Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.299 views

SpinetiX Fusion Digital Signage 3.4.8 - Username Enumeration

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - Username Enumeration Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration Weakness Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.395 views

GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting Authenticated Google Dork: - Date: 2020-09-29 Exploit Author: Roel van Beurden Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/download Version: 3.3.16 Tested on: Linux Ubuntu 18.04 CVE: N/A 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.199 views

BrightSign Digital Signage Diagnostic Web Server 8.2.26 - Server-Side Request Forgery (Unauthenticated)

Exploit Title: BrightSign Digital Signage Diagnostic Web Server 8.2.26 - Server-Side Request Forgery Unauthenticated Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.brightsign.biz Version: = 8.2.26 BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.240 views

SpinetiX Fusion Digital Signage 3.4.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - Cross-Site Request Forgery Add Admin Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 CSRF Add Admin Exploit Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.347 views

MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: MonoCMS Blog 1.0 - Arbitrary File Deletion Authenticated Date: 2020-09-20 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: https://monocms.com/download Software Link: https://monocms.com/download Version: 1.0 Tested On: Windows 10 XAMPP CVE: N/A Proof of...

7.5CVSS6.9AI score0.01628EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.342 views

WebsiteBaker 2.12.2 - 'display_name' SQL Injection (authenticated)

Exploit Title: WebsiteBaker 2.12.2 - 'displayname' SQL Injection authenticated Google Dork: - Date: 2020-09-20 Exploit Author: Roel van Beurden Vendor Homepage: https://websitebaker.org Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Version: 2.12.2 Tested on: Linux Ubuntu 18.0...

9.8CVSS9.8AI score0.01668EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.308 views

CMS Made Simple 2.2.14 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: CMS Made Simple 2.2.14 - Persistent Cross-Site Scripting Authenticated Google Dork: - Date: 2020-09-29 Exploit Author: Roel van Beurden Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/14793/cmsms-2.2.14-install.zip Version:...

5.4CVSS5.8AI score0.01087EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.195 views

Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting

Exploit Title: Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting Exploit Author: Alperen Ergel Web Site: https://alperenae.gitbook.io/ Contact: @alperenae IG @alprenae TW Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: windows 10 / xammp Category: WebApp...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.465 views

SpinetiX Fusion Digital Signage 3.4.8 - Database Backup Disclosure

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - Database Backup Disclosure Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.299 views

BrightSign Digital Signage Diagnostic Web Server 8.2.26 - File Delete Path Traversal

Exploit Title: SpinetiX Fusion Digital Signage 3.4.8 - File Delete Path Traversal Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.spinetix.com Version: = 8.2.26 SpinetiX Fusion Digital Signage 3.4.8 File Backup/Delete Path Traversal Vendor: SpinetiX AG Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/01 12:0 a.m.250 views

Sony IPELA Network Camera 1.82.01 - 'ftpclient.cgi' Remote Stack Buffer Overflow

Exploit Title: Sony IPELA Network Camera 1.82.01 - 'ftpclient.cgi' Remote Stack Buffer Overflow Google Dork: Server: Mida eFramework Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://pro.sony Version: = 1.82.01 !/usr/bin/env python Sony IPELA Network Camera ftpclient.cgi Remote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/29 12:0 a.m.171 views

WebsiteBaker 2.12.2 - Remote Code Execution

Exploit Title: WebsiteBaker 2.12.2 - Remote Code Execution Date: 2020-07-04 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://websitebaker.org/pages/en/home.php Software Link: https://wiki.websitebaker.org/doku.php/downloads Version: 2.12.2 Tested on: Windows 10 and Ubuntu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/29 12:0 a.m.461 views

CloudMe 1.11.2 - Buffer Overflow ROP (DEP,ASLR)

Exploit Title: CloudMe 1.11.2 - Buffer Overflow ROP DEP,ASLR Exploit Author: Bobby Cooke boku CVE: CVE-2018-6892 Date: 2020-09-29 Vendor Homepage: https://www.cloudme.com/ Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: 1.11.2 Tested On: Windows 10 x64 - 10.0.19041 Build...

