Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/02/25 12:0 a.m.215 views

ASUS Remote Link 1.1.2.13 - Remote Code Execution

Exploit: ASUS Remote Link 1.1.2.13 - Remote Code Execution Date: 24-02-2021 Exploit Author: H4rk3nz0 Vendor Homepage: http://asus.com/ Software Link: http://remotelink.asus.com/ Version: 1.1.2.13 Tested on: Windows 10 Enterprise Build 17763 CVE: N/A !/usr/bin/python import socket from time import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/25 12:0 a.m.529 views

Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)

Exploit Title: Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting XSS Date: 2021-02-25 Exploit Author: Tushar Vaidya Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.193 views

Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)

Exploit Title: Product Key Explorer 4.2.7 - 'multiple' Denial of Service PoC Exploit Author : Sinem Şahin Exploit Date: 2021-02-23 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Version: 4.2.7 Tested on: Windows 7 x64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.443 views

Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path

Exploit Title: Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path Discovery by: Victor Mondragón Discovery Date: 23-02-2021 Vendor Homepage: https://www.softros.com/ Software Links : https://download.softros.com/SoftrosLANMessengerSetup.exe Tested Version: 9.6.4 Vulnerabili...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.360 views

LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path

Exploit Title: LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path Discovery by: Victor Mondragón Discovery Date: 23-02-2021 Vendor Homepage: https://www.softros.com/ Software Links : https://download.logonexpert.com/LogonExpertSetup64.msi Tested Version: 8.1 Vulnerability Type: Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.390 views

Unified Remote 3.9.0.2463 - Remote Code Execution

Exploit Title: Unified Remote 3.9.0.2463 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: https://www.unifiedremote.com/ Software Link: https://www.unifiedremote.com/download Tested on: Windows 10, 10.0.19042 Build 19042 !/usr/bin/python import socket import sys import os from time impor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.260 views

python jsonpickle 2.0.0 - Remote Code Execution

Exploit Title: python jsonpickle 2.0.0 - Remote Code Execution Date: 24-2-2021 Vendor Homepage: https://jsonpickle.github.io Exploit Author: Adi Malyanker, Shay Reuven Software Link: https://github.com/jsonpickle/jsonpickle Version: 2.0.0 Tested on: windows, linux Python is an open source languag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.218 views

LayerBB 1.1.4 - 'search_query' SQL Injection

Exploit Title: LayerBB 1.1.4 - 'searchquery' SQL Injection Date: 2021-02-19 Exploit Author: Görkem Haşin Version: 1.1.4 Tested on: Linux/Windows POST /search.php HTTP/1.1 Host: Target Payload: searchquery=Lffd' AND 8460=SELECT CASE WHEN 8460=8460 THEN 8460 ELSE SELECT 1560 UNION SELECT 2122 END--...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/24 12:0 a.m.185 views

SpotAuditor 5.3.5 - 'multiple' Denial Of Service (PoC)

Exploit Title: SpotAuditor 5.3.5 - 'multiple' Denial Of Service PoC Exploit Author : Sinem Şahin Exploit Date: 2021-02-10 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on: Windows 7 x64 Version: 5.3.5 Steps: 1- R...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/23 12:0 a.m.1498 views

HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...

10CVSS9.5AI score0.99323EPSS
Exploits23
Exploit DB
Exploit DB
added 2021/02/23 12:0 a.m.487 views

Monica 2.19.1 - 'last_name' Stored XSS

Exploit Title: Monica 2.19.1 - 'lastname' Stored XSS Date: 22-02-2021 Exploit Author: BouSalman Vendor Homepage: https://www.monicahq.com/ Software Link: https://github.com/monicahq/monica/releases Version: Monica 2.19.1 Tested on: Ubuntu 18.04 CVE : CVE-2021-27370 POST /people HTTP/1.1 Host:...

