Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2021/05/14 12:0 a.m.•187 views

Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated)

Exploit Title: Chamilo LMS 1.11.14 - Remote Code Execution Authenticated Date: 13/05/2021 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms Version: 1.11.14 Tested on: Ubuntu 20.04.2 LTS CVE: CVE-2021-31933 Writeup:...

7.2CVSS7.2AI score0.13933EPSS
Exploits4
Exploit DB
Exploit DB
•added 2021/05/14 12:0 a.m.•306 views

Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting (XSS)

Exploit Title: Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting XSS Date: 13/05/2021 Exploit Author: AyÅŸenur KARAASLAN Vendor Homepage: https://podcastgenerator.net/demoV2/ Software Link: https://podcastgenerator.net/download and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/14 12:0 a.m.•123 views

Student Management System 1.0 - 'message' Persistent Cross-Site Scripting (Authenticated)

Exploit Title: Student Management System 1.0 - 'message' Persistent Cross-Site Scripting Authenticated Date: 2021-05-13 Exploit Author: mohsen khashei kh4sh3i or [email protected] Vendor Homepage: https://github.com/amirhamza05/Student-Management-System Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/13 12:0 a.m.•243 views

Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection (Authenticated)

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection Authenticated Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/13 12:0 a.m.•244 views

Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass SQLi Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/13 12:0 a.m.•702 views

Firefox 72 IonMonkey - JIT Type Confusion

Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion Date: 2021-05-10 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://www.mozilla.org/en-US/firefox/new/ Versions: Firefox | | /| \ | |\ / / \ | | / | | / / / / |/ | /|/ \ / / || /||...

8.8CVSS8.6AI score0.46589EPSS
Exploits7
Exploit DB
Exploit DB
•added 2021/05/13 12:0 a.m.•421 views

Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free

Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Date: 2021-05-04 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit...

7.6CVSS8.1AI score0.86863EPSS
Exploits17
Exploit DB
Exploit DB
•added 2021/05/13 12:0 a.m.•176 views

ZeroShell 3.9.0 - Remote Command Execution

Exploit Title: ZeroShell 3.9.0 - Remote Command Execution Date: 10/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://zeroshell.org/ Software Link: https://zeroshell.org/download/ Version: 3.9.0 Tested on: ZeroShell 3.9.0 CVE : CVE-2019-12725 !/usr/bin/python3 import requests impor...

10CVSS9.8AI score0.89849EPSS
Exploits11
Exploit DB
Exploit DB
•added 2021/05/12 12:0 a.m.•161 views

Splinterware System Scheduler Professional 5.30 - Unquoted Service Path

Exploit Title: Splinterware System Scheduler Professional 5.30 - Unquoted Service Path Date: 2021-05-11 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.splinterware.com Software Link: https://www.splinterware.com/download/ssproeval.exe Version: 5.30 Professional Tested on: Windows...

0.3AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/12 12:0 a.m.•192 views

Chevereto 3.17.1 - Cross Site Scripting (Stored)

Exploit Title: Chevereto 3.17.1 - Cross Site Scripting Stored Google Dork: "powered by chevereto" Date: 19.04.2021 Exploit Author: Akıner Kısa Vendor Homepage: https://chevereto.com/ Software Link: https://chevereto.com/releases Version: 3.17.1 Tested on: Windows 10 / Xampp Proof of Concept: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/11 12:0 a.m.•139 views

Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path

Exploit Title: Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path Exploit Author: 1F98D Vendor Homepage: https://www.odoo.com/ Software Link: https://nightly.odoo.com/12.0/nightly/windows/odoo12.0.20190101.exe Tested Version: 12.0.20190101 Tested on OS: Windows Step to discover Unquoted Servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•331 views

DHCP Broadband 4.1.0.1503 - 'dhcpt.exe' Unquoted Service Path

Exploit Title: DHCP Broadband 4.1.0.1503 - 'dhcpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/dhcpbbv4retailx64.exe Tested Version: 4.1.0.1503...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•182 views

Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Date: 2020-10-31 Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is...

7.2CVSS7AI score0.16611EPSS
Exploits4
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•594 views

PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting XSS Date: May 3rd 2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•135 views

Human Resource Information System 0.1 - 'First Name' Persistent Cross-Site Scripting (Authenticated)

Exploit Title: Human Resource Information System 0.1 - 'First Name' Persistent Cross-Site Scripting Authenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•260 views

BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path

Exploit Title: BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/bootptdemox64.exe Tested Version: 2.0.0.1253 Vulnerabilit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/10 12:0 a.m.•253 views

TFTP Broadband 4.3.0.1465 - 'tftpt.exe' Unquoted Service Path

Exploit Title: TFTP Broadband 4.3.0.1465 - 'tftpt.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-07 Vendor Homepage: https://www.weird-solutions.com Software : https://www.weird-solutions.com/download/products/tftpbbv4retailx64.exe Tested Version: 4.3.0.1465...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•492 views

Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path

Exploit Title: Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.4/Sandboxie-Plus-x64-v0.7.4.exe Tested Version: 0.7.4 Vulnerability Type: Unquoted Servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•157 views

Sandboxie 5.49.7 - Denial of Service (PoC)

Exploit Title: Sandboxie 5.49.7 - Denial of Service PoC Date: 06/05/2021 Author: Erick Galindo Vendor Homepage: https://sandboxie-plus.com/ Software https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.4/Sandboxie-Classic-x64-v5.49.7.exe Version: 5.49.7 Tested on: Windows 10 Pro x64 ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•348 views

Epic Games Rocket League 1.95 - Stack Buffer Overrun

Exploit Title: Epic Games Rocket League 1.95 - Stack Buffer Overrun Date: 25.04.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.epicgames.com https://www.rocketleague.com Epic Games Rocket League 1.95 AK::MemoryMgr::GetPoolName Stack Buffer Overrun Vendor: Epic Games Inc. | Psyonix,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•406 views

PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection

Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Date: 03.05.2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•412 views

WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path

Exploit Title: WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://www.gearboxcomputers.com/downloads/wifihotspot.exe Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS:...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•584 views

Voting System 1.0 - Authentication Bypass (SQLI)

Exploit Title: Voting System 1.0 - Authentication Bypass SQLI Date: 06/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•426 views

Voting System 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Voting System 1.0 - Remote Code Execution Unauthenticated Date: 07/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•375 views

Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)

Exploit Title: Human Resource Information System 0.1 - Remote Code Execution Unauthenticated Date: 04-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/07 12:0 a.m.•480 views

Epic Games Easy Anti-Cheat 4.0 - Local Privilege Escalation

Exploit Title: Epic Games Easy Anti-Cheat 4.0 - Local Privilege Escalation Date: 04.05.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.epicgames.com https://www.easy.ac Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation Vendor: Epic Games, Inc. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/06 12:0 a.m.•188 views

Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload

Title: Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload Author: h4shur date: 2021-05-06 Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/wp-super-edit/ Version : 2.5.4 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Dor...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/06 12:0 a.m.•415 views

Schlix CMS 2.2.6-6 - Remote Code Execution (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - Remote Code Execution Authenticated Date: 2021-05-06 Exploit Author: Eren Saraç Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows & WampServer ==...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/06 12:0 a.m.•259 views

b2evolution 7-2-2 - 'cf_name' SQL Injection

Exploit Title: b2evolution 7-2-2 - 'cfname' SQL Injection Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Date: 05.06.2021 Vendor: https://b2evolution.net/ Link: https://b2evolution.net/downloads/7-2-2 CVE: CVE-2021-28242 Proof: https://streamable.com/x51kso + Exploit Source:...

8.8CVSS8.8AI score0.04962EPSS
Exploits4
Exploit DB
Exploit DB
•added 2021/05/06 12:0 a.m.•300 views

Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated)

Exploit Title: Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting Authenticated Date: 2021-05-05 Exploit Author: Emircan BaÅŸ Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•153 views

Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting

Exploit Title: Markdown Explorer 0.1.1 - XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jersou/markdown-explorer Version: 0.1.1 Tested on: Windows, Linux, MacOs Software Description: Easily...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•163 views

Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting Date: 2021-05-04 Exploit Author: strider Software Link: https://github.com/savsofts/savsoftquizv5 Vendor: https://savsoftquiz.com Version: 5.0 Tested on: Ubuntu 20.04 LTS / Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•132 views

Markright 1.0 - Persistent Cross-Site Scripting

Exploit Title: Markright 1.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/dvcrn/markright Version: 1.0 Tested on: Linux, MacOs,Windows Software Description: A minimalis...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•144 views

Freeter 1.2.1 - Persistent Cross-Site Scripting

Exploit Title: Freeter 1.2.1 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://freeter.io/ Version: 1.2.1 Tested on: Windows, Linux, MacOs Software Description: It is an organizer for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•133 views

StudyMD 0.3.2 - Persistent Cross-Site Scripting

Exploit Title: StudyMD 0.3.2 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jotron/StudyMD Version: 0.3.2 Tested on: Windows, Linux, MacOs Software Description: A cool ap...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•197 views

SnipCommand 0.1.0 - Persistent Cross-Site Scripting

Exploit Title: SnipCommand 0.1.0 - XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/gurayyarar/SnipCommand Version: 0.1.0 Tested on: Windows, Linux, MacOs Software Description: Open source comman...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•1188 views

Xmind 2020 - Persistent Cross-Site Scripting

Exploit Title: Xmind 2020 - XSS to RCE Exploit Author: TaurusOmar Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://www.xmind.net/ Version: 2020 Tested on: Windows, Linux, MacOs Software Description: XMind, a full-featured mind mapping and...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•142 views

