Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.432 views

EyesOfNetwork 5.3 - File Upload Remote Code Execution

Exploit Title: EyesOfNetwork 5.3 - File Upload Remote Code Execution Date: 10/01/2021 Exploit Author: Ariane.Blow Vendor Homepage: https://www.eyesofnetwork.com/en Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3-10 12/9/2020-lastest !/bin/bash /!\ You...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.426 views

Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection

Exploit Title: Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection Exploit Author: Mesut Cetin Date: 2021-01-15 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.289 views

Online Hotel Reservation System 1.0 - 'description' Stored Cross-site Scripting

Exploit Title: Online Hotel Reservation System 1.0 - Stored Cross-site Scripting Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.576 views

WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting XSS Date: 14/01/2021 Exploit Author: Rahul Ramakant Singh Vendor Homepage: https://ghozylab.com/plugins/ Software Link: https://demo.ghozylab.com/plugins/easy-contact-form-plugin/ Version: 1.1.7 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.215 views

Alumni Management System 1.0 - "Last Name field in Registration page" Stored XSS

Exploit Title: Alumni Management System 1.0 - "Last Name field in Registration page" Stored XSS Exploit Author: Siva Rajendran Date: 2020-12-31 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.270 views

Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection

Exploit Title: Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection Exploit Author: Mesut Cetin Date: 2021-01-14 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/15 12:0 a.m.441 views

PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message)

Exploit Title: PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery Delete admin shoutbox message Date: 2020-12-21 Exploit Author: Mohamed Oosman B S Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: 9.03.90 and below Tested...

4.3CVSS4.9AI score0.01365EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.459 views

Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC)

Exploit Title: Cisco RV110W 1.2.1.7 - 'vpnaccount' Denial of Service PoC Date: 2021-01 Exploit Author: Shizhi He Vendor Homepage: https://www.cisco.com/ Software Link: https://software.cisco.com/download/home/283879340/type/282487380/release/1.2.1.7 Version: V1.2.1.7 Tested on: RV110W V1.2.1.7 CV...

9CVSS0.3AI score0.05628EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.484 views

Online Movie Streaming 1.0 - Admin Authentication Bypass

Exploit Title: Online Movie Streaming 1.0 - Admin Authentication Bypass Exploit Author: Richard Jones Date: 2021-01-13 Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.239 views

Online Shopping Cart System 1.0 - 'id' SQL Injection

Exploit Title: Online Shopping Cart System 1.0 - 'id' SQL Injection Date: 14.1.2021 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/14668/online-shopping-cart-system-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.472 views

Nagios XI 5.7.X - Remote Code Execution RCE (Authenticated)

Exploit Title: Nagios XI 5.7.X - Remote Code Execution RCE Authenticated Date: 19/12/2020 Exploit Author: Haboob Team https://haboob.sa Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Version: Nagios XI 5.7.x Tested on: Ubuntu 18.04 / PHP 7.2.24 & Vendor's custom VM CVE: CVE-2020-3557...

9CVSS7AI score0.81915EPSS
Exploits7
Exploit DB
Exploit DB
added 2021/01/14 12:0 a.m.408 views

Laravel 8.4.2 debug mode - Remote code execution

Exploit Title: Laravel 8.4.2 debug mode - Remote code execution Date: 1.14.2021 Exploit Author: SunCSR Team Vendor Homepage: https://laravel.com/ References: https://www.ambionics.io/blog/laravel-debug-rce https://viblo.asia/p/6J3ZgN8PKmB Version: = 8.4.2 Tested on: Ubuntu 18.04 + nginx + php 7.4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/13 12:0 a.m.182 views

Online Hotel Reservation System 1.0 - Admin Authentication Bypass

Exploit Title: Online Hotel Reservation System 1.0 - Admin Authentication Bypass Exploit Author: Richard Jones Date: 2021-01-13 Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/13 12:0 a.m.226 views

