6.1.0 Category: Web Application...

4.8CVSS6.5AI score0.00576EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/28 12:0 a.m.257 views

Adobe ColdFusion 2023.6 - Remote File Read

Exploit Title: Adobe ColdFusion 2023.6 - Remote File Read Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahmsql Description: ColdFusion 2023 LUcee - Remote Code Execution CVE: CVE-2024-20767 Vendor Homepage: https://www.adobe.com/ Requirements: requests=2.25.0,...

7.4CVSS7.5AI score0.98514EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/07/28 12:0 a.m.246 views

Linux PAM Environment - Variable Injection Local Privilege Escalation

Exploit Title: Linux PAM Environment - Variable Injection Local Privilege Escalation Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahmsql Description: PAM pamenv.so module allows environment variable injection via /.pamenvironment leading to privilege escalation throu...

7.8CVSS8.6AI score0.00957EPSS
Exploits19
Exploit DB
Exploit DB
added 2025/07/28 12:0 a.m.320 views

XWiki 14 - SQL Injection via getdeleteddocuments.vm

Exploit Title: XWiki 14 - SQL Injection via getdeleteddocuments.vm Google Dork: N/A Date: 28 July 2025 Exploit Author: Byte Reaper LinkedIn: N/A Vendor Homepage: https://www.xwiki.org Software Link: https://www.xwiki.org Version: XWiki Platform ≤ 14.x Tested on: XWiki Platform ≤ 14.x CVE:...

9.8CVSS6.4AI score0.8541EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/07/28 12:0 a.m.267 views

Xlight FTP 1.1 - Denial Of Service (DOS)

Exploit Title: Xlight FTP 1.1 - Denial Of Service DOS Google Dork: N/A Date: 22 July 2025 Exploit Author: Fernando Mengali LinkedIn: https://www.linkedin.com/in/fernando-mengali/ Vendor Homepage: https://www.xlightftpd.com Software Link: N/A Version: 1.1 Tested on: Windows XP CVE: CVE-2024-0737...

7.5CVSS5.7AI score0.04195EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/28 12:0 a.m.302 views

Invision Community 4.7.20 - (calendar/view.php) SQL Injection

Exploit Title: Invision Community = 4.7.18. Proof of Concept https://karmainsecurity.com/pocs/CVE-2025-48932.php...

6.8AI score
Exploits2
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.268 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Facebook Integration Page Name Field Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/...

5.4CVSS7.4AI score0.00872EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.263 views

Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)

Titles: Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting XSS Author: nu11secur1ty Date: 2025-07-18 Vendor: Microsoft Software: Microsoft Edge Browser Reference: https://www.cve.org/CVERecord?id=CVE-2015-6176 !/usr/bin/python nu11secur1ty CVE-2015-6176 import http.server import...

4.3CVSS7.4AI score0.10826EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.313 views

Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE

Exploit Title: Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE Google Dork: inurl:/wp-content/plugins/pie-register/ Date: 2025-07-09 Exploit Author: Md Amanat Ullah xSwads Vendor Homepage: https://wordpress.org/plugins/pie-register/ Software Link:...

10CVSS7.4AI score0.09903EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.255 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Operator Surname Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software Link:...

5.4CVSS7.4AI score0.00854EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.388 views

Simple File List WordPress Plugin 4.2.2 - File Upload to RCE

Exploit Title: Simple File List WordPress Plugin 4.2.2 - File Upload to RCE Google Dork: inurl:/wp-content/plugins/simple-file-list/ Date: 2025-07-15 Exploit Author: Md Amanat Ullah xSwads Vendor Homepage: https://wordpress.org/plugins/simple-file-list/ Software Link:...

9.8CVSS7.4AI score0.12633EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.253 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via the Chat Transfer Function Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software...

5.4CVSS7.4AI score0.00872EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.255 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field

Exploit Title: LiveHelperChat 4. Save the changes. 5. Revist the Department Assignment settings page and edit the Alias Nick field, the cross site scripting xss will execute...

6.5CVSS7.4AI score0.01532EPSS
Exploits4
Total number of security vulnerabilities47904