Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/07/05 12:0 a.m.314 views

Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Version: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.284 views

Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)

Exploit Title: Garbage Collection Management System 1.0 - SQL Injection Unauthenticated Exploit Author: ircashem Date 02.07.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14854/garbage-collection-management-system-php.html Version 1.0 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.303 views

Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthenticated)

Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Event export Unauthenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.5.16.2.z...

7.5CVSS7.6AI score0.31043EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.215 views

WinWaste.NET 1.0.6183.16475 - Privilege Escalation due Incorrect Access Control

Exploit Title: WinWaste.NET 1.0.6183.16475 - Privilege Escalation due Incorrect Access Control Date: 2021-07-01 Author: Andrea Intilangelo Vendor Homepage: http://nica.it - http://winwastenet.com Version: 1.0.6183.16475 Tested on: Windows 10 Pro x64 - 20H2 and 21H1 CVE: CVE-2021-34110 WinWaste.NE...

7.8CVSS7.8AI score0.01154EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.526 views

Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution (Authenticated)

Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution Authenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link:...

7.2CVSS7.4AI score0.88158EPSS
Exploits9
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.349 views

Scratch Desktop 3.17 - Remote Code Execution

Exploit Title: Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution XSS/RCE Google Dork: 'inurl:"/projects/editor/?tutorial=getStarted" -mit.edu' not foolproof on versioning Date: 2021-06-18 Exploit Author: Stig Magnus Baugstø Vendor Homepage: https://scratch.mit.edu/ Software Link:...

9.6CVSS9.6AI score0.06074EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.317 views

b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF)

Exploit Title: b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery CSRF Exploit Author: Alperen Ergel @alpernae Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/7-2-2 Version : 7.2.2 Tested on: Kali Linux Category: WebApp Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.363 views

AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting XSS Date: 07-01-2021 Exploit Author: Tyler Butler Vendor Homepage: https://www.akcp.com/ Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ Advisory:...

5.4CVSS5.5AI score0.0323EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.319 views

Online Voting System 1.0 - Remote Code Execution (Authenticated)

Exploit Title: Online Voting System 1.0 - Remote Code Execution Authenticated Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.320 views

Online Voting System 1.0 - Authentication Bypass (SQLi)

Exploit Title: Online Voting System 1.0 - Authentication Bypass SQLi Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.312 views

Vianeos OctoPUS 5 - 'login_user' SQLi

Exploit Title: Vianeos OctoPUS 5 - 'loginuser' SQLi Date: 01/07/2021 Exploit Author: Audencia Business SCHOOL Vendor Homepage: http://www.vianeos.com/en/home-vianeos/ Software Link: http://www.vianeos.com/en/octopus/ Version: V5 Tested on: Fedora / Apache2 / MariaDB Octopus V5 SQLi The "loginuser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/01 12:0 a.m.670 views

Wordpress Plugin XCloner 4.2.12 - Remote Code Execution (Authenticated)

Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Date 30.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12...

9.9CVSS9AI score0.24937EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/30 12:0 a.m.195 views

phpAbook 0.9i - SQL Injection

Exploit Title: phpAbook 0.9i - SQL Injection Date: 2021-06-29 Vendor Homepage: http://sourceforge.net/projects/phpabook/ Exploit Author: Said Cortes, Alejandro Perez Version: v0.9i This was written for educational purpose. Use it at your own risk. Author will be not responsible for any damage...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/30 12:0 a.m.131 views

Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)

Exploit Title: Doctors Patients Management System 1.0 - SQL Injection Authentication Bypass Date: 06/30/2021 Exploit Author: Murat DEMIRCI butterflyhunt3r Vendor Homepage: https://www.codester.com/ Software Link: https://www.codester.com/items/31349/medisol-doctors-patients-managment-system...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/30 12:0 a.m.323 views

Simple Traffic Offense System 1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Simple Traffic Offense System 1.0 - 'Multiple' Stored Cross Site Scripting XSS Date: 30-06-2021 Exploit Author: Barış Yıldızoğlu Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/trafic.zip Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/30 12:0 a.m.119 views

Apache Superset 1.1.0 - Time-Based Account Enumeration

Exploit Title: Apache Superset 1.1.0 - Time-Based Account Enumeration Author: Dolev Farhi Date: 2021-05-13 Vendor Homepage: https://superset.apache.org/ Version: 1.1.0 Tested on: Ubuntu import sys import requests import time scheme = 'http' host = '192.168.1.1' port = 8080 change with your wordli...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/29 12:0 a.m.501 views

ES File Explorer 4.1.9.7.4 - Arbitrary File Read

Exploit Title: ES File Explorer 4.1.9.7.4 - Arbitrary File Read Date: 29/06/2021 Exploit Author: Nehal Zaman Version: ES File Explorer v4.1.9.7.4 Tested on: Android CVE : CVE-2019-6447 import requests import json import ast import sys if lensys.argv file to download" sys.exit1 url = 'http://' +...

