Exploitpack - Page 39 of Exploitpack Most Viewed Vulnerabilities List

exploitpack•added 2012/07/06 12:0 a.m.•45 views

Webmatic 3.1.1 - Blind SQL Injection

Webmatic 3.1.1 - Blind SQL Injection Advisory ID: HTB23096 Product: Webmatic Vendor: valarsoft.com Vulnerable Versions: 3.1.1 and probably prior Tested Version: 3.1.1 Vendor Notification: 13 June 2012 Public Disclosure: 4 July 2012 Vulnerability Type: Blind SQL Injection CVE Reference:...

6.8CVSS0.02222EPSS

exploitpack•added 2012/04/24 12:0 a.m.•45 views

RuggedCom Devices - Backdoor Access

RuggedCom Devices - Backdoor Access Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardene...

8.5CVSS1.3AI score0.63489EPSS

Exploits8

exploitpack•added 2011/06/14 12:0 a.m.•45 views

cubecart 2.0.7 - Multiple Vulnerabilities

cubecart 2.0.7 - Multiple Vulnerabilities Exploit Title: CubeCart 2.0.7 XSS && Remote SQL Injection = Multiple Vulnerabilities Date: June, 14th 2011 GMT +7 Author: Shamus Software Link: http://www.cubecart.com/ Version : CubeCart 2.0.7 Tested on: windows 7, ubuntu 11.04 CVE : -...

exploitpack•added 2010/10/05 12:0 a.m.•45 views

Cag CMS 0.2 - Cross-Site Scripting Blind SQL Injection

Cag CMS 0.2 - Cross-Site Scripting Blind SQL Injection ----------------------------------------------------------------------------------------- Cag CMS Version 0.2 Beta = XSS && Blind SQL Injection Multiple Vulnerabilities...

0.3AI score

exploitpack•added 2010/08/25 12:0 a.m.•45 views

ClanSphere 2010 - Multiple Vulnerabilities

ClanSphere 2010 - Multiple Vulnerabilities Exploit Title: Clansphere Multiple vulnerabilities Date: 24/08/2010 Author: Sweet Contact : [email protected] Software Link: Download:http: http://sourceforge.net/projects/clansphere/ Version: all Tested on: WinXp sp3 Risk : HIGHT...

exploitpack•added 2010/06/28 12:0 a.m.•45 views

Subdreamer Pro 3.0.4 - CMS Upload

Subdreamer Pro 3.0.4 - CMS Upload . \\ \\ / |/ | || | | /\\ \\\\ \\ \\/ \\| | \\/ /\\ \\ | | | | \\ / \\| | | | | /\\ \\ / \\| | | / /| || \\/|// /| \\/ \\/ \\/ \\/ Exploit Title: Subdreamer Pro v3.0.4 CMS upload Vulnerability Author: Battousai Home:...

7.4AI score

exploitpack•added 2010/05/30 12:0 a.m.•45 views

Creato Script - SQL Injection

Creato Script - SQL Injection Title: Creato Script SQL Injection Vulnerability Version: 2.1 Author: Mr.P3rfekT Software Site: http://www.creato.biz Tested on Lunix CVE : N/A Founded By Mr.P3rfekT Dork : " created by creato.biz " Helllo Allz. Exploit : http://site/mainpage.php?id=SQLi Poc Username...

0.3AI score

exploitpack•added 2010/04/19 12:0 a.m.•45 views

NX Web CMS (NX WCMS 4.5) - Multiple Vulnerabilities

NX Web CMS NX WCMS 4.5 - Multiple Vulnerabilities N/X - Web CMS N/X WCMS 4.5 Multiple Vulnerability =================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...

0.3AI score

exploitpack•added 2010/04/05 12:0 a.m.•45 views

Portable AVS DVD Authoring 1.3.3.51 - Local Crash (PoC)

Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC C:\perl\bin Exploit Title: Portable AVS DVD Authoring Date: 2010/4pr/05 Author: R3d-D3v!L Version: v1.3.3.51 Tested on: windows XP sp3 Coded by x$file"; print $FILE "$boom"; close$FILE; print "Done..!\n";...

0.2AI score

exploitpack•added 2010/03/10 12:0 a.m.•45 views

Employee TimeClock Software 0.99 - SQL Injection

Employee TimeClock Software 0.99 - SQL Injection source: http://www.securityfocus.com/archive/1/509995 ====================================================================== Secunia Research 10/03/2010 - Employee Timeclock Software SQL Injection Vulnerabilities -...

