Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2024/02/19 12:0 a.m.360 views

SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration Exploit

Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp: print"Usage:...

5.3CVSS7.1AI score0.01808EPSS
Exploits4
0day.today
0day.today
added 2023/08/21 12:0 a.m.360 views

Credit Lite 1.5.4 SQL Injection Vulnerability

Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4407...

9.8CVSS7.1AI score0.01073EPSS
Exploits4
0day.today
0day.today
added 2023/02/28 12:0 a.m.360 views

WordPress Real Estate 7 Theme 3.3.4 Abuse Of Functionality Vulnerability

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Abuse of Functionality Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz https://fearzzzz.ru Component...

0.1AI score
Exploits0
0day.today
0day.today
added 2022/07/21 12:0 a.m.360 views

Emporium eCommerce Online Shopping CMS 1.2 SQL Injection Vulnerability

┌┌────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...

0.3AI score
Exploits0
0day.today
0day.today
added 2022/02/05 12:0 a.m.360 views

Windows/x86 Download File / Execute Shellcode (458 bytes)

; Exploit Title: Windows/x86 - Download File and Execute / Dynamic PEB & EDT method Shellcode 458 bytes ; Exploit Author: Techryptic @Tech ; Date: 2022-01-31 ; Tested on: WIN7X86 ; Shoutout to 848 Advanced Software Exploitation and DSU. ; Description: ; The shellcode works in three parts. The fir...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/01/27 12:0 a.m.360 views

Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Vulnerability

Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0...

7.5CVSS7.6AI score0.92331EPSS
Exploits6
0day.today
0day.today
added 2022/01/25 12:0 a.m.360 views

Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The vulnerabilities allow an unauthenticated remote attacker to execute commands as root. This module requires Metasploi...

9.8CVSS10AI score0.83926EPSS
Exploits8
0day.today
0day.today
added 2021/12/09 12:0 a.m.360 views

MTPutty 1.0.1.21 - SSH Password Disclosure Vulnerability

Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/11/15 12:0 a.m.360 views

Simple Subscription Website 1.0 - SQL injection Authentication Bypass Vulnerability

Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass Exploit Author: Daniel Haro Dirox Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html Software Link:...

9.8CVSS9.2AI score0.04729EPSS
Exploits4
0day.today
0day.today
added 2021/10/13 12:0 a.m.360 views

Alchemy CMS 6.0.0 Arbitrary File Upload Vulnerability

Exploit Title: AlchemyCMS 2.x to 6.0.0 - Unrestricted File Upload authenticated Exploit Author: Abdulrahman https://twitter.com/infosec90 Vendor Homepage: https://alchemy-cms.com Software Link: https://github.com/AlchemyCMS/alchemycms Version: from 2.0 to 6.0.0 Tested on: Linux ruby 2.6.8p205 rai...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/03/02 12:0 a.m.360 views

Cacti v1.2.8 - Unauthenticated Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit:...

7.1AI score0.73779EPSS
Exploits24
0day.today
0day.today
added 2019/03/16 12:0 a.m.360 views

BMC Patrol Agent Privilege Escalation / Command Execution Exploit

This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the...

7.8CVSS1AI score0.07488EPSS
Exploits6
0day.today
0day.today
added 2010/03/24 12:0 a.m.360 views

Vbulletin Blog 4.0.2 XSS Vulnerability

Exploit for php platform in category web applications ====================================== Vbulletin Blog 4.0.2 XSS Vulnerability ====================================== Author: FormatXformat Version: Vbulletin 4.0.2 Dork: Powered by vBulletin Version 4.0.2 Copyright 2010 vBulletin Solutions, In...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/03/29 12:0 a.m.359 views

Workout Journal App 1.0 - Stored XSS Vulnerability

Exploit Title: Workout Journal App 1.0 - Stored XSS Exploit Author: MURAT CAGRI ALIS Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17088/workout-journal-app-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Windows / MacOS / Linux CVE...

