Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2023/02/20 12:0 a.m.501 views

Microsoft Windows Contact File Remote Code Execution Vulnerability

Microsoft Windows Contact file / Remote Code Execution Resurrected 2022 / CVE-2022-44666 + John Page aka hyp3rlinx + twitter.com/hyp3rlinx + ISR: ApparitionSec Back in 2018 I discovered three related Windows remote code execution vulnerabilities affecting both VCF and Contact files. They were...

7.8CVSS8AI score0.40435EPSS
Exploits2
0day.today
0day.today
added 2020/07/10 12:0 a.m.500 views

Rittal Products Bypass / Command Injection / Privilege Escalation Vulnerabilities

Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are not limited to CMC III PU Compact, CMC III PU 7030.000 PD...

10CVSS7.9AI score0.0247EPSS
Exploits7
0day.today
0day.today
added 2022/12/24 12:0 a.m.499 views

WordPress Yith WooCommerce Gift Cards Premium 3.19.0 Shell Upload Vulnerability

Description: Unauthenticated Arbitrary File Upload Affected Plugin: Yith WooCommerce Gift Cards Premium Plugin Slug: yith-woocommerce-gift-cards-premium Affected Versions: = 3.19.0 CVE ID: CVE-2022-45359 CVSS Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N...

9.8CVSS0.4AI score0.13514EPSS
Exploits2
0day.today
0day.today
added 2022/10/25 12:0 a.m.500 views

ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication Vulnerability

ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, and ZMM suffer from a missing authentication vulnerability. Versions below 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210 are potentially affected. The ZKTeco time attendance device does not require authentication to use the web...

7.5CVSS7.8AI score0.04834EPSS
Exploits5
0day.today
0day.today
added 2021/08/21 12:0 a.m.499 views

Microsoft Exchange ProxyShell Remote Code Execution Exploit

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary...

9.1CVSS9.2AI score0.99999EPSS
Exploits18
0day.today
0day.today
added 2020/07/20 12:0 a.m.499 views

UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation Vulnerability

UBICOD Medivision Digital Signage version 1.5.1 suffers from a privilege escalation vulnerability that is leveraged via authorization bypass. UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation Through Authorization Bypass Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page:...

7.3AI score
Exploits0
0day.today
0day.today
added 2023/11/20 12:0 a.m.498 views

PHPJabbers Availability Booking Calendar 5.0 CSV Injection Vulnerability

Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - CSV Injection Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version: v5.0 Tested on: Windows...

8.8CVSS7.5AI score0.01166EPSS
Exploits3
0day.today
0day.today
added 2021/10/13 12:0 a.m.498 views

Sonicwall SonicOS 7.0 - Host Header Injection Vulnerability

Exploit Title: Sonicwall SonicOS 7.0 - Host Header Injection Google Dork: inurl:"auth.html" intitle:"SonicWall" intitle:"SonicWall Analyzer Login" Exploit Author: Ramikan Vendor Homepage:sonicwall.com Affected Devices: All SonicWall Next Gen 6 Devices Tested On: SonicWall NAS 6.2.5 Affected...

6.1CVSS0.13041EPSS
Exploits4
0day.today
0day.today
added 2024/09/11 12:0 a.m.497 views

VICIdial 2.14-917a Remote Code Execution Vulnerability

An attacker with authenticated access to VICIdial version 2.14-917a as an agent can execute arbitrary shell commands as the root user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. Title: VICIdial Authenticated Remo...

9.8CVSS7.9AI score0.80023EPSS
Exploits12
0day.today
0day.today
added 2024/07/17 12:0 a.m.497 views

XenForo 2.2.15 Cross Site Request Forgery Vulnerability

------------------------------------------------------------------------------- XenForo = 2.2.15 Widget::actionSave Cross-Site Request Forgery Vulnerability ------------------------------------------------------------------------------- - Software Link: https://xenforo.com - Affected Versions:...

8.8CVSS7.1AI score0.07409EPSS
Exploits3
0day.today
0day.today
added 2024/03/29 12:0 a.m.497 views

Asterisk AMI - Partial File Content & Path Disclosure (Authenticated) Exploit

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.4AI score0.4557EPSS
Exploits3
0day.today
0day.today
added 2023/11/10 12:0 a.m.497 views

Cisco IOX XE unauthenticated Command Line Interface Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOX XE unauthenticated Command Line Interface CLI execution', 'Description' = %q This module leverages CVE-2023-20198 against vulnerable...

10CVSS7.4AI score0.99571EPSS
Exploits27
0day.today
0day.today
added 2022/03/27 12:0 a.m.497 views

Online Sports Complex Booking v1.0 SQL injection Vulnerability

Title: Online Sports Complex Booking v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Reference:...

