Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2023/04/18 12:0 a.m.321 views

AspEmail 5.6.0.2 Weak Permissions / Local Privilege Escalation Vulnerability

Exploit Title: AspEmail 5.6.0.2 - Local Privilege Escalation Vulnerability Category: Weak Services Permission - Binary Permission Vulnerability Date: 13/04/2023 Exploit Author: Zer0FauLT email protected Vendor Homepage: https://www.aspemail.com Software Link: https://www.aspemail.com/download.htm...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/11/21 12:0 a.m.321 views

Roxy Fileman 1.4.6 Remote Shell Upload Exploit

Exploit Title: Roxy Fileman Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20210126213412/https://roxyfileman.com/download.php?f=1.4.6-php Version: \t\n' banner += '\t\t\t\t\t\t\n' banner += '\n' parser = OptionParser parser.addoption"-u", "--url", dest="url", help="u...

9.8CVSS0.1AI score0.02555EPSS
Exploits3
0day.today
0day.today
added 2022/02/08 12:0 a.m.321 views

Hotel Reservation System 1.0 - SQL injection (Unauthenticated) Vulnerability

Exploit Title: Hotel Reservation System 1.0 - SQLi Unauthenticated Google Dork: None Exploit Author: Nefrit ID Author Website: https://manadocoder.com Vendor Homepage: https://github.com/dhruvmullick Software Link: https://github.com/dhruvmullick/hotel-reservation-system Tested on: Kali Linux &...

1AI score
Exploits0
0day.today
0day.today
added 2021/11/22 12:0 a.m.322 views

Pinkie 2.15 - TFTP Remote Buffer Overflow Exploit

Exploit Title: Pinkie 2.15 - TFTP Remote Buffer Overflow PoC Discovered by: Yehia Elghaly Vendor Homepage: http://www.ipuptime.net/ Software Link : http://ipuptime.net/PinkieSetup.zip Tested Version: 2.15 Vulnerability Type: Buffer Overflow DoS Remote Tested on OS: Windows XP SP3 - Windows 7...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/11/02 12:0 a.m.321 views

i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Vulnerability

Exploit Title: i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw Exploit Author: LiquidWorm Vendor Homepage: https://www.i3international.com i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw Vendor: i3 International Inc. Product web page:...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/10/08 12:0 a.m.321 views

Simple Online College Entrance Exam System 1.0 - SQL Injection Authentication Bypass Vulnerability

Exploit Title: Simple Online College Entrance Exam System 1.0 - SQLi Authentication Bypass Exploit Author: Mevlüt Yılmaz Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...

0.7AI score
Exploits0
0day.today
0day.today
added 2020/07/27 12:0 a.m.321 views

WordPress Email Subscribers & Newsletters 4.2.2 Plugin - Unauthenticated File Download Vulnerabi

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Exploit Author: email protectedESEC Vendor Homepage:...

5CVSS5.5AI score0.71399EPSS
Exploits4
0day.today
0day.today
added 2019/11/29 12:0 a.m.321 views

Android-Gif-Drawable Double-Free Vulnerability

A double free vulnerability in the DDGifSlurp function in decoding.c in libpldroidsonroidsgif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawab...

8.8CVSS0.6AI score0.44255EPSS
Exploits16
0day.today
0day.today
added 2016/11/16 12:0 a.m.321 views

Nginx (Debian-Based Distributions) - Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits !/bin/bash Source: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html Nginx Debian-based distros - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid...

7.2CVSS0.1AI score0.04863EPSS
Exploits6
0day.today
0day.today
added 2024/04/21 12:0 a.m.320 views

Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation Exploit

Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...

10CVSS9.8AI score0.99999EPSS
Exploits43
0day.today
0day.today
added 2024/02/20 12:0 a.m.320 views

Kafka UI 0.7.1 Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...