4.7CVSS7.1AI score0.00443EPSS
Exploits4
0day.today
0day.today
added 2024/03/18 12:0 a.m.359 views

Quick.CMS 6.7 - SQL Injection Login Bypass Vulnerability

Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass Exploit Author: ./H4X.Forensics - Diyar Vendor Homepage: https://www.opensolution.org Software Link: https://opensolution.org/download/home.html?sFile=Quick.Cmsv6.7-en.zip Version: 6.7 Tested on: Windows CVE : N/A How to exploit : -- Open...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/02/22 12:0 a.m.359 views

CMS Made Simple 2.2.19 Cross Site Scripting Vulnerability

Exploit Title: CMS Made Simple Version: 2.2.19 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Content File Manager 2 Write in New directory: place payload "...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/12/20 12:0 a.m.359 views

TYPO3 11.5.24 Path Traversal Vulnerability

Exploit Title: TYPO3 11.5.24 Path Traversal Vulnerability Authenticated Exploit Author: Saeed reza Zamanian Software Link: https://get.typo3.org/release-notes/11.5.24 Version: 11.5.24 Tested on: Kali 2022.3 CVE : CVE-2023-30451 In TYPO3 11.5.24, the filelist component allows attackers with access...

4.9CVSS7.2AI score0.01161EPSS
Exploits3
0day.today
0day.today
added 2023/10/09 12:0 a.m.359 views

Minio 2022-07-29T19-40-48Z - Path traversal Exploit

Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before execution: pip install...

7.4CVSS5.2AI score0.52334EPSS
Exploits4
0day.today
0day.today
added 2023/04/03 12:0 a.m.359 views

ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Vulnerability

Exploit Title: ManageEngine Access Manager Plus 4.3.0 - File-path-traversal Author: nu11secur1ty Vendor: https://www.manageengine.com/ Software: https://www.manageengine.com/privileged-session-management/download.html Reference:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/03/15 12:0 a.m.359 views

WordPress Profile Builder 3.9.0 Missing Authorization Vulnerability

WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppbtoolboxusermetahandler. Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given...

6.5CVSS6.9AI score0.00769EPSS
Exploits2
0day.today
0day.today
added 2022/03/22 12:0 a.m.359 views

Ivanti Endpoint Manager 4.6 - Remote Code Execution Vulnerability

Exploit Title: Ivanti Endpoint Manager 4.6 - Remote Code Execution RCE Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 - EOF Aug 2021 Tested on: Linux x8664 CVE :...

9.8CVSS0.7AI score0.99105EPSS
Exploits9
0day.today
0day.today
added 2022/03/16 12:0 a.m.359 views

Apache APISIX 2.12.1 - Remote Code Execution Exploit

Exploit Title: Apache APISIX 2.12.1 - Remote Code Execution RCE Exploit Author: Ven3xy Vendor Homepage: https://apisix.apache.org/ Version: Apache APISIX 1.3 – 2.12.1 Tested on: CentOS 7 CVE : CVE-2022-24112 import requests import sys class color: HEADER = '\03395m' IMPORTANT = '\3335m' NOTICE =...

9.8CVSS9.6AI score0.96182EPSS
Exploits16
0day.today
0day.today
added 2021/12/14 12:0 a.m.359 views

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting Vulnerability

Sofico Miles RIA version 2020.2 build 127964T suffers from a persistent cross site scripting vulnerability. ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version:...

5.4CVSS0.00771EPSS
Exploits3
0day.today
0day.today
added 2021/10/07 12:0 a.m.359 views

Google SLO-Generator 2.0.0 - Code Execution Vulnerability

Exploit Title: Google SLO-Generator 2.0.0 - Code Execution Exploit Author: Kiran Ghimire Software Link: https://github.com/google/slo-generator/releases Version: = 2.0.0 Tested on: Linux CVE: CVE-2021-22557 Introduction: Is a tool to compute and export Service Level Objectives SLOs, Error Budgets...

7.8CVSS7.7AI score0.0158EPSS
Exploits4
0day.today
0day.today
added 2020/06/08 12:0 a.m.359 views

Avaya IP Office 11 Insecure Transit / Password Disclosure Vulnerability

Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

5.5CVSS5.6AI score0.01EPSS
Exploits3
0day.today
0day.today
added 2019/05/24 12:0 a.m.359 views

Microsoft Windows (x84/x64) - Error Reporting Discretionary Access Control List / Local Privilege

Exploit for windows platform in category local exploits Microsoft Windows x84/x64 - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation EDIT: Apparently this was patched earlier this month.. so whatever. Windows Error Reporting Arbitrary DACL write It can take upwards...

7.2CVSS7.6AI score0.05207EPSS
Exploits1
0day.today
0day.today
added 2017/06/08 12:0 a.m.359 views

Linux Kernel - ping Local Denial of Service Exploit

Exploit for linux platform in category dos / poc Source: https://raw.githubusercontent.com/danieljiang0415/androidkernelcrashpoc/master/panic.c include include include include static int sockfd = 0; static struct sockaddrin addr = 0; void fuzzvoid param while1 addr.sinfamily = 0;//rand%42;...

