Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.281 views

Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow

/ Title : Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-7795 Vulnerability : Buffer Overflow Description : A buffer overflow vulnerability affecting certain Tenda routers, exploitable via an unauthenticated POST request to an...

9CVSS7.4AI score0.02792EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.219 views

Joomla JS Jobs plugin 1.4.2 - SQL injection

Exploit Title: Joomla JS Jobs plugin 1.4.2 - SQL injection Google Dork: n/a Date: 07/07/2025 Exploit Author: Adam Wallwork Vendor Homepage: https://joomsky.com/ Demo: https://demo.joomsky.com/js-jobs/jm/free/ Software Link: https://extensions.joomla.org/extension/js-jobs/ Version: v1.4.2 Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.280 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Telegram Bot Username Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software Link:...

5.4CVSS7.4AI score0.00872EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.267 views

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Personal Canned Messages

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Personal Canned Messages Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software...

5.4CVSS7.4AI score0.00872EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/22 12:0 a.m.248 views

Discourse 3.1.1 - Unauthenticated Chat Message Access

!/usr/bin/env ruby Title : Discourse 3.1.1 - Unauthenticated Chat Message Access CVE-2023-45131 CVSS: 7.5 High Affected: Discourse 3.1.1 stable, 3.2.0.beta2 Author ibrahimsql @ https://twitter.com/ibrahmsql Date: 2023-12-14 require 'net/http' require 'uri' require 'json' require 'openssl' require...

7.5CVSS7.4AI score0.01814EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.345 views

Keras 2.15 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Keras 2.15 - Remote Code Execution RCE Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-07-09 Tested on: Ubuntu 22.04 LTS, Python 3.10, TensorFlow/Keras = 2.15 CVE: CVE-2025-1550 Type: Remote Code...

9.8CVSS7.4AI score0.02803EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.449 views

Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges

Exploit Title : Microsoft Graphics Component Windows 11 Pro Build 26100+ - Local Elevation of Privileges Author: nu11secur1ty Date: 07/11/2025 --- Overview This repository contains a PowerShell script to validate whether a Windows 11 system is vulnerable to CVE-2025-49744—a critical local privile...

7CVSS7.4AI score0.0071EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.274 views

Langflow 1.2.x - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Langflow 1.2.x - Remote Code Execution RCE Date: 2025-07-11 Exploit Author: Raghad Abdallah Al-syouf Vendor Homepage: https://github.com/logspace-ai/langflow Software Link: https://github.com/logspace-ai/langflow/releases Version: = 1.2.x Tested on: Ubuntu /...

9.8CVSS7.4AI score0.9999EPSS
Exploits33
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.273 views

TOTOLINK N300RB 8.54 - Command Execution

Title: TOTOLINK N300RB 8.54 - Command Execution Author: Skander BELABED - Magellan Sécurité Date: 07/11/2025 Vendor: TOTOLINK Product: N300RB Firmware version: 8.54 CVE: CVE-2025-52089 Description: A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8....

8.8CVSS7.4AI score0.07063EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.378 views

PivotX 3.0.0 RC3 - Remote Code Execution (RCE)

Exploit Title: PivotX v3.0.0 RC3 - Stored XSS to Remote Code Execution RCE Date: July 2025 Exploit Author: HayToN Vendor Homepage: https://github.com/pivotx Software Link: https://github.com/pivotx/PivotX Version: 3.0.0 RC3 Tested on: Debian 11, PHP 7.4 CVE : CVE-2025-52367 Vulnerability Type:...

5.4CVSS7.4AI score0.03835EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.327 views

SugarCRM 14.0.0 - SSRF/Code Injection

Exploit Title : SugarCRM 14.0.0 - SSRF/Code Injection Author: Egidio Romano aka EgiX Email : [email protected] Software Link: https://www.sugarcrm.com Affected Versions: All commercial versions before 13.0.4 and 14.0.1. CVE Reference: CVE-2024-58258 Vulnerability Description: User input passed...

