Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.749 views

Cisco 7937G - DoS/Privilege Escalation

Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.901 views

User Registration & Login and User Management System 2.1 - Login Bypass SQL Injection

Exploit Title: User Registration & Login and User Management System 2.1 - Login Bypass SQL Injection Date: 2020–11–14 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://phpgurukul.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.900 views

Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path

Title: Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/es/advancedsystemcarepro.php Version : 13.0.0.157 Tested on: Windows 10 64bitEN CVE : N/A ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.995 views

Atheros Coex Service Application 8.0.0.255 - 'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path

Exploit Title: Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path Exploit Author : Isabel Lopez Exploit Date: 2020-11-13 Vendor Homepage : https://www.file.net/process/athcoexagent.exe.html Link Software :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.813 views

Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection (Authenticated)

Exploit Title: Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection Authenticated Date: 11-14-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/1258a1a63535f60924fb69b1f7812c678570cc8e Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.711 views

Car Rental Management System 1.0 - 'car_id' Sql Injection

Exploit Title: Car Rental Management System 1.0 - 'carid' Sql Injection Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.825 views

Logitech Solar Keyboard Service - 'L4301_Solar' Unquoted Service Path

Title: Logitech Solar Keyboard Service - 'L4301Solar' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.logitech.com/es-mx Software Link: https://support.logi.com/hc/en-us/articles/360024692874--Downloads-Wireless-Solar-Keyboard-K750 Version : 1.10.3.0 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.747 views

Water Billing System 1.0 - 'id' SQL Injection (Authenticated)

Exploit Title: Water Billing System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor: https://www.sourcecodester.com/php/14560/water-billing-system-phpmysqli-full-source-code.html Version: 1.0 Tested on: Apache2 an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/16 12:0 a.m.1019 views

KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path

Exploit Title: KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path Discovery by: IRVIN GIL Discovery Date: 2020-11-14 Vendor Homepage: https://www.kite.com/ Tested Version: 1.2020.1113.1 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 x64 es Step to discover...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.652 views

October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)

Exploit Title: October CMS Build 465 - Arbitrary File Read Exploit Authenticated Date: 2020-03-31 Exploit Author: Sivanesh Ashok Vendor Homepage: https://octobercms.com/ Version: Build 465 and below Tested on: Windows 10 / XAMPP / October CMS Build 465 CVE: CVE-2020-5295 echo ''' Authenticated...

4.9CVSS5.1AI score0.07371EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.847 views

Citrix ADC NetScaler - Local File Inclusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler - Local File Inclusion Metasploit', 'Description' = % The remote device is affected by multiple vulnerabilities. An...

6.5CVSS5.6AI score0.88411EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.612 views

ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS TM-AC1900 - Arbitrary Command Execution', 'Description' = %q This module exploits a code execution vulnerability within the ASUS TM-AC1900...

10CVSS9.7AI score0.03613EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.649 views

IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path

Exploit Title: IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path Discovery by: Isabel Lopez Software link: https://www.pconlife.com/download/otherfile/20566/098185e9b7c417cf7480bb9f839db652/ Discovery Date: 2020-11-07 Tested Version: 1.0.6425.0 Vulnerability Type: Unquoted Service Path...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.614 views

SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path

Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path Discovery by: Mara Ramirez Discovery Date: 10-11-2020 Vendor Homepage: https://www.segurazo.com/download.html Software Links : https://www.segurazo.com/download.html Tested Version: 10.0.21.61 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.673 views

DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path

Exploit Title: DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path Discovery by: Teresa Q Discovery Date: 2020-11-11 Vendor:DigitalPersona U. are U. One Touch Version: 5.1.0.656 Vulnerability Type: Unquoted Service Path Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.724 views

OpenCart Theme Journal 3.1.0 - Sensitive Data Exposure

Exploit Title: OpenCart Theme Journal 3.1.0 - Sensitive Data Exposure Date: 11-06-2020 Vendor Homepage: https://www.journal-theme.com/ Vendor Changelog: https://docs.journal-theme.com/changelog Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...

