Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/04/09 12:0 a.m.821 views

PrestaShop 1.7.6.7 - 'location' Blind Sql Injection

Exploit Title: PrestaShop 1.7.6.7 - 'location' Blind Sql Injection Date: 2021-04-08 Exploit Author: Vanshal Gaur Vendor Homepage: https://www.prestashop.com/ Version: 1.7.5.x 1.7.6.8 Tested on: Debian 10 buster CVE : CVE-2020-15160 !/usr/bin/python3 ''' Setup Vulnerable Docker on "localhost:8080"...

9.8CVSS9.7AI score0.10807EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/04/08 12:0 a.m.335 views

Composr 10.0.36 - Remote Code Execution

Exploit Title: Composr 10.0.36 - Remote Code Execution Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30149 A RCE on Composr CMS has been discovered by BugsBD...

9.8CVSS9.7AI score0.10064EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/08 12:0 a.m.678 views

Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution

Exploit Title: Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution Date: 06/04/2020 Exploit Author: Google Security Research Andy Nguyen Tested on: 5.4.0-48-generic 52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020 x8664 x8664 x8664 GNU/Linux CVE : CVE-2020-12351, CVE-2020-1235...

8.8CVSS7.6AI score0.07693EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/04/08 12:0 a.m.642 views

DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147 input type="...

8.8CVSS7AI score0.0352EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/08 12:0 a.m.262 views

CMSimple 5.2 - 'External' Stored XSS

Exploit Title: CMSimple 5.2 - 'External' Stored XSS Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: CMSimple 5.2 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.cmsimple.org/en/ Description The CMSimple 5.2 allow stored XSS via the Settings CMS Filebrowser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/07 12:0 a.m.399 views

Composr CMS 10.0.36 - Cross Site Scripting

Exploit Title: Composr CMS 10.0.36 - Cross Site Scripting Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30150 Vulnerable Endpoint:...

6.1CVSS6.3AI score0.02775EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/07 12:0 a.m.738 views

Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS

Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS Date: 07 Mar 2020 Exploit Author: Captainhook Vendor Homepage: https://www.atlassian.com/ Version: 4.10.0 Tested on: All OS CVE: CVE-2020-14166 Summary: The /servicedesk/customer/portals resource in Jira Service De...

4.8CVSS5.2AI score0.0194EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/04/07 12:0 a.m.828 views

Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read

Exploit Title: Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read Date: 4/27/2020 Exploit Author: Rhino Security Labs Version: :' exit This XML to imitate a Dell OMSA remote system comes from https://www.exploit-db.com/exploits/39909 Also check out...

9.1CVSS9.4AI score0.48332EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/04/06 12:0 a.m.900 views

Google Chrome 86.0.4240 V8 - Remote Code Execution

Exploit Title: Google Chrome 86.0.4240 V8 - Remote Code Execution Exploit Author: r4j0x00 Version: 87.0.4280.88 Description: Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE:...

6.5CVSS7.8AI score0.99595EPSS
Exploits14
Exploit DB
Exploit DB
added 2021/04/06 12:0 a.m.519 views

Google Chrome 81.0.4044 V8 - Remote Code Execution

Exploit Title: Google Chrome 81.0.4044 V8 - Remote Code Execution Exploit Author: r4j0x00 Version: 83.0.4103.106 Description: Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE:...

8.8CVSS9.4AI score0.19419EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/04/06 12:0 a.m.574 views

Mini Mouse 9.3.0 - Local File inclusion

Exploit Title: Mini Mouse 9.3.0 - Local File inclusion / Path Traversal Author: gosh Date: 05-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://apps.apple.com/us/app/mini-mouse-remote-control/id914250948 Version: 9.3.0 Tested on: iPhone; iOS 14.4.2 GET /op=getdeviceinfo HTTP/1.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.530 views

Mini Mouse 9.2.0 - Path Traversal

Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.1213 views

Mini Mouse 9.2.0 - Remote Code Execution

Exploit Title: Mini Mouse 9.2.0 - Remote Code Execution Author: gosh Date: 01-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 !/usr/bin/python3 import requests import json...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.631 views

Simple Food Website 1.0 - Authentication Bypass

Exploit Title: Simple Food Website 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.316 views

OpenEMR 4.1.0 - 'u' SQL Injection

Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection Date: 2021-04-03 Exploit Author: Michael Ikua Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v410.zip Version: 4.1.0 Original Advisory:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.337 views

Rockstar Service - Insecure File Permissions

Exploit Title: Rockstar Service - Insecure File Permissions Date: 2020-04-02 Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/05 12:0 a.m.474 views

Basic Shopping Cart 1.0 - Authentication Bypass

Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/02 12:0 a.m.638 views

ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation

Exploit Title: ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation Date: 31.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.zblchina.com http://www.wd-thailand.com Vendor: Zhejiang BC&TV Technology Co., Ltd. ZBL | W&D Corporation WAD TECHNOLOGY THAILAND Product web page...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/02 12:0 a.m.604 views

F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)

Exploit Title: F5 BIG-IP 16.0.x - iControl REST Remote Code Execution Unauthenticated Exploit Author: Al1ex Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5....