8.1CVSS8.3AI score0.6202EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/06/28 12:0 a.m.462 views

Atlassian Jira Server Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting XSS Date: 06/05/2021 Exploit Author: CAPTAINHOOK Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤ versi...

6.1CVSS6.5AI score0.04049EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/28 12:0 a.m.215 views

WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting XSS Date: 09/06/2021 Exploit Author: inspired - Toby Jackson Vendor Homepage: https://yop-poll.com/ Blog Post: https://www.in-spired.xyz/discovering-wordpress-plugin-yop-polls-v6-2-7-stored-xss/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/28 12:0 a.m.236 views

Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution RCE Unauthenticated Vulnerability: Remote Command Execution on /boardDataWW.php macAddress parameter Notes: The RCE doesn't need to be authenticated Date: 26/06/2021 Exploit Author: Bryan Leong IoT Device: Netgear WNAP320...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/28 12:0 a.m.192 views

SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting (XSS)

Exploit Title: SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting XSS Date: 24/06/2021 Exploit Author: Luqman Hakim Zahari @ Saitamang Vendor Homepage: https://support.sas.com/en/software/environment-manager-support.html Version: 2.5 Tested on: CentOS 7 CVE : CVE-2021-35475...

5.4CVSS5.6AI score0.00945EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/25 12:0 a.m.981 views

Lightweight facebook-styled blog 1.3 - Remote Code Execution (RCE) (Authenticated) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Lightweight facebook-styled blog authenticated remote code execution", 'Description' = %q This module exploits the file upload vulnerability of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/25 12:0 a.m.389 views

Simple Client Management System 1.0 - 'uemail' SQL Injection (Unauthenticated)

Exploit Title: Simple Client Management System 1.0 - 'uemail' SQL Injection Unauthenticated Date: 24-06-2021 Exploit Author: Barış Yıldızoğlu Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/client-details.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/25 12:0 a.m.399 views

SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path

Exploit Title: SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path Discovery by: Brian Rodriguez Date: 21-06-2021 Vendor Homepage: https://brother.com/ Tested Version: 7.60 Vulnerability Type: Unquoted Service Path Tested on: Windows 10 Enterprise 64 bits Step to discover Unquoted Service Path:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/25 12:0 a.m.605 views

Seeddms 5.1.10 - Remote Command Execution (RCE) (Authenticated)

Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...

7.5CVSS7.8AI score0.11696EPSS
Exploits9
Exploit DB
Exploit DB
added 2021/06/24 12:0 a.m.661 views

VMware vCenter Server 7.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution RCE Unauthenticated Date: 06/21/2021 Exploit Author: CHackA0101 Vendor Homepage: https://kb.vmware.com/s/article/82374 Software Link: https://www.vmware.com/products/vcenter-server.html Version: This affects VMware...

10CVSS9.8AI score0.9957EPSS
Exploits47
Exploit DB
Exploit DB
added 2021/06/24 12:0 a.m.723 views

TP-Link TL-WR841N - Command Injection

Exploit Title: TP-Link TL-WR841N - Command Injection Date: 2020-12-13 Exploit Author: Koh You Liang Vendor Homepage: https://www.tp-link.com/ Software Link: https://static.tp-link.com/TL-WR841NJPV13161028.zip Version: TL-WR841N 0.9.1 4.0 Tested on: Windows 10 CVE : CVE-2020-35576 import requests...

9CVSS9.1AI score0.42285EPSS
Exploits1
Exploit DB
Exploit DB
added 2021/06/24 12:0 a.m.1440 views

Adobe ColdFusion 8 - Remote Command Execution (RCE)

Exploit Title: Adobe ColdFusion 8 - Remote Command Execution RCE Google Dork: intext:"adobe coldfusion 8" Date: 24/06/2021 Exploit Author: Pergyz Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html Version: 8 Tested on: Microsoft Windows Server 2008 R2 Standard CVE :...

7.5CVSS7AI score0.83865EPSS
Exploits10
Exploit DB
Exploit DB
added 2021/06/24 12:0 a.m.416 views

Huawei dg8045 - Authentication Bypass

Title: Huawei dg8045 - Authentication Bypass Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 Hardware Version: VER.A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. An...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.359 views

Simple CRM 3.0 - 'email' SQL injection (Authentication Bypass)

Exploit Title: Simple CRM 3.0 - 'email' SQL injection Authentication Bypass Date: 22/06/2021 Exploit Author: Rinku Kumar rinku191 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.257 views

Online Library Management System 1.0 - 'Search' SQL Injection

Exploit Title: Online Library Management System 1.0 - 'Search' SQL Injection Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/ols.zip Version: 1.0 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.346 views

WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting XSS Date: 22/6/2021 Exploit Author: Mohammed Adam Vendor Homepage: https://www.wpgmaps.com/ Software Link: https://wordpress.org/plugins/wp-google-maps/ Version: 5.7.2 Tested on: Windows 10 CVE: CVE-2021-24383...

