Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.1229 views

Apache Shiro 1.2.4 - Cookie RememberME Deserial RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Shiro v1.2.4 Cookie RememberME Deserial RCE', 'Description' = %q This vulnerability allows remote attackers to execute arbitrary code on...

9.8CVSS7.4AI score0.92988EPSS
Exploits9
Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.574 views

VirtualTablet Server 3.0.2 - Denial of Service (PoC)

Title: VirtualTablet Server 3.0.2 - Denial of Service PoC Author: Dolev Farhi Date: 2020-04-29 Vulnerable version: 3.0.2 14 Link: http://www.sunnysidesoft.com/ CVE: N/A from thrift import Thrift from thrift.transport import TSocket from thrift.transport import TTransport from thrift.protocol impo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.177 views

Online Scheduling System 1.0 - Persistent Cross-Site Scripting

Exploit Title: Online Scheduling System 1.0 - Persistent Cross-Site Scripting Exploit Author: Bobby Cooke Date: 2020-04-30 Vendor Homepage: https://www.sourcecodester.com/php/14168/online-scheduling-system.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/01 12:0 a.m.219 views

HardDrive 2.1 for iOS - Arbitrary File Upload

Title: HardDrive 2.1 for iOS - Arbitrary File Upload Author: Vulnerability Laboratory Date: 2020-04-30 Software: https://apps.apple.com/ch/app/harddrive/id383226784 CVE: N/A Document Title: =============== HardDrive v2.1 iOS - Arbitrary File Upload Vulnerability References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.123 views

Druva inSync Windows Client 6.5.2 - Local Privilege Escalation

Exploit Title: Druva inSync Windows Client 6.5.2 - Local Privilege Escalation Date: 2020-04-28 Exploit Author: Chris Lyne Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.5.2/inSync6.5.2r99097.msi Version: 6.5.2 Tested on: Windows 10 CVE :...

7.8CVSS7.7AI score0.08566EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.130 views

Easy Transfer 1.7 for iOS - Directory Traversal

Title: Easy Transfer 1.7 for iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-27 Software: https://apps.apple.com/us/app/easy-transfer-wifi-transfer/id1484667078 CVE: N/A Document Title: =============== Easy Transfer v1.7 iOS - Multiple Web Vulnerabilities References Sourc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.200 views

School ERP Pro 1.0 - Arbitrary File Read

Exploit Title: School ERP Pro 1.0 - Arbitrary File Read Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT CVE: N/A Vulnerable code:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.137 views

hits script 1.0 - 'item_name' SQL Injection

Exploit Title: hits script 1.0 - 'itemname' SQL Injection Date: 2020-04-27 Exploit Author: SajjadBnd Vendor Homepage: https://hits.ir Software Link: http://dl.persianscript.ir/script/hitsir-script-persian%28PersianScript.ir%29.zip Software Linkmirror:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.121 views

EmEditor 19.8 - Insecure File Permissions

Exploit Title: EmEditor 19.8 - Insecure File Permissions Date: 2020-04-27 Exploit Author: SajjadBnd Vendor Homepage: https://www.emeditor.com/ Software Link: https://support.emeditor.com/en/downloads/suggested Version: 19.8 Tested on: Win10 Professional x64 Description EmEditor is a fast,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.182 views

Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path

Exploit Title: Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-04-28 Vendor Homepage: https://andreaelectronics.com/ Software Link : https://andreaelectronics.com/ Tested Version: 1.0.64.7 Vulnerability Type:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.152 views

Internet Download Manager 6.37.11.1 - Stack Buffer Overflow (PoC)

Title: Internet Download Manager 6.37.11.1 - Stack Buffer Overflow PoC Author: Vulnerability Laboratory Date: 2020-04-28 Vendor: https://www.internetdownloadmanager.com Software: https://www.internetdownloadmanager.com/download.html CVE: N/A Document Title: =============== Internet Download Manag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/29 12:0 a.m.447 views

Open-AudIT Professional 3.3.1 - Remote Code Execution

Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Date: 2020-04-22 Exploit Author: Askar CVE: CVE-2020-8813 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings import random...