7.5CVSS0.5AI score0.00365EPSS

Exploits2

exploitpack•added 2009/12/04 12:0 a.m.•45 views

BM Classifieds Ads - SQL Injection

BM Classifieds Ads - SQL Injection ALGERIAN HACKER - NORTH-AFRICA SECURITY TEAM - ! BM Classifieds ads SQL injection vulnerability ! Author : Dr.0rYX & Cr3w-DZ ! MAIL : [email protected] & [email protected] / Software Information + Vendor : http://www.bmscripts.com/ + script : powered by BM Classified...

0.7AI score

exploitpack•added 2009/10/30 12:0 a.m.•45 views

CubeCart 4 - Session Management Bypass

CubeCart 4 - Session Management Bypass CubeCart 4 Session Management Bypass Release Date: 2009/10/29 Author: Bogdan Calin bogdan at acunetix dot com Severity: Critical Vendor Status: Vendor has released an updated version I. Background From Wikipedia: CubeCart is a free-to-use eCommerce software...

0.4AI score

exploitpack•added 2009/09/14 12:0 a.m.•45 views

Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection

Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection !/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure...

10CVSS0.6AI score0.84063EPSS

Exploits13

exploitpack•added 2009/04/30 12:0 a.m.•45 views

Linux Kernel 2.6 (Gentoo Ubuntu 8.109.04) UDEV 1.4.1 - Local Privilege Escalation (2)

Linux Kernel 2.6 Gentoo Ubuntu 8.109.04 UDEV 1.4.1 - Local Privilege Escalation 2 / cve-2009-1185.c udev http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, whic...

7.2CVSS1.1AI score0.89509EPSS

Exploits12

exploitpack•added 2008/11/06 12:0 a.m.•45 views

hMAilServer 4.4.2 - PHPWebAdmin File Inclusion

hMAilServer 4.4.2 - PHPWebAdmin File Inclusion hMAilServer 4.4.2 PHPWebAdmin local & remote file inclusion poc by Nine:Situations:Group::strawdog -------------------------------------------------------------------------------- our site: http://retrogod.altervista.org software site:...

exploitpack•added 2008/04/14 12:0 a.m.•45 views

Cezanne Software 6.5.17 - CFLogon.asp Cross-Site Scripting

Cezanne Software 6.5.17 - CFLogon.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/28774/info Cezanne Software is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

6.8AI score

exploitpack•added 2008/02/02 12:0 a.m.•45 views

BookmarkX script 2007 - topicid SQL Injection

BookmarkX script 2007 - topicid SQL Injection BookmarkX scriptPowered by GengoliaWebStudioSQL Injection AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : "2007 BookmarkX script" DORKS 2 : Powered by GengoliaWebStudio DORK 3 : allinurl :"index.php?menu=showtopic" EXPLOIT :...

0.2AI score

exploitpack•added 2007/12/04 12:0 a.m.•45 views

phpMyChat 0.14.5 - chatusers_popupL.php3 Multiple Cross-Site Scripting Vulnerabilities

phpMyChat 0.14.5 - chatuserspopupL.php3 Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/26698/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

7AI score

exploitpack•added 2007/10/23 12:0 a.m.•45 views

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion ---------------------------------------------- GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEaTs To ---------------------------------------------- A2J, Chucks, The Pitbull, ICQBomber, str0ke ---------------------------------------------- BiG sHoUt OuT tO...

0.2AI score

exploitpack•added 2007/01/17 12:0 a.m.•45 views

MGB 0.5.4.5 - email.php?id SQL Injection

MGB 0.5.4.5 - email.php?id SQL Injection !/usr/bin/perl MGB Google dork: intext:mgb.0.5.. & intext:mopzz | intext:mgb.0.5.4.. use IO::Socket::INET; usage unless @ARGV == 2; $host = $ARGV0; $dir = $ARGV1; $dir = "/$dir" if $dir ! /^//; $dir = "$dir/" if $dir ! //$/; $host = s/http:////g; $path...

exploitpack•added 2007/01/07 12:0 a.m.•45 views

OpenBSD 3.x 4.0 - vga_ioctl() Local Privilege Escalation

OpenBSD 3.x 4.0 - vgaioctl Local Privilege Escalation / Critical Security OpenBSD 3.x-4.0 vgaioctl root exploit Bug had been discovered by allmighty Ilja van Sprundel ilja.netric.org Some code had been stolen from noir's openbsd exploit sources Fix is available:...

exploitpack•added 2006/08/10 12:0 a.m.•45 views

Mambo Component Remository 3.25 - Remote File Inclusion

Mambo Component Remository 3.25 - Remote File Inclusion .: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: o9.o8.2oo6 .. Affected Application: Remository v3.25...