8.8CVSS7.4AI score0.85025EPSS
Exploits5
0day.today
0day.today
added 2024/02/05 12:0 a.m.320 views

Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

9.8CVSS9.8AI score0.93546EPSS
Exploits25
0day.today
0day.today
added 2023/06/08 12:0 a.m.320 views

Microsoft Windows PowerShell Remote Command Execution Exploit

This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an updated exploit to work with Python3. from base64 import b64encode import argparse,sys,os PSTrojanFile.py By hyp3rlinx c 2023 ApparitionSec...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/12/24 12:0 a.m.320 views

4images 1.9 Remote Command Execution Vulnerability

Exploit Title: 4images 1.9 - Remote Command Execution Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Select...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/07/19 12:0 a.m.320 views

Property Listing Script 3.1 SQL Injection Vulnerability

┌┌────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/06/30 12:0 a.m.320 views

Laundry Management System 1.0 SQL Injection Exploit

Exploit Title: Laundry Management System 1.0 - Authenticated SQL Injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-cilaundry.zip Version: 1.0 Tested on: Windows 10 + XAMPP 3.2.4 C...

0.7AI score
Exploits0
0day.today
0day.today
added 2022/04/19 12:0 a.m.320 views

WordPress Motopress Hotel Booking Lite 4.2.4 Plugin - SQL Injection Vulnerability

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection Exploit Author: Mohsen Dehghani aka 0xProfessional Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4 Tested on:...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/08/20 12:0 a.m.320 views

ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default...

Exploits0
0day.today
0day.today
added 2020/08/01 12:0 a.m.320 views

Online Bike Rental 1.0 Shell Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Bike Rental v1.0 – Authenticated Arbitrary File Upload / Remote Code Execution Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https:/www.sourcecodester.com Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/08/21 12:0 a.m.320 views

Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure Exploit

Exploit for multiple platform in category web applications Exploit Title: File disclosure in Pulse Secure SSL VPN metasploit Google Dork: inurl:/dana-na/ filetype:cgi Exploit Author: 0xDezzy Justin Wagner, Alyssa Herrera Vendor Homepage: https://pulsesecure.net Version: 8.1R15.1, 8.2 before...

7.5CVSS10AI score0.99999EPSS
Exploits22
0day.today
0day.today
added 2019/06/20 12:0 a.m.320 views

WebERP 4.15 - SQL injection Exploit

Exploit for php platform in category web applications Exploit Title: Blind SQL injection in WebERP. Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: http://www.weberp.org/ Version: 4.15 A malicious query can be sent in base64 encoding to unseriali...

Exploits0
0day.today
0day.today
added 2006/07/07 12:0 a.m.320 views

Pivot <= 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit

Exploit for unknown platform in category web applications ===================================================================== Pivot = 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit ===================================================================== !/usr/bin/php -q -d...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/09/04 12:0 a.m.319 views

Linux Kernel 5.6.13 Use-After-Free Exploit

Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13. // gcc -o exploit exploit.c -masm=intel -static -s -lpthread define GNUSOURCE include include include include include include include include include include...

7.8CVSS7AI score0.00312EPSS
Exploits2
0day.today
0day.today
added 2024/03/05 12:0 a.m.320 views

Wordpress Neontext Plugin - Stored XSS Vulnerability

Exploit Title: Wordpress Plugin Neon Text = 1.1 - Stored Cross Site Scripting XSS Exploit Author: Eren Car Vendor Homepage: https://www.eralion.com/ Software Link: https://downloads.wordpress.org/plugin/neon-text.zip Category: Web Application Version: 1.0 Tested on: Debian / WordPress 6.4.1 CVE :...

6.4CVSS5.8AI score0.00524EPSS
Exploits4
0day.today
0day.today
added 2024/01/22 12:0 a.m.319 views

xbtitFM 4.1.18 SQL Injection / Shell Upload / Traversal Vulnerabilities

xbtitFM versions 4.1.18 and below suffer from remote shell upload, remote SQL injection, and path traversal vulnerabilities. Exploit Title: xbtitFM 4.1.18 Multiple Vulnerabilities Exploit Author: Who cares anyway Vendor Homepage: https://xbtitfm.eu Affected versions: 4.1.18 and prior CVE : Who...

8.2AI score
Exploits0
0day.today
0day.today
added 2023/08/21 12:0 a.m.319 views

TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Vulnerability

Exploit Title: TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Permissions Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31068 With TSPlus Remote Work v. 16.0.0.0 you can crea...

9.8CVSS7.1AI score0.02849EPSS
Exploits3
0day.today
0day.today
added 2023/08/21 12:0 a.m.319 views

Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated) Vulnerability

Exploit Title: Crypto Currency Tracker CCT 9.5 - Admin Account Creation Unauthenticated Exploit Author: 0xBr Software Link: https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 Version: =9.5 CVE: CVE-2023-37759 POST /en/user/register HTTP/2 Host:...