7.2CVSS6.6AI score0.13248EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.297 views

WP Publications WordPress Plugin 1.2 - Stored XSS

Exploit Title: WP Publications WordPress Plugin 1.2 - Stored XSS Google Dork: inurl:/wp-content/plugins/wp-publications/ Date: 2025-07-15 Exploit Author: Zeynalxan Quliyev Vendor Homepage: https://wordpress.org/plugins/wp-publications/ Software Link:...

4.8CVSS9.6AI score0.0118EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.322 views

NodeJS 24.x - Path Traversal

Exploit Title : NodeJS 24.x - Path Traversal Exploit Author : Abdualhadi khalifa CVE : CVE-2025-27210 import argparse import requests import urllib.parse import json import sys def exploitpathtraversalprecisetargeturl: str, targetfile: str, method: str - dict: traversesequence = "..\" 6...

7.5CVSS5.7AI score0.09752EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.353 views

MikroTik RouterOS 7.19.1 - Reflected XSS

Exploit Title: MikroTik RouterOS 7.19.1 - Reflected XSS Google Dork: inurl:/login?dst= Date: 2025-07-15 Exploit Author: Prak Sokchea Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: RouterOS /login?dst=javascript:alert3 A reflected XSS will be triggered...

4.8CVSS6.6AI score0.00642EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.396 views

Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege

Titles: Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege Author: nu11secur1ty Date: 07/09/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/windows/windows-11?r=1 Reference: https://portswigger.net/web-security/access-control CVE-2025-49677 Descripti...

7CVSS7.4AI score0.0095EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.257 views

White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)

Exploit Title: White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion LFI Date: 2025-07-09 Exploit Author: Imraan Khan Lich-Sec Vendor Homepage: https://wss.com/ Software Link: https://client.protop.co.za/ Version: v4.4.2-2024-11-27 Tested on: Ubuntu 22.04 / Linux CVE: CVE-2025-44177...

8.2CVSS9.6AI score0.04173EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.308 views

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)

Exploit Title: ScriptCase 9.12.006 23 - Remote Command Execution RCE Date: 04/07/2025 Exploit Author: Alexandre ZANNI noraj & Alexandre DROULLÉ cabir Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 1.0.003-build-2 Production Environment /...

7.5CVSS6.4AI score0.14441EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.444 views

Microsoft PowerPoint 2019 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Microsoft PowerPoint 2019 - Remote Code Execution RCE Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-07-02 Tested on: Microsoft PowerPoint 2019 / Office 365 version before June 2025 Patch CVE:...

7.8CVSS7.4AI score0.02054EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.279 views

Sudo chroot 1.9.17 - Local Privilege Escalation

Exploit Title: Sudo chroot 1.9.17 - Local Privilege Escalation Google Dork: not aplicable Date: Mon, 30 Jun 2025 Exploit Author: Stratascale Vendor Homepage:https://salsa.debian.org/sudo-team/sudo Software Link: Version: Sudo versions 1.9.14 to 1.9.17 inclusive Tested on: Kali Rolling 2025-7-3 CV...

9.3CVSS9.6AI score0.47467EPSS
Exploits70
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.261 views

Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover

Exploit Title: Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover Date: October 25, 2024 Exploit Author: stealthcopter Vendor Homepage: https://stacksmarket.co/ Software Link: https://wordpress.org/plugins/stacks-mobile-app-builder/ Version: = 5.2.3 Tested on: Ubuntu...

9.8CVSS6.6AI score0.07959EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.306 views

Microsoft Defender for Endpoint (MDE) - Elevation of Privilege

!/bin/bash Exploit Title: Microsoft Defender for Endpoint MDE - Elevation of Privilege Date: 2025-05-27 Exploit Author: Rich Mirch Vendor Homepage: https://learn.microsoft.com/en-us/defender-endpoint/ Software Link:...