7.5AI score

exploitpack•added 2005/08/05 12:0 a.m.•45 views

Jax PHP Scripts 1.01.342.143.31 - Guestbook File Client IP Disclosure

Jax PHP Scripts 1.01.342.143.31 - Guestbook File Client IP Disclosure source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input...

exploitpack•added 2005/06/23 12:0 a.m.•45 views

Microsoft Windows - SMB Transaction Response Handling (MS05-011)

Microsoft Windows - SMB Transaction Response Handling MS05-011 / Windows SMB Client Transaction Response Handling MS05-011 CAN-2005-0045 This works against Win2k cybertronicatgmxdotnet http://www.livejournal.com/users/cybertronic/ usage: gcc -o mssmbpoc mssmbpoc.c ./mssmbpoc connect via \ip and...

7.5CVSS6.5AI score0.83852EPSS

exploitpack•added 2005/04/12 12:0 a.m.•45 views

Multiple Vendor ICMP Message Handling - Denial of Service

Multiple Vendor ICMP Message Handling - Denial of Service source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine...

5CVSS7.5AI score0.85133EPSS

Exploits10

exploitpack•added 2005/01/07 12:0 a.m.•45 views

Linux Kernel 2.4.29-rc2 - uselib() Local Privilege Escalation (1)

Linux Kernel 2.4.29-rc2 - uselib Local Privilege Escalation 1 / EDB Note: There's is an updated version https://www.exploit-db.com/exploits/895/ / / binfmtelf uselib VMA insert race vulnerability v1.08 gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl Copyright c 2004 iSEC Security Research. All...

exploitpack•added 2004/05/04 12:0 a.m.•45 views

PHPX 3.26 - Multiple Vulnerabilities

PHPX 3.26 - Multiple Vulnerabilities PHPX Multiple Vulnerabilities Vendor: PHPX Product: PHPX Version: ","","",""; foreach$checkArray as $c...

5CVSS0.4AI score0.07492EPSS

Exploits3

exploitpack•added 2004/01/30 12:0 a.m.•45 views

Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion

Laurent Adda Les Commentaires 2.0 - PHP Script dernierscommentaires.php Remote File Inclusion source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include...

exploitpack•added 2000/09/04 12:0 a.m.•45 views

Libc locale - Local Privilege Escalation (1)

Libc locale - Local Privilege Escalation 1 / source: https://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

0.7AI score

exploitpack•added 2000/01/06 12:0 a.m.•45 views

Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change

Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change source: https://www.securityfocus.com/bid/2271/info Phorum is a popular, free, open source software package originally written by Brian Moon. The package is designed to add chat/bulletin board style interaction between visitors o...

0.4AI score

exploitpack•added 1998/08/31 12:0 a.m.•45 views

Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)

Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow 1 // source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts...

0.4AI score

exploitpack•added 1994/02/07 12:0 a.m.•45 views

HP-UX 1011 IRIX 3456 OpenSolaris build snv Solaris 8910 SunOS 4.1 - rpc.ypupdated Command Execution (1)

HP-UX 1011 IRIX 3456 OpenSolaris build snv Solaris 8910 SunOS 4.1 - rpc.ypupdated Command Execution 1 / source: https://www.securityfocus.com/bid/1749/info HP-UX 10.x/11.x,IRIX 3.x/4.x/5.x/6.x,OpenSolaris build snv,Solaris 8/9/10,SunOS 4.1.x RPC.YPUpdated Command Execution 1 The 'rpc.ypupdated'...

exploitpack•added 2020/02/17 12:0 a.m.•44 views

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Lin...

6.8AI score

exploitpack•added 2020/02/13 12:0 a.m.•44 views

PANDORAFMS 7.0 - Authenticated Remote Code Execution

PANDORAFMS 7.0 - Authenticated Remote Code Execution Exploit Title: PANDORAFMS 7.0 - Authenticated Remote Code Execution Date: 2020-02-12 Exploit Author: Engin Demirbilek Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link:...

9CVSS0.7AI score0.16795EPSS

exploitpack•added 2020/01/29 12:0 a.m.•44 views

Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)

Cups Easy 1.0 - Cross Site Request Forgery Password Reset Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link:...

6.8CVSS7.7AI score0.00306EPSS

exploitpack•added 2020/01/23 12:0 a.m.•44 views

qdPM 9.1 - Remote Code Execution

qdPM 9.1 - Remote Code Execution Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-managemen...

