Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/03/23 12:0 a.m.449 views

Codiad 2.8.4 - Remote Code Execution (Authenticated)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 !/usr/bin/env python encoding: utf-8 import requests import...

10CVSS9.6AI score0.38444EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.327 views

Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPr...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.316 views

Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.367 views

MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path

Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.223 views

KZTech T3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.314 views

SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path

Exploit Title: SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://help.sap.com/ Software Links : https://help.sap.com/ SAP Tested Version: 750 Final Release...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.446 views

OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path

Exploit Title: OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path Exploit Auth: Tech Johnny Vendor Homepage: https://www.osas.com Version: 11 x86 Tested on: Windows 2012R2 Details: C:\Windows\system32wmic service get name, pathname, displayname, startmode | findstr /i "Auto...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.228 views

ProFTPD 1.3.7a - Remote Denial of Service

Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Date: 22/03/2021 Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.297 views

Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path

Exploit Title: Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.438 views

WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal

Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Date: 19/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3....

7.5CVSS7.5AI score0.59063EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/03/22 12:0 a.m.425 views

MyBB 1.8.25 - Chained Remote Command Execution

Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...

8.8CVSS7.5AI score0.1059EPSS
Exploits10
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.268 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated)

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download Unauthenticated Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Produ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.323 views

Online News Portal 1.0 - 'name' SQL Injection

Exploit Title: Online News Portal 1.0 - 'name' SQL Injection Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.259 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.229 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated)

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection Authenticated Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Produ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.215 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.214 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated)

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot Unauthenticated Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.233 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated)

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset Unauthenticated Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.425 views

VestaCP 0.9.8 - 'v_sftp_licence' Command Injection

Title: VestaCP 0.9.8 - 'vsftplicence' Command Injection Date: 17.03.2021 Author: Numan Türle Vendor Homepage: https://vestacp.com Software Link: https://myvestacp.com 0.9.8-26-43 Software Link: https://vestacp.com 0.9.8-26 POST /edit/server/ HTTP/1.1 Host: TARGET:8083 Connection: close...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.268 views

LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS

Exploit Title: LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS Google Dork: inurl: inurl:/mobile/index.php intitle:LiveZilla Date: 18 Mars 2021 Exploit Author: Clément Cruchet Vendor Homepage: https://www.livezilla.net Software Link: https://www.livezilla.net/downloads/en/ Version:...

6.1CVSS6.6AI score0.09052EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.234 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access

Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.408 views

SOYAL 701 Server 9.0.1 - Insecure Permissions

Exploit Title: SOYAL 701 Server 9.0.1 - Insecure Permissions Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.698 views

SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF

Exploit Title: SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.49 views

CouchCMS 2.2.1 - Server-Side Request Forgery

Exploit Title: CouchCMS 2.2.1 - SSRF via SVG file upload Date: 2021-01-25 Exploit Author: xxcdd Vendor Homepage: https://github.com/CouchCMS/CouchCMS Software Link: https://github.com/CouchCMS/CouchCMS Version: v2.2.1 Tested on: Windows 7 An issue was discovered in CouchCMS v2.2.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.317 views

Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting

Exploit Title: Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-03-18 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.378 views

Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution Unauthenticated Date: 19-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.197 views

Plone CMS 5.2.3 - 'Title' Stored XSS

Exploit Title: Plone CMS 5.2.3 - 'Title' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://plone.com/ Software Link: https://github.com/plone/Products.CMFPlone/tags Version: 5.2.3 Tested on: Windows 10 Reference -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.376 views

Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path

Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path Discovery by: Riadh Bouchahoua Discovery Date: 19-03-2021 Vendor Homepage: https://mosquitto.org/ Software Links : https://mosquitto.org/download/ Tested Version: 2.0.9 Vulnerability Type: Unquoted Service Path...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.310 views

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

Exploit Title: SOYAL Biometric Access Control System 5.0 - Master Code Disclosure Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affect...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.511 views

BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Exploit Title: BRAdmin Professional 3.75 - 'BRAScheduler' Unquoted Service Path Date: 2021-03-17 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://global.brother/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.239 views

Boonex Dolphin 7.4.2 - 'width' Stored XSS

Exploit Title: Boonex Dolphin 7.4.2 - 'width' Stored XSS Date: 18-03-2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.boonex.com/ Software Link: https://www.boonex.com/downloads Version: 7.4.2 Tested on: Windows 10 Reference -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/19 12:0 a.m.235 views

SOYAL 701 Client 9.0.1 - Insecure Permissions

Exploit Title: SOYAL 701 Client 9.0.1 - Insecure Permissions Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.365 views

rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)

Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution Authenticated 1 Date: 2021-03-17 Exploit Author: Murat ŞEKER Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.6.zip Version: rConfig v3.9.6 Install scripts :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.352 views