9.8CVSS9AI score0.93597EPSS
Exploits29
Exploit DB
Exploit DB
added 2020/09/29 12:0 a.m.569 views

BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in (PoC)

Title: BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in PoC Date: 2020-09-29 Author: Christian Vierschilling Vendor Homepage: http://www.bearshareofficial.com/ Software Link: http://www.oldversion.com.de/windows/bearshare-lite-5-2-5 Versions: 5.1.0 - 5.2.5 Tested on: Windows 10 x64 EN/D...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/28 12:0 a.m.405 views

Joplin 1.0.245 - Arbitrary Code Execution (PoC)

Exploit Title: Joplin 1.0.245 - Arbitrary Code Execution PoC Date: 2020-09-21 Exploit Author: Ademar Nowasky Junior @nowaskyjr Vendor Homepage: https://joplinapp.org/ Software Link: https://github.com/laurent22/joplin/releases/download/v1.0.245/Joplin-Setup-1.0.245.exe Version: 1.0.190 to 1.0.245...

6.1CVSS6.5AI score0.04377EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/28 12:0 a.m.375 views

Mida eFramework 2.8.9 - Remote Code Execution

Exploit Title: Mida eFramework 2.8.9 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...

10CVSS9.8AI score0.57326EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/28 12:0 a.m.277 views

MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation

/ Exploit Title: MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation Date: 2020-09-24 Exploit Author: Matteo Malvica Vendor Homepage: https://www.msi.com Software Link: https://msi.gm/ABLTMNB Driver: MSIO64.sys SHA256: 525D9B51A80CA0CD4C5889A96F857E73F3A80DA1FFBAE59851E0F51BDFB0B6CD...

7.8CVSS7.9AI score0.02075EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.298 views

B-swiss 3 Digital Signage System 3.6.5 - Database Disclosure

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Database Disclosure Date: 2020-09-16 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: 3.6.5 Affected version: 3.6.5,3.6.2,3.6.1,3.6.0,3.5.80,3.5.40,3.5.20,3.5.00,3.2.00,3.1.00 B-swiss 3 Digital Signage System 3.6....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.422 views

B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin)

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery Add Maintenance Admin Date: 2020-09-16 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: 3.6.5 Affected version: 3.6.5,3.6.2,3.6.1,3.6.0,3.5.80,3.5.40,3.5.20,3.5.00,3.2.00,3.1.00 !--...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.380 views

BigTree CMS 4.4.10 - Remote Code Execution

Exploit Title: BigTree CMS 4.4.10 - Remote Code Execution Google Dork: " BigTree CMS " Date: 2020-25-09 Exploit Author: SunCSR ThienNV and HoaVT - Sun Cyber Security Research Vendor Homepage: https://www.bigtreecms.org/ Software Link: https://www.bigtreecms.org/ Version: 4.4.10 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/25 12:0 a.m.363 views

Anchor CMS 0.12.7 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: Anchor CMS 0.12.7 - Persistent Cross-Site Scripting Authenticated Date: 2020-09-24 Exploit Author: Sinem Şahin Vendor Homepage: https://anchorcms.com/ Version: 0.12.7 Tested on: Windows & XAMPP == Tutorial http://HOST/admin/ 2- Login to admin panel. 3- Press "Posts" button. 4- Writ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/24 12:0 a.m.321 views

Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting

Title: Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/24 12:0 a.m.348 views

Simple Online Food Ordering System 1.0 - 'id' SQL Injection (Unauthenticated)

Exploit Title: Simple Online Food Ordering System 1.0 - 'id' SQL Injection Unauthenticated Google Dork: N/A Date: 2020-09-22 Exploit Author: Eren 'Aporlorxl23' Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14460/simple-online-food-ordering-system-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/23 12:0 a.m.409 views

Online Food Ordering System 1.0 - Remote Code Execution

Exploit Title: Online Food Ordering System 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-09-22 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14460/simple-online-food-ordering-system-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/22 12:0 a.m.260 views

Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting

Exploit Title: Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting Date: 2020-09-19 Exploit Author: Alperen Ergel Vendor Homepage: https://www.flatpress.org/ Software Link: https://github.com/evacchi/flatpress/releases/tag/v1.0.3 Version: 1.0.3 Tested on: windows 10 / xampp CVE :...

4.8CVSS5.5AI score0.02146EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/09/22 12:0 a.m.224 views

Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution

Exploit Title: Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution Date: 2018-08-15 Exploit Author: Milad Fadavvi Author's LinkedIn: https://www.linkedin.com/in/fadavvi/ Vendor Homepage: https://www.comodo.com/ Version: Releases before 2.7.0 & 1.5.0 Tested on:...

