Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ExploitdbRecent
RecentMost viewed

47884 matches found

Exploit DB
Exploit DBadded 2020/07/15 12:0 a.m.412 views

Online Polling System 1.0 - Authentication Bypass

Exploit Title: Online Polling System 1.0 - Authentication Bypass Date: 2020-07-20 Author: AppleBois Version: NULL Software Link: https://www.sourcecodester.com/php/14330/online-polling-system.html Administration Control Panel || Authentication Bypass Unthenticated User perform SQL Injection bypas...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/15 12:0 a.m.383 views

Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting

Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/15 12:0 a.m.508 views

Zyxel Armor X1 WAP6806 - Directory Traversal

Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal Date: 2020-06-19 Exploit Author: Rajivarnan R Vendor Homepage: https://www.zyxel.com/ Software http://www.zyxelguard.com/WAP6806.asp Version: V1.00ABAL.6C0 CVE: 2020-14461 Tested on: Linux Mint / Windows 10 Vulnerabilities Discovered Dat...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/14 12:0 a.m.278 views

BSA Radar 1.6.7234.24750 - Local File Inclusion

Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Date: 2020-07-08 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion Description: The Administrator section of th...

4.3CVSS4.7AI score0.09307EPSS
Exploits4
Exploit DB
Exploit DBadded 2020/07/14 12:0 a.m.337 views

Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual Appliance Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities together in...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/13 12:0 a.m.220 views

Park Ticketing Management System 1.0 - 'viewid' SQL Injection

Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/13 12:0 a.m.419 views

Park Ticketing Management System 1.0 - Authentication Bypass

Exploit Title: Park Ticketing Management System 1.0 - Authentication Bypass Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/10 12:0 a.m.242 views

HelloWeb 2.0 - Arbitrary File Download

Exploit Title: HelloWeb 2.0 - Arbitrary File Download Date: 2020-07-09 Vendor Homepage: https://helloweb.co.kr/ Version: 2.0 Latest and previous versions Exploit Author: bRpsd Contact Author: cyatlive.no Google Dork: inurl:exec/file/download.asp Type: WebApps / ASP...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/10 12:0 a.m.255 views

Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution

Exploit Title: Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution Date: 2020-07-06 Exploit Author: SpicyItalian Vendor Homepage: https://www.arubanetworks.com/products/security/network-access-control/ Version: ClearPass 6.7.x prior to 6.7.13-HF, ClearPass 6.8.x prior ...

10CVSS9.6AI score0.607EPSS
Exploits8
Exploit DB
Exploit DBadded 2020/07/10 12:0 a.m.221 views

Barangay Management System 1.0 - Authentication Bypass

Exploit Title: Barangay Management System 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-07-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/13484/barangay-management-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/09 12:0 a.m.241 views

Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting Date: 2020-07-07 Vendor Homepage: https://powie.de Vendor Changelog: https://wordpress.org/plugins/powies-whois/developers Software Link: https://wordpress.org/plugins/powies-whois/ Exploit Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/09 12:0 a.m.233 views

CompleteFTP Professional 12.1.3 - Remote Code Execution

Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...

4.3CVSS4.7AI score0.03009EPSS
Exploits2
Exploit DB
Exploit DBadded 2020/07/09 12:0 a.m.199 views

Savsoft Quiz 5 - Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Date: 2020-07-09 Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux ---Vulnerable Source Code---- functio...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/08 12:0 a.m.246 views

SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)

Exploit Title: SuperMicro IPMI 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.supermicro.com/ Software Link: https://www.supermicro.com/en/solutions/management-software/bmc-resources Version: X10DRH-iT motherboards with BIOS 2.0a and...

9.3CVSS8.8AI score0.00646EPSS
Exploits6
Exploit DB
Exploit DBadded 2020/07/08 12:0 a.m.210 views

Qmail SMTP 1.03 - Bash Environment Variable Injection

Exploit Title: Qmail SMTP 1.03 - Bash Environment Variable Injection Date: 2020-07-03 Exploit Author: 1F98D Original Authors: Mario Ledo, Mario Ledo, Gabriel Follon Version: Qmail 1.03 Tested on: Debian 9.11 x64 CVE: CVE-2014-6271 References: http://seclists.org/oss-sec/2014/q3/649...

