Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.222 views

Library Management System 3.0 - "Add Category" Stored XSS

Exploit Title: Library Management System 3.0 - "Add Category" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-22 Google Dork: N/A Vendor Homepage: https://otsglobal.org/ Software Link: https://codecanyon.net/item/library-management-system-22/16965307 Affected Version: 3.0 Patched Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.593 views

Webmin 1.962 - 'Package Updates' Escape Bypass RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...

8.7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.571 views

WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress W3 Total Cache File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability i...

7.5CVSS7.6AI score0.19396EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.244 views

10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow SEH Date: 2020-12-22 Exploit Author: Florian Gassner Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.05 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.183 views

Faculty Evaluation System 1.0 - Stored XSS

Exploit Title: Faculty Evaluation System 1.0 - Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.224 views

TerraMaster TOS 4.2.06 - RCE (Unauthenticated)

Exploit Title: TerraMaster TOS 4.2.06 - RCE Unauthenticated Date: 12/12/2020 Exploit Author: IHTeam Full Write-up: https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/ Vendor Homepage: https://www.terra-master.com/ Version: " /usr/www/"+shellfilename+" &&...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.757 views

CSE Bookstore 1.0 - Multiple SQL Injection

Exploit Title : CSE Bookstore 1.0 - Multiple SQL Injection Date : 2020-12-21 Author : Musyoka Ian Version : CSE Bookstore 1.0 Vendor Homepage: https://projectworlds.in/ Platform : PHP Tested on : Debian CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.516 views

Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection (Authenticated)

Exploit Title: Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection Authenticated Date: 12-21-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/d08e60f13a858fbd22ce6b83fa8ca391c608ec5c Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.217 views

Victor CMS 1.0 - File Upload To RCE

Exploit Title: Victor CMS 1.0 - File Upload To RCE Date: 20.12.2020 Exploit Author: Mosaaed Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Apache2/Linux Step1: register...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.268 views

Spotweb 1.4.9 - 'search' SQL Injection

Exploit Title: Spotweb 1.4.9 - 'search' SQL Injection Google Dork: N/A Date: 20 December 2020 Exploit Author: BouSalman Vendor Homepage: https://github.com/spotweb/spotweb Software Link: N/A Version: 1.4.9 Tested on: Ubuntu 18.04 CVE: CVE-2020-35545 GET...

9.8CVSS9.6AI score0.03803EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.388 views

SCO Openserver 5.0.7 - 'section' Reflected XSS

Exploit Title: SCO Openserver 5.0.7 - 'section' Reflected XSS Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 14/06/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Tested on...

6.1CVSS6.3AI score0.08142EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.229 views

Point of Sale System 1.0 - Multiple Stored XSS

Exploit Title: Point of Sale System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-18 Vendor Homepage: https://www.sourcecodester.com/php/9620/point-sale-system-pos.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.417 views

SCO Openserver 5.0.7 - 'outputform' Command Injection

Exploit Title: SCO Openserver 5.0.7 - 'outputform' Command Injection Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 04/09/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products/ Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Test...

9.8CVSS9.7AI score0.39193EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.219 views

Queue Management System 4.0.0 - "Add User" Stored XSS

Exploit Title: Queue Management System 4.0.0 - "Add User" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-21 Google Dork: N/A Vendor Homepage: http://codekernel.net/ Software Link: https://codecanyon.net/item/queue-management-system/22029961 Affected Version: Version 4.0.0 Patched Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.203 views

Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20142...

6.1CVSS6.4AI score0.01583EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.209 views

Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...