9.8CVSS9.7AI score0.83912EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.337 views

ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path

Exploit Title: ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path Discovery by: Burhanettin Özgenç Discovery Date: 2020-09-15 Vendor Homepage: https://www.forensit.com/downloads.html Tested Version: 2.2.0.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.193 views

Seat Reservation System 1.0 - 'id' SQL Injection

Exploit Title: Seat Reservation System 1.0 - 'id' SQL Injection Date: 2020-09-20 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14452/seat-reservation-system-movie-theater-project-using-phpmysql.html Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.249 views

BlackCat CMS 1.3.6 - Cross-Site Request Forgery

Exploit Title: BlackCat CMS 1.3.6 - Cross-Site Request Forgery Date: 2020-06-01 Exploit Author: Noth Vendor Homepage: https://github.com/BlackCatDevelopment/BlackCatCMS Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Version: v1.3.6 CVE : CVE-2020-25453 BlackCat CMS v1.3.6 has a...

8.8CVSS8.9AI score0.06281EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.284 views

Online Shop Project 1.0 - 'p' SQL Injection

Exploit Title: Online Shop Project 1.0 - 'p' SQL Injection Date: 2020-09-20 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14448/online-shop-project-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.297 views

B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution Date: 2020-08-27 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: = 3.6.5 CVE : N/A !/usr/bin/env python3 -- coding: utf-8 -- B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/21 12:0 a.m.393 views

Mida eFramework 2.9.0 - Back Door Access

Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...

9.8CVSS9.7AI score0.18293EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/18 12:0 a.m.398 views

SpamTitan 7.07 - Remote Code Execution (Authenticated)

Exploit Title: SpamTitan 7.07 - Remote Code Execution Authenticated Date: 2020-09-18 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: https://www.titanhq.com/spamtitan/spamtitangateway/ Software Link: https://www.titanhq.com/signup/?producttype=spamtitangateway Version: 7.07 Tested on:...

9CVSS7.6AI score0.09644EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/09/18 12:0 a.m.1170 views

Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Mantis Bug Tracker 2.3.0 - Remote Code Execution Unauthenticated Date: 2020-09-17 Vulnerability Discovery: hyp3rlinx, permanull Exploit Author: Nikolas Geiselman Vendor Homepage: https://mantisbt.org/ Software Link: https://mantisbt.org/download.php Version: 1.3.0/2.3.0 Tested on:...

8.8CVSS7.8AI score0.90856EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/09/17 12:0 a.m.2015 views

Microsoft SQL Server Reporting Services 2016 - Remote Code Execution

Exploit Title: Microsoft SQL Server Reporting Services 2016 - Remote Code Execution Google Dork: inurl:ReportViewer.aspx Date: 2020-09-17 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: Microsoft SQL Server 2016 32-bit/x64 SP2 CU/GDR, Microsoft SQL Server 2014...

9.8CVSS8.2AI score0.99022EPSS
Exploits14
Exploit DB
Exploit DB
added 2020/09/16 12:0 a.m.991 views

Piwigo 2.10.1 - Cross Site Scripting

Exploit Title: Piwigo 2.10.1 - Cross Site Scripting POC by: Iridium Software Homepage: http://www.piwigo.org Version : 2.10.1 Tested on: Linux & Windows Category: webapps Google Dork: intext: "Powered by Piwigo" CVE : CVE-2020-9467 Description Piwigo 2.10.1 has stored XSS via the file parameter i...

5.4CVSS5.5AI score0.23822EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/09/16 12:0 a.m.604 views

Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software

Title: Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software Author: John Page aka hyp3rlinx Date: 2020-09-16 Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/WindowsTCPIPFingerCommandC2ChannelandBypassingSecuritySoftware.txt...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/15 12:0 a.m.588 views

Tailor MS 1.0 - Reflected Cross-Site Scripting

Exploit Title: Tailor MS 1.0 - Reflected Cross-Site Scripting Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-09-14 CVE ID: CVE-2020-23835 Vendor Homepage: https://www.sourcecodester.com Software Link:...

6.4CVSS6.3AI score0.02289EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/15 12:0 a.m.635 views

ThinkAdmin 6 - Arbitrarily File Read

Exploit Title: ThinkAdmin 6 - Arbitrarily File Read Google Dork: N/A Date: 2020-09-14 Exploit Author: Hzllaga Vendor Homepage: https://github.com/zoujingli/ThinkAdmin/ Software Link: Before https://github.com/zoujingli/ThinkAdmin/commit/ff2ab47cfabd4784effbf72a2a386c5d25c43a9a Version: v6 =...