9.3CVSS8.8AI score0.73779EPSS
Exploits24
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.126 views

Docker-Credential-Wincred.exe - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker-Credential-Wincred.exe Privilege Escalation', 'Description' = %q This exploit leverages a vulnerability in docker desktop community editio...

9.3CVSS7.4AI score0.29628EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.323 views

CloudMe 1.11.2 - Buffer Overflow (PoC)

Exploit Title: CloudMe 1.11.2 - Buffer Overflow PoC Date: 2020-04-27 Exploit Author: Andy Bowden Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 10 x86 Instructions: Start the CloudMe service a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.175 views

NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path

Exploit Title: NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-04-27 Vendor Homepage: https://www.nvidia.com/es-la/ Software Link : https://www.nvidia.com/es-la/ Tested Version: 1.0.21 Vulnerability Type: Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.343 views

School ERP Pro 1.0 - 'es_messagesid' SQL Injection

Exploit Title: School ERP Pro 1.0 - 'esmessagesid' SQL Injection Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT SQL Injection Detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/28 12:0 a.m.168 views

School ERP Pro 1.0 - Remote Code Execution

Exploit Title: School ERP Pro 1.0 - Remote Code Execution Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT Description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.210 views

Online shopping system advanced 1.0 - 'p' SQL Injection

Exploit Title: Online shopping system advanced 1.0 - 'p' SQL Injection Exploit Author : Majid kalantari Date: 2020-04-26 Vendor Homepage : https://github.com/PuneethReddyHC/online-shopping-system-advanced Software link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.192 views

Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution

Exploit Title: Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution Date: 2020-04-27 Exploit Author: 0xEmma/BugByte/SebastianPC Vendor Homepage: https://www.valvesoftware.com/en/ Version: Source Engine, Tested on CS:GO BuildID: 4937372 TF2 BuildID: 4871679 Garry's Mod BuildID: 4803834...

7.8CVSS7.8AI score0.01088EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.800 views

Netis E1+ 1.2.32533 - Backdoor Account (root)

Exploit Title: Netis E1+ 1.2.32533 - Backdoor Account root Date: 2020-04-25 Author: Besim ALTINOK Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204 Version: V1.2.32533 Tested on: Netis E1+ V1.2.32533 Credit: İsmail BOZKURT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.242 views

Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Maian Support Helpdesk 4.3 - Cross-Site Request Forgery Add Admin Date: 2020-04-26 Author: Besim ALTINOK Vendor Homepage: https://www.maiansupport.com Software Link: https://www.maiansupport.com/zip.html Version: v4.3 Tested on: Xampp Credit: İsmail BOZKURT...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.144 views

Online Course Registration 2.0 - Authentication Bypass

Exploit Title: Online Course Registration 2.0 - Authentication Bypass Google Dork: N/A Date: 2020-04-25 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: 2.0 Tested on: Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.328 views

PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload

Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/27 12:0 a.m.256 views

Netis E1+ V1.2.32533 - Unauthenticated WiFi Password Leak

Exploit Title: Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak Date: 2020-04-25 Author: Besim ALTINOK Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204 Version: V1.2.32533 Tested on: Netis E1+ V1.2.32533 Credit: İsmai...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/24 12:0 a.m.803 views

Furukawa Electric ConsciusMAP 2.8.1 - Remote Code Execution

Exploit Title: Furukawa Electric ConsciusMAP 2.8.1 - Remote Code Execution Date: 2020-04-24 Vendor Homepage: https://www.tecnoredsa.com.ar Exploit Authors: LiquidWorm Software Link: https://dl.getpopcorntime.is/PopcornTime-latest.exe Version: 2.8.1 CVE : N/A !/usr/bin/env python3 -- coding: utf-8...