5.4CVSS5.8AI score0.02339EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.551 views

WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 - 'date_answers' Blind SQL Injection

Exploit Title: WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 - 'dateanswers' Blind SQL Injection Date: 09/06/2021 Exploit Author: inspired - Toby Jackson Blog Post: https://in-spired.xyz/wpdevart-polls-blind-sql-injection/ Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/23 12:0 a.m.344 views

Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution (Unauthenticated)

Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution Unauthenticated Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/22 12:0 a.m.197 views

Phone Shop Sales Managements System 1.0 - Insecure Direct Object Reference (IDOR)

Exploit Title: Phone Shop Sales Managements System 1.0 - Insecure Direct Object Reference IDOR Date: 21/06/2021 Exploit Author: Pratik Khalane Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10882/phone-shop-sales-managements-system.html Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/22 12:0 a.m.500 views

Responsive Tourism Website 3.1 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Responsive Tourism Website 3.1 - Remote Code Execution RCE Unauthenticated Date: 22.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14838/simple-responsive-tourism-website-using-php-free-source-code.html Version: V 3.1 Tested on: MacOS &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/22 12:0 a.m.373 views

ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted Service Path

Exploit Title: ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted Service Path Date: 2021-06-21 Exploit Author: Julio Aviña Vendor Homepage: https://www.asus.com/ Software Link: https://dlcdnets.asus.com/pub/ASUS/LCD%20Monitors/MB16ACE/ASUSDisplayWidget3.4.0.036.exe.zip...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.527 views

Websvn 2.6.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...

10CVSS9.8AI score0.86716EPSS
Exploits9
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.432 views

Customer Relationship Management System (CRM) 1.0 - Remote Code Execution

Exploit Title: Customer Relationship Management System CRM 1.0 - Remote Code Execution Date: 21.06.2021 Exploit Author: Ishan Saha Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.552 views

Remote Mouse GUI 3.008 - Local Privilege Escalation

Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 17.06.2021 Version: Remote Mouse 3.008 Tested on: Windows 10 Pro Version 21H1 Reference: https://deathflash1411.github.io/blog/cve-2021-35448 CVE: CVE-2021-35448...

7.8CVSS7.8AI score0.01045EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.332 views

Lexmark Printer Software G2 Installation Package 1.8.0.0 - 'LM__bdsvc' Unquoted Service Path

Exploit Title: Lexmark Printer Software G2 Installation Package 1.8.0.0 - 'LMbdsvc' Unquoted Service Path Date: 2021-06-20 Exploit Author: Julio Aviña Vendor Homepage: https://www.lexmark.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.216 views

Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery (CSRF)

Exploit Title: Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery CSRF Date: 20/06/2021 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaD...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.290 views

Simple CRM 3.0 - 'name' Stored Cross site scripting (XSS)

Exploit Title: Simple CRM 3.0 - 'name' Stored Cross site scripting XSS Date: 20/06/2021 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.432 views

Solaris SunSSH 11.0 x86 - libpam Remote Root (3)

Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root 3 Exploit Author: Nathaniel Singer, Joe Rozner Date: 09/11/2020 CVE: 2020-14871 Vulnerable Versions: Oracle Solaris: 9 some releases, 10 all releases, 11.0 Description: CVE-2020-14871 is a critical pre-authentication via SSH stack-based...

10CVSS9.8AI score0.80291EPSS
Exploits13
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.634 views

iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path

Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.506 views

Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path

Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/21 12:0 a.m.324 views

OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated)

Exploit Title: OpenEMR 5.0.1.7 - 'fileName' Path Traversal Authenticated Date 16.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5017.zip Version: All versions prior to 5.0.2 Tested on:...

8.8CVSS7.5AI score0.66891EPSS
Exploits11
Exploit DB
Exploit DB
added 2021/06/18 12:0 a.m.348 views

Dlink DSL2750U - 'Reboot' Command Injection

Exploit Title: Dlink DSL2750U - 'Reboot' Command Injection Date: 17-06-2021 Exploit Author: Mohammed Hadi HadiMed Vendor Homepage: https://me.dlink.com/consumer Software Link: https://dlinkmea.com/index.php/product/details?det=c0lvN0JoeVVhSXh4TVhjTnd1OUpUUT09 Version: ME1.16 Tested on: firmware...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/18 12:0 a.m.187 views

Node.JS - 'node-serialize' Remote Code Execution (3)

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 3 Date: 17.06.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://github.com/luin/serialize Software Link: https://github.com/luin/serialize Version: 0.0.4 Tested on: Windows & Ubuntu CVE : 2017-5941 var serialize =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/18 12:0 a.m.294 views

ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting (XSS)

Exploit Title: ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting XSS Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description The file upload feature in ICE Hrm Version 29.0.0.OS allows remote...

7.4AI score
Exploits0
Total number of security vulnerabilities47904