Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2020/03/10 12:0 a.m.•107 views

Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution

!/bin/sh if "$" -ne 4 ; then echo '! Usage: ' 1&2 exit 1 fi BASE="$1" USERNAME="$2" PASSWORD="$3" COMMAND="$4" JAR="$mktemp" trap 'rm -f "$JAR"' EXIT echo "+ Logging in as $USERNAME:$PASSWORD" 1&2 curl -si -c "$JAR" "$BASE/login.php" \ -d 'loginpost=1' \ -d "hordeuser=$USERNAME" \ -d...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/10 12:0 a.m.•155 views

Nagios XI - Authenticated Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Authenticated Remote Command Execution', 'Description' = %q This module exploits a vulnerability in Nagios XI before 5.6.6 in order to...

9CVSS7.4AI score0.77741EPSS
Exploits13
Exploit DB
Exploit DB
•added 2020/03/10 12:0 a.m.•181 views

Sysaid 20.1.11 b26 - Remote Command Execution

Exploit Title: Sysaid 20.1.11 b26 - Remote Command Execution Google Dork: intext:"Help Desk Software by SysAid " Date: 2020-03-09 Exploit Author: Ahmed Sherif Vendor Homepage: https://www.sysaid.com/free-help-desk-software Software Link: https://www.sysaid.com/free-help-desk-software Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/10 12:0 a.m.•177 views

Persian VIP Download Script 1.0 - 'active' SQL Injection

Exploit Title: Persian VIP Download Script 1.0 - 'active' SQL Injection Data: 2020-03-09 Exploit Author: S3FFR Vendor HomagePage: http://download.freescript.ir/scripts/Persian-VIP-DownloadFreeScript.ir.zip Version: = 1.0 Final Version Tested on: Windows,Linux Google Dork: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/10 12:0 a.m.•640 views

YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting

Exploit Title: YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-03-10 Exploit Author: En Vendor Homepage: https://github.com/yzmcms/yzmcms Software Link: https://github.com/yzmcms/yzmcms Version: V5.5 Category: Web Application Patched Version: unpatched Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/10 12:0 a.m.•366 views

PHPStudy - Backdoor Remote Code execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•114 views

Counter Strike: GO - '.bsp' Memory Control (PoC)

So I’ve been holding onto this neat little gem of a .bsp that has four bytes very close to the end of the file that controls the memory allocator. See above picture. Works on all supported operating systems last I checked so Linux, Windows, and macOS, even after a few years. Download...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•413 views

Sentrifugo HRMS 3.2 - 'id' SQL Injection

Exploit Title: Sentrifugo HRMS 3.2 - 'id' SQL Injection Exploit Author: minhnb Website: Date: 2020-03-06 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly before Patched Version: unpatched Category: Web Applicatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•177 views

60CycleCMS - 'news.php' SQL Injection

Exploit Title: 60CycleCMS - 'news.php' Multiple vulnerability Google Dork: N/A Date: 2020-02-10 Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•185 views

OpenSMTPD - OOB Read Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSMTPD OOB Read Local Privilege Escalation', 'Description' = %q This module exploits an out-of-bounds read of an attacker-controlled string in...

10CVSS9.6AI score0.889EPSS
Exploits10
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•219 views

Google Chrome 67, 68 and 69 - Object.create Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 67, 68 and 69 Object.create exploit', 'Description' = %q This modules exploits a type confusion in Google Chromes JIT compiler. The...

8.8CVSS7.4AI score0.84564EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•535 views

PHP-FPM - Underflow Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP-FPM Underflow RCE', 'Description' = %q This module exploits an underflow vulnerability in versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and...

9.8CVSS7.4AI score0.9947EPSS
Exploits55
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•224 views

Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...

6.5CVSS7.1AI score0.55925EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•243 views

Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit', 'Description' = %q This module exploits an issue in Google Chrome 80.0.3987.87 64...

8.8CVSS7.7AI score0.78808EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/03/09 12:0 a.m.•225 views

Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ 5.x-5.11.1 Directory Traversal Shell Upload', 'Description' = %q This module exploits a directory traversal vulnerability...

5CVSS9.5AI score0.84408EPSS
Exploits7
Exploit DB
Exploit DB
•added 2020/03/06 12:0 a.m.•272 views

ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path

Exploit Title: ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.asus.com/ Software Link : https://www.microsoft.com/en-us/p/asus-giftbox/9wzdncrdrb6s?activetab=pivot:overviewtab Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/06 12:0 a.m.•116 views

Iskysoft Application Framework Service 2.4.3.241 - 'IsAppService' Unquoted Service Path

Exploit Title: Iskysoft Application Framework Service 2.4.3.241 - 'IsAppService' Unquoted Service Path Discovery by: Alejandro Reyes Discovery Date: 2020-03-05 Vendor Homepage: https://www.iskysoft.us Software Link :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/06 12:0 a.m.•177 views

Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path

Exploit Title: Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.deepinstinct.com/ Software Links :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/06 12:0 a.m.•114 views

SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path

Exploit Title: SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path Discovery by: Alejandro Reyes Discovery Date: 2020-03-05 Vendor Homepage: https://www.enigmasoftware.com Software Link : https://www.enigmasoftware.com/spyhunter-download-instructions/ Tested Version: 4 Vulnerability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/05 12:0 a.m.•1935 views

Exchange Control Panel - Viewstate Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'Exchange Control Panel Viewstate Deserialization', 'Description' = %q This module exploits a .NET serialization vulnerability i...