7.8CVSS6.5AI score0.00705EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.378 views

Microsoft Outlook - Remote Code Execution (RCE)

Titles: Microsoft Outlook - Remote Code Execution RCE Author: nu11secur1ty Date: 07/06/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/microsoft-365/outlook/log-in Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47176...

7.8CVSS6.4AI score0.00648EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.292 views

Sudo 1.9.17 Host Option - Elevation of Privilege

Exploit Title: Sudo 1.9.17 Host Option - Elevation of Privilege Date: 2025-06-30 Exploit Author: Rich Mirch Vendor Homepage: https://www.sudo.ws Software Link: https://www.sudo.ws/dist/sudo-1.9.17.tar.gz Version: Stable 1.9.0 - 1.9.17, Legacy 1.8.8 - 1.8.32 Fixed in: 1.9.17p1 Vendor Advisory:...

8.8CVSS9.6AI score0.03239EPSS
Exploits77
Exploit DB
Exploit DB
added 2025/07/08 12:0 a.m.389 views

Discourse 3.2.x - Anonymous Cache Poisoning

!/usr/bin/env python3 """ Exploit Title: Discourse 3.2.x - Anonymous Cache Poisoning Date: 2024-10-15 Exploit Author: ibrahimsql Github: : https://github.com/ibrahmsql Vendor Homepage: https://discourse.org Software Link: https://github.com/discourse/discourse Version: Discourse latest patched...

8.2CVSS6.5AI score0.01593EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.273 views

gogs 0.13.0 - Remote Code Execution (RCE)

Exploit Title: gogs 0.13.0 - Remote Code Execution RCE Date: 27th June, 2025 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/gogs/gogs.git Version: gogs =0.13.0 Tested on: Ubuntu CVE: CVE-2024-39930 =============================== Example Usage: python3 exploit.py...

9.9CVSS6.5AI score0.07258EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.250 views

Moodle 4.4.0 - Authenticated Remote Code Execution

Exploit Title: Moodle 4.4.0 - Authenticated Remote Code Execution Exploit Author: Likhith Appalaneni Vendor Homepage: https://moodle.org Software Link: https://github.com/moodle/moodle/releases/tag/v4.4.0 Tested Version: Moodle 4.4.0 Affected versions: 4.4 to 4.4.1, 4.3 to 4.3.5, 4.2 to 4.2.8, 4....

8.1CVSS8.1AI score0.83343EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.351 views

Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution RCE CVE: CVE-2025-47812 Date: 2025-06-30 Exploit Author: Sheikh Mohammad Hasan aka 4m3rr0r https://github.com/4m3rr0r Vendor Homepage: https://www.wftpserver.com/ Version: Wing FTP Server = 7.4.3 Tested on: Linux Root...

10CVSS6.8AI score0.95343EPSS
Exploits23
Exploit DB
Exploit DB
added 2025/07/02 12:0 a.m.367 views

Microsoft SharePoint 2019 - NTLM Authentication

Titles: Microsoft SharePoint 2019 NTLM Authentication Author: nu11secur1ty Date: 06/27/25 Vendor: Microsoft Software: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Reference: https://www.networkdatapedia.com/post/ntlm-autSharePoint 2019 NTLM Authentication...

8.8CVSS6.4AI score0.12606EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.585 views

Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)

Exploit Title: Pterodactyl Panel 1.11.11 - Remote Code Execution RCE Date: 22/06/2025 Exploit Author: Zen-kun04 Vendor Homepage: https://pterodactyl.io/ Software Link: https://github.com/pterodactyl/panel Version: 1.11.11 Tested on: Ubuntu 22.04.5 LTS CVE: CVE-2025-49132 import requests import js...

10CVSS7.4AI score0.13105EPSS
Exploits28
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.426 views

OneTrust SDK 6.33.0 - Denial Of Service (DoS)

Exploit Title: OneTrust SDK 6.33.0 - Denial Of Service DoS - Date: 01/01/2025 - Exploit Author: Alameen Karim Merali - Vendor Homepage: OneTrust JavaScript API - Software Link: otBannerSdk.js v6.33.0 - Version: 6.33.0 - Tested on: Kali Linux - CVE ID: CVE-2024-57708 Vulnerability Summary A...