0.5AI score
Exploits0
0day.today
0day.today
added 2021/12/06 12:0 a.m.497 views

Auerswald COMfortel 2.8F - Authentication Bypass Vulnerability

Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface o...

7.5CVSS7.6AI score0.5106EPSS
Exploits4
0day.today
0day.today
added 2020/07/30 12:0 a.m.497 views

Online Shopping Alphaware 1.0 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Exploits0
0day.today
0day.today
added 2019/12/27 12:0 a.m.497 views

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/03/28 12:0 a.m.497 views

BigTree 4.3.4 CMS - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications =========================================================================================== Exploit Title: BigTree CMS - 'parent' SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.bigtreecms.org/ Software Link:...

Exploits0
0day.today
0day.today
added 2018/01/24 12:0 a.m.497 views

MikroTik RouterOS < 6.38.5 Remote Command Execution Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/env python2 Mikrotik Chimay Red Stack Clash Exploit by wsxarcher based on BigNerd95 POC tested on RouterOS 6.38.4 x86 ASLR enabled on libs only DEP enabled import socket, time, sys, struct from pwn import import ropgadget...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/08/24 12:0 a.m.497 views

phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability

Exploit for unknown platform in category web applications ============================================================ phpCOIN 1.2.3 sessionset.php Remote Include Vulnerability ============================================================ phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/04/11 12:0 a.m.496 views

CHAOS RAT 5.0.1 Remote Command Execution Exploit

CHAOS RAT web panel version 5.0.1 is vulnerable to command injection, which can be triggered from a cross site scripting attack, allowing an attacker to takeover the RAT server. Exploit Title: CHAOS RAT v5.0.1 RCE Exploit Author: @chebuya Software Link: https://github.com/tiagorlampert/CHAOS...

8.8CVSS5.3AI score0.80454EPSS
Exploits7
0day.today
0day.today
added 2023/11/20 12:0 a.m.496 views

Magento 2.4.6 XSLT Server Side Injection Vulnerability

Exploit Title: Magento ver. 2.4.6 - XSLT Server Side Injection Exploit Author: tmrswrr Vendor Homepage: https://magento2demo.firebearstudio.com/ Software Link: Magento 2.4.6-p3 Version: 2.4.6 Tested on: 2.4.6 POC 1. Enter with admin credentials to this URL: https://magento2demo.firebearstudio.com...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/11/20 12:0 a.m.496 views

FireBear Improved Import And Export 3.8.6 XSLT Server Side Injection Exploit

FireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution. Exploit Title: FireBear Improved Import & Export ver. 3.8.6 for Magento 2.4.6 - XSLT Server Side Injection Command Execution Exploit...

8.1AI score
Exploits0
0day.today
0day.today
added 2023/10/02 12:0 a.m.496 views

JetBrains TeamCity Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits an authentication bypass vulnerability to achieve unauthenticated remote code execution against a vulnerable JetBrains TeamCity server. All versions of TeamCity prior to version 2023.05.4 are vulnerable to this issue. The vulnerability was originally discovered by...

9.8CVSS10AI score0.99979EPSS
Exploits17
0day.today
0day.today
added 2020/08/22 12:0 a.m.496 views

Linux/x86 /dev/sda Partition Wiping Shellcode (35 bytes)

Exploit Title: Linux/x86 - Shred /dev/sda wipe partition Shellcode 35 bytes Google Dork: None Exploit Author: cybersaki Vendor Homepage: None Software Link: None Version: None Tested on: Kali linux 2020.2a i386 x86 CVE : none Shellcode-length : 35 SLAE-id : Purchased | email protected ; Descripti...

Exploits0
0day.today
0day.today
added 2022/03/04 12:0 a.m.495 views

pfSense 2.5.2 Shell Upload Exploit

This Metasploit module exploits an arbitrary file creation vulnerability in the pfSense HTTP interface CVE-2021-41282. The vulnerability affects versions 2.5.2 and below and can be exploited by an authenticated user if they have the "WebCfg - Diagnostics: Routing tables" privilege. This module us...

9CVSS0.6AI score0.87113EPSS
Exploits4
0day.today
0day.today
added 2021/11/22 12:0 a.m.495 views

OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure Vulnerability

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities. Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable...

6.1CVSS5.1AI score0.01444EPSS
Exploits7
0day.today
0day.today
added 2020/08/22 12:0 a.m.495 views

WordPress NAB Transact WooCommerce 2.1.0 Payment Bypass Vulnerability

Exploit for php platform in category web applications Title: Payment bypass Product: WordPress NAB Transact WooCommerce Plugin Vendor Homepage: https://woocommerce.com/products/nab-transact-direct-post/ Vulnerable Version: 2.1.0 Fixed Version: 2.1.2 CVE Number: CVE-2020-11497 Author: Jack Misiura...