9CVSS8.7AI score0.99965EPSS
Exploits30
Exploit DB
Exploit DB
•added 2020/03/05 12:0 a.m.•129 views

EyesOfNetwork - AutoDiscovery Target Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EyesOfNetwork AutoDiscovery Target Command Execution', 'Description' = %q This module exploits multiple vulnerabilities in EyesOfNetwork version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/04 12:0 a.m.•171 views

UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read

Exploit Title: UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Date: 2020-02-04 Exploit Author: NgoAnhDuc Vendor Homepage: https://github.com/UniSharp/laravel-filemanager Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/03 12:0 a.m.•607 views

Alfresco 5.2.4 - Persistent Cross-Site Scripting

Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...

5.4CVSS5.5AI score0.0317EPSS
Exploits7
Exploit DB
Exploit DB
•added 2020/03/03 12:0 a.m.•212 views

RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection

Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/rc3/model/sp52s/sp52s.htm?lang=es Product Version: RICOH Aficio SP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/03 12:0 a.m.•193 views

RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection

Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re2/model/sp52s/sp52s.htm Product Version: RICOH Aficio SP 5200S Printer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/03 12:0 a.m.•216 views

GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection

Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link: http://download.openeclass.org/files/1.7/eclass-1.7.3.tar.gz Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/03 12:0 a.m.•122 views

Microsoft Windows - 'WizardOpium' Local Privilege Escalation

include include extern "C" NTSTATUS NtUserMessageCallHWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, ULONGPTR ResultInfo, DWORD dwType, BOOL bAscii; int main HINSTANCE hInstance = GetModuleHandleNULL; WNDCLASSEX wcx; ZeroMemory&wcx, sizeofwcx; wcx.hInstance = hInstance; wcx.cbSize = sizeofwcx;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•193 views

WordPress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)

Exploit Title: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Date: 2020-01-30 Vendor Homepage: https://www.themeum.com/product/tutor-lms/ Vendor Changelog: https://wordpress.org/plugins/tutor/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

6.5CVSS6.5AI score0.0883EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•237 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...

5.4CVSS5.6AI score0.03566EPSS
Exploits5
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•170 views

Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)

Exploit Title: Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass Config Upload Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.intelbras.com/ Software Link: http://en.intelbras.com.br/node/1033 Version: Intelbras Wireless N 150Mbps - WRN240 Tested on: linux,...

7.5CVSS7.6AI score0.0781EPSS
Exploits5
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•162 views

netkit-telnet-0.17 telnetd (Fedora 31) - 'BraveStarr' Remote Code Execution

!/usr/bin/env python3 BraveStarr ========== Proof of Concept remote exploit against Fedora 31 netkit-telnet-0.17 telnetd. This is for demonstration purposes only. It has by no means been engineered to be reliable: 0xff bytes in addresses and inputs are not handled, and a lot of other constraints...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•586 views

Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)

Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit: https://metasploit.com/download Current...

9.3CVSS8.8AI score0.73779EPSS
Exploits24
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•211 views

CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow

Exploit Title: CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow Exploit Author: wetw0rk Exploit Version: Public POC Vendor Homepage: https://docops.ca.com/ca-unified-infrastructure-management/9-0-2/en Software Version : 7.80 Tested on: Windows 10 Pro x64, Windows Server...

9.8CVSS9.6AI score0.77566EPSS
Exploits8
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•412 views

Wing FTP Server 6.2.3 - Privilege Escalation

Exploit Title: Wing FTP Server 6.2.3 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-02 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link: https://www.wftpserver.com/download/wftpserver-linux-64bit.tar.gz Version: v6.2.3 Tested...

7.8CVSS7.7AI score0.00807EPSS
Exploits7
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•247 views

Wing FTP Server 6.2.5 - Privilege Escalation

Exploit Title: Wing FTP Server 6.2.5 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-03 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link: https://www.wftpserver.com/download/wftpserver-linux-64bit.tar.gz Version: v6.2.5 and...

7.8CVSS7.7AI score0.00583EPSS
Exploits7
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•242 views

Netis WF2419 2.2.36123 - Remote Code Execution

Exploit Title: Netis WF2419 2.2.36123 - Remote Code Execution Exploit Author: Elias Issa Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/75 Date: 2020-02-11 Version: WF2419 V2.2.36123 = V2.2.36123 Tested on: NETIS WF2419...