5.4CVSS5.5AI score0.03271EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/23 12:0 a.m.242 views

Batflat CMS 1.3.6 - 'multiple' Stored XSS

Exploit Title: Batflat CMS 1.3.6 - 'multiple' Stored XSS Date: 22/02/2021 Exploit Author: Tadjmen Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Version: 1.3.6 Tested on: Xammpp on Windows, Firefox Newest CVE : N/A Multiple Stored XSS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.511 views

Beauty Parlour Management System 1.0 - 'sername' SQL Injection

Exploit Title: Beauty Parlour Management System 1.0 - 'sername' SQL Injection Date: 19/2/2021 Exploit Author: Thinkland Security Team Vendor Homepage: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.301 views

dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)

Exploit Title: dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow PoC Exploit Author: Kağan Çapar Date: 2020-02-17 Vendor Homepage: https://www.ddc-web.com/ Software Link: https://www.ddc-web.com/en/connectivity/databus/milstd1553-1/software-1/bu-69414?partNumber=BU-69414 Version: 4.5.3 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.300 views

Comment System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Comment System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-18 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14713/comment-system-phpmysqli-full-source-code.html Software: : Comment...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.508 views

PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting

Exploit Title: PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: PEEL SHOPPING 9.3.0 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.598 views

OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting

Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Date: 19/02/2021 Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/19 12:0 a.m.253 views

Online Exam System With Timer 1.0 - 'email' SQL injection Auth Bypass

Exploit Title: Online Exam System With Timer 1.0 - 'email' SQL injection Auth Bypass Date: 2021-02-18 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13877/online-exam-timer.html Tested On: Windows 10 Pro 10.0.18363 N...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/18 12:0 a.m.1048 views

Gitea 1.12.5 - Remote Code Execution (Authenticated)

Exploit Title: Gitea 1.12.5 - Remote Code Execution Authenticated Date: 17 Feb 2020 Exploit Author: Podalirius PoC demonstration article: https://podalirius.net/en/articles/exploiting-cve-2020-14144-gitea-authenticated-remote-code-execution/ Vendor Homepage: https://gitea.io/ Software Link:...

7.2CVSS6.9AI score0.95432EPSS
Exploits12
Exploit DB
Exploit DB
added 2021/02/18 12:0 a.m.287 views

Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)

Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Date: 2020-12-27 Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...

7.2CVSS7AI score0.06772EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/18 12:0 a.m.289 views

Apport 2.20 - Local Privilege Escalation

Exploit Title: Apport 2.20 - Local Privilege Escalation Date: 18/02/21 Exploit Author: Gr33nh4t Vendor Homepage: https://ubuntu.com/ Version: Apport: Ubuntu 20.10 - Before 2.20.11-0ubuntu50.5 Apport: Ubuntu 20.04 - Before 2.20.11-0ubuntu27.16 Apport: Ubuntu 18.04 - Before 2.20.9-0ubuntu7.23 Appor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/17 12:0 a.m.601 views

Billing Management System 2.0 - 'email' SQL injection Auth Bypass

Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass Date: 2021-02-16 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software: Billi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/17 12:0 a.m.274 views

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.htm...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.219 views

Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)

Exploit Title: Nsauditor 3.2.2.0 - 'Event Description' Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.2.0 Tested on: Windows 10 Home x64 STEPS Open the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.270 views

AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)

Exploit Title: AgataSoft PingMaster Pro 2.1 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: http://agatasoft.com/ Software Link: http://agatasoft.com/PingMasterPro.exe Version: 2.1 Tested on: Windows 10 Home x64 STEPS Open the program AgataSoft PingMaster Pro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.301 views

Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)

Exploit Title: Managed Switch Port Mapping Tool 2.85.2 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download.htm Version: 2.85.2 Tested on: Windows 10 Home x64 STEPS Open the program...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.255 views

BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting (XSS)

Exploit Title: BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting XSS Date: 16-02-2021 Exploit Author: Kamaljeet Kumar - TATA Advanced Systems Limited Vendor Homepage: https://blackcat-cms.org/ Software Link: https://blackcat-cms.org/page/download.php Version: BlackCat CMS - 1.3.6 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/16 12:0 a.m.190 views

Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass

Exploit Title: Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass Date: 16-02-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/15 12:0 a.m.277 views

Tasks 9.7.3 - Insecure Permissions

Exploit Title: Tasks 9.7.3 - Insecure Permissions Date: 18th of July, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/07/18/how-the-white-box-hacking-works-ok-google-i-wanna-pwn-this-app/ Vendor Homepage: https://tasks.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/15 12:0 a.m.418 views

TestLink 1.9.20 - Unrestricted File Upload (Authenticated)

Exploit Title: TestLink 1.9.20 - Unrestricted File Upload Authenticated Date: 14th February 2021 Exploit Author: snovvcrash Original Research by: Ackcent AppSec Team Original Research: https://ackcent.com/testlink-1-9-20-unrestricted-file-upload-and-sql-injection/ Vendor Homepage:...