6.1CVSS6.4AI score0.01616EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.205 views

Academy-LMS 4.3 - Stored XSS

Exploit Title: Academy-LMS 4.3 - Stored XSS Date: 19/12/2020 Vendor page: https://academy-lms.com/ Version: 4.3 Tested on Win10 and Google Chrome Exploit Author: Vinicius Alves XSS Payload: 1 Access LMS and log in to admin panel 2 Access courses page 3 Open course manager and SEO menu 4 Paste the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.576 views

Spiceworks 7.5 - HTTP Header Injection

Exploit Title: Spiceworks 7.5 - HTTP Header Injection Google Dork: inurl:/prousers/login Discovered Date: 15/09/2020 Exploit Author: Ramikan Vendor Homepage: https://www.spiceworks.com Affected Version: 7.5.7.0 may be others. Tested On Version: 7.5.7.0 CVE : CVE-2020-25901 Vulnerability: Host...

6.1CVSS6.4AI score0.0508EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.313 views

Online Marriage Registration System 1.0 - 'searchdata' SQL Injection

Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 CVE: CVE-2020-351...

8.8CVSS8.9AI score0.03783EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.303 views

Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20140...

6.1CVSS6.4AI score0.01616EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.217 views

Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version: Flexmonster Pivot Table & Charts 2.7.17 Tested on: Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20139...

6.1CVSS6.4AI score0.01616EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.1297 views

Wordpress Plugin Contact Form 7 5.3.1 - Unrestricted File Upload

Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 - Unrestricted File Upload Date: 12/20/2020 Exploit Author: Ramón Vila Ferreres @ramonvfer Vendor Homepage: https://contactform7.com Software Link: https://wordpress.org/plugins/contact-form-7/ Version: 5.3.1 and below Tested on: Windows 10 190...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.587 views

SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)

Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service Poc Data: 18-Dec-2020 Exploit Author: Ahmed Elkhressy Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7, Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.286 views

FRITZ!Box 7.20 - DNS Rebinding Protection Bypass

Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.408 views

Alumni Management System 1.0 - 'id' SQL Injection

Exploit Title: Alumni Management System 1.0 - 'id' SQL Injection Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.182 views

Point of Sale System 1.0 - Authentication Bypass

Exploit Title: Point of Sale System 1.0 - Authentication Bypass Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-17 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/9620/point-sale-system-pos.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.199 views

Alumni Management System 1.0 - Unrestricted File Upload To RCE

Exploit Title: Alumni Management System 1.0 - Unrestricted File Upload To RCE Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.228 views

Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS

Exploit Title: Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-18 Vendor Homepage: https://xeroneit.net/ Software Link: https://xeroneit.net/portfolio/library-management-system-lms Affected Version: Version 3.1 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.261 views

Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...

7.5CVSS7AI score0.97822EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.185 views

Smart Hospital 3.1 - "Add Patient" Stored XSS

Exploit Title: Smart Hospital 3.1 - "Add Patient" Stored XSS Exploit Author: Kislay Kumar Date: 2020-12-18 Vendor Homepage: https://smart-hospital.in/index.html Software Link: https://codecanyon.net/item/smart-hospital-hospital-management-system/23205038 Affected Version: Version 3.1 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/18 12:0 a.m.208 views

Alumni Management System 1.0 - "Course Form" Stored XSS

Exploit Title: Alumni Management System 1.0 - "Course Form" Stored XSS Exploit Author: Aakash Madaan Date: 2020-12-10 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.211 views

Content Management System 1.0 - 'First Name' Stored XSS

Exploit Title:Content Management System 1.0 - 'First Name' Stored XSS Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.202 views

Linksys RE6500 1.0.11.001 - Unauthenticated RCE

Exploit Title: Linksys RE6500 1.0.11.001 - Unauthenticated RCE Date: 31/07/2020 Exploit Author: RE-Solver Public disclosure: https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html4 Vendor Homepage: www.linksys.com Version: FW V1.05 up to FW v1.0.11.001 Tested on: F...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.393 views

Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)

Exploit Title: Dolibarr ERP-CRM 12.0.3 - Remote Code Execution Authenticated Date: 2020.12.17 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://github.com/Dolibarr/dolibarr Software Link: https://sourceforge.net/projects/dolibarr/ Version: 12.0.3 Tested on: Kali Linux 2020.2 Vulnerabilit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.493 views