7.5CVSS7.7AI score0.04689EPSS
Exploits1
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.545 views

Touchbase.io 1.10 - Stored Cross Site Scripting

Exploit Title: Touchbase.io 1.10 - Stored Cross Site Scripting Date: 2020-11-11 Exploit Author: Simran Sankhala Vendor Homepage: https://touchbase.ai/ Software Link: https://touchbase.ai/ Version: 1.1.0 Tested on: Windows 10 Proof Of Concept: touchbase.ai application allows stored XSS, via the 'A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.3002 views

Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion (Metasploit)

require "msf/core" class MetasploitModule "Ghostcat", "Description" = %q When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.558 views

Bludit 3.9.2 - Authentication Bruteforce Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bludit Panel Brute force', 'Description' = %q This Module performs brute force attack on Bludit Panel. , 'Author' = 'Eren Simsek ', 'License' =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/12 12:0 a.m.629 views

Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow

Exploit Title: Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow Date: 2020-07-30 Author: Felipe Winsnes Software Link: http://www.nidesoft.com/downloads/3gp-video-converter.exe Version: 2.6.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/12 12:0 a.m.1259 views

Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection

Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection Software Link: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850 Version: prefix . 'gdlrpayment '; 688- $sql .= 'WHERE id=' . $POST'id' . ' AND '; 689- $sql .=...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/12 12:0 a.m.625 views

Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection

Exploit Title: Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection SQL Injection in 'username' and 'password' parameters allows attacker to run the SQL commands on the victim to extract entire DB. In advanced exploitation, an attacker can run the arbitrary code on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/12 12:0 a.m.94 views

Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)

const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/11 12:0 a.m.537 views

Customer Support System 1.0 - Cross-Site Request Forgery

Exploit Title: Customer Support System 1.0 - Cross-Site Request Forgery Admin Account Takeover Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/11 12:0 a.m.496 views

Customer Support System 1.0 - 'username' Authentication Bypass

Title: Customer Support System 1.0 - 'username' Authentication Bypass Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/11 12:0 a.m.429 views

CMSUno 1.6.2 - 'user' Remote Code Execution (Authenticated)

Exploit Title: CMSUno 1.6.2 - 'user' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.09.30 Exploit Author: Fatih Çelik Vendor Homepage: https://github.com/boiteasite/cmsuno/ Software Link: https://github.com/boiteasite/cmsuno/ Blog:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/11 12:0 a.m.609 views

Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel

Exploit Title: Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.405 views

Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection

Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...

8.7CVSS7AI score0.03504EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.319 views

Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload

Exploit Title: Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload Date: 09-11-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.325 views

ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting

Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting Date: 11/8/2020 Exploit Author: Joe Helle Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products Version: 19.46.1802.0 Tested on: Linux CVE: 2020-28351 PoC: The conferencing component on...

6.1CVSS6.3AI score0.15987EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.308 views

Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path

Exploit Title: Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path Date: 2020-8-20 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.cybertronsoft.com/ Software Link: https://www.cybertronsoft.com/download/privacy-drive-setup.exe Version: Version 3.17.0 Build 1456 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.242 views

DiskBoss v11.7.28 - Multiple Services Unquoted Service Path

Exploit Title: DiskBoss v11.7.28 - Multiple Services Unquoted Service Path Date: 2020-8-20 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.diskboss.com/ Software Link: https://www.diskboss.com/downloads.html Version: v11.7.28 Tested on: Microsoft Windows Server 2019 Standard...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.257 views

Joplin 1.2.6 - 'link' Cross Site Scripting

Exploit Title: Joplin 1.2.6 - 'link' Cross Site Scripting Date: 2020-09-21 Exploit Author: Philip Holbrook @fhlipZero Vendor Homepage: https://joplinapp.org/ Software Link: https://github.com/laurent22/joplin/releases/tag/v1.2.6 Version: 1.2.6 Tested on: Windows / Mac CVE : CVE-2020-28249...