8.8CVSS8.8AI score0.15858EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/02/15 12:0 a.m.483 views

Teachers Record Management System 1.0 - 'searchteacher' SQL Injection

Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Date: 13/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14399/teacher-record-system-phpmysql.html Version:1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/12 12:0 a.m.256 views

School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14155/school-file-management-system.html Software: : School...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/12 12:0 a.m.554 views

PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path

Exploit Title: PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-11-2020 Vendor Homepage: https://www.pdfcomplete.com/cms/dpl/tabid/111/Default.aspx?r=du2vH8r Software Links : https://pdf-complete.informer.com/download/ Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/12 12:0 a.m.190 views

School Event Attendance Monitoring System 1.0 - 'Item Name' Stored Cross-Site Scripting

Exploit Title: School Event Attendance Monitoring System 1.0 - 'Item Name' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.317 views

Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote code execution 3 Date: 10/02/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.367 views

b2evolution 6.11.6 - 'tab3' Reflected XSS

Exploit Title: b2evolution 6.11.6 - 'tab3' Reflected XSS CVE: CVE-2020-22839 Date: 10/02/2021 Exploit Author: Nakul Ratti, Soham Bakore Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version...

6.1CVSS6.3AI score0.05206EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.568 views

b2evolution 6.11.6 - 'redirect_to' Open Redirect

Exploit Title: b2evolution 6.11.6 - 'redirectto' Open Redirect Date: 10/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version of Chrome,...

6.1CVSS6.3AI score0.13817EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.406 views

PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting

Exploit Title: PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: : PEEL SHOPPING 9.3.0 Vulnerability Type: Stored Cross-site...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/11 12:0 a.m.239 views

Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)

Exploit Title: Openlitespeed WebServer 1.7.8 - Command Injection Authenticated 2 Date: 26/1/2021 Exploit Author: Metin Yunus Kandemir Discovered by: cmOs - SunCSR Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.8 import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/10 12:0 a.m.269 views

b2evolution 6.11.6 - 'plugin name' Stored XSS

Exploit Title: b2evolution 6.11.6 - 'plugin name' Stored XSS Date: 09/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version of Chrome,...

4.8CVSS5.4AI score0.03537EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/02/10 12:0 a.m.286 views

Node.JS - 'node-serialize' Remote Code Execution (2)

Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...

9.8CVSS9.6AI score0.61025EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/02/09 12:0 a.m.396 views

AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path

Exploit Title: AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: Anytxt.net Software Link: https://sourceforge.net/projects/anytxt/files/AnyTXT.Searcher.1.2.394.exe Version: Version 1.2.394 Tested on: Microsoft Windows ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/09 12:0 a.m.224 views

Adobe Connect 10 - Username Disclosure

Title: Adobe Connect 10 - Username Disclosure Author: h4shur date:2021-02-07 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 10 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Description : By adding...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/09 12:0 a.m.466 views

Epson USB Display 1.6.0.0 - 'EMP_UDSA' Unquoted Service Path

Exploit Title: Epson USB Display 1.6.0.0 - 'EMPUDSA' Unquoted Service Path Discovery by: Hector Gerbacio Discovery Date: 2021-02-05 Vendor Homepage: https://epson.com.mx/ Tested Version: 1.6.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/09 12:0 a.m.388 views

Online Car Rental System 1.0 - Stored Cross Site Scripting

Exploit Title: Online Car Rental System 1.0 - Stored Cross Site Scripting Date: 9/2/2021 Exploit Author: Naved Shaikh Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html Version: V 1.0 Tested on Windo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.292 views

Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)

Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail .jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.263 views

Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS)

Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail 3. We can see execution code and after saving it, each time we visits the distribution list...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.234 views

SmartFoxServer 2X 2.17.0 - Credentials Disclosure

Exploit Title: SmartFoxServer 2X 2.17.0 - Credentials Disclosure Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com SmartFoxServer 2X 2.17.0 Credentials Disclosure Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Serve...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.956 views

Microsoft Internet Explorer 11 32-bit - Use-After-Free

Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Date: 2021-02-05 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7...

7.6CVSS8.2AI score0.86863EPSS
Exploits17
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.244 views

WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion

Exploit Title: WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/backup-by-supsystic.zip Version: 2.3.9 Tested on: Ubuntu 16.04.6 LTS /...

7.4AI score
Exploits0
Total number of security vulnerabilities47904