Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2020/09/10 12:0 a.m.•684 views

Tiandy IPC and NVR 9.12.7 - Credential Disclosure

Exploit Title: Tiandy IPC and NVR 9.12.7 - Credential Disclosure Date: 2020-09-10 Exploit Author: zb3 Vendor Homepage: http://en.tiandy.com Product Link: http://en.tiandy.com/index.php?s=/home/product/index/category/products.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/09 12:0 a.m.•523 views

Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)

Exploit Title: Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery change admin password Google Dork: inurl:scopia+index.jsp Date: 2020-09-09 Exploit Author: v1n1v131r4 Vendor Homepage: https://avaya.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/09 12:0 a.m.•441 views

Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)

Exploit Title: Audio Playback Recorder 3.2.2 - Local Buffer Overflow SEH Date: 2020-09-08 Author: Felipe Winsnes Software Link: https://archive.org/download/tucows288670AudioPlaybackRecorder/AudioRec.exe Version: 3.2.2 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/09 12:0 a.m.•502 views

Tailor Management System - 'id' SQL Injection

Exploit Title: Tailor Management System - 'id' SQL Injection Google Dork: N/A Date: 2020-09-08 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/09 12:0 a.m.•566 views

Input Director 1.4.3 - 'Input Director' Unquoted Service Path

Exploit Title: Input Director 1.4.3 - 'Input Director' Unquoted Service Path Discovery Date: 2020-09-08 Response from Input Director Support: 09/09/2020 Exploit Author: TOUHAMI Kasbaoui Vendor Homepage: https://www.inputdirector.com/ Version: 1.4.3 Tested on: Windows Server 2012, Windows 10 Find...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/08 12:0 a.m.•498 views

ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path

Exploit Title: ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path Discovery Date: 2020-09-08 Discovery by: Alan Lacerda alacerda Vendor Homepage: https://www.sharemouse.com/ Software Link: https://www.sharemouse.com/ShareMouseSetup.exe Version: 5.0.43 Tested on OS: Microsoft Windows 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/07 12:0 a.m.•621 views

Cabot 0.11.12 - Persistent Cross-Site Scripting

Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Abhiram V Vendor Homepage: https://cabotapp.com/ Software Link: https://github.com/arachnys/cabot Version: 0.11.12 Tested on: Ubuntu Linux Introduction Cabot is a free, open-source, self-hosted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/07 12:0 a.m.•905 views

ManageEngine Applications Manager 14700 - Remote Code Execution (Authenticated)

!/usr/bin/python3 Exploit Title: ManageEngine Applications Manager 14700 - Remote Code Execution Authenticated Google Dork: None Date: 2020-09-04 Exploit Author: Hodorsec Vendor Homepage: https://manageengine.co.uk Vendor Vulnerability Description:...

7.2CVSS7AI score0.35773EPSS
Exploits4
Exploit DB
Exploit DB
•added 2020/09/07 12:0 a.m.•657 views

grocy 2.7.1 - Persistent Cross-Site Scripting

Exploit Title: grocy 2.7.1 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://berrnd.de/ Software Link: https://github.com/grocy/grocy Version: 2.7.1 Tested on: Kali Linux 2020.3 Proof Of Concept: grocy household management solution...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/04 12:0 a.m.•1128 views

Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path

Exploit Title: Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path Discovery Date: 2020-09-03 Discovery by: chipo Vendor Homepage: https://nordvpn.com Software Link : https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe Tested Version: 6.31.13.0 Tested on OS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/03 12:0 a.m.•533 views

SiteMagic CMS 4.4.2 - Arbitrary File Upload (Authenticated)

Exploit Title: SiteMagic CMS 4.4.2 - Arbitrary File Upload Authenticated Date: 2020-09-02 Exploit Author: v1n1v131r4 Vendor Homepage: https://sitemagic.org/ Software Link: https://sitemagic.org/Download.html Version: 4.4.2 Tested on: Ubuntu 18.04 CVE : N/A PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/03 12:0 a.m.•671 views

BarracudaDrive v6.5 - Insecure Folder Permissions

Exploit Title: BarracudaDrive v6.5 - Insecure Folder Permissions Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec CVE ID: N/A Date: 2020-09-01 Vendor Homepage: https://barracudaserver.com/ Software Link: https://download.cnet.com/BarracudaDrive/3001-185064-10723210.html Version: v6.5 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/03 12:0 a.m.•615 views

Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting Date: 2020-09-01 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://savsoftquiz.com/ Software Link: https://savsoftquiz.com/web/demo.php Version: 5.0 Tested on: Windows 10/Kali Linux Contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/03 12:0 a.m.•497 views

BloodX CMS 1.0 - Authentication Bypass

Exploit Title: BloodX CMS 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-09-02 Exploit Author: BKpatron Vendor Homepage: https://github.com/diveshlunker/BloodX Software Link: https://github.com/diveshlunker/BloodX/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A my website:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/03 12:0 a.m.•671 views