7.5CVSS7.6AI score0.75881EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.559 views

Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path

Exploit Title: Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.360 views

Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path

Exploit Title: Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path Date: 2020-08-31 Exploit Author: Angelo D'Amato Vendor Homepage: https://www.rapid7.com Version: sc qc nexposeengine SC QueryServiceConfig SUCCESS SERVICENAME: nexposeengine TYPE : 10 WIN32OWNPROCESS STARTTYPE ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.349 views

Joomla! paGO Commerce 2.5.9.0 - SQL Injection (Authenticated)

Exploit Title: Joomla! paGO Commerce 2.5.9.0 - SQL Injection Authenticated Date: 2020-08-21 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.corephp.com/ Software Link: https://www.corephp.com/joomla-products/pago-commerce Version: 2.5.9.0 Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.331 views

RAD SecFlow-1v SF_0290_2.3.01.26 - Cross-Site Request Forgery (Reboot)

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Cross-Site Request Forgery Reboot Date: 2020-08-31 Exploit Author: Uriel Yochpaz and Jonatan Schor Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A...

9.3CVSS7.4AI score0.04663EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.592 views

RAD SecFlow-1v SF_0290_2.3.01.26 - Persistent Cross-Site Scripting

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...

9.3CVSS7.4AI score0.04663EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/09/11 12:0 a.m.782 views

Tea LaTex 1.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Tea LaTex 1.0 - Remote Code Execution Unauthenticated Google Dork: N/A Date: 2020-09-01 Exploit Author: nepska Vendor Homepage: https://github.com/ammarfaizi2/latex.teainside.org Software Link: https://github.com/ammarfaizi2/latex.teainside.org Version: v1.0 Tested on: Kali linux /...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/11 12:0 a.m.730 views

VTENEXT 19 CE - Remote Code Execution

!/usr/bin/python3 Exploit Title: VTENEXT 19 CE - Remote Code Execution Google Dork: n/a Date: 2020/09/09 Exploit Author: Marco Ruela Vendor Homepage: https://www.vtenext.com/en/ Software Link: Vendor removed vulnerable version from sourceforge.net Version: 19 CE Tested on: Ubuntu 16.04 CVE : N/A...

8.8CVSS7.5AI score0.02883EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/09/11 12:0 a.m.1047 views

Internet Explorer 11 - Use-After-Free

Exploit Title: Internet Explorer 11 - Use-After-Free Google Dork: if applicable Date: 2020-09-06 Exploit Author: Tgroup Vendor Homepage: Microsoft.com Version: IE 11 REQUIRED Tested on: Windows 7 x64 CVE : CVE-2020-0674 //...

7.6CVSS0.86863EPSS
Exploits17
Exploit DB
Exploit DB
added 2020/09/11 12:0 a.m.805 views

Gnome Fonts Viewer 3.34.0 - Heap Corruption

!/usr/bin/env python3 Exploit Title: Gnome Fonts Viewer 3.34.0 Heap Corruption Date: 2020-09-10 Exploit Author: Cody Winkler Vendor Homepage: gnome.org Software Link: https://help.gnome.org/misc/release-notes/3.6/users-font-viewer.html Version: 3.34.0 Tested On: Ubuntu 20.04.1 LTS Note: May take ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/09/10 12:0 a.m.1441 views

CuteNews 2.1.2 - Remote Code Execution

Exploit Title: CuteNews 2.1.2 - Remote Code Execution Google Dork: N/A Date: 2020-09-10 Exploit Author: Musyoka Ian Vendor Homepage: https://cutephp.com/cutenews/downloading.php Software Link: https://cutephp.com/cutenews/downloading.php Version: CuteNews 2.1.2 Tested on: Ubuntu 20.04, CuteNews...

8.8CVSS8.7AI score0.52901EPSS
Exploits10
Exploit DB
Exploit DB
added 2020/09/10 12:0 a.m.724 views

ZTE Router F602W - Captcha Bypass

Exploit Title: ZTE Router F602W - Captcha Bypass Exploit Author: Hritik Vijay @MrHritik Vendor Homepage: https://zte.com.cn Reported: 2019-06-14 Version: F6x2W V6.0.10P2T2 Version: F6x2W V6.0.10P2T5 Tested on: F602W CVE: CVE-2020-6862 Background ----------- Captcha is used to make sure the form i...

5.3CVSS5.4AI score0.06306EPSS
Exploits3
Total number of security vulnerabilities47904