10CVSS9.7AI score0.99898EPSS
Exploits20
Exploit DB
Exploit DB
added 2021/04/01 12:0 a.m.577 views

ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2)

Exploit Title: ScadaBR 1.0 - Arbitrary File Upload Authenticated 2 Date: 04/21 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Debian9,10Ubuntu16.04 !/usr/bin/python import requests,sys,time if...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/01 12:0 a.m.686 views

phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)

Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution Authenticated Date: 29/03/2021 Exploit Author: Valerio Severini Vendor Homepage: Software Link: https://github.com/phppgadmin/phppgadmin/releases/tag/REL7-13-0 Version: 7.13.0 or lower Tested on: Debian 10 and Ubuntu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/01 12:0 a.m.857 views

ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1)

Exploit Title: ScadaBR 1.0 - Arbitrary File Upload Authenticated 1 Date: 03/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://www.scadabr.com.br/ Version: ScadaBR 1.0, ScadaBR 1.1CE and ScadaBR 1.0 for Linux Tested on: Windows7, Windows10 !/usr/bin/python import requests,sys,time if...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/01 12:0 a.m.636 views

Latrix 0.6.0 - 'txtaccesscode' SQL Injection

Exploit Title: Latrix 0.6.0 – 'txtaccesscode' SQL Injection Date: 03/30/2021 Exploit Author: cptsticky Vendor Homepage: https://sourceforge.net/projects/latrix Software Link: https://sourceforge.net/projects/latrix/files/latest/download Version: 0.6.0 Tested on: Ubuntu 20.04 POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/31 12:0 a.m.1345 views

Zabbix 3.4.7 - Stored XSS

Exploit Title: Zabbix 3.4.7 - Stored XSS Date: 30-03-2021 Exploit Author: Radmil Gazizov Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/rn/rn3.4.7 Version: 3.4.7 Tested on: Linux Reference - https://github.com/GloryToMoon/POCcodes/blob/main/zabbixstoredxss347.txt 1...

9.1CVSS9.3AI score0.5415EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/31 12:0 a.m.329 views

DD-WRT 45723 - UPNP Buffer Overflow (PoC)

Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Date: 24.03.2021 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/31 12:0 a.m.843 views

CourseMS 2.1 - 'name' Stored XSS

Exploit Title: CourseMS 2.1 - 'name' Stored XSS Date: 03/30/2021 Exploit Author: cptsticky Vendor Homepage: http://sourceforge.net/projects/coursems Software Link: https://sourceforge.net/projects/coursems/files/latest/download Version: 2.1 Tested on: Ubuntu 20.04 POST /coursems/admin/addjobs.php...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/30 12:0 a.m.686 views

Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting

Exploit Title: Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting Date: 3/30/2021 Exploit Author: cmOs Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.9 Tested on Ubuntu 20.04 Step 1: Log in to the dashboard using th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/30 12:0 a.m.537 views

GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting

Exploit Title: GetSimple CMS 3.3.16 - Reflected XSS to RCE Exploit Author: Bobby Cooke boku Discovery Credits: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: March 29th, 2021 CVE ID: CVE-2020-23839 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23839 Vendor Homepage: http://get-simple.in...

6.1CVSS6.3AI score0.10459EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.572 views

WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated)

Exploit Title: WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution Authenticated Google Dork: inurl:/wp-content/plugins/wp-super-cache/ Date: 2021-03-13 Exploit Author: m0ze Version: Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.493 views

SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow

Exploit Title: SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow Date: 03/27/2021 Author: Filipe Oliveira - filipecenturiaoathotmail.com Rafael Machado - nnszsatprotonmail.com Vendor: https://www.syncbreeze.com/ Software Link:...