Daily Tracker System 1.0 - Authentication Bypass

Exploit Title: Daily Tracker System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec & Bobby Cooke boku CVE ID: CVE-2020-24193 Date: September 2, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

9.8CVSS9.7AI score0.02612EPSS
Exploits2
Exploit DB
Exploit DB
•added 2020/09/02 12:0 a.m.•120 views

Rukovoditel 2.7.1 - Remote Code Execution (2) (Authenticated)

!/usr/bin/python3 Exploit Title: Rukovoditel 2.7.1 - Remote Code Execution Authenticated Exploit Author: @danyx07 Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: Rukovoditel -p you can provide credentials, load the image with PHP...

9.8CVSS9.7AI score0.26778EPSS
Exploits4
Exploit DB
Exploit DB
•added 2020/09/02 12:0 a.m.•286 views

Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)

Exploit Title: Stock Management System 1.0 - Cross-Site Request Forgery Change Username Exploit Author: Bobby Cooke & Adeeb Shah @hyd3sec CVE ID: N/A Date: 2020-09-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/01 12:0 a.m.•418 views

Mara CMS 7.5 - Remote Code Execution (Authenticated)

Exploit Title: Mara CMS 7.5 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Michele Cisternino 0blio Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/09/01 12:0 a.m.•276 views

moziloCMS 2.0 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: moziloCMS 2.0 - Persistent Cross-Site Scripting Authenticated Date: 2020-08-31 Exploit Author: Abdulkadir Kaya Vendor Homepage: https://www.mozilo.de/ Version: 2.0 Tested on: Windows & WampServer 1- Go to following url. http://HOST/PATH/admin/ 2- Login the admin panel. 3- Go to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/31 12:0 a.m.•463 views

CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/31 12:0 a.m.•449 views

Mara CMS 7.5 - Reflective Cross-Site Scripting

Exploit Title: Mara CMS 7.5 - Reflective Cross-Site Scripting Google Dork: NA Date: 2020-08-01 Exploit Author: George Tsimpidas Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5 Tested on:...

6.1CVSS6.4AI score0.14552EPSS
Exploits2
Exploit DB
Exploit DB
•added 2020/08/31 12:0 a.m.•646 views

Fuel CMS 1.4.8 - 'fuel_replace_id' SQL Injection (Authenticated)

Exploit Title: Fuel CMS 1.4.8 - 'fuelreplaceid' SQL Injection Authenticated Date: 2020-08-19 Exploit Author: c0mpu7er(@ymbank.cn) Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.8.zip Version: 1.4.7 Tested on: PHP 5.4.45, Apache...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/31 12:0 a.m.•386 views

Online Book Store 1.0 - 'id' SQL Injection

Title: Online Book Store 1.0 - 'id' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14383/online-book-store.html Software Link: https://www.sourcecodester.com/download-code?nid=14383&title=Online+Book+Store Version: 1.0 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/31 12:0 a.m.•343 views

BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow (SEH,ASLR,DEP)

Title: BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow SEH,ASLR,DEP Author: emalp Date: 2020-08-31 Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested on: Windows 7 Home Basic Run this file bfile.plf...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/28 12:0 a.m.•543 views

Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation

Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation Date: 2020-08-28 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: 3.8.0 Tested on: Windows CVE : N/A !/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/28 12:0 a.m.•560 views

SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting

Exploit Title: SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2020-08-28 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.getsymphony.com/ Software Link: https://www.getsymphony.com/ Version: 3.0.0 Tested on: Windows CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/28 12:0 a.m.•1028 views

Online Shopping Alphaware 1.0 - 'id' SQL Injection

Title: Online Shopping Alphaware 1.0 - 'id' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/28 12:0 a.m.•610 views

Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting

Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...

5.4CVSS5.6AI score0.14414EPSS
Exploits3
Exploit DB
Exploit DB
•added 2020/08/27 12:0 a.m.•594 views

Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload (Authenticated)

Exploit Title: Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload Authenticated Date: 2020-08-24 Software Link: https://wordpress.org/plugins/autoptimize/ Author : SunCSR Team Version: v2.7.6 Tested on Ubuntu 18.04 / Kali Linux Reference: https://wpvulndb.com/vulnerabilities/10372...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/27 12:0 a.m.•760 views

ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow (DEP,ASLR Bypass) (PoC)

Exploit Title: ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow DEP,ASLR Bypass PoC Software Link Download: https://github.com/x00x00x00x00/ASXtoMP3Converter3.1.3.7.2010.11.05/blob/master/ASXtoMP3Converter3.1.3.7.2010.11.05.exe?raw=true Exploit Author: Paras Bhatia Discovery...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/27 12:0 a.m.•614 views

Mida eFramework 2.9.0 - Remote Code Execution

Exploit Title: Mida eFramework 2.9.0 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...

