Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.221 views

H2 Database 1.4.199 - JNI Code Execution

Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Date: 28 April 2020 Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.212 views

WinAVR Version 20100110 - Insecure Folder Permissions

Exploit Title: WinAVR Version 20100110 - Insecure Folder Permissions Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: https://sourceforge.net/projects/winavr/ Software Link: https://sourceforge.net/projects/winavr/files/WinAVR/20100110/WinAVR-20100110-install.exe Version: Versi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.402 views

PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation

Exploit Title: PaperStream IP TWAIN 1.42.0.5685 - Local Privilege Escalation Exploit Author: 1F98D Original Author: securifera Date: 12 May 2020 Vendor Hompage: https://www.fujitsu.com/global/support/products/computing/peripheral/scanners/fi/software/fi6x30-fi6x40-ps-ip-twain32.html CVE:...

7.8CVSS7.7AI score0.02557EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.203 views

Resumes Management and Job Application Website 1.0 - RCE (Unauthenticated)

Exploit Title: Resumes Management and Job Application Website 1.0 - RCE Unauthenticated Date: 3/1/2021 Exploit Author: Arnav Tripathy Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/ Version: 1.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.182 views

Resumes Management and Job Application Website 1.0 - Multiple Stored XSS

Exploit Title: Resumes Management and Job Application Website 1.0 - Multiple Stored XSS Date: 2/1/2021 Exploit Author: Saswat Subhajyoti Mallick Vendor Homepage: https://egavilanmedia.com/ Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/ Version: 1.0 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/06 12:0 a.m.548 views

Gitea 1.7.5 - Remote Code Execution

Exploit Title: Gitea 1.7.5 - Remote Code Execution Date: 2020-05-11 Exploit Author: 1F98D Original Author: LoRexxar Software Link: https://gitea.io/en-us/ Version: Gitea before 1.7.6 and 1.8.x before 1.8-RC3 Tested on: Debian 9.11 x64 CVE: CVE-2019-11229 References:...

8.8CVSS8.8AI score0.55578EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.203 views

CSZ CMS 1.2.9 - Multiple Cross-Site Scripting

Exploit Title: CSZ CMS 1.2.9 - Multiple Cross-Site Scripting Date: 2020/12/28 Exploit Author: SunCSR Vendor Homepage: https://www.cszcms.com/ Software Link: https://github.com/cskaza/cszcms Version: 1.2.9 Tested on: CSZ CMS 1.2.9 1. Reflected XSS Go to url...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.264 views

Baby Care System 1.0 - 'Post title' Stored XSS

Exploit Title: Baby Care System 1.0 - 'Post title' Stored XSS Exploit Author: Hardik Solanki Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.350 views

HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities

Exploit Title: HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTXf62aaafe780a496dad6d28621a Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.394 views

Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated)

Exploit Title: Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit Authenticated Date: 12-29-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://support.zoom.us/hc/en-us/articles/201363093-Deploying-the-Meeting-Connector Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.371 views

Responsive FileManager 9.13.4 - 'path' Path Traversal

Exploit Title: Responsive FileManager 9.13.4 - 'path' Path Traversal Date: 12/12/2018 PoC Date: 04/01/2020 Auto Exploit Exploit Author: SunCSR Sun Cyber Security Research Google Dork: intitle:"Responsive FileManager 9.x.x" Vendor Homepage: http://responsivefilemanager.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.310 views

Online Learning Management System 1.0 - RCE (Authenticated)

Exploit Title: Online Learning Management System 1.0 - RCE Authenticated Date: 01.01.2021 Exploit Author: Bedri Sertkaya Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.396 views

Cassandra Web 0.5.0 - Remote File Read

Exploit Title: Cassandra Web 0.5.0 - Remote File Read Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://github.com/avalanche123/cassandra-web Software Link: https://rubygems.org/gems/cassandra-web/versions/0.5.0 Version: 0.5.0 Tested on: Linux !/usr/bin/python -- coding: UTF-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.228 views

Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission

Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Date: 21.12.2020 Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...

7CVSS7.4AI score0.01171EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.374 views

Responsive E-Learning System 1.0 - 'id' Sql Injection

Exploit Title: Responsive E-Learning System 1.0 – 'id' Sql Injection Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.556 views

Online Movie Streaming 1.0 - Authentication Bypass

Exploit Title: Online Movie Streaming 1.0 - Authentication Bypass Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.218 views

Resumes Management and Job Application Website 1.0 - Authentication Bypass

Exploit Title: Resumes Management and Job Application Website 1.0 - Authentication Bypass Sql Injection Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: http://egavilanmedia.com Software Link: https://egavilanmedia.com/resumes-management-and-job-application-website/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.386 views

EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Persistent Cross-Site Scripting