10CVSS9.7AI score0.09876EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/04/24 12:0 a.m.184 views

EspoCRM 5.8.5 - Privilege Escalation

Exploit Title: EspoCRM 5.8.5 - Privilege Escalation Author: Besim ALTINOK Vendor Homepage: https://www.espocrm.com Software Link: https://www.espocrm.com/downloads/EspoCRM-5.8.5.zip Version: v5.8.5 Tested on: Xampp Credit: İsmail BOZKURT ------------- Details:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/24 12:0 a.m.199 views

Edimax EW-7438RPn 1.13 - Remote Code Execution

Exploit Title: Edimax EW-7438RPn 1.13 - Remote Code Execution Date: 2020-04-23 Exploit Author: Besim ALTINOK Vendor Homepage: https://www.edimax.com/edimax/merchandise/merchandisedetail/data/edimax/global/wi-firangeextendersn300/ew-7438rpnmini/ Version:1.13 Tested on: Edimax EW-7438RPn 1.13 Versi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/24 12:0 a.m.437 views

Popcorn Time 6.2 - 'Update service' Unquoted Service Path

Exploit Title: Popcorn Time 6.2 - 'Update service' Unquoted Service Path Date: 2020-04-24 Vendor Homepage: https://getpopcorntime.is Exploit Authors: Uriel Yochpaz & Jonatan Schor Software Link: https://dl.getpopcorntime.is/PopcornTime-latest.exe Version: 6.2.1.14 and probably prior versions Test...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.127 views

Complaint Management System 4.2 - Authentication Bypass

Exploit Title: Complaint Management System 4.2 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT ------ Details: 1- Vulnerable code is here:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.151 views

Complaint Management System 4.2 - Cross-Site Request Forgery (Delete User)

Exploit Title: Complaint Management System 4.2 - Cross-Site Request Forgery Delete User Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT Detail: You can perform CS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.82 views

Library CMS Powerful Book Management System 2.2.0 - Session Fixation

Exploit Title: Library CMS Powerful Book Management System 2.2.0 - Session Fixation Date: 2020-04-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://kaasoft.pro/ Software : https://codecanyon.net/item/library-cms-powerful-book-management-system/21105281 Product Version: v2.2.0 Product :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.158 views

User Management System 2.0 - Authentication Bypass

Exploit Title: User Management System 2.0 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKURT ------...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.144 views

User Management System 2.0 - Persistent Cross-Site Scripting

Exploit Title: User Management System 2.0 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKU...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.159 views

Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zen Load Balancer Directory Traversal", 'Description' = %q This module exploits a authenticated directory traversal vulnerability in Zen Load...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.690 views

Sky File 2.1.0 iOS - Directory Traversal

Title: Sky File 2.1.0 iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-21 Software Link: https://apps.apple.com/us/app/sky-file-wireless-transfer/id1236452210 CVE: N/A Document Title: =============== Sky File v2.1.0 iOS - Multiple Web Vulnerabilities References Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/23 12:0 a.m.131 views

Complaint Management System 4.2 - Persistent Cross-Site Scripting

Exploit Title: Complaint Management System 4.2 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT ------ Details: 1- Vulnerable cod...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/22 12:0 a.m.138 views

RM Downloader 3.1.3.2.2010.06.13 - 'Load' Buffer Overflow (SEH)

Exploit Title: RM Downloader 3.1.3.2.2010.06.13 - 'Load' Buffer Overflow SEH Date: 2020-04-20 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/9af366e59468eac0b92212912b5c3bcb-RMDownloader.exe Version: 3.1.3.2.2010.06.13 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/22 12:0 a.m.177 views

Mahara 19.10.2 CMS - Persistent Cross-Site Scripting

Title: Mahara 19.10.2 CMS - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-04-21 Vendor: https://mahara.org Software Link: https://launchpad.net/mahara CVE: N/A Document Title: =============== Mahara v19.10.2 CMS - Persistent Cross Site Vulnerability References Source...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/22 12:0 a.m.141 views

Edimax EW-7438RPn - Information Disclosure (WiFi Password)

Exploit Title: Edimax EW-7438RPn 1.13 - Information Disclosure WiFi Password Date: 2020-04-21 Exploit Author: Besim ALTINOK Vendor Homepage: https://www.edimax.com/edimax/merchandise/merchandisedetail/data/edimax/global/wi-firangeextendersn300/ew-7438rpnmini/ Version:1.13 Tested on: Edimax...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/22 12:0 a.m.730 views