10CVSS7AI score0.9422EPSS
Exploits130
Exploit DB
Exploit DBadded 2020/07/08 12:0 a.m.215 views

BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)

Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Date: 2020-06-22 Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-14944 Description: The Global RADAR BSA Radar...

9.8CVSS9.7AI score0.118EPSS
Exploits6
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.214 views

Exhibitor Web UI 1.7.1 - Remote Code Execution

Exploit Title: Exhibitor Web UI 1.7.1 - Remote Code Execution Date: 2019-11-13 Exploit Author: Logan Sanderson Web Site: https://github.com/soabase/exhibitor/wiki/Running-Exhibitor Version : 1.7.1 CVE : CVE-2019-5029 Exhibitor UI command injection vulnerability November 13, 2019 CVE Number...

10CVSS9.6AI score0.88415EPSS
Exploits2
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.286 views

Online Shopping Portal 3.1 - 'email' SQL Injection

Exploit Title: Online Shopping Portal 3.1 - 'email' SQL Injection Date: 2020-07-06 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/shopping-portal-free-download/ Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.289 views

Microsoft Windows mshta.exe 2019 - XML External Entity Injection

Exploit Title: Microsoft Windows mshta.exe 2019 - XML External Entity Injection Date: 2020-07-07 Exploit Author: hyp3rlinx Vendor homepage: https://www.microsofft.com/ CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.189 views

Sickbeard 0.1 - Remote Command Injection

Exploit Title: Sickbeard 0.1 - Remote Command Injection Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -- git :...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.217 views

PHP 7.4 FFI - 'disable_functions' Bypass

?php / FFI Exploit - uses 3 potential BUGS. PHP was contacted and said nothing in FFI is a security issue. Able to call system$cmd without using FFI::load or FFI::cdefs BUG 1 maybe intended, but why have any size checks then? no bounds check for FFI::String when type is ZENDFFITYPEPOINTER...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.363 views

Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection

Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Date: 2020-06-17 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Update :...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/07 12:0 a.m.167 views

BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation

Exploit Title: BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation Date: 2020-07-06 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14945 - Privilege Escalation Description: A privilege...

8.8CVSS8.9AI score0.1585EPSS
Exploits3
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.351 views

BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution

!/bin/bash EDB Note Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48642.zip Exploit Title: F5 BIG-IP Remote Code Execution Date: 2020-07-06 Exploit Authors: Charles Dardaman of Critical Start, TeamARES Rich Mirch of Critical Start, TeamARES CVE:...

10CVSS10AI score0.94426EPSS
Exploits59
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.266 views

Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution

Exploit Title: Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution Date: 2020-04-11 Exploit Author: Basim Alabdullah Vendor homepage: https://www.nagios.com Version: 5.6.12 Software link: https://www.nagios.com/downloads/nagios-xi/ Tested on: CentOS REDHAT 7.7.1908 core Authenticated Remote...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.271 views

RSA IG&L Aveksa 7.1.1 - Remote Code Execution

Exploit Title: RSA IG&L Aveksa 7.1.1 - Remote Code Execution Date: 2019-04-16 Exploit Author: Jakub Palaczynski, Lukasz Plonka Vendor Homepage: https://www.rsa.com/ Version: 7.1.1, prior to P02 CVE : CVE-2019-3759 all vulnerable versions can be found at...

8.1CVSS7.3AI score0.01233EPSS
Exploits3
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.448 views

Grafana 7.0.1 - Denial of Service (PoC)

Exploit Title: Grafana 7.0.1 - Denial of Service PoC Date: 2020-05-23 Exploit Author: mostwanted002 Vendor Homepage: https://grafana.com/ Software Link: https://grafana.com/grafana/download Version: 3.0.1 - 7.0.1 Tested on: Linux CVE : CVE-2020-13379 !/bin/bash if $1 != "" ; then curl -I...

8.2CVSS8.3AI score0.93094EPSS
Exploits5
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.461 views

RiteCMS 2.2.1 - Authenticated Remote Code Execution

Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux CVE: CVE-2020-23934 1- Go to following url. http://HOST/cms/ 2- Default username and password is admin:admin. We mus...