7.8CVSS7.7AI score0.05507EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.567 views

TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated)

Exploit Title: TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting Unauthenticated Date: 24-07-2020 Exploit Author: Smriti Gaba, Kaustubh Padwad Vendor Homepage: https://www.tp-link.com Version: Multiple ============================================================== Unauthenticated...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.1682 views

vsftpd 3.0.3 - Remote Denial of Service

Exploit Title: vsftpd 3.0.3 - Remote Denial of Service Date: 22-03-2021 Exploit Author: xynmaps Vendor Homepage: https://security.appspot.com/vsftpd.html Software Link: https://security.appspot.com/downloads/vsftpd-3.0.3.tar.gz Version: 3.0.3 Tested on: Parrot Security OS 5.9.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.270 views

Equipment Inventory System 1.0 - 'multiple' Stored XSS

Exploit Title: Equipment Inventory System 1.0 - 'multiple' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/php/11327/equipment-inventory.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.228 views

Novel Boutique House-plus 3.5.1 - Arbitrary File Download

Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Date: 27/03/2021 Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerab...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.261 views

Budget Management System 1.0 - 'Budget title' Stored XSS

Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html Version: 1 Tested on Windows 10 + Xampp 8.0.3 XSS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/29 12:0 a.m.302 views

Concrete5 8.5.4 - 'name' Stored XSS

Exploit Title: Concrete5 8.5.4 - 'name' Stored XSS Date: 2021-01 Exploit Author: Quadron Research Lab Version: Concrete5 8.5.4 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: Concrete5 CMS https://www.concrete5.org CVE: CVE-2021-3111 Suggested description The Express Entries Dashboard...

4.8CVSS5.6AI score0.03008EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/26 12:0 a.m.992 views

Moodle 3.10.3 - 'label' Persistent Cross Site Scripting

Exploit Title: Moodle 3.10.3 - 'label' Persistent Cross Site Scripting Date: 25.03.2021 Author: Vincent666 ibn Winnie Software Link: https://moodle.org/ Tested on: Windows 10 Web Browser: Mozilla Firefox Google Dorks: inurl:/lib/editor/atto/plugins/managefiles/ or calendar/view.php?view=month...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/26 12:0 a.m.297 views

Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting

Title: Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting Exploit Author: George Tsimpidas Date: 2021-03-25 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/regisinventory.zip Version ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/26 12:0 a.m.735 views

'customhs_js_content' - 'customhs_js_content' Cross-Site Request Forgery

Exploit Title: GetSimple CMS Custom JS Plugin 0.1 - 'customhsjscontent' Cross-Site Request Forgery Exploit Author: Abhishek Joshi Date: March 25, 2021 Vendor Homepage: http://get-simple.info/extend/plugin/custom-js/1267 / http://get-simple.info/download Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/25 12:0 a.m.1301 views

Linksys EA7500 2.0.8.194281 - Cross-Site Scripting

Exploit Title: Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Date: 3/24/21 Exploit Author: MiningOmerta Vendor Homepage: https://www.linksys.com/ Version: EA7500 Firmware Version: 2.0.8.194281 CVE: CVE-2012-6708 Tested On: Linksys EA7500 jQuery version 1.7.1 Cross-Site Scripting Vulnerabilit...

6.1CVSS6.7AI score0.08632EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/03/25 12:0 a.m.285 views

Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting

Exploit Title: Genexis Platinum-4410 P4410-V2-1.31A - 'startaddr' Persistent Cross-Site Scripting Date: 03/25/2020 Exploit Author: Jithin KS Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: Platinum-4410 Software version - P4410-V2-1.31A Tested on: Windows 10 Author Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/25 12:0 a.m.384 views

Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)

Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Date: 16/06/2020 Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE :...

8.8CVSS7AI score0.27482EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/25 12:0 a.m.525 views

Ovidentia 6 - 'id' SQL injection (Authenticated)

Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/24 12:0 a.m.816 views

Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path

Exploit Title: Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path Date: 2021-1-19 Exploit Author: Mohammed Alshehri Software Link: https://sourceforge.net/projects/ext2fsd/files/latest/download Version: 0.68 Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763 Service info:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.368 views

ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path

Exploit Title: ELAN Touchpad 15.2.13.1X64WHQL - 'ETDService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-22 Vendor : ELAN Microelectronics Version : ELAN Touchpad 15.2.13.1X64WHQL Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 8 This software installs...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.896 views

Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path

Exploit Title: Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-23 Vendor Homepage: https://eventlogxp.com/ Software Links : https://eventlogxp.com/ Tested Version: Version: 4.9.3 Vulnerability Type: Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.244 views

ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path

Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-21 Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.340 views

Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path

Exploit Title: Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path Dicovery by: Ekrem Can Kök Discovery Date: 2021-03-22 Vendor Homepage: https://www.hirezstudios.com Version: 5.1.6.3 Tested on: Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic service get name,...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.449 views

MyBB 1.8.25 - Poll Vote Count SQL Injection

Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...

8.8CVSS7.5AI score0.04201EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.249 views

Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS

Exploit Title: Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904