Customer Support System 1.0 - 'id' SQL Injection

Exploit Title: Customer Support System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.339 views

Medical Center Portal Management System 1.0 - 'id' SQL Injection

Exploit Title: Medical Center Portal Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.211 views

Interview Management System 1.0 - Stored XSS in Add New Question

Exploit Title: Interview Management System 1.0 - Stored XSS in Add New Question Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-09 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.366 views

Online Tours & Travels Management System 1.0 - "id" SQL Injection

Exploit Title: Online Tours & Travels Management System 1.0 - "id" SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.333 views

Content Management System 1.0 - 'email' SQL Injection

Exploit Title: Content Management System 1.0 - 'email' SQL Injection Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.248 views

Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS

Exploit Title: Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.392 views

Content Management System 1.0 - 'id' SQL Injection

Exploit Title: Content Management System 1.0 - 'id' SQL Injection Exploit Author: Zhayi Zeo Date: 2020-12-14 Vendor Homepage: https://www.sourcecodester.com/php/14625/content-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.632 views

Nxlog Community Edition 2.10.2150 - DoS (Poc)

Exploit Title: Nxlog Community Edition 2.10.2150 - DoS Poc Date: 15/12/2020 Exploit Author: Guillaume PETIT Vendor Homepage: https://nxlog.co Software Link: https://nxlog.co/products/nxlog-community-edition/download Version: 2.10.2150 Tested on: Linux Debian 10 && Windows Server 2019 CVE:...

7.5CVSS7.7AI score0.07599EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.382 views

Interview Management System 1.0 - 'id' SQL Injection

Exploit Title: Interview Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.333 views

PHPJabbers Appointment Scheduler 2.3 - Reflected XSS (Cross-Site Scripting)

Exploit Title: PHPJabbers Appointment Scheduler 2.3 - Reflected XSS Cross-Site Scripting Date: 2020-12-14 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.phpjabbers.com Software Link: https://www.phpjabbers.com/appointment-scheduler Version: 2.3 Tested on: Latest Version of Deskto...

6.1CVSS6.3AI score0.02678EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.186 views

Victor CMS 1.0 - Multiple SQL Injection (Authenticated)

Exploit Title: Victor CMS 1.0 - Multiple SQL Injection Authenticated Date: 17.12.2020 Exploit Author: Furkan Göksel Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Description: The Victor CMS v1.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/17 12:0 a.m.213 views

Employee Record System 1.0 - Multiple Stored XSS

Exploit Title: Employee Record System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-09 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14588/employee-record-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.194 views

Seotoaster 3.2.0 - Stored XSS on Edit page properties

Exploit Title: Seotoaster 3.2.0 - Stored XSS on Edit page properties Exploit Author: Hardik Solanki Vendor Homepage: https://www.seotoaster.com/ Software Link: https://crm-marketing-automation-platforms.seotoaster.com/ Version: 3.2.0 Tested on Windows 10 XSS ATTACK: Cross-site Scripting XSS is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.250 views

PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection

​ Exploit Title: PrestaShop ProductComments 4.2.0 - 'idproducts' Time Based Blind SQL Injection Date: 2020-12-15 Exploit Author: Frederic ADAM Author contact: [email protected] Vendor Homepage: https://www.prestashop.com Software Link: https://github.com/PrestaShop/productcomments Version: 4.2.0...

8.2CVSS7.4AI score0.12388EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.183 views

Raysync 3.3.3.8 - RCE

Exploit Title: Raysync 3.3.3.8 - RCE Date: 04/10/2020 Exploit Author: XiaoLong Zhu Vendor Homepage: www.raysync.io Version: below 3.3.3.8 Tested on: Linux step1: run RaysyncServer.sh to build a web application on the local environment, set admin password to 123456 , which will be write to manage....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.280 views

Magic Home Pro 1.5.1 - Authentication Bypass

Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...

7.5CVSS7.6AI score0.02875EPSS
Exploits4
Total number of security vulnerabilities47904