9CVSS8.9AI score0.28616EPSS
Exploits3
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.186 views

Fire Web Server 0.1 - Remote Denial of Service (PoC)

Exploit Title: Fire Web Server 0.1 - Remote Denial of Service PoC Date: 2020-06-26 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alpha Tested on: Windows 7 ,...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/06 12:0 a.m.323 views

File Management System 1.1 - Persistent Cross-Site Scripting

Exploit Title: File Management System 1.1 - Persistent Cross-Site Scripting Date: 2020-06-30 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/download-code?nid=13333&title=File+Management+System+Very+Complete+Using+PHP%2FMySQLi+version+1.1 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/05 12:0 a.m.241 views

BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution (PoC)

RCE: curl -v -k 'https://F5 Host/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin' Read File: curl -v -k 'https://F5 Host/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd'...

9.9AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/02 12:0 a.m.233 views

ZenTao Pro 8.8.2 - Command Injection

Exploit Title: ZenTao Pro 8.8.2 - Command Injection Date: 2020-07-01 Exploit Author: Daniel Monzón & Melvin Boers Vendor Homepage: https://www.zentao.pm/ Version: 8.8.2 Tested on: Windows 10 / WampServer Other versions like pro or enterprise edition could be affected aswell Netcat is needed to us...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/02 12:0 a.m.288 views

OCS Inventory NG 2.7 - Remote Code Execution

Exploit Title: OCS Inventory NG 2.7 - Remote Code Execution Date: 2020-06-05 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-14947 Vendor Homepage: https://ocsinventory-ng.org/ Version: v2.7 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings impo...

8.8CVSS8.8AI score0.74707EPSS
Exploits5
Exploit DB
Exploit DBadded 2020/07/02 12:0 a.m.1190 views

WhatsApp Remote Code Execution - Paper

%PDF-1.5 %���� 46 0 obj endobj 47 0 obj /W 1 3 1 /Index 46 78 /Info 70 0 R /Root 48 0 R /Size 124 /Prev 558655 /ID stream x�cbd�gb8 "Y��lc��"�����d�-g3��:��@$���"e��� R,���6J@�� 0�D����X001�7v�I � �  endstream endobj 48 0 obj endobj 49 0 obj stream x�cb�ee���...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/01 12:0 a.m.224 views

Online Shopping Portal 3.1 - Authentication Bypass

Exploit Title: Online Shopping Portal 3.1 - Authentication Bypass Date: 2020-06-25 Exploit Author: Ümit Yalçın Vendor Homepage: https://phpgurukul.com/shopping-portal-free-download/ Version: 3.1 Tested on: Windows 10 / WampServer 1- Authentication Bypass Go to following url!...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/01 12:0 a.m.216 views

e-learning Php Script 0.1.0 - 'search' SQL Injection

Exploit Title: e-learning Php Script 0.1.0 - 'search' SQL Injection Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script Version: 0.1.0 Tested on: Kali Linux Source...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/01 12:0 a.m.314 views

RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)

Exploit Title: RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow EggHunter SEH PoC Exploit Author: Paras Bhatia Discovery Date: 2020-06-29 Vulnerable Software: RM Downloader Software Link Download: https://github.com/x00x00x00x00/RMDownloader2.50.60/raw/master/RMDownloader.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/07/01 12:0 a.m.190 views

PHP-Fusion 9.03.60 - PHP Object Injection

Exploit Title: PHP-Fusion 9.03.60 - PHP Object Injection Date: 2020-05-26 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: v9.03.60 Description: PHP Object Injection to SQL injection pre-au...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/30 12:0 a.m.231 views

Reside Property Management 3.0 - 'profile' SQL Injection

Exploit Title: Reside Property Management 3.0 - 'profile' SQL Injection Date: 2020-06-28 Google Dork: "Copyright 2020 Reside Property Management" Exploit Author: Ultra Security Team Ashkan Moghaddas , AmirMohammad Safari Team Members: Behzad Khalifeh , Milad Ranjbar Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/30 12:0 a.m.348 views

Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting

Exploit Title: Victor CMS 1.0 - 'userfirstname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-06-28 Exploit Author: Anushree Priyadarshini Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link:https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0...