0.1AI score0.01152EPSS
Exploits4
0day.today
0day.today
added 2020/07/17 12:0 a.m.496 views

CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password) Vulnerability

Exploit for php platform in category web applications Exploit Title: CMSUno 1.6 - Cross-Site Request Forgery Change Admin Password Exploit Author: Noth Vendor Homepage: https://github.com/boiteasite/cmsuno Software Link: https://github.com/boiteasite/cmsuno Version: v1.6 CVE : 2020-15600 An issue...

4.3CVSS0.3AI score0.01899EPSS
Exploits3
0day.today
0day.today
added 2025/02/22 12:0 a.m.494 views

RaspberryMatic 3.73.9.20240130 Remote Code Execution Exploit

RaspberryMatic / OCCU contains a unauthenticated remote code execution vulnerability, caused by multiple issues within the Java based HMIPServer.jar component. The webui allows for Firmware uploads which can be reached through the URL /pages/jpages/system/DeviceFirmware/addFirmware. This allows a...

10CVSS8.4AI score0.08739EPSS
Exploits4
0day.today
0day.today
added 2024/01/22 12:0 a.m.494 views

Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit

This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x prior...

9.1CVSS8.8AI score0.99999EPSS
Exploits23
0day.today
0day.today
added 2023/03/06 12:0 a.m.494 views

Purchase Order Management 1.0 Cross Site Scripting Vulnerability

Purchase Order Management version 1.0 appears to suffer from a cross site scripting vulnerability due to printing errors with a malicious password payload. Title: Purchase Order Management-1.0 - XSS-Reflected - Information-gathering Author: nu11secur1ty Vendor:...

6.7AI score
Exploits0
0day.today
0day.today
added 2017/03/29 12:0 a.m.494 views

Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow Vulnerability

Exploit for linux platform in category dos / poc Source: http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/ Background The Apache HTTP Server is an open-source HTTP server for modern operating systems including UNIX, Microsoft Windows, Mac OS/X and Netware. The goal of this...

4.4CVSS8.8AI score0.04716EPSS
Exploits6
0day.today
0day.today
added 2024/05/15 12:0 a.m.493 views

Zope 5.9 Command Injection Vulnerability

Vulnerability Report Title: Command Argument Injection Vulnerability in Zope WSGI Instance Creation Script Leading to RCE Description: A command Argument injection vulnerability has been identified in the Zope WSGI instance creation script used by the Zope web application server framework, which ...

7.2AI score
Exploits0
0day.today
0day.today
added 2024/06/24 12:0 a.m.492 views

Netis MW5360 Remote Command Execution Exploit

The Netis MW5360 router has a command injection vulnerability via the password parameter on the login page. The vulnerability stems from improper handling of the "password" parameter within the router's web interface. The router's login page authorization can be bypassed by simply deleting the...

9.8CVSS9.9AI score0.70779EPSS
Exploits4
0day.today
0day.today
added 2022/03/09 12:0 a.m.492 views

Dirty Pipe SUID Binary Hijack Privilege Escalation Exploit

Variant proof of concept exploit for the Dirty Pipe file overwrite vulnerability. This version hijacks a SUID binary to spawn a root shell. // // dirtypipez.c // // hacked up Dirty Pipe CVE-2022-0847 PoC that hijacks a SUID binary to spawn // a root shell. and attempts to restore the damaged bina...

7.8CVSS8.4AI score0.89063EPSS
Exploits100
0day.today
0day.today
added 2023/11/14 12:0 a.m.491 views

LOYTEC Electronics Insecure Transit / Insecure Permissions / Unauthenticated Access Vulnerabilities

Products from LOYTEC electronics such as Loytec LWEB-802, L-INX Automation Servers, L-IOB I/O Controllers, and L-VIS Touch Panels suffer from improper access control and insecure transit vulnerabilities. + CVE : CVE-2023-46380, CVE-2023-46381, CVE-2023-46382 + Title : Multiple vulnerabilities in...

8.2CVSS7.5AI score0.07381EPSS
Exploits2
0day.today
0day.today
added 2023/08/02 12:0 a.m.491 views

Checkpoint Gaia Portal R81.10 Remote Command Execution Vulnerability

========================= Exploit Title: Hostname injection leads to Remote Code Execution RCE Authenticated Product: Gaia Portal Vendor: Checkpoint Vulnerable Versions: R81.20 Take 14, R81.10 Take 95, R81 Take 82 and R80.40 Take 198 Tested Version: R81.10 take 335 Advisory Publication: July 27,...

