Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.263 views

Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)

const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.270 views

Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting

Exploit Title: Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting Date: 13-12-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://getgrav.org/ Software Link: https://getgrav.org/downloads Version: Grav v1.6.30 - Admin v1.9.18 Tested on: Windows 10/Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/16 12:0 a.m.598 views

GitLab 11.4.7 - Remote Code Execution (Authenticated)

Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution No Interaction Required Date: 15th December 2020 Exploit Author: Mohin Paramasivam Shad0wQu35t Software Link: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested on...

7.7CVSS0.3AI score0.2819EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.530 views

Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)

Exploit Title: Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal 2 Date: 12 Dec 2020 Exploit Author: [email protected] Vendor Homepage: cisco.com Software Link: It’s against Hardware, specifically ASA’s and FTD’s Version: ASAs from version 9.6 to 9.14.1.10 and FTD’s versions 6.2.3 to...

7.5CVSS7.8AI score0.99992EPSS
Exploits24
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.263 views

libbabl 0.1.62 - Broken Double Free Detection (PoC)

Exploit Title: libbabl 0.1.62 - Broken Double Free Detection PoC Date: December 14, 2020 Exploit Author: Carter Yagemann Vendor Homepage: https://www.gegl.org Software Link: https://www.gegl.org/babl/ Version: libbabl 0.1.62 and newer Tested on: Debian Buster Linux 4.19.0-9-amd64 Compile: gcc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.300 views

Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2)

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-14-12 Exploit Author: Andrea Bruschi - www.andreabruschi.net Vendor Homepage: https://phpgurukul.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.1215 views

Solaris SunSSH 11.0 x86 - libpam Remote Root

Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root Exploit Author: Hacker Fantastic Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris11-overview.html Version: 11 Tested on: SunOS solaris 5.11 11.0 / SunSSH Solaris 10-11.0 x86 libpam remote root exploit CVE-2020-14871...

10CVSS7AI score0.80291EPSS
Exploits13
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.283 views

Task Management System 1.0 - 'page' Local File Inclusion

Exploit Title: Task Management System 1.0 - 'page' Local File Inclusion Exploit Author: İsmail BOZKURT Date: 2020-12-15 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.506 views

LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection

Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection Google Dork: Unknown Date: 13-12-2020 Exploit Author: Hodorsec Vendor Homepage: https://www.librenms.org Software Link: https://github.com/librenms/librenms Update notice:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.161 views

Jenkins 2.235.3 - 'X-Forwarded-For' Stored XSS

Exploit Title: Jenkins 2.235.3 - 'X-Forwarded-For' Stored XSS Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: '. To understand how remote build trigger works, have a look at this post:...

5.4CVSS5.8AI score0.05298EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.395 views

Seacms 11.1 - 'checkuser' Stored XSS

Exploit Title: Seacms 11.1 - 'checkuser' Stored XSS Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SEACMS111/5f9js3/adminsafe.php?action=setting HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5.0 Windows N...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.359 views

Seacms 11.1 - 'ip and weburl' Remote Command Execution

Exploit Title: Seacms 11.1 - 'ip and weburl' Remote Command Execution Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SeaCMS111/5f9js3/adminip.php?action=set HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.503 views

MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.537 views

Rukovoditel 2.6.1 - Cross-Site Request Forgery (Change password)

Exploit Title: Rukovoditel 2.6.1 - Cross-Site Request Forgery Change password Date: 2020-12-14 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: v2.6.1 Tested on: Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.479 views

Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation

Exploit Title: Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation Date: 03.12.2020 Exploit Author: Maximilian Barz and Daniel Schwendner Vendor Homepage: https://us.macally.com/products/wifisd2 Version: 2.000.010 Tested on: Kali Linux 5.7.0-kali1-amd64 CVE : CVE-2020-29669...

9CVSS8.9AI score0.04866EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.387 views

Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS

Exploit Title: Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.568 views

GitLab 11.4.7 - Remote Code Execution (Authenticated) (1)

Exploit Title: Gitlab 11.4.7 - Remote Code Execution Date: 14-12-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net, foxlox Vendor Homepage: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested On: Debian 10 +...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.589 views

Rumble Mail Server 0.51.3135 - 'servername' Stored XSS

Exploit Title: Rumble Mail Server 0.51.3135 - 'servername' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.469 views

Rumble Mail Server 0.51.3135 - 'username' Stored XSS

Exploit Title: Rumble Mail Server 0.51.3135 - 'username' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.339 views

Seacms 11.1 - 'file' Local File Inclusion

Exploit Title: Seacms 11.1 - 'file' Local File Inclusion Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 GET /SEACMS111/5f9js3/adminsafe.php?action=download&file=C:/windows/system.ini HTTP/1.1 Host: 192.168.137.139...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.411 views

System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path

Exploit Title: System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path Date: 2020-10-14 Exploit Author: Mohammed Alshehri Vendor Homepage: http://systemexplorer.net/ Software Link: http://systemexplorer.net/download/SystemExplorerSetup.exe Version: Version 7.0.0 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.861 views

WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download

Exploit Title: WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download Google Dork: intitle:"Index of" AND "wp-content/plugins/boldgrid-backup/=" Date: 2020-12-12 Exploit Author: Wadeek Vendor Homepage: https://www.boldgrid.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.863 views

Supply Chain Management System - Auth Bypass SQL Injection

Exploit Title: Supply Chain Management System - Auth Bypass SQL Injection Date: 2020-12-11 Exploit Author: Piyush Malviya Vendor Homepage: https://www.sourcecodester.com/php/14619/supply-chain-management-system-phpmysqli-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.579 views

Rukovoditel 2.6.1 - RCE (1)

Exploit Title: Rukovoditel 2.6.1 - RCE Date: 2020-06-11 Exploit Author: coiffeur Write Up: https://therealcoiffeur.github.io/c1010 Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: v2.6.1 CVE: CVE-2020-11819 set -e function usage echo...

9.8CVSS9.7AI score0.26778EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.694 views

Jenkins 2.235.3 - 'Description' Stored XSS

Exploit Title: Jenkins 2.235.3 - 'Description' Stored XSS Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: = 2.251 and = LTS 2.235.3 Tested on: any CVE : CVE-2020-2230 References:...

5.4CVSS5.5AI score0.83053EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.876 views

Openfire 4.6.0 - 'groupchatJID' Stored XSS

Exploit Title: Openfire 4.6.0 - 'groupchatJID' Stored XSS Date: 2020/12/11 Exploit Author: j5s Vendor Homepage: https://github.com/igniterealtime/Openfire Software Link: https://www.igniterealtime.org/downloads/ Version: 4.6.0 POST /plugins/bookmarks/create-bookmark.jsp HTTP/1.1 Host:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.835 views

Openfire 4.6.0 - 'sql' Stored XSS

Exploit Title: Openfire 4.6.0 - 'sql' Stored XSS Date: 20201211 Exploit Author: j5s Vendor Homepage: https://github.com/igniterealtime/Openfire Software Link: https://www.igniterealtime.org/downloads/ Version: 4.6.0 POST /plugins/dbaccess/db-access.jsp HTTP/1.1 Host: 192.168.137.137:9090...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.852 views

Openfire 4.6.0 - 'users' Stored XSS

Exploit Title: Openfire 4.6.0 - 'users' Stored XSS Date: 2020/12/11 Exploit Author: j5s Vendor Homepage: https://github.com/igniterealtime/Openfire Software Link: https://www.igniterealtime.org/downloads/ Version: 4.6.0 POST /plugins/bookmarks/create-bookmark.jsp HTTP/1.1 Host: 192.168.137.137:90...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.728 views

Courier Management System 1.0 - 'ref_no' SQL Injection

Exploit Title: Courier Management System 1.0 - 'refno' SQL Injection Exploit Author: Zhaiyi Zeo Date: 2020-12-11 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.667 views

Courier Management System 1.0 - 'MULTIPART street ((custom) ' SQL Injection

Exploit Title: Courier Management System 1.0 - 'MULTIPART street ' SQL Injection Exploit Author: Zhaiyi Zeo Date: 2020-12-11 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.583 views

Courier Management System 1.0 - 'First Name' Stored XSS

Exploit Title: Courier Management System 1.0 - 'First Name' Stored XSS Exploit Author: Zhaiyi Zeo Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.723 views

Dolibarr 12.0.3 - SQLi to RCE

Exploit Title: Dolibarr 12.0.3 - SQLi to RCE Date: 2/12/2020 Exploit Author: coiffeur Write Up: https://therealcoiffeur.github.io/c10010, https://therealcoiffeur.github.io/c10011 Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads.php,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.619 views

Medical Center Portal Management System 1.0 - Multiple Stored XSS

Exploit Title: Medical Center Portal Management System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.674 views

Jenkins 2.235.3 - 'tooltip' Stored Cross-Site Scripting

Exploit Title: Jenkins 2.235.3 - 'tooltip' Stored Cross-Site Scripting Date: 11/12/2020 Exploit Author: gx1 Vendor Homepage: https://www.jenkins.io/ Software Link: https://updates.jenkins-ci.org/download/war/ Version: = 2.251 and = LTS 2.235.3 Tested on: any CVE : CVE-2020-2229 References:...