Erlang Cookie - Remote Code Execution

Exploit Title: Erlang Cookie - Remote Code Execution Date: 2020-05-04 Exploit Author: 1F98D Original Author: Milton Valencia wetw0rk Software Link: https://www.erlang.org/ Version: N/A Tested on: Debian 9.11 x64 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/12 12:0 a.m.670 views

Gila CMS 2.0.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Gila CMS 2.0.0 - Remote Code Execution Unauthenticated Date: 1.12.2021 Exploit Author: Enesdex Vendor Homepage: https://gilacms.com/ Software Link: https://github.com/GilaCMS/gila/releases/tag/2.0.0 Version: x " requests.geturl, headers=headers, cookies=cookies time.sleep5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/12 12:0 a.m.411 views

Cemetry Mapping and Information System 1.0 - Multiple SQL Injections

Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple SQL Injections Exploit Author: Mesut Cetin Date: 2021-01-12 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/12 12:0 a.m.303 views

SmartAgent 3.1.0 - Privilege Escalation

Exploit Title: SmartAgent 3.1.0 - Privilege Escalation Date: 01-11-2021 Exploit Author: Orion Hridoy Vendor Homepage: https://www.smartagent.io/ Version: Build 3.1.0 Tested on: Windows 10/Kali Linux A Low grade user like ViewOnly can create an account with SuperUser permission. Steps To Reproduce...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.267 views

OpenCart 3.0.36 - ATO via Cross Site Request Forgery

Exploit Title: OpenCart 3.0.36 - ATO via Cross Site Request Forgery Date: 01-09-2021 Exploit Author: Mahendra Purbia Mah3Sec Vendor Homepage: https://www.opencart.com Software Link: https://www.opencart.com/index.php?route=cms/download Version: OpenCart CMS - 3.0.3.6 Tested on: Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.324 views

PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval

Exploit Title: PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval Date: 9 Jan 2021 Exploit Author: rootabeta Vendor Homepage: The original page, https://dmitryivanov.net/, cannot be found at this time of writing. The vulnerable software can be downloaded from...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.349 views

Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection

Exploit Title: Prestashop 1.7.7.0 - 'idproduct' Time Based Blind SQL Injection Date: 08-01-2021 Exploit Author: Jaimin Gondaliya Vendor Homepage: https://www.prestashop.com Software Link: https://www.prestashop.com/en/download Version: Prestashop CMS - 1.7.7.0 Tested on: Windows 10 Parameter:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.288 views

Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting

Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting Exploit Author: Mesut Cetin Date: 2021-01-10 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.353 views

Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting

Exploit Title: Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting Date: 2021-10-01 Exploit Author: Ramazan Mert GÖKTEN Vendor Homepage: anchorcms.com Vulnerable Software: https://github.com/anchorcms/anchor-cms/releases/download/0.12.7/anchor-cms-0.12.7-bundled.zip Affected Version: 0.12....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.150 views

WordPress Plugin Custom Global Variables 1.0.5 - 'name' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Custom Global Variables 1.0.5 - 'name' Stored Cross-Site Scripting XSS Google Dork: NA Date: 09/01/2021 Exploit Author: Swapnil Subhash Bodekar Vendor Homepage: Software Link: https://wordpress.org/plugins/custom-global-variables/developers Version: 1.0.5 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.232 views

EyesOfNetwork 5.3 - RCE & PrivEsc

Exploit Title: EyesOfNetwork 5.3 - RCE & PrivEsc Date: 10/01/2021 Exploit Author: Audencia Business SCHOOL Red Team Vendor Homepage: https://www.eyesofnetwork.com/en Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 Authentified Romote Code Execution fl...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/11 12:0 a.m.1056 views

EyesOfNetwork 5.3 - LFI

Exploit Title: EyesOfNetwork 5.3 - LFI Date: 10/01/2021 Exploit Author: Audencia Business SCHOOL Red Team Vendor Homepage: https://www.eyesofnetwork.com/en Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 The php not exclude other tools than proposed...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.487 views

dnsrecon 0.10.0 - CSV Injection

Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.243 views

Online Doctor Appointment System 1.0 - 'Multiple' Stored XSS

Exploit Title: Online Doctor Appointment System 1.0 - 'Multiple' Stored XSS Tested on: Windows 10 Exploit Author: Mohamed habib Smidi Craniums Date: 2021-01-08 Vendor Homepage: https://www.sourcecodester.com/php/14663/online-doctor-appointment-system-php-full-source-code.html Software Link:...