4.9CVSS0.3AI score0.01463EPSS
Exploits2
0day.today
0day.today
added 2023/06/12 12:0 a.m.358 views

WordPress Workreap 2.2.2 Shell Upload Exploit

Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author: Mohammad Hossei...

9.8CVSS9.3AI score0.60113EPSS
Exploits9
0day.today
0day.today
added 2022/08/09 12:0 a.m.358 views

Feehi CMS 2.1.1 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting XSS Exploit Author: Shivam Singh Vendor Homepage: https://feehi.com/ Software Link: https://github.com/liufee/cms Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/ Version: 2.1.1 REQUIRED Tested on: Linux, Windows, Docke...

5.4CVSS5.5AI score0.03574EPSS
Exploits7
0day.today
0day.today
added 2022/06/27 12:0 a.m.358 views

Library Management System With QR Code 1.0 Shell Upload Vulnerability

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/05/16 12:0 a.m.358 views

Zyxel Firewall ZTP Unauthenticated Command Injection Exploit

This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning ZTP support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler...

9.8CVSS9.3AI score0.99938EPSS
Exploits27
0day.today
0day.today
added 2022/03/07 12:0 a.m.358 views

Spring Cloud Gateway 3.1.0 - Remote Code Execution Exploit

Exploit Title: Spring Cloud Gateway 3.1.0 - Remote Code Execution RCE Exploit Author: Carlos E. Vieira Vendor Homepage: https://spring.io/ Software Link: https://spring.io/projects/spring-cloud-gateway Version: This vulnerability affect Spring Cloud Gateway 3.0.7 & 3.1.1 Tested on: 3.1.0 CVE :...

10CVSS0.2AI score0.98253EPSS
Exploits54
0day.today
0day.today
added 2019/06/26 12:0 a.m.358 views

SeedDMS versions < 5.1.11 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions "; $cmd = $REQUEST'cmd'; system$cmd; echo ""; die; ? Step 3: Now after uploading the file check the document id corresponding to the document. Step 4:...

6CVSS0.2AI score0.11696EPSS
Exploits9
0day.today
0day.today
added 2006/08/13 12:0 a.m.358 views

Joomla Webring Component <= 1.0 Remote Include Vulnerability

Exploit for unknown platform in category web applications ============================================================ Joomla Webring Component = 1.0 Remote Include Vulnerability ============================================================ C Y BE R - W A R R i O R T I M Joomla Webring Component...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/03/18 12:0 a.m.357 views

Nokia BMC Log Scanner - Remote Code Execution Vulnerability

Exploit Title: Nokia BMC Log Scanner Remote Code Execution Google Dork: N/A Date: November 29, 2023 Exploit Author: Carlos Andres Gonzalez, Matthew Gregory Vendor Homepage: https://www.nokia.com/ Software Link: N/A Version: 13 Tested on: Linux CVE : CVE-2022-45899 Description The BMC Log Scanner...

7.2AI score0.00826EPSS
Exploits3
0day.today
0day.today
added 2024/03/02 12:0 a.m.357 views

WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting Vulnerability

Exploit Title: IDonate – blood request management system XSS in Recaptcha secret key and in Recaptcha Site key 3- Click on save changes. 4- While clicking on the payload text, XSS will trigger. Vulnerable Code: public function idonaterecaptchasecretkeycallback if isset...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/02/27 12:0 a.m.357 views

Automatic Systems SOC FL9600 FastLine - Directory Transversal Vulnerability

Exploit Title: Automatic-Systems SOC FL9600 FastLine - Directory Transversal Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN = 285698a99acbd8d7ea09a57d5fbcb435da5427b3f6b8a CVE :...

7.5CVSS7.1AI score0.01374EPSS
Exploits4
0day.today
0day.today
added 2023/06/27 12:0 a.m.357 views

WordPress LearnDash LMS 4.6.0 Insecure Direct Object Reference Vulnerability

Description: LearnDash LMS = 4.6.0 – Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary User Password Change Affected Plugin: LearnDash LMS Plugin Slug: sfwd-lms Affected Versions: = 4.6.0 CVE ID: CVE-2023-3105 CVSS Score: 8.8 High CVSS Vector:...