5.4CVSS5.8AI score0.06765EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.975 views

WordPress Plugin Popup Builder 3.69.6 - Multiple Stored Cross Site Scripting

Exploit Title: WordPress Plugin Popup Builder 3.69.6 - Multiple Stored Cross Site Scripting Date: 11/27/2020 Exploit Author: Ilca Lucian Florin Vendor Homepage: https://sygnoos.com Software Link: https://wordpress.org/plugins/popup-builder/ / https://popup-builder.com/ Version: = 3.69.6 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.550 views

Library Management System 2.0 - Auth Bypass SQL Injection

Exploit Title: Library Management System 2.0 - Auth Bypass SQL Injection Date: 2020-12-09 Exploit Author: Manish Solanki Vendor Homepage: https://www.sourcecodester.com/php/6849/library-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.828 views

OpenCart 3.0.3.6 - Cross Site Request Forgery

Exploit Title: OpenCart 3.0.3.6 - Cross Site Request Forgery Date: 12-11-2020 Exploit Author: Mahendra Purbia Mah3Sec Vendor Homepage: https://www.opencart.com Software Link: https://www.opencart.com/index.php?route=cms/download Version: OpenCart CMS - 3.0.3.6 Tested on: Kali Linux Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.655 views

Openfire 4.6.0 - 'path' Stored XSS

Exploit Title: Openfire 4.6.0 - 'path' Stored XSS Date: 20201209 Exploit Author: j5s Vendor Homepage: https://github.com/igniterealtime/Openfire Software Link: https://www.igniterealtime.org/downloads/ Version: 4.6.0 POST /plugins/nodejs/nodejs.jsp HTTP/1.1 Host: 192.168.137.137:9090 User-Agent:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.658 views

Barcodes generator 1.0 - 'name' Stored Cross Site Scripting

Exploit Title: Barcodes generator 1.0 - 'name' Stored Cross Site Scripting Date: 10/12/2020 Exploit Author: Nikhil Kumar Vendor Homepage: http://egavilanmedia.com/ Software Link: http://egavilanmedia.com/barcodes-generator-using-php-mysql-and-jsbarcode-library/ Version: 1.0 Tested On: Ubuntu 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/10 12:0 a.m.745 views

PDF Complete 3.5.310.2002 - 'pdfsvc.exe' Unquoted Service Path

Exploit Title: PDF Complete 3.5.310.2002 - 'pdfsvc.exe' Unquoted Service Path Discovery by: Zaira Alquicira Discovery Date: 2020-12-10 Vendor Homepage: https://pdf-complete.informer.com/3.5/ Tested Version: 3.5.310.2002 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.531 views

Task Management System 1.0 - 'id' SQL Injection

Exploit Title: Task Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-08 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.475 views

Task Management System 1.0 - Unrestricted File Upload to Remote Code Execution

Exploit Title: Task Management System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-08 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Lin...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.467 views

Task Management System 1.0 - 'First Name and Last Name' Stored XSS

Exploit Title: Task Management System 1.0 - 'First Name and Last Name' Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-08 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.660 views

VestaCP 0.9.8-26 - 'backup' Information Disclosure

Exploit Title: VestaCP 0.9.8-26 - 'backup' Information Disclosure Date: 2020-11-25 Exploit Author: Vulnerability-Lab Vendor Homepage: https://vestacp.com/ Software Link: https://vestacp.com/install/ Version: 0.9.8-26 Document Title: =============== VestaCP v0.9.8-26 - Insufficient Session...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.617 views

Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption

Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Date: December 8th 2020 Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.569 views

VestaCP 0.9.8-26 - 'LoginAs' Insufficient Session Validation

Exploit Title: VestaCP 0.9.8-26 - 'LoginAs' Insufficient Session Validation Date: 2020-11-26 Exploit Author: Vulnerability-Lab Vendor Homepage: https://vestacp.com/ Software Link: https://vestacp.com/install/ Version: 0.9.8-26 Document Title: =============== VestaCP v0.9.8-26 - LoginAs Token...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.466 views

Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow (SEH)

Exploit Title: Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow SEH Date: 2020-12-08 Exploit Author: Andrés Roldán Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/downloads.html Version: 10.0.18 Tested on: Windows 10 Pro x64 !/usr/bin/env python3 import...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.688 views

Huawei HedEx Lite 200R006C00SPC005 - Path Traversal

Exploit Title: Huawei HedEx Lite 200R006C00SPC005 - Path Traversal Date: 2020-11-24 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.huawei.com/ Software Link: https://support.huawei.com/carrier/docview!docview?nid=SCL1000005027&path=PAN-ET/PAN-T/PAN-T-HedEx Version: 200R006C00SPC00...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/09 12:0 a.m.967 views

SmarterMail Build 6985 - Remote Code Execution

Exploit Title: SmarterMail Build 6985 - Remote Code Execution Exploit Author: 1F98D Original Author: Soroush Dalili Date: 10 May 2020 Vendor Hompage: re CVE: CVE-2019-7214 Tested on: Windows 10 x64 References:...

10CVSS9.6AI score0.84174EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/12/08 12:0 a.m.384 views

Online Bus Ticket Reservation 1.0 - SQL Injection

Exploit Title: Online Bus Ticket Reservation 1.0 - SQL Injection Date: 2020-12-07 Exploit Author: Sakshi Sharma Vendor Homepage: https://www.sourcecodester.com/php/5012/online-bus-ticket-reservation-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904