6.1CVSS6.4AI score0.00236EPSS
Exploits2
Exploit DB
Exploit DBadded 2020/06/26 12:0 a.m.391 views

Windscribe 1.83 - 'WindscribeService' Unquoted Service Path

Exploit Title: Windscribe 1.83 - 'WindscribeService' Unquoted Service Path Date: 2020-06-26 Exploit Author: Ethan Seow Vendor Homepage: https://windscribe.com Version: v1.83 Build 20 Tested on: Microsoft Windows 10 Home 10.0.18363 Build 18363 filename : exploit.bat Code start @echo off sc config...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/26 12:0 a.m.584 views

OpenEMR 5.0.1 - 'controller' Remote Code Execution

Exploit Title: OpenEMR 5.0.1 - 'controller' Remote Code Execution Date: 2020-06-22 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.open-emr.org/ Software Link: https://www.open-emr.org/wiki/index.php/OpenEMRDownloads Version: v5.0.1 Tested on: Linux Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/26 12:0 a.m.458 views

KiteService 1.2020.618.0 - Unquoted Service Path

Exploit Title: KiteService 1.2020.618.0 - Unquoted Service Path Discovery by: PoisonSk Discovery Date: 2020-06-23 Vendor Homepage: https://www.kite.com/ Software Link : https://www.kite.com/download/ Tested Version: 1.2020.618.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/25 12:0 a.m.677 views

mySCADA myPRO 7 - Hardcoded Credentials

Exploit Title: mySCADA myPRO v7 Hardcoded Credentials Date: 2018-07-02 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://myscada.org Software Link: https://www.myscada.org/mypro/ Version: v7.0.45 Tested on: Windows/Linux CVE-2018-11311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1131...

9.1CVSS9.4AI score0.36287EPSS
Exploits5
Exploit DB
Exploit DBadded 2020/06/25 12:0 a.m.479 views

FHEM 6.0 - Local File Inclusion

Exploit Title: FHEM 6.0 - Local File Inclusion Date: 2020-02-10 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://fhem.de/ Software Link: https://fhem.de/Download Version: v6.0 Tested on: Windows Link: https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability PoC To exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/24 12:0 a.m.421 views

BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting

Exploit title: BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting Exploit Author: William Summerhill Date: 2020-06-22 Vendor homepage: https://www.globalradar.com/ Tested on: Window CVE-2020-14943 Description: The "Firstname" and "Lastname" parameters in Global RADAR BSA Radar 1.6.7234.X...

5.4CVSS7.5AI score0.00413EPSS
Exploits4
Exploit DB
Exploit DBadded 2020/06/23 12:0 a.m.526 views

Lansweeper 7.2 - Incorrect Access Control

Exploit Title: Lansweeper 7.2 - Incorrect Access Control SHODAN DORK : title:"Lansweeper - Login" Date: 2020-06-14 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.lansweeper.com/ Software Link: https://www.lansweeper.com Version: 6.0.x through 7.2.x Tested on: Windows CVE :...

9.8CVSS9.7AI score0.3383EPSS
Exploits4
Exploit DB
Exploit DBadded 2020/06/23 12:0 a.m.630 views

Responsive Online Blog 1.0 - 'id' SQL Injection

Exploit Title: Responsive Online Blog 1.0 - 'id' SQL Injection Date: 2020-06-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/23 12:0 a.m.761 views

Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)

Exploit Title: Online Student Enrollment System 1.0 - Cross-Site Request Forgery Add Student Google Dork: N/A Date: 2020-06-20 Exploit Author: BKpatron Vendor Homepage: https://www.campcodes.com/projects/php/4745/online-student-enrollment-system-in-php-mysqli/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2020/06/23 12:0 a.m.642 views

Code Blocks 20.03 - Denial Of Service (PoC)

Exploit Title: Code Blocks 20.03 - Denial Of Service PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/20.03/Windows/codeblocks-20.03-setup.exe/download Exploit Author: Paras Bhatia Discovery Date: 2020-06-23...

7.4AI score
Exploits0
Total number of security vulnerabilities47884