9.8CVSS7.1AI score0.03564EPSS
Exploits4
0day.today
0day.today
added 2023/05/02 12:0 a.m.319 views

MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control Vulnerability

Exploit Title: MilleGPG5 5.9.2 Gennaio 2023 - Local Privilege Escalation / Incorrect Access Control Exploit Author: Andrea Intilangelo Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it - https://millewin.it/prodotti/governo-clinico-3/ Software Link:...

7.8CVSS6.9AI score0.02094EPSS
Exploits4
0day.today
0day.today
added 2023/04/10 12:0 a.m.319 views

BrainyCP V1.0 - Remote Code Execution Exploit

Exploit Title: BrainyCP V1.0 - Remote Code Execution Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://brainycp.io Demo: https://demo.brainycp.io Tested on: Kali Linux CVE : N/A import requests credentials url = input"URL: " username = input"Username: " password = input"Password: " ip =...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/02/15 12:0 a.m.319 views

WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery Vulnerability

WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability. 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Cross-Site Request Forgery CSR...

9.1CVSS0.1AI score0.02034EPSS
Exploits6
0day.today
0day.today
added 2023/01/03 12:0 a.m.319 views

SugarCRM Shell Upload Exploit

!/usr/bin/env python SugarCRM 0-day Auth Bypass + RCE Exploit Dorks: https://www.google.com/search?q=site:sugarondemand.com&filter=0 https://www.google.com/search?q=intitle:"SugarCRM"+inurl:index.php https://www.shodan.io/search?query=http.title:"SugarCRM"...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/12/24 12:0 a.m.319 views

macOS/x64 Execve Null-Free Shellcode (253 bytes)

Shellcode Title: macOS/x64 - Execve Null-Free Shellcode 253 Bytes Shellcode Author: Bobby Cooke boku @0xBoku github.com/boku7 Date: 12/20/2022 Tested on: macOS Monterey; 21.6.0 Darwin Kernel Version; x8664 Shellcode Description: macOS 64 bit shellcode. Uses execve syscall to spawn bash. The strin...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/03 12:0 a.m.319 views

WordPress Form Maker 1.13.3 Plugin - SQL Injection Exploit

Exploit for php platform in category web applications -- coding: utf-8 -- Exploit Title: WordPress Plugin Form Maker 1.13.3 - SQL Injection Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://10web.io/plugins/ Software Link: https://wordpress.org/plugins/form-maker/ Version:...

7.5CVSS0.2AI score0.06214EPSS
Exploits6
0day.today
0day.today
added 2014/05/03 12:0 a.m.319 views

Apache Struts ClassLoader Manipulation Remote Code Execution Exploit

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions 'Apache Struts ClassLoader Manipulation Remote Code Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Apache Struts versions 'Mark Thomas', Vulnerabilit...

7.5CVSS0.5AI score0.99614EPSS
Exploits7
0day.today
0day.today
added 2024/09/14 12:0 a.m.318 views

QNX Qconn Command Execution Exploit

This Metasploit module uses the qconn daemon on QNX systems to gain a shell. The QNX qconn daemon does not require authentication and allows remote users to execute arbitrary operating system commands. This Metasploit module has been tested successfully on QNX Neutrino 6.5.0 x86 and 6.5.0 SP1 x86...

8.5AI score
Exploits0
0day.today
0day.today
added 2024/04/08 12:0 a.m.318 views

Invision Community 4.7.15 SQL Injection Vulnerability

-------------------------------------------------------------------- Invision Community filter and \isarray \IPS\Request::i-filter 128 129 $url = $url-setQueryString 'filter', \IPS\Request::i-filter ; 130 foreach \IPS\Request::i-filter as $filterId = $allowedValues 131 132 $where = array...

9.8CVSS9.7AI score0.08676EPSS
Exploits3
0day.today
0day.today
added 2024/02/27 12:0 a.m.318 views

TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution Vulnerability

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/11/28 12:0 a.m.318 views

CSZ CMS 1.3.0 Remote Command Execution Exploit

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Date: 17/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/09/19 12:0 a.m.318 views

Apache Airflow 1.10.10 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability by combining two critical vulnerabilities in Apache Airflow version 1.10.10. The first, CVE-2020-11978, is an authenticated command injection vulnerability found in one of Airflow's example DAGs,...