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Multiple Stored Cross-Site Scripting Date: 30-12-2020 Exploit Author: Mesut Cetin Vendor Homepage: http://egavilanmedia.com Version: 1.0 Tested on Windows 10, Firefox 83.0, Burp Suite Professional v1.7.34...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.386 views

Klog Server 2.4.1 - Command Injection (Unauthenticated)

Exploit Title: Klog Server 2.4.1 - Command Injection Unauthenticated Date: 22.12.2020 Exploit Author: b3kc4t Mustafa GUNDOGDU Vendor Homepage: https://www.klogserver.com/ Version: 2.4.1 Tested On: Ubuntu 18.04 CVE: 2020-35729 Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.1360 views

IncomCMS 2.0 - Insecure File Upload

Exploit Title: IncomCMS 2.0 - Insecure File Upload Google Dork: intext:"Incom CMS 2.0" Date: 07.12.2020 Exploit Author: MoeAlBarbari Vendor Homepage: https://www.incomcms.com/ Version: 2.0 Tested on: BackBox linux CVE: CVE-2020-29597 Upload your files Upload your file...

9.8CVSS9.8AI score0.71006EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.215 views

Intel(R) Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path

Exploit Title: IntelR Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path Date: 2021-01-04 Exploit Author: Geovanni Ruiz Vendor Homepage: https://www.intel.com Software Version: 8.0.0.1039 File Version: 8.0.0.1039 Tested on: Microsoft® Windows Vista Business 6.0.6001...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.395 views

WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settings[currency_code]' Stored XSS

Exploit Title: WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settingscurrencycode' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/stripe-payments/developers Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.401 views

House Rental and Property Listing 1.0 - Multiple Stored XSS

Exploit Title: House Rental and Property Listing 1.0 - Multiple Stored XSS Tested on: Windows 10 Exploit Author: Mohamed habib Smidi Craniums Date: 2020-12-28 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/05 12:0 a.m.384 views

WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS

Exploit Title: WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/wp-paginate/ Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version: WP-PaginateVer-2.1.3 CVE : N/A Tested on: Windows 10 x64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.522 views

Advanced Comment System 1.0 - 'ACS_path' Path Traversal

Exploit Title: Advanced Comment System 1.0 - 'ACSpath' Path Traversal Date: Fri, 11 Dec 2020 Exploit Author: Francisco Javier Santiago Vázquez aka "n0ipr0cs" Vendor Homepage: Advanced Comment System - ACS Version: v1.0 CVE: CVE-2020-35598...

7.5CVSS7.6AI score0.21EPSS
Exploits2
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.299 views

4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting

Exploit Title: 4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting Date: 30-12-2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.4homepages.de/ Software Link: https://www.4homepages.de/download-4images Version: 1.7.11 Tested on: Windows 10/Kali Linux Vulnerable Parameters:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.199 views

Subrion CMS 4.2.1 - 'avatar[path]' XSS

Exploit Title: Subrion CMS 4.2.1 - 'avatarpath' XSS Date: 2020-12-15 Exploit Author: icekam Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: Subrion CMS 4.2.1 CVE : CVE-2020-35437 stored xss vulnerability in /core/profile/. Reproduce through the...

6.1CVSS6.3AI score0.0303EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.242 views

Arteco Web Client DVR/NVR - 'SessionId' Brute Force

Exploit Title: Arteco Web Client DVR/NVR - 'SessionId' Brute Force Date: 16.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.arteco-global.com !/usr/bin/env python3 Arteco Web Client DVR/NVR 'SessionId' Cookie Brute Force Session Hijacking Exploit Vendor: Arteco S.U.R.L. Product we...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.512 views

Knockpy 4.1.1 - CSV Injection

Exploit Title: Knockpy 4.1.1 - CSV Injection Author: Dolev Farhi Date: 2020-12-29 Vendor Homepage: https://github.com/guelfoweb/knock Version : 4.1.1 Tested on: Debian 9.13 Knockpy, as part of its subdomain brute forcing flow of a remote domain, issues a HEAD request to the server to fetch detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.593 views

MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path

Exploit Title: MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path Discovery by: Thalia Nieto Discovery Date: 02/01/21 Vendor Homepage: https://www.minitool.com Software Link: https://www.minitool.com/backup/thanks-download.html?v=sm-free&r=download-center/ Tested Version: 3.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.186 views

Click2Magic 1.1.5 - Stored Cross-Site Scripting

Exploit Title: Click2Magic 1.1.5 - Stored Cross-Site Scripting Exploit Author: Shivam Vermacyb3rn3rd Date: 2020-12-25 Google Dork: N/A Vendor Homepage: https://www.click2magic.com/user/agent/index Software Link: https://www.click2magic.com Version: 1.1.5 Category: Web Application Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.305 views

sar2html 3.2.1 - 'plot' Remote Code Execution

Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.296 views

CMS Made Simple 2.2.15 - RCE (Authenticated)

Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.231 views

Easy CD & DVD Cover Creator 4.13 - Denial of Service (PoC)

Exploit Title: Easy CD & DVD Cover Creator 4.13 - Denial of Service PoC Date: 22.12.2020 Software Link: http://www.tucows.com/download/windows/files/ezcdsetup.exe Exploit Author: Achilles Tested Version: 4.13 Tested on: Windows 7 x64 Sp1 1.- Run python code :Creator.py 2.- Open EVIL.txt and copy...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.627 views

Wordpress Core 5.2.2 - 'post previews' XSS

Exploit Title: Wordpress Core 5.2.2 - 'post previews' XSS Date: 31/12/2020 Exploit Author: gx1 Vulnerability Discovery: Simon Scannell Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Version: = 5.2.2 Tested on: any CVE: CVE-2019-16223 References:...

5.4CVSS6.1AI score0.05181EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.465 views

Mantis Bug Tracker 2.24.3 - 'access' SQL Injection

Exploit Title: Mantis Bug Tracker 2.24.3 - 'access' SQL Injection Date: 30/12/2020 Exploit Author: EthicalHCOP Vendor Homepage: https://www.mantisbt.org/ Version: 2.24.3 CVE: CVE-2020-28413 import requests, sys, time from lxml import etree proxies = "http": "http://127.0.0.1:8080", "https":...

6.5CVSS6AI score0.04725EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/24 12:0 a.m.226 views

Apartment Visitors Management System 1.0 - Authentication Bypass

Exploit Title: Apartment Visitors Management System 1.0 - Authentication Bypass Date: 2020-12-24 Exploit Author: Kshitiz Rajmanitorpotterk Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/24 12:0 a.m.225 views

WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload

Exploit Title: WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/angwp Date: 23/12/2020 Exploit Author: spacehen Vendor Homepage: http://adning.com/ Version: spacehen www.lunar.sh" def printusage: print"Usage: python3 exploit.py target url ph...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/24 12:0 a.m.581 views

GitLab 11.4.7 - RCE (Authenticated) (2)

Exploit Title: GitLab 11.4.7 RCE POC Date: 24th December 2020 Exploit Author: Norbert Hofmann Exploit Modifications: Sam Redmond, Tam Lai Yin Original Author: Mohin Paramasivam Software Link: https://gitlab.com/ Environment: GitLab 11.4.7, community edition CVE: CVE-2018-19571 + CVE-2018-19585...

7.7CVSS7.5AI score0.2819EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/12/24 12:0 a.m.512 views

WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting

Exploit Title: WordPress Plugin WP-PostRatings 1.86 - 'postratingsimage' Cross-Site Scripting Date: 20-12-2018 Software Link: https://wordpress.org/plugins/wp-postratings/ Exploit Author: Park Won Seok Version: wp-postratings.1.86 Tested on: Windows 10 x64 description: A Stored Cross-site scripti...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.196 views

Online Learning Management System 1.0 - Multiple Stored XSS

Exploit Title: Online Learning Management System 1.0 - Multiple Stored XSS Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.221 views

Online Learning Management System 1.0 - Authentication Bypass

Exploit Title: Online Learning Management System 1.0 - Authentication Bypass Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.434 views

Baby Care System 1.0 - 'roleid' SQL Injection

Exploit Title: Baby Care System 1.0 - 'roleid' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.218 views

Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS

Exploit Title: Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/11238/sales-and-inventory-system-grocery-store.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.295 views

Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection

Exploit Title: Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection Date: 22/12/2020 Exploit Authors: gx1 lotar Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Affected Themes: shapely - Fixed in version 1.2.9 newsmag - Fix...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.686 views

Online Learning Management System 1.0 - 'id' SQL Injection

Exploit Title: Online Learning Management System 1.0 - 'id' SQL Injection Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.199 views

Class Scheduling System 1.0 - Multiple Stored XSS

Exploit Title: Class Scheduling System 1.0 - Multiple Stored XSS Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/5175/class-scheduling-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/23 12:0 a.m.293 views

TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a unauthenticated command execution...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.358 views

Artworks Gallery Management System 1.0 - 'id' SQL Injection

Exploit Title: Artworks Gallery Management System 1.0 - 'id' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14634/artworks-gallery-management-system-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.221 views

Multi Branch School Management System 3.5 - "Create Branch" Stored XSS

Exploit Title: Multi Branch School Management System 3.5 - "Create Branch" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-21 Google Dork: N/A Vendor Homepage: https://www.ramomcoder.com/ Software Link: https://codecanyon.net/item/ramom-multi-branch-school-management-system/25182324 Affecte...

7.4AI score
Exploits0
Total number of security vulnerabilities47904