Exploitdb - Page 91 of Exploitdb Vulnerabilities List

ExploitdbRecent

47884 matches found

Exploit DB•added 2020/01/02 12:0 a.m.•293 views

BloodX 1.0 - Authentication Bypass

Exploit Title: BloodX 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-31 Vendor Homepage: https://github.com/diveshlunker/BloodX Software Link: https://github.com/diveshlunker/BloodX/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: An standalone platform which lets...

7.4AI score

Exploits0

Exploit DB•added 2020/01/02 12:0 a.m.•252 views

Hospital Management System 4.0 - Persistent Cross-Site Scripting

Exploit Title: Hospital Management System 4.0 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-01-02 Exploit Author: FULLSHADE Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Tested on: Windows CVE :...

6.1CVSS6.6AI score0.03324EPSS

Exploits3

Exploit DB•added 2020/01/01 12:0 a.m.•396 views

Hospital Management System 4.0 - Authentication Bypass

Exploit Title: Hospital Management System 4.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows...

7.4AI score

Exploits0

Exploit DB•added 2020/01/01 12:0 a.m.•235 views

Microsoft Windows .Group File - Code Execution

Exploit Title: Microsoft Windows .Group File - Code Execution Date: 2020-01-01 Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com Version: 1.9.6 Tested on: Windows CVE : N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score

Exploits0

Exploit DB•added 2020/01/01 12:0 a.m.•318 views

IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal

Exploit Title: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal Date: 2020-01-01 Exploit Author: Raif Berkay Dincel Vendor Homepage: ibm.com Software https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&appname=iSource&supplier=897&letternum=ENUS107-295...

7.4AI score

Exploits0

Exploit DB•added 2020/01/01 12:0 a.m.•315 views

nostromo 1.9.6 - Remote Code Execution

Exploit Title: nostromo 1.9.6 - Remote Code Execution Date: 2019-12-31 Exploit Author: Kr0ff Vendor Homepage: Software Link: http://www.nazgul.ch/dev/nostromo-1.9.6.tar.gz Version: 1.9.6 Tested on: Debian CVE : CVE-2019-16278 cve201916278.py !/usr/bin/env python import sys import socket art = """...

9.8CVSS9.8AI score0.94393EPSS

Exploits24

Exploit DB•added 2020/01/01 12:0 a.m.•1098 views

Shopping Portal ProVersion 3.0 - Authentication Bypass

Exploit Title: Shopping Portal ProVersion 3.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows Descriptio...

7.4AI score

Exploits0

Exploit DB•added 2019/12/31 12:0 a.m.•177 views

Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution (PoC)

/ badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmware 7.00. EDB Note Download:...

8.8CVSS8.3AI score0.26712EPSS

Exploits6

Exploit DB•added 2019/12/31 12:0 a.m.•339 views

NextVPN v4.10 - Insecure File Permissions

Exploit Title: NextVPN v4.10 - Insecure File Permissions Date: 2019-12-23 Exploit Author: SajjadBnd Contact: [email protected] Vendor Homepage: https://vm3max.site Software Link:http://dl.spacevm.com/NextVPNSetup-v4.10.exe Version: 4.10 Tested on: Win10 Professional x64 Description The NextVPN...

7.4AI score

Exploits0

Exploit DB•added 2019/12/31 12:0 a.m.•99 views

WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass

Exploit Title: Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Date: 2019-12-21 Exploit Authors: Raphael Karger & Nathan Hrncirik Vendor Homepage: https://www.ultimatebeaver.com/ Version: Ultimate Addons for Beaver Builder | || | |/| / /| / //\ | /|//|||| / / / /...

7AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•96 views

XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-19 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/workcentre-7800-series Software : Xerox Printer...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•136 views

XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-19 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/workcentre-7800-series/ Software : Xerox Printer...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•223 views

HomeAutomation 3.3.2 - Authentication Bypass

Exploit: HomeAutomation 3.3.2 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5557 Advisory URL:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•628 views

elearning-script 1.0 - Authentication Bypass

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•105 views

AVE DOMINAplus 1.10.x - Authentication Bypass

Exploit: AVE DOMINAplus 1.10.x - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5549 Advisory URL:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•129 views

AVE DOMINAplus 1.10.x - Credential Disclosure

Exploit: AVE DOMINAplus 1.10.x - Credential Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5550 Advisory URL:...

7AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•138 views

RICOH Web Image Monitor 1.09 - HTML Injection

Exploit Title: RICOH Web Image Monitor 1.09 - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support-download.com/services/device/webhlp/nb/gen/v140cc1/en/ptop010.html Software: RICOH Web Image Monitor Product Version:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•131 views

RICOH SP 4510SF Printer - HTML Injection

Exploit Title: RICOH SP 4510SF Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re1/model/sp4510/sp4510.htm Software: RICOH Printer Product Version: SP 4510SF Vulernability Type:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•83 views

FTP Navigator 8.03 - Stack Overflow (SEH)

Exploit Title: FTP Navigator 8.03 - Stack Overflow SEH Date: December 28th, 2019 Exploit Author: boku Discovered by: Chris Inzinga Original DoS: FTP Navigator 8.03 - 'Custom Command' Denial of Service SEH Original DoS Link: https://www.exploit-db.com/exploits/47794 Software Vendor:...

7AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•171 views

HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin)

Exploit: HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5558...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•159 views

HomeAutomation 3.3.2 - Persistent Cross-Site Scripting

Exploit: HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5556 Advisor...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•122 views

FreeBSD-SA-19:02.fd - Privilege Escalation

Exploit: FreeBSD-SA-19:02.fd - Privilege Escalation Date: 2019-12-30 Author: Karsten König of Secfault Security Twitter: @gr4yf0x Kudos: Maik, greg and Dirk for discussion and inspiration CVE: CVE-2019-5596 libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper !/bin/sh echo "+ Root...

8.8CVSS9AI score0.00157EPSS

Exploits4

Exploit DB•added 2019/12/30 12:0 a.m.•145 views

Domain Quester Pro 6.02 - Stack Overflow (SEH)

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•148 views

AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot

Exploit: AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5548 Advisory URL:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•120 views

Wing FTP Server 6.0.7 - Unquoted Service Path

Exploit Title: Wing FTP Server 6.0.7 - Unquoted Service Path Date: 2019-12-30 Exploit Author: Nawaf Alkeraithe Vendor Homepage: https://www.wftpserver.com/ Version: 6.0.7 Tested on: Windows 10 CVE : N/A PoC: C:\Users\usersc qc "Wing FTP Server" SC QueryServiceConfig SUCCESS SERVICENAME: Wing FTP...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•121 views

XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-19 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/workcentre-6655 Software : Xerox Printer Product...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•376 views

OpenBSD - Dynamic Loader chpass Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...

7.8CVSS7.6AI score0.0938EPSS

Exploits12

Exploit DB•added 2019/12/30 12:0 a.m.•248 views

Microsoft UPnP - Local Privilege Elevation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/common' require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' require 'msf/core/exploit/exe'...

7.8CVSS9AI score0.53912EPSS

Exploits25

Exploit DB•added 2019/12/30 12:0 a.m.•215 views

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure

Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome https://docs.imperihome.com/app/iss Affected version: 0.2.40...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•126 views

Heatmiser Netmonitor 3.03 - Hardcoded Credentials

Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•232 views

WEMS BEMS 21.3.1 - Undocumented Backdoor Account

Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Date: 2019-12-30 Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5552.php WEMS BEMS 21.3.1 Undocumented Backdo...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•297 views

Thrive Smart Home 1.1 - Authentication Bypass

Exploit: Thrive Smart Home 1.1 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Thrive Product web page: http://www.thrivesmarthomes.com Affected version: 1.1 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5554 Advisory URL:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•232 views

AVS Audio Converter 9.1.2.600 - Stack Overflow (PoC)

Exploit Title: AVS Audio Converter 9.1.2.600 - Stack Overflow PoC Date: December 2019-12-28 Exploit Author: boku Original DoS: https://www.exploit-db.com/exploits/47788 Original DoS Author: ZwX Software Vendor: http://www.avs4you.com/ Software Link: http://www.avs4you.com/avs-audio-converter.aspx...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•146 views

FreeBSD-SA-19:15.mqueuefs - Privilege Escalation

Exploit: FreeBSD-SA-19:15.mqueuefs - Privilege Escalation Author: Karsten König of Secfault Security Date: 2019-12-30 Change line 719 to choose which vulnerability is targeted libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper Exploit for FreeBSD-SA-19:15.mqueuefs and...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•129 views

Heatmiser Netmonitor 3.03 - HTML Injection

Exploit Title: Heatmiser Netmonitor 3.03 - HTML Injection Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor v3.03...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•216 views

AVE DOMINAplus 1.10.x - Cross-Site Request Forgery (enable/disable alarm)

Exploit: AVE DOMINAplus 1.10.x - Cross-Site Request Forgery enable/disable alarm Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5547 Advisory URL:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•145 views

HomeAutomation 3.3.2 - Remote Code Execution

Exploit: HomeAutomation 3.3.2 - Remote Code Execution Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5560 Advisory URL:...

7AI score

Exploits0

Exploit DB•added 2019/12/30 12:0 a.m.•116 views

Reptile Rootkit - reptile_cmd Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Reptile Rootkit reptilecmd Privilege Escalation', 'Description' = %q This module uses Reptile rootkit's reptilecmd backdoor executable to gain ro...

7.4AI score

Exploits0

Exploit DB•added 2019/12/24 12:0 a.m.•153 views

Django < 3.0 < 2.2 < 1.11 - Account Hijack

EDB Note Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47879.zip djangocve201919844poc PoC for CVE-2019-19844 Requirements - Python 3.7.x - PostgreSQL 9.5 or higher Setup 1. Create databasee.g. djangocve201919844poc 1. Set the database name to the...