5.4CVSS5.6AI score0.02535EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.344 views

Wordpress Plugin wpDiscuz 7.0.4 - Unauthenticated Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress wpDiscuz Unauthen File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in the WordPress wpDiscu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.509 views

Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)

Exploit Title: Cockpit Version 234 - Server-Side Request Forgery Unauthenticated Date: 08.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://cockpit-project.org/ Version: v234 Tested on: Ubuntu 18.04 !/usr/bin/python3 import argparse import requests import sys import urllib3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.196 views

WordPress Plugin Autoptimize 2.7.6 - Authenticated Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Autoptimize Authenticated File Upload', 'Description' = %q The aoccssimport AJAX call does not ensure that the file provided is a...

7.2CVSS7.4AI score0.13139EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.275 views

Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Fli...

9.1CVSS7.7AI score0.97856EPSS
Exploits14
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.211 views

Life Insurance Management System 1.0 - Multiple Stored XSS

Exploit Title: Life Insurance Management System 1.0 - Multiple Stored XSS Date: 4/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14665/life-insurance-management-system-php-full-source-code.html Version: 1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.619 views

ECSIMAGING PACS 6.21.5 - SQL injection

Exploit Title: ECSIMAGING PACS 6.21.5 - SQL injection Date: 06/01/2021 Exploit Author: shoxxdj Vendor Homepage: https://www.medicalexpo.fr/ Version: 6.21.5 and bellow tested on 6.21.5,6.21.3 Tested on: Linux ECSIMAGING PACS Application in 6.21.5 and bellow suffers from SQLinjection vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.791 views

Cockpit CMS 0.6.1 - Remote Code Execution

Cockpit CMS 0.6.1 - Remote Code Execution Product: Cockpit CMS https://getcockpit.com Version: Cockpit CMS = 0.6.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.202 views

CRUD Operation 1.0 - Multiple Stored XSS

Exploit Title: CRUD Operation 1.0 - Multiple Stored XSS Date: 4/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: linux / Lamp Click on add new recor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.375 views

Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution

Exploit Title: Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2021-01-05 Vendor Homepage: https://www.sourcecodester.com/php/14588/employee-record-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.480 views

Curfew e-Pass Management System 1.0 - Stored XSS

Exploit Title: Curfew e-Pass Management System 1.0 - Stored XSS Date: 2/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/curfew-e-pass-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10/Wamp 1 Log into the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.234 views

ECSIMAGING PACS 6.21.5 - Remote code execution

Exploit Title: ECSIMAGING PACS 6.21.5 - Remote code execution Date: 06/01/2021 Exploit Author: shoxxdj Vendor Homepage: https://www.medicalexpo.fr/ Version: 6.21.5 and bellow tested on 6.21.5,6.21.3 Tested on: Linux ECSIMAGING PACS Application in 6.21.5 and bellow suffers from a OS Injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/07 12:0 a.m.692 views

iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)

Exploit Title: iBall-Baton WRA150N Rom-0 Backup - File Disclosure Sensitive Information Date: 07/01/2021 Exploit Author: h4cks1n Vendor Homepage: iball.co.in Version: iBall-Baton WRA150N Tested on : Windows 7/8/8.1/10, Parrot Linux OS The iBall-Baton router version WRA150N is vulnerable to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.182 views