5.7CVSS7.4AI score0.009EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.371 views

McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information

Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit Author: Keenan Scott Vendor Homepage: hxxps://www.mcafee.com/ Software Download: N/A Unable to find Version: Arguments CmdletBinding param string$DbSource =...

6.1CVSS7.4AI score0.00622EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.389 views

Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)

Exploit Title: Microsoft Excel 2024 Use after free - Remote Code Execution RCE Author: nu11secur1ty Date: 06/24/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47165 CVE:...

7.8CVSS7.4AI score0.01768EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.354 views

Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution RCE Date: 25-06-2025 Exploit Author: Huseyin Mardini @housma Original Researcher: Luka Sikic Original Exploit Author: hash3liZer Vendor Homepage: https://wordpress.org/plugins/social-warfare/ Softwa...

6.1CVSS7AI score0.73543EPSS
Exploits20
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.387 views

Sitecore 10.4 - Remote Code Execution (RCE)

Exploit Title: Sitecore 10.4 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://developers.sitecore.com/downloads Version: Sitecore 10.3 - 10.4 CVE : CVE-2025-27218 Link: https://github.com/yealvarez/CVE/blob/main/CVE-2025-27218/exploit.py from requests import...

5.3CVSS7.4AI score0.6356EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.428 views

PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)

Exploit Title: PX4 Military UAV Autopilot 1.12.3 - Denial of Service DoS Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-21 Tested on: Ubuntu 20.04 LTS + PX4 SITL jMAVSim CVE: CVE-2025-5640 Type: Denial of Service DoS via Buffer Overflow...

4.8CVSS7.4AI score0.00901EPSS
Exploits5
Exploit DB
Exploit DB
added 2025/06/26 12:0 a.m.328 views

freeSSHd 1.0.9 - Denial of Service (DoS)

Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Date: 2024-01-13 Discovery by: Fernando Mengali Linkedin: https://www.linkedin.com/in/fernando-mengali/ Software Link: https://www.exploit-db.com/apps/be82447d556d60db55053d658b4822a8-freeSSHd.exe Version: 1.0.9 Tested on: Window XP Profession...

7.5CVSS7.4AI score0.03649EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/06/20 12:0 a.m.398 views

Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)

Exploit Title: Ingress-NGINX 4.11.0 - Remote Code Execution RCE Google Dork: N/A Date: 2025-06-19 Exploit Author: Likhith Appalaneni Vendor Homepage: https://kubernetes.github.io/ingress-nginx/ Software Link: https://github.com/kubernetes/ingress-nginx Version: ingress-nginx v4.11.0 on Kubernetes...

9.8CVSS7.4AI score0.99098EPSS
Exploits20
Exploit DB
Exploit DB
added 2025/06/20 12:0 a.m.444 views

Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

Titles: Microsoft Excel LTSC 2024 - Remote Code Execution RCE Author: nu11secur1ty Date: 06/16/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 CVE-2025-47957 Versions: Microsoft...

8.4CVSS7.4AI score0.0211EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/20 12:0 a.m.332 views

FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse

!/usr/bin/env python3 """ Exploit Title: FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse Date: 2025-06-15 Exploit Author: Shahid Parvez Hakim BugB Technologies Vendor Homepage: https://www.fortinet.com Software Link: https://www.fortinet.com/products/secure-sd-wan/fortigate...

4.8CVSS7.4AI score0.01076EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.532 views

Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Windows 11 SMB Client - Privilege Escalation & Remote Code Execution RCE Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-13 Tested on: Windows 11 version 22H2, Windows Server 2022, Kali Linux...