6.1CVSS6.3AI score0.03027EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.435 views

Deep Instinct Windows Agent 1.2.24.0 - 'DeepNetworkService' Unquoted Service Path

Exploit Title: Deep Instinct Windows Agent 1.2.24.0 - 'DeepNetworkService' Unquoted Service Path Discovery by: Paulina Girón Discovery Date: 2020-11-07 Vendor Homepage: https://www.deepinstinct.com/ Software Links :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.258 views

Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path

Exploit Title: Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-07 Vendor : Magic Utilities Pty Version : 64-bit 2.20 Vendor Homepage : https://magicutilities.net/magic-mouse/home Tested on OS: Windows 10 Home Analyze PoC ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.382 views

RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path

Exploit Title: RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-11-07 Vendor Homepage: https://www.real.com/ Tested Version: 18.1.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Enterprise SP1 x64 es Step to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.443 views

Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path

Exploit Title: Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path Discovery by: Carlos Roa Discovery Date: 2020-11-07 Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home Tested Version: 5.1.0.8 Vulnerability Type: Unquoted Service Path Tested on O...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.278 views

iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path

Exploit Title: iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path Discovery by: Leslie Lara Discovery Date: 7-09-2020 Vendor Homepage: https://www.huawei.com/en/corporate-information Software Links :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.68 views

Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path

Exploit Title: Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path Discovery by: Erika Figueroa Discovery Date: 2020-11-07 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 1.0.0.55 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 x64 es St...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.939 views

Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path

Exploit Title: Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path Discovery by: Erika Figueroa Discovery Date: 2020-11-07 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 1.0.64.10 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 x64 es Step ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.432 views

MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path

Exploit Title: MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-07 Vendor : Microvirt Version : Microvirt MEMU 3.7.0 Vendor Homepage : https://www.memuplay.com/ Tested on OS: Windows 10 Home Analyze PoC : ============== C:\Users\Sam Sanzsc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.372 views

HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path

Exploit Title: HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path Discovery by: Jocelyn Arenas Discovery Date: 2020-11-07 Vendor Homepage: https://www8.hp.com/mx/es/home.html Tested Version: 1.4.8.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Home x64 es Step to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.347 views

Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe ' Unquoted Service Path

Exploit Title: Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe 'Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-07 Vendor Homepage: https://motorola-device-manager.programas-gratis.net/gracias Tested Version: 2.5.4 Vulnerability Type: Unquoted Service Path Tested on O...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.393 views

KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path

Exploit Title: KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : KMSpico Version : ServiceKMS 17.1.0.0 Vendor Homepage : https://official-kmspico.com/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc "Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.290 views

SuiteCRM 7.11.15 - 'last_name' Remote Code Execution (Authenticated)

Exploit Title: SuiteCRM 7.11.15 - 'lastname' Remote Code Execution Authenticated Date: 08 NOV 2020 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://suitecrm.com/ Software Link: https://github.com/salesagility/SuiteCRM Version: 7.11.15 and below Tested on: Ubuntu 20.04 LTS CVE:...

9CVSS8.7AI score0.63267EPSS
Exploits10
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.279 views

Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF

Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF Date: 28-08-2020 Vendor Homepage: https://www.gxgroup.eu/ont-products/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...

6.5CVSS6.6AI score0.031EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.284 views

Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path

Exploit Title: Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-07 Vendor Homepage: https://motorola-device-manager.programas-gratis.net/descarga-completada Tested Version: 2.5.4 Vulnerability Type: Unquoted Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.322 views

Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path

Exploit Title: Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-08 Vendor Homepage: https://www.filehorse.com/es/descargar-motorola-device-manager/ Tested Version: 2.4.5 Vulnerability Type: Unquoted Service Path Tested ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.372 views

Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path

Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.275 views

OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path

Exploit Title: OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.oki.com/ Software Link: https://www.oki.com/mx/printing/download/sPSV0100412270910.exe Software Version: 1.0.41 File Version: 1.4.2.0 Tested...

7.4AI score
Exploits0
Total number of security vulnerabilities47904