9.8CVSS9.6AI score0.15418EPSS

Exploits7

Exploit DB•added 2019/12/23 12:0 a.m.•39 views

XnConvert 1.82 - Denial of Service (PoC)

Exploit Title: XnConvert 1.82 - Denial of Service PoC Date: 2019-12-21 Vendor Homepage: https://www.xnview.com Software Link: https://www.xnview.com/en/apps/ Exploit Author: Gokkulraj TwinTech Solutions Tested Version: v1.82 Tested on: Windows 7 x64 1.- Download and install XnConvert 2.- Run pyth...

7.4AI score

Exploits0

Exploit DB•added 2019/12/23 12:0 a.m.•100 views

Prime95 Version 29.8 build 6 - Buffer Overflow (SEH)

Exploit Title: Prime95 Version 29.8 build 6 - Buffer Overflow SEH Date: 2019-12-22 Vendor Homepage: https://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v298b6.win32.zip Exploit Author: Achilles Tested Version: 29.8 build 6 Tested on: Windows 7 x64 1.- Run python...

7.4AI score

Exploits0

Exploit DB•added 2019/12/20 12:0 a.m.•125 views

phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting

Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version: 1.98 CVE: CVE-2019-19908 Description...

6.1CVSS6.5AI score0.41864EPSS

Exploits4

Exploit DB•added 2019/12/20 12:0 a.m.•255 views

FreeSWITCH 1.10.1 - Command Execution

Exploit Title: FreeSWITCH 1.10.1 - Command Execution Date: 2019-12-19 Exploit Author: 1F98D Vendor Homepage: https://freeswitch.com/ Software Link: https://files.freeswitch.org/windows/installer/x64/FreeSWITCH-1.10.1-Release-x64.msi Version: 1.10.1 Tested on: Windows 10 x64 FreeSWITCH listens on...

7.4AI score

Exploits0

Exploit DB•added 2019/12/20 12:0 a.m.•192 views

Microsoft Windows 10 BasicRender.sys - Denial of Service (PoC)

Exploit Title: Microsoft Windows 10 BasicRender.sys - Denial of Service PoC Date: 2019-12-20 Exploit author: vportal Vendor homepage: http://www.microsoft.com Version: Windows 10 1803 x86 Tested on: Windows 10 1803 x86 CVE: N/A A Null pointer deference exists in the WARPGPUCMDSYNC function of the...

7.4AI score

Exploits0

Exploit DB•added 2019/12/19 12:0 a.m.•27 views

SurfOffline Professional 2.2.0.103 - 'Project Name' Denial of Service (SEH)

Exploit Title: SurfOffline Professional 2.2.0.103 - 'Project Name' Denial of Service SEH Date: 2019-12-18 Exploit Author: Chris Inzinga Vendor Homepage: http://www.bimesoft.com/ Software Link: https://www.softpedia.com/get/Internet/Offline-Browsers/SurfOffline.shtml Version: 2.2.0.103 Tested on:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/19 12:0 a.m.•102 views

FTP Navigator 8.03 - 'Custom Command' Denial of Service (SEH)

Exploit Title: FTP Navigator 8.03 - 'Custom Command' Denial of Service SEH Date: 2019-12-18 Exploit Author: Chris Inzinga Vendor Homepage: http://www.internet-soft.com/ Software Link: https://www.softpedia.com/dyn-postdownload.php/5edd515b8045f156a9dd48599c2539e5/5dfa4560/d0c/0/1 Version: 8.03...

7.4AI score

Exploits0

Exploit DB•added 2019/12/19 12:0 a.m.•233 views

Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation

Exploit Title: Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Date: 2019-12-18 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.bahn.de/dbvertrieb/view/leistungen/automaten-fahrkartenentwerter.shtml Tested on: Windows XP Document Title: ===============...

7.4AI score

Exploits0

Exploit DB•added 2019/12/18 12:0 a.m.•126 views

AVS Audio Converter 9.1 - 'Exit folder' Buffer Overflow

Exploit Title: AVS Audio Converter 9.1 - 'Exit folder' Buffer Overflow Exploit Author : ZwX Exploit Date: 2019-12-17 Vendor Homepage : http://www.avs4you.com/ Link Software : http://www.avs4you.com/avs-audio-converter.aspx Tested on OS: Windows 7 ''' Technical Details & Description:...

7.4AI score

Exploits0

Exploit DB•added 2019/12/18 12:0 a.m.•167 views

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting

Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Google Dork: site:..com "Web File Manager" inurl:?login= Shodan Dork: Server: Rumpus Date: 2019-12-14 Exploit Author: Harshit Shukla, Sudeepto Roy Vendor Homepage: https://www.maxum.com/ Tested On: Windows & Mac...

6.1CVSS6.5AI score0.75637EPSS

Exploits5

Exploit DB•added 2019/12/18 12:0 a.m.•181 views

OpenMRS - Java Deserialization RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMRS Java Deserialization RCE', 'Description' = %q OpenMRS is an open-source platform that supplies users with a customizable medical record...

10CVSS9.8AI score0.93328EPSS

Exploits10

Total number of security vulnerabilities47884