Edimax EW-7438RPn - Cross-Site Request Forgery (MAC Filtering)

Exploit Title: Edimax EW-7438RPn - Cross-Site Request Forgery MAC Filtering Date: 2020-04-21 Exploit Author: Besim ALTINOK Vendor Homepage: https://www.edimax.com/edimax/merchandise/merchandisedetail/data/edimax/global/wi-firangeextendersn300/ew-7438rpnmini/ Version:1.13 Tested on: Edimax...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.876 views

CSZ CMS 1.2.7 - Persistent Cross-Site Scripting

Exploit Title: CSZ CMS 1.2.7 - Persistent Cross-Site Scripting Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Unauthorized user that has access private message can embed Javascript...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.555 views

P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery (Add Admin)

Exploit Title: P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery Add Admin Google Dork:jizhicms Date: 2020-04-18 Exploit Author: iej1ctk1g Product web page: https://www.p5.hu Affected version: 1.0.20, 1.0.11 CVE : N/A !-- P5 FNIP-8x16A/FNIP-4xSH CSRF Stored Cross-Site Scripting Vendor: ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.241 views

PMB 5.6 - 'logid' SQL Injection

Exploit Title: PMB 5.6 - 'logid' SQL Injection Google Dork: inurl:opaccss Date: 2020-04-20 Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 -==== Software Description ====- PMB is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.396 views

CSZ CMS 1.2.7 - 'title' HTML Injection

Exploit Title: CSZ CMS 1.2.7 - 'title' HTML Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Authenticated user can inject hyperlink to Backend System Dashboard and Member...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.841 views

NSClient++ 0.5.2.35 - Authenticated Remote Code Execution

Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-04-20 Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64 CVE: N/A NSClient++ ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.145 views

Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption

Title: Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption Date: 2020-04-20 Author: hyp3rlinx Vendor: CVE: CVE-2020-6857 import time, string, sys, argparse, os, codecs Fixed: updated for Python 3, the hex decode function was not working in Python 3 version. This should be compatible...

5.5CVSS5.5AI score0.00967EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.150 views

jizhi CMS 1.6.7 - Arbitrary File Download

Exploit Title: jizhi CMS 1.6.7 - Arbitrary File Download Google Dork: jizhicms Date: 2020-04-18 Exploit Author: iej1ctk1g Vendor Homepage: https://www.jizhicms.cn/ Software Link: http://down.jizhicms.cn/jizhicmsBeta1.6.7.zip Version: 1.6.7 Tested on: Mac OS CVE : N/A Data 1. POST...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.259 views

Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation

Title: Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation Date: 2020-04-21 Author: Marco Ivaldi Vendor: www.oracle.com CVE: CVE-2020-2944 / raptorsdtcmconv.c - CDE sdtcmconvert LPE for Solaris/Intel Copyright c 2019-2020 Marco Ivaldi A buffer overflow in the SanityCheck...

8.8CVSS8.8AI score0.01802EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/04/21 12:0 a.m.1072 views

IQrouter 3.3.1 Firmware - Remote Code Execution

Exploit Title: IQrouter 3.3.1 Firmware - Remote Code Execution Date: 2020-04-21 Exploit Author: drakylar Vendor Homepage: https://evenroute.com/ Software Link: https://evenroute.com/iqrouter Version: IQrouter firmware up to 3.3.1 Tested on: IQrouter firmware 3.3.1 CVE : N/A !/usr/bin/env python3...

9.8CVSS8.6AI score0.03189EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.390 views

Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path

Exploit Title: Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path Exploit Author: boku Date: 2020-04-17 Vendor Homepage: http://www.drive-software.com Software Link: http://www.drive-software.com/download/ataclock.exe Version: 6.3 Tested On: Windows 10 Pro 1909 32-bit...

7.4AI score
Exploits0
Total number of security vulnerabilities47904