Resumes Management and Job Application Website 1.0 - Multiple Stored XSS

Exploit Title: Resumes Management and Job Application Website 1.0 - Multiple Stored XSS Date: 2/1/2021 Exploit Author: Saswat Subhajyoti Mallick Vendor Homepage: https://egavilanmedia.com/ Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/ Version: 1.0 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.194 views

Expense Tracker 1.0 - 'Expense Name' Stored Cross-Site Scripting

Exploit Title: Expense Tracker 1.0 - 'Expense Name' Stored Cross-Site Scripting Exploit Author: Shivam Vermacyb3rn3rd Date: 2021-01-05 Vendor Homepage: https://code-projects.org/expense-tracker-in-php-with-source-code/ Software Link: https://code-projects.org Version: 1.0 Category: Web Applicatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.210 views

dirsearch 0.4.1 - CSV Injection

Exploit Title: dirsearch 0.4.1 - CSV Injection Author: Dolev Farhi Date: 2021-01-05 Vendor Homepage: https://github.com/maurosoria/dirsearch Version : 0.4.1 Tested on: Debian 9.13 dirsearch, when used with the --csv-report flag, writes the results of crawled endpoints which redirect, to a csv fil...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.292 views

IPeakCMS 3.5 - Boolean-based blind SQLi

Exploit Title: IPeakCMS 3.5 - Boolean-based blind SQLi Date: 07.12.2020 Exploit Author: MoeAlbarbari Vendor Homepage: https://ipeak.ch/ Software Link: N/A Version: 3.5 Tested on: BackBox Linux CVE : CVE-2021-3018 Check the CMS version :goto www.site.com/cms/ and you will notice that in the login...

9.8CVSS9.8AI score0.19506EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.227 views

Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE

Exploit Title: Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE Date: 2020-12-24 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.203 views

Resumes Management and Job Application Website 1.0 - RCE (Unauthenticated)

Exploit Title: Resumes Management and Job Application Website 1.0 - RCE Unauthenticated Date: 3/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/ Version: 1.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.212 views

WinAVR Version 20100110 - Insecure Folder Permissions

Exploit Title: WinAVR Version 20100110 - Insecure Folder Permissions Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: https://sourceforge.net/projects/winavr/ Software Link: https://sourceforge.net/projects/winavr/files/WinAVR/20100110/WinAVR-20100110-install.exe Version: Versi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.270 views

Newgen Correspondence Management System (corms) eGov 12.0 - IDOR

Exploit Title: Newgen Correspondence Management System corms eGov 12.0 - IDOR Date: 29 Dec 2020 Exploit Author: ALI AL SINAN Vendor Homepage: https://newgensoft.com Software Link: https://newgensoft.com/solutions/industries/government/e-gov-office/ Version: eGov 12.0 Tested on: JBoss EAP 7 CVE :...

7.5CVSS7.7AI score0.10313EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.406 views

WordPress Plugin litespeed cache 3.6 - 'server_ip' Cross-Site Scripting

Exploit Title: WordPress Plugin litespeed-cache 3.6 - 'serverip' Cross-Site Scripting Date: 20-12-2020 Software Link: https://downloads.wordpress.org/plugin/litespeed-cache.3.6.zip Version: litespeed-cache Tested on: Windows 10 x64 Description: A Stored Cross-site scripting XSS was discovered in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.548 views

Gitea 1.7.5 - Remote Code Execution

Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...

8.8CVSS8.8AI score0.55578EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.402 views

PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation

Exploit Title: PaperStream IP TWAIN 1.42.0.5685 - Local Privilege Escalation Exploit Author: 1F98D Original Author: securifera Date: 12 May 2020 Vendor Hompage: https://www.fujitsu.com/global/support/products/computing/peripheral/scanners/fi/software/fi6x30-fi6x40-ps-ip-twain32.html CVE:...

7.8CVSS7.7AI score0.02557EPSS
Exploits4
Total number of security vulnerabilities47904