6.5CVSS9AI score0.90442EPSS

Exploits16

exploitpack•added 2020/01/13 12:0 a.m.•44 views

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH)

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow SEH Exploit Title: Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow SEH Date: 2020-01-12 Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.alloksoft.com Software Link:...

0.5AI score

exploitpack•added 2019/11/21 12:0 a.m.•44 views

GNU Mailutils 3.7 - Privilege Escalation

GNU Mailutils 3.7 - Privilege Escalation Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo...

4.6CVSS0.5AI score0.0055EPSS

exploitpack•added 2019/11/14 12:0 a.m.•44 views

Xfilesharing 2.5.1 - Arbitrary File Upload

Xfilesharing 2.5.1 - Arbitrary File Upload Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php...

7.5CVSS0.2AI score0.84694EPSS

exploitpack•added 2019/11/12 12:0 a.m.•44 views

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

3.5CVSS8.8AI score0.13066EPSS

exploitpack•added 2019/11/12 12:0 a.m.•44 views

eMerge E3 1.00-06 - Remote Code Execution

eMerge E3 1.00-06 - Remote Code Execution Exploit Title: eMerge E3 1.00-06 - Remote Code Execution Google Dork: NA Date: 2018-09-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version:...

10CVSS9.8AI score0.94403EPSS

Exploits16

exploitpack•added 2019/10/22 12:0 a.m.•44 views

Moxa EDR-810 - Command Injection Information Disclosure

Moxa EDR-810 - Command Injection Information Disclosure During an engagement for a client, RandoriSec found 2 vulnerabilities on Moxa EDR-810 Series Secure Routers. The first one is a command injection vulnerability found on the CLI allowing an authenticated user to obtain root privileges. And th...

6.5CVSS5.8AI score0.04907EPSS

exploitpack•added 2019/09/27 12:0 a.m.•44 views

V-SOL GPONEPON OLT Platform 2.03 - Unauthenticated Configuration Download

V-SOL GPONEPON OLT Platform 2.03 - Unauthenticated Configuration Download Title: V-SOL GPON/EPON OLT Platform 2.03 - Unauthenticated Configuration Download Date: 2019-09-27 Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com...

7.4AI score

exploitpack•added 2019/09/09 12:0 a.m.•44 views

Enigma NMS 65.0.0 - Cross-Site Request Forgery

Enigma NMS 65.0.0 - Cross-Site Request Forgery -------------------------------------------------------------------- Exploit Title: Enigma NMS Cross-Site Request Forgery CSRF Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage:...

0.3AI score0.00457EPSS

exploitpack•added 2019/08/12 12:0 a.m.•44 views

Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated Configuration Download

Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated Configuration Download !/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated Configuration Download Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage:...

5CVSS1.1AI score0.25332EPSS

Exploits3

exploitpack•added 2019/07/26 12:0 a.m.•44 views

Moodle Filepicker 3.5.2 - Server Side Request Forgery

Moodle Filepicker 3.5.2 - Server Side Request Forgery Exploit Title: Server Side Request Forgery in Moodle Filepicker Google Dork: / Date: 2019-07-25 Exploit Author: Fabian Mosch & Nick Theisinger r-tec IT Security GmbH Vendor Homepage: https://moodle.org/ Software Link:...

4CVSS0.12866EPSS

Exploits4

exploitpack•added 2019/06/04 12:0 a.m.•44 views

Zoho ManageEngine ServiceDesk Plus 9.3 - SearchN.do Cross-Site Scripting

Zoho ManageEngine ServiceDesk Plus 9.3 - SearchN.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SearchN.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...

4.3CVSS0.4AI score0.01693EPSS

exploitpack•added 2019/06/04 12:0 a.m.•44 views

Vim 8.1.1365 Neovim 0.3.6 - Arbitrary Code Execution

Vim 8.1.1365 Neovim 0.3.6 - Arbitrary Code Execution by Arminius @rawsec Vim/Neovim Arbitrary Code Execution via Modelines ================================================= Product: Vim 8.1.1365, Neovim 0.3.6 Type: Arbitrary Code Execution CVE: CVE-2019-12735 Date: 2019-06-04 Author: Arminius...

9.3CVSS0.4AI score0.54077EPSS

exploitpack•added 2019/06/04 12:0 a.m.•44 views

Zoho ManageEngine ServiceDesk Plus 9.3 - SolutionSearch.do Cross-Site Scripting

Zoho ManageEngine ServiceDesk Plus 9.3 - SolutionSearch.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SolutionSearch.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...

4.3CVSS0.2AI score0.01693EPSS