8.8CVSS7.1AI score0.02233EPSS
Exploits2
0day.today
0day.today
added 2023/01/26 12:0 a.m.357 views

Secure Web Gateway 10.2.11 Cross Site Scripting Vulnerability

Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure We...

6.1CVSS6.2AI score0.0189EPSS
Exploits4
0day.today
0day.today
added 2022/12/15 12:0 a.m.357 views

Acronis TrueImage XPC Privilege Escalation Exploit

Acronis TrueImage versions 2019 update 1 through 2021 update 1 are vulnerable to privilege escalation. The com.acronis.trueimagehelper helper tool does not perform any validation on connecting clients, which gives arbitrary clients the ability to execute functions provided by the helper tool with...

7.8CVSS8.1AI score0.02152EPSS
Exploits3
0day.today
0day.today
added 2022/09/14 12:0 a.m.357 views

Academy Learning Management System 5.7 Shell Upload Exploit

Exploit Title: Academy Learning Management System 5.7 Shell Upload Exploit Author: th3d1gger Vendor Homepage: https://codecanyon.net Software Link: https://codecanyon.net/item/academy-course-based-learning-management-system/22703468 Version: 5.7 Tested on Ubuntu 18.04 Totally wrong architecture f...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/08/25 12:0 a.m.357 views

PrestaShop Ap Pagebuilder 2.4.4 SQL Injection Vulnerability

Exploit Title: AP PAGEBUILDER Prestashop module = 2.4.4 'productalloneimg' , 'imageproduct' Blind SQL Injection Exploit Author: Mohamed Ali Hammami Vendor Homepage: https://apollotheme.com/ Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module Version: 2.4.4 Tested on:...

9.8CVSS0.5AI score0.10814EPSS
Exploits3
0day.today
0day.today
added 2021/12/06 12:0 a.m.357 views

Auerswald COMpact 8.0B - Arbitrary File Disclosure Vulnerability

Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users...

4.9CVSS5.7AI score0.02394EPSS
Exploits4
0day.today
0day.today
added 2021/11/22 12:0 a.m.357 views

Aimeos Laravel ecommerce platform 2021.10 LTS - (sort) SQL injection Vulnerability

Exploit Title: Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection Exploit Author: Ilker Burak ADIYAMAN Vendor Homepage: https://aimeos.org Software Link: https://aimeos.org/laravel-ecommerce-package Version: Aimeos 2021.10 LTS Tested on: MacOSX Description: The Aimeos E-Commerce...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/09/22 12:0 a.m.357 views

South Gate Inn Online Reservation System 1.0 Shell Upload / SQL Injection Vulnerabilities

Exploit Title: South Gate Inn Online Reservation System v1.0 - Remote Code Execution Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/php/10584/south-gate-inn-online-reservation-system.html Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2024/11/06 12:0 a.m.356 views

SmartAgent 1.1.0 Remote Code Execution Vulnerability

Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can access a php script called...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/10/15 12:0 a.m.356 views

Peel Shopping 2.x Cross Site Scripting / SQL Injection Exploit

Peel Shopping versions 2.x and below 3.1 suffer from cross site scripting and remote SQL injection vulnerabilities. This was already noted discovery in 2012 by Cyber-Crystal but this data provides more details. Exploit Title: Peel Shopping "catid=" SQL injection Google Dork:...

7.8AI score
Exploits0
0day.today
0day.today
added 2024/09/24 12:0 a.m.356 views

Traccar 5.12 Remote Code Execution Exploit

This Metasploit module exploits a remote code execution vulnerability in Traccar versions 5.1 through 5.12. Remote code execution can be obtained by combining path traversal and an unrestricted file upload vulnerabilities. By default, the application allows self-registration, enabling any user to...

9.6CVSS7.9AI score0.54413EPSS
Exploits11
0day.today
0day.today
added 2024/02/12 12:0 a.m.356 views

LaborOfficeFree 19.10 MySQL Root Password Calculator Exploit

LaborOfficeFree installs a MySQL instance that runs as SYSTEM and calculates the MySQL root password based on two constants. Each time the program needs to connect to MySQL as root, it employs the reverse algorithm to calculate the root password. This issue has been tested on version 19.10...

6.8CVSS7.2AI score0.00392EPSS
Exploits5
0day.today
0day.today
added 2023/08/08 12:0 a.m.356 views

mooSocial 3.1.8 - Reflected XSS Vulnerability

Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173 Greetings ThePitBull...

6.1CVSS7.1AI score0.03336EPSS
Exploits5
Total number of security vulnerabilities5000