10CVSS9.6AI score0.98239EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/08/26 12:0 a.m.•523 views

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery

Exploit Title: Ericom Access Server x64 9.2.0 - Server-Side Request Forgery Date: 2020-08-22 Exploit Author: hyp3rlinx Vendor Homepage: www.ericom.com Version: Ericom Access Server x64 for AccessNow & Ericom Blaze v9.2.0 CVE: CVE-2020-24548 + Credits: John Page aka hyp3rlinx + Website:...

5.3CVSS5.4AI score0.01689EPSS
Exploits4
Exploit DB
Exploit DB
•added 2020/08/26 12:0 a.m.•488 views

Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal

Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal Date: 2020-08-22 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Affected version: =3.8.0 CVE: N/A Eibiz i-Media Server Digital Signage 3.8.0 oldfile File Path Traversal Vendor: EIBIZ Co.,Ltd. Produ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/24 12:0 a.m.•606 views

Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass

Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass Date: 2020-08-21 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: =3.8.0 CVE: N/A !/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0 createUser...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/24 12:0 a.m.•603 views

Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure

Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure Date: 2020-08-21 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: =3.8.0 CVE: N/A Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure Vendor: EIBIZ Co.,Ltd. Product web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/24 12:0 a.m.•451 views

LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting

Exploit Title: LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting Date: 2020-08-23 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.3.10+200812 Tested on: Ubuntu 18.04.4 Patch Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/21 12:0 a.m.•571 views

Seowon SlC 130 Router - Remote Code Execution

Exploit Title: Seowon SlC 130 Router - Remote Code Execution Author: maj0rmil4d - Ali Jalalat Author website: https://secureguy.ir Date: 2020-08-20 Vendor Homepage: seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkind=B05&middlekind=B0529 CVE:...

9.8CVSS9.6AI score0.71691EPSS
Exploits8
Exploit DB
Exploit DB
•added 2020/08/21 12:0 a.m.•413 views

Complaint Management System 1.0 - 'cid' SQL Injection

Title: Complaint Management System 1.0 - 'cid' SQL Injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/20 12:0 a.m.•247 views

PNPSCADA 2.200816204020 - 'interf' SQL Injection (Authenticated)

Exploit Title: PNPSCADA 2.200816204020 - 'interf' SQL Injection Authenticated Google Dork: - Date: 2020-08-17 Exploit Author: İsmail ERKEK Vendor Homepage: http://wiki.pnpscada.com/forumHome.jsp Version: 2.200816204020 Tested on: - 1. Description: ---------------------- PNPSCADA 2.200816204020...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/20 12:0 a.m.•313 views

ElkarBackup 1.3.3 - Persistent Cross-Site Scripting

Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/19 12:0 a.m.•237 views

Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal

Exploit Title: Ruijie Networks Switch eWeb S29RGOS 11.4 - Directory Traversal Exploit Author: Tuygun Date: 2020-08-19 Vendor Homepage: https://www.ruijienetworks.com/ Version: eWeb S29RGOS 11.41B12P11 Source : https://faruktuygun.com/directorytraversal.html Proof of Concept Request: GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/18 12:0 a.m.•243 views

Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection

Title: Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-18 Vendor Homepage: https://www.sourcecodester.com/php/14398/pharmacymedical-store-sale-point-using-phpmysql-bootstrap-framework.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/18 12:0 a.m.•257 views

Savsoft Quiz 5 - Stored Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - Stored Cross-Site Scripting Date: 2020-07-28 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Windows 10 Contact:...

6.1CVSS6.4AI score0.09815EPSS
Exploits1
Exploit DB
Exploit DB
•added 2020/08/17 12:0 a.m.•247 views

QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution Unauthenticated Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/17 12:0 a.m.•240 views

QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/17 12:0 a.m.•211 views

QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/17 12:0 a.m.•320 views

Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass

!/usr/bin/env ruby Title: Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass Author: noraj Alexandre ZANNI Author website: https://pwn.by/noraj/ Date: 2020-08-16 Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/archive/3.9.2.tar.gz Version: = 3.9.2...

9.8CVSS6.8AI score0.39598EPSS
Exploits9
Exploit DB
Exploit DB
•added 2020/08/17 12:0 a.m.•260 views

QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9 Cleartext...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/08/17 12:0 a.m.•539 views

Microsoft SharePoint Server 2019 - Remote Code Execution

Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution Google Dork: inurl:quicklinks.aspx Date: 2020-08-14 Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 ,...

7.8CVSS8AI score0.94243EPSS
Exploits10
Exploit DB
Exploit DB
•added 2020/08/13 12:0 a.m.•198 views

GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)

Exploit Title: GetSimple CMS Plugin Multi User v1.8.2 - Cross-Site Request Forgery Add Admin Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: August 2020-08-12 Vendor Homepage: http://get-simple.info/extend/plugin/multi-user/133/ Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904