9.8CVSS9.9AI score0.9967EPSS
Exploits10
0day.today
0day.today
added 2023/09/11 12:0 a.m.318 views

WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection Vulnerabilities

Vulnerability Summary from Wordfence Intelligence Description: Slimstat Analytics = 5.0.9 – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Affected Plugin: Slimstat Analytics Plugin Slug: wp-slimstat Affected Versions: = 5.0.9 CVE ID: CVE-2023-4597 CVSS Score: 6.4 Medium CVS...

8.8CVSS6.7AI score0.00916EPSS
Exploits4
0day.today
0day.today
added 2023/06/17 12:0 a.m.318 views

WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass Exploit

WordPress Abandoned Cart Lite for WooCommerce plugin versions 5.14.2 and below proof of concept authentication bypass exploit. Entering the URL in browser will give you access to the respective users acc...

9.8CVSS7.4AI score0.41077EPSS
Exploits5
0day.today
0day.today
added 2023/05/09 12:0 a.m.318 views

Spryker Commerce OS 1.0 SQL Injection Vulnerability

An SQL injection vulnerability affecting Spryker-based webshops was discovered in the order history search form. It can be exploited by authenticated attackers in order to retrieve information from the database e.g. customer and administrator login information, order details, etc.. Depending on t...

9.8CVSS8.1AI score0.04354EPSS
Exploits6
0day.today
0day.today
added 2023/04/24 12:0 a.m.318 views

WordPress PowerPress 10.0 Cross Site Scripting Vulnerability

On April 5, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting XSS vulnerability in Blubrry’s PowerPress plugin, which is actively installed on more than 50,000 WordPress websites. The vulnerability enables threat...

5.4CVSS9.4AI score0.00529EPSS
Exploits1
0day.today
0day.today
added 2023/02/27 12:0 a.m.318 views

Music Gallery Site 1.0 Privilege Escalation / Missing Authentication Vulnerabilities

Music Gallery Site - Broken Access Control leads to compromise of complete application by adding admin user without log-in into the application. CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Music...

9.8CVSS9.2AI score0.0467EPSS
Exploits5
0day.today
0day.today
added 2022/03/11 12:0 a.m.318 views

Employee Performance Evaluation v1.0 SQL injection Vulnerability

Title: Employee Performance Evaluation v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14617/employee-performance-evaluation-system-phpmysqli-source-code.html Reference:...

0.1AI score
Exploits0
0day.today
0day.today
added 2022/01/13 12:0 a.m.318 views

Hospitals Patient Records Management System 1.0 - (doctors) Stored XSS Vulnerability

Exploit Title: Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/09/29 12:0 a.m.318 views

WordPress Select All Categories and Taxonomies 1.3.1 Plugin - Reflected Cross-Site Scripting

Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting XSS Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip Version: 1.3.1 Tested on: Windows 10...

6.1CVSS0.6AI score0.10358EPSS
Exploits5
0day.today
0day.today
added 2019/06/25 12:0 a.m.318 views

Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation Exploit

Windows: Windows Font Cache Service Insecure Sections EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The Windows Font Cache Service exposes section objects insecurely to low privileged...

7.8CVSS0.1AI score0.02373EPSS
Exploits1
0day.today
0day.today
added 2019/06/18 12:0 a.m.318 views

Spring Security OAuth - Open Redirector Vulnerability

Exploit for java platform in category web applications Exploit Title: Open Redirector in spring-security-oauth2 Exploit Author: Riemann Vendor Homepage: https://spring.io/projects/spring-security-oauth Software Link: https://spring.io Version: Spring Security OAuth versions 2.3 prior to 2.3.6...

6.4CVSS0.2AI score0.15621EPSS
Exploits4
0day.today
0day.today
added 2019/06/12 12:0 a.m.318 views

FusionPBX 4.4.3 - Remote Command Execution Exploit #RCE

Exploit for php platform in category web applications Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on:...

7.1AI score0.8748EPSS
Exploits10
Total number of security vulnerabilities5000