Hestia Control Panel 1.3.2 - Arbitrary File Write

Title: Hestia Control Panel 1.3.2 - Arbitrary File Write Date: 07.03.2021 Author: Numan Türle Vendor Homepage: https://hestiacp.com/ Software Link: https://github.com/hestiacp/hestiacp Version: 1.3.3 Tested on: HestiaCP Version 1.3.2 curl --location --request POST...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.273 views

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (1)

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 1 Date: 17/02/2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.777 views

VFS for Git 1.0.21014.1 - 'GVFS.Service' Unquoted Service Path

Exploit Title: VFS for Git 1.0.21014.1 - 'GVFS.Service' Unquoted Service Path Date: 2021-2-6 Exploit Author: Mohammed Alshehri Vendor Homepage: https://vfsforgit.org/ Software Link: https://github.com/microsoft/VFSForGit/releases/download/v1.0.21014.1/SetupGVFS.1.0.21014.1.exe Version: 1.0.21014....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/18 12:0 a.m.397 views

VestaCP 0.9.8 - 'v_interface' Add IP Stored XSS

Title: VestaCP 0.9.8 - 'vinterface' Add IP Stored XSS Date: 07.03.2021 Author: Numan Türle Vendor Homepage: https://vestacp.com Software Link: https://myvestacp.com alert1&vshared=on&vowner=admin&vname=&vnat=&ok=Add...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/17 12:0 a.m.325 views

FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR & DEP Bypass)

Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Date: 15/03/2020 Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/17 12:0 a.m.188 views

WoWonder Social Network Platform 3.1 - 'event_id' SQL Injection

Exploit Title: WoWonder Social Network Platform 3.1 - 'eventid' SQL Injection Date: 16.03.2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://www.wowonder.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/17 12:0 a.m.468 views

VestaCP 0.9.8 - File Upload CSRF

Exploit Title: VestaCP 0.9.8 - File Upload CSRF Exploit Author: Fady Othman Date: 16-03-2021 Vendor Homepage: https://vestacp.com/ Software Link: https://github.com/myvesta/vesta Version: Vesta Control Panel aka VestaCP through 0.9.8-27 and myVesta through 0.9.8-26-39 CVE ID: CVE-2021-28379 Patch...

8.8CVSS8.9AI score0.06033EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/03/16 12:0 a.m.280 views

GeoGebra 3D Calculator 5.0.511.0 - Denial of Service (PoC)

Exploit Title: GeoGebra 3D Calculator 5.0.511.0 - Denial of Service PoC Date: 2021-03-15 Author: Brian Rodríguez Software Site: https://www.geogebra.org/download Download Link:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/16 12:0 a.m.201 views

GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service (PoC)

Exploit Title: GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service PoC Date: 2021-03-15 Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 6.0.631.0-offlinegraphing Tested on: Windows 8.1 Pro STEPS Open the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/16 12:0 a.m.194 views

GeoGebra CAS Calculato‪r‬ 6.0.631.0 - Denial of Service (PoC)

Exploit Title: GeoGebra CAS Calculato‪r‬ 6.0.631.0 - Denial of Service PoC Date: 2021-03-15 Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 6.0.631.0-offlinecas Tested on: Windows 8.1 Pro STEPS Open the program...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/16 12:0 a.m.280 views

GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)

Exploit Title: GeoGebra Classic 5.0.631.0-d - Denial of Service PoC Date: 2021-03-15 Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 5.0.631.0-d Tested on: Windows 8.1 Pro STEPS Open the program GeoGebra Run the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/16 12:0 a.m.572 views

Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)

Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution File Upload + SQL injection Date: 15-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.467 views

Zenario CMS 8.8.53370 - 'id' Blind SQL Injection

Exploit Title: Zenario CMS 8.8.53370 - 'id' Blind SQL Injection Date: 05/02/2021 Exploit Author: Balaji Ayyasamy Vendor Homepage: https://zenar.io/ Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8 Version: 8.8.53370 Tested on: Windows 10 Pro 19041 x6486 + XAMPP 7.4.14 CVE:...

9.1CVSS9.6AI score0.04572EPSS
Exploits1
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.322 views

QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path

Exploit Title: QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.qnap.com Tested Version: 5.0.0.13230 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.397 views

Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path

Exploit Title: Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 700.1631 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es St...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.503 views

Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path

Exploit Title: Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Software Link: http://down.myequil.com/dn/setup/ScrapBookwin/down.html Tested Version: 3.6 Tested on OS: Windows 10 Pro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/03/15 12:0 a.m.566 views

SonLogger 4.2.3.3 - Unauthenticated Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...

9.8CVSS7.4AI score0.46021EPSS
Exploits5
Total number of security vulnerabilities47904