7.2CVSS7.1AI score0.21381EPSS
Exploits3
0day.today
0day.today
added 2013/02/19 12:0 a.m.491 views

Piwigo 2.4.6 Arbitrary File Read / Delete Vulnerabilities

Piwigo version 2.4.6 suffers from a remote arbitrary file read and deletion vulnerability user a directory traversal attack in install.php. Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4...

7AI score
Exploits0
0day.today
0day.today
added 2024/03/29 12:0 a.m.490 views

RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service Exploit

Exploit Title: CVE-2024-27686: RouterOS-SMB-DOS Exploit Author: ice-wzl, Solstice Cyber Solutions Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download/archive Version: RouterOS devices ranging from 6.40.5 - 6.44 and 6.48.1 - 6.49.10 Tested on: RouterOS 6.40.5 - 6.44...

7.4AI score0.00591EPSS
Exploits7
0day.today
0day.today
added 2023/08/24 12:0 a.m.490 views

SugarCRM 12.2.0 Shell Upload Vulnerability

----------------------------------------------------------------- SugarCRM = 12.2.0 Notes Unrestricted File Upload Vulnerability ----------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and prior versions...

8.8CVSS7.1AI score0.01255EPSS
Exploits2
0day.today
0day.today
added 2020/08/22 12:0 a.m.490 views

Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure Vulnerability

Eibiz i-Media Server Digital Signage version 3.8.0 suffers from an unauthenticated configuration disclosure vulnerability. Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure Vendor: EIBIZ Co.,Ltd. Product web page: http://www.eibiz.co.th Affected version: =3.8.0 Summary: EIBIZ...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/07/20 12:0 a.m.490 views

Company Visitor Management System (CVMS) 1.0 SQL Injection Vulnerability

Company Visitor Management System CVMS version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Company Visitor Management System CVMS 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos68...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/01/05 12:0 a.m.490 views

Wowonder CMS - Privilege Escalation Vulnerability

Exploit for php platform in category web applications Today I will explain an exploit of Privilege Escalation in Wowonder CMS. First we need firefox v56.0.2 or earlier and then download hackbar: https://addons.mozilla.org/es/firefox/addon/hackbar/ Note: If the bar does not appear, press F9 to mak...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/09/20 12:0 a.m.490 views

jPORTAL 2 (humor.php id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =========================================================== jPORTAL 2 humor.php id Remote SQL Injection Vulnerability =========================================================== Title: jPORTAL 2 humor.php SQL Injection VEndor:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/11/19 12:0 a.m.489 views

Click Stocks 1.3 - File Upload Remote Code Execution Vulnerability

Title: Click Stocks-1.3 - File Upload - RCE Author: nu11secur1ty Vendor: https://codecanyon.net/user/media-city Software: https://codecanyon.net/item/click-stocks-free-stock-photos-laravel-script/23356416 Reference: https://portswigger.net/web-security/file-upload,...

7.5AI score
Exploits0
0day.today
0day.today
added 2023/08/24 12:0 a.m.489 views

SugarCRM 12.2.0 SQL Injection Vulnerability

---------------------------------------------------- SugarCRM = 12.2.0 Two SQL Injection Vulnerabilities ---------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and prior versions. Version 12.0.2 and prior versions. Versio...

8.8CVSS7.1AI score0.00967EPSS
Exploits2
0day.today
0day.today
added 2022/01/13 12:0 a.m.489 views

Crestron HD-MD4X2-4K-E 1.0.0.2159 Credential Disclosure Vulnerability

Crestron HD-MD4X2-4K-E version 1.0.0.2159 suffers from a credential disclosure vulnerability. When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid to authenticate to the web interface. Credential Disclosure...

10CVSS0.3AI score0.75711EPSS
Exploits5
0day.today
0day.today
added 2021/12/08 12:0 a.m.489 views

Reprise License Manager 14.2 Unauthenticated Password Change Vulnerability

Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44152 Vulnerability Title: Unauthenticated Password Change Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Introduction: Because...

9.8CVSS0.4AI score0.58555EPSS
Exploits3
0day.today
0day.today
added 2021/11/24 12:0 a.m.489 views

Serva 4.4.0 TFTP Remote Buffer Overflow Exploit

Exploit Title: Serva 4.4.0 TFTP Server Remote Buffer Overflow Metasploit Exploit Author: Yehia Elghaly Vendor Homepage: https://www.vercot.com/ Software Link : https://www.vercot.com/serva/download/ServaCommunityv4.4.0-21081411.zip Tested Version: 4.4.0 Tested on: Windows XP SP3 - Windows 7...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/11/17 12:0 a.m.489 views

Quick.CMS 6.7 - Cross Site Request Forgery to Cross Site Scripting Vulnerability

Exploit Title: Quick.CMS 6.7 - Cross Site request forgery CSRF to Cross-site Scripting XSS Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows...

7.1AI score
Exploits0
Total number of security vulnerabilities5000