Anote 1.0 - Persistent Cross-Site Scripting

Exploit Title: Anote 1.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/AnotherNote/anote Version: 1.0 Tested on: Linux, MacOs Software Description: A simple opensource...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•139 views

Marky 0.0.1 - Persistent Cross-Site Scripting

Exploit Title: Marky 0.0.1 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/vesparny/marky Version: 0.0.1 Tested on: Linux, MacOs, Windows Software Description: Marky is an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•134 views

Moeditor 0.2.0 - Persistent Cross-Site Scripting

Exploit Title: Moeditor 0.2.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://moeditor.js.org/ Version: 0.2.0 Tested on: Windows, Linux, MacOs Software Description: Software to view...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•133 views

Markdownify 1.2.0 - Persistent Cross-Site Scripting

Exploit Title: Markdownify 1.2.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/amitmerchant1990/electron-markdownify Version: 1.2.0 Tested on: Windows, Linux, MacOs...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/05 12:0 a.m.•238 views

Tagstoo 2.0.1 - Persistent Cross-Site Scripting

Exploit Title: Tagstoo 2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacOs Software Description: Software to tag folders...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/04 12:0 a.m.•228 views

Internship Portal Management System 1.0 - Remote Code Execution(Unauthenticated)

Exploit Title: Internship Portal Management System 1.0 - Remote Code Execution Via File Upload Unauthenticated Date: 2021-05-04 Exploit Author: argenestel Vendor Homepage: https://www.sourcecodester.com/php/11712/internship-portal-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/03 12:0 a.m.•693 views

Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)

Exploit Title: Voting System 1.0 - Time based SQLI Unauthenticated SQL injection Date: 02/05/2021 Exploit Author: Syed Sheeraz Ali Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/03 12:0 a.m.•435 views

GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration

Exploit Title: GitLab Community Edition CE 13.10.3 - 'SignUp' User Enumeration Date: 4/29/2021 Exploit Author: @4D0niiS https://github.com/4D0niiS Vendor Homepage: https://gitlab.com/ Version: 13.10.3 Tested on: Kali Linux 2021.1 INFO: An unauthenticated attacker can remotely enumerate the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/03 12:0 a.m.•364 views

GetSimple CMS Custom JS 0.1 - Cross-Site Request Forgery

Exploit Title: GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE Exploit Author: Bobby Cooke boku & Abhishek Joshi Date: 30/04/201 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/download/ & http://get-simple.info/extend/plugin/custom-js/1267/ Vendor: 4Enzo Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/03 12:0 a.m.•205 views

GitLab Community Edition (CE) 13.10.3 - User Enumeration

Exploit Title: GitLab Community Edition CE 13.10.3 - User Enumeration Date: 4/29/2021 Exploit Author: @4D0niiS https://github.com/4D0niiS Vendor Homepage: https://gitlab.com/ Version: 13.10.3 Tested on: Kali Linux 2021.1 !/bin/bash Colors RED='\03338;5;196m' GREEN='\e38;5;47m' NC='\0330m'...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/03 12:0 a.m.•216 views

Piwigo 11.3.0 - 'language' SQL

Exploit Title: Piwigo 11.3.0 - 'language' SQL Author: @nu11secur1ty Testing and Debugging: nu11secur1ty Date: 04.30.2021 Vendor: https://piwigo.org/ Link: https://github.com/Piwigo/Piwigo/releases/tag/11.3.0 CVE: CVE-2021-27973 + Exploit Source: !/usr/bin/python3 Author: @nu11secur1ty Debug:...

7.2CVSS7AI score0.11046EPSS
Exploits4
Exploit DB
Exploit DB
•added 2021/04/30 12:0 a.m.•283 views

GNU Wget < 1.18 - Arbitrary File Upload (2)

Exploit Title: GNU Wget 1.18 - Arbitrary File Upload / Remote Code Execution 2 Original Exploit Author: Dawid Golunski Exploit Author: liewehacksie Version: GNU Wget 1.18 CVE: CVE-2016-4971 import http.server import socketserver import socket import sys class...

8.8CVSS8.9AI score0.45935EPSS
Exploits8
Exploit DB
Exploit DB
•added 2021/04/30 12:0 a.m.•608 views

Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)

Exploit Title: Moodle 3.6.1 - Persistent Cross-Site Scripting XSS Date: 04/2021 Exploit Author: farisv Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org https://github.com/moodle/moodle/archive/refs/tags/v3.6.1.zip Version: Moodle 3.6.2, 3.5.4, 3.4.7, 3.1.16 CVE:...

6.1CVSS5.5AI score0.13901EPSS
Exploits5
Total number of security vulnerabilities47904