8.5CVSS6.6AI score0.27962EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•239 views

TL-WR849N 0.9.1 4.16 - Authentication Bypass (Upload Firmware)

Exploit Title: TL-WR849N 0.9.1 4.16 - Authentication Bypass Upload Firmware Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/br/support/download/tl-wr849n/Firmware Version: TL-WR849N 0.9.1 4.16 Tested on: linux, window...

6.1CVSS6.6AI score0.03788EPSS
Exploits5
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•282 views

TP LINK TL-WR849N - Remote Code Execution

Exploit Title: TP LINK TL-WR849N - Remote Code Execution Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/br/support/download/tl-wr849n/Firmware Version: TL-WR849N 0.9.1 4.16 Tested on: linux, windows CVE : CVE-2020-93...

9.8CVSS9.7AI score0.42047EPSS
Exploits4
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•109 views

Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)

Exploit Title: Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow SEH Date: 2020-02-28 Exploit Author: Andrey Stoykov Version: Cyberoam General Authentication Client 2.1.2.7 Tested on: Windows Vista SP2 x86 Steps to Reproduce: 1 Run the POC 2 Copy the contents of "sploit.txt" into the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/03/02 12:0 a.m.•3299 views

Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution

Exploit Title: Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution Date: 2020-02-28 Exploit Author: Photubias Vendor Advisory: 1 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688 2...

9CVSS8.8AI score0.99965EPSS
Exploits30
Exploit DB
Exploit DB
•added 2020/02/28 12:0 a.m.•385 views

qdPM < 9.1 - Remote Code Execution

!/usr/bin/python ------------------------------------------------------------------------------------- Title: qdPM Webshell Upload + RCE Exploit qdPMv9.1 and below CVE-2020-7246 Author: Tobin Shields @TobinShields Description: This is an exploit to automatically upload a PHP web shell to the qdPM...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
Exploit DB
Exploit DB
•added 2020/02/27 12:0 a.m.•131 views

Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Description: Operator Can Change Role User Type to admin Date: 2020-02-26 Exploit Author: Meisam Monsef Vendor Homepage: https://www.bdtask.com/business-live-chat-software.php Version: V-1.0 Tested on: ubuntu...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/02/27 12:0 a.m.•157 views

Comtrend VR-3033 - Command Injection

Title: Comtrend VR-3033 - Authenticated Command Injection Date: 2020-02-26 Author: Author : Raki Ben Hamouda Vendor: https://us.comtrend.com Product link: https://us.comtrend.com/products/vr-3030/ CVE: CVE-2020-10173 The Comtrend VR-3033 is prone to Multiple Authenticated Command Injection...

9CVSS8.8AI score0.76769EPSS
Exploits3
Exploit DB
Exploit DB
•added 2020/02/26 12:0 a.m.•275 views

PhpIX 2012 Professional - 'id' SQL Injection

Title: PhpIX 2012 Professional - 'id' SQL Injection Date: 2020-02-26 Author: indoushka Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor : http://www.allhandsmarketing.com/ poc : + Dorking İn Google Or Other Search Enggine. + /productdetail.php?id=448578 ====|...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/02/26 12:0 a.m.•129 views

Core FTP LE 2.2 - Denial of Service (PoC)

Exploit Title: Core FTP LE 2.2 - Denial of Service PoC Date: 2020-25-02 Exploit Author: Ismael Nava Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/download.html Version: 2.2 build 1947 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program Core FTP LE In...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/02/26 12:0 a.m.•195 views

OpenSMTPD 6.6.3 - Arbitrary File Read

Title: OpenSMTPD 6.6.3 - Arbitrary File Read Date: 2020-02-20 Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the...

4.7CVSS5.9AI score0.009EPSS
Exploits4
Exploit DB
Exploit DB
•added 2020/02/26 12:0 a.m.•181 views

OpenSMTPD < 6.6.3p1 - Local Privilege Escalation + Remote Code Execution

/ LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at...

10CVSS9.6AI score0.889EPSS
Exploits10
Exploit DB
Exploit DB
•added 2020/02/25 12:0 a.m.•213 views

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass

Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

8.1CVSS8.1AI score0.04877EPSS
Exploits6
Exploit DB
Exploit DB
•added 2020/02/25 12:0 a.m.•110 views

Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)

Exploit Title : Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Author : Berat Isler Date : 2020-02-25 Vendor Homepage : https://odin-secure-ftp-expert.jaleco.com/ Software Link Download : http://tr.oldversion.com/windows/odin-secure-ftp-expert-7-6-3 Version : Odin Secure FTP Expert...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2020/02/25 12:0 a.m.•1216 views

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass

Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

8.1CVSS8.1AI score0.0417EPSS
Exploits5
Total number of security vulnerabilities47904