8.8CVSS8.8AI score0.64987EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.276 views

AirKeyboard iOS App 1.0.5 - Remote Input Injection

Exploit Title: AirKeyboard iOS App 1.0.5 - Remote Input Injection Date: 2025-06-13 Exploit Author: Chokri Hammedi Vendor Homepage: https://airkeyboardapp.com Software Link: https://apps.apple.com/us/app/air-keyboard/id6463187929 Version: Version 1.0.5 Tested on: iOS 18.5 with AirKeyboard app '''...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.331 views

PHP CGI Module 8.3.4 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: PHP CGI Module 8.3.4 - Remote Code Execution RCE Date: 2025-06-13 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/yigitsql old account banned Vendor Homepage: https://www.php.net/ Software Link: https://www.php.net/downloads Version: PH...

9.8CVSS9.6AI score0.99987EPSS
Exploits64
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.378 views

Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation

Exploit Title: Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation Date: 2025-06-10 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Country: United Kingdom CVE : CVE-2024-28000 import requests import random...

9.8CVSS7AI score0.68266EPSS
Exploits8
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.395 views

Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)

Exploit Title: Anchor CMS 0.12.7 - Stored Cross Site Scripting XSS Google Dork: inurl:"/admin/pages/add" "Anchor CMS" Date: 2025-06-08 Exploit Author: /bin/neko Vendor Homepage: http://anchorcms.com Software Link: https://github.com/anchorcms/anchor-cms Version: 0.12.7 Tested on: Ubuntu 22.04 +...

5.4CVSS5.6AI score0.00558EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.362 views

Parrot and DJI variants Drone OSes - Kernel Panic Exploit

!/usr/bin/env python3 Exploit Title: Parrot and DJI variants Drone OSes - Kernel Panic Exploit Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-10 Tested on: Parrot QRD, Parrot Alpha-M, DJI QRD, DJI Alpha-M CVE: CVE-2025-37928 Type:...

7.8CVSS7.2AI score0.00618EPSS
Exploits1
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.349 views

WebDAV Windows 10 - Remote Code Execution (RCE)

Exploit Title: WebDAV Windows 10 - Remote Code Execution RCE Date: June 2025 Author: Dev Bui Hieu Tested on: Windows 10, Windows 11 Platform: Windows Type: Remote CVE: CVE-2025-33053 Description: This exploit leverages the behavior of Windows .URL files to execute a remote binary over a UNC path...

8.8CVSS8.5AI score0.81558EPSS
Exploits10
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.297 views

Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

Exploit Title: Skyvern 0.1.85 - Remote Code Execution RCE via SSTI Date: 2025-06-15 Exploit Author: Cristian Branet Vendor Homepage: https://www.skyvern.com/ Software Link: https://github.com/Skyvern-AI/skyvern Version: Settings - API Key - Reveal and copy the API key" parser.addargument"-i",...

8.5CVSS8.5AI score0.13746EPSS
Exploits6
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.254 views

Microsoft Excel Use After Free - Local Code Execution

Titles: Microsoft Excel Use After Free - Local Code Execution Author: nu11secur1ty Date: 06/09/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 Versions: MS Excel 2016, MS Office...

7.8CVSS7.8AI score0.0211EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/06/15 12:0 a.m.358 views

PCMan FTP Server 2.0.7 - Buffer Overflow

Exploit Title: PCMan FTP Server 2.0.7 - Buffer Overflow Date: 04/17/2025 Exploit Author: Fernando Mengali Vendor Homepage: http://pcman.openfoundry.org/ Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Version: 2.0.7 Tested on: Windows XP SP3 - Version 5.1...

9.8CVSS7AI score0.01854EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/06/13 12:0 a.m.277 views

Freefloat FTP Server 1.0 - Remote Buffer Overflow

Exploit Title: Freefloat FTP Server 1.0 - Remote Buffer Overflow Date: 22 may 2025 Notification vendor: No reported Discovery by: Fernando Mengali LinkedIn: https://www.linkedin.com/in/fernando-mengali-273504142/ Version: 1.0 Tested on: Windows XP SP3 English - Version 5.1 Build...

9.8CVSS7.4AI score0.10947EPSS
Exploits13
Total number of security vulnerabilities47904