Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2014/10/21 12:0 a.m.258 views

Joomla Akeeba Kickstart Unserialize Remote Code Execution Exploit

This Metasploit module exploits a vulnerability found in Joomla! through 2.5.25, 3.2.5 and earlier 3.x versions and 3.3.0 through 3.3.4 versions. The vulnerability affects the Akeeba component, which is responsible for Joomla! updates. Nevertheless it is worth to note that this vulnerability is...

7.5CVSS0.9AI score0.55126EPSS
Exploits6
0day.today
0day.today
added 2006/11/24 12:0 a.m.258 views

Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================================== Woltlab Burning Board Lite 1.0.2 decodecookie SQL Injection Exploit ====================================================================== ?php printr'...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/04/21 12:0 a.m.257 views

FlatPress v1.3 - Remote Command Execution Exploit

Exploit Title: FlatPress v1.3 - Remote Command Execution Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://www.flatpress.org Software Link: https://github.com/flatpressblog/flatpress/archive/1.3.zip Tested Version: 1.3 latest Tested on: MacOS import requests import time import random impo...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/04/15 12:0 a.m.257 views

Savsoft Quiz v6.0 Enterprise - Stored XSS Vulnerability

Exploit Title: Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting Exploit Author: Eren Sen Vendor: SAVSOFT QUIZ Vendor Homepage: https://savsoftquiz.com Software Link: https://savsoftquiz.com/web/index.php/online-demo/ Version: 6.0 CVE-ID: N/A Tested on: Kali Linux / Windows 10...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/03/18 12:0 a.m.257 views

UPS Network Management Card 4 - Path Traversal Vulnerability

Exploit Title: UPS Network Management Card 4 - Path Traversal Google Dork: inurl:nmc inurl:logon.htm Exploit Author: Víctor García Vendor Homepage: https://www.apc.com/ Version: 4 Tested on: Kali Linux CVE: N/A PoC: curl -k...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/09/06 12:0 a.m.257 views

Firefox v.117 Denial Of Service Exploit

This is barely a DoS, but since Chrome has explicit protection against it, we decided to disclose it. If firefox user visits a specially crafted page, then firefox may create many files in /Downloads, The user is notified about this in a small dialog, but there is no option to stop the downloads...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/06/17 12:0 a.m.257 views

projectSend r1605 - Stored XSS Vulnerability

Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/05/22 12:0 a.m.257 views

WBiz Desk 1.2 SQL Injection Vulnerability

Exploit Title: WBiz Desk 1.2 - SQL Injection CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: WBiz Desk Application Version: 1.2 Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/04/14 12:0 a.m.257 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Vulnerability

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/06 12:0 a.m.257 views

Microsoft Excel Spoofing Vulnerability

Title: Microsoft Excel Spoofing Vulnerability Author: nu11secur1ty Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/ CVE-2023-23398 Description: The attack itself is carried out locally...

7.1CVSS7.3AI score0.00617EPSS
Exploits2
0day.today
0day.today
added 2023/03/20 12:0 a.m.257 views

Yoga Class Registration System 1.0 Cross Site Scripting Vulnerability

Exploit Title: Yoga Class Registration System - Cross Site Scripting Vulnerability Authenticated Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.ht...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/01/10 12:0 a.m.257 views

Tiki Wiki CMS Groupware 24.0 structlib.php Code Execution Vulnerability

-------------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 24.0 structlib.php PHP Code Injection Vulnerability -------------------------------------------------------------------------------- - Software Link: https://tiki.org - Affected Versions:...

8.8CVSS8.7AI score0.00938EPSS
Exploits2
0day.today
0day.today
added 2022/09/28 12:0 a.m.257 views

COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read Vulnerability

======================================================================= title: Multiple Memory Corruption Vulnerabilities product: COVESA DLT daemon Diagnostic Log and Trace Connected Vehicle Systems Alliance COVESA, formerly GENIVI vulnerable version: = 2.18.8 fixed version: current master branc...

5.5CVSS0.5AI score0.00417EPSS
Exploits4
0day.today
0day.today
added 2022/09/05 12:0 a.m.257 views

Mobile Mouse 3.6.0.4 Remote Code Execution Exploit

Exploit Title: Mobile Mouse 3.6.0.4 Remote Code Execution Exploit Author: Chokri Hammedi Vendor Homepage: https://mobilemouse.com/ Software Link: https://www.mobilemouse.com/downloads/setup.exe Version: 3.6.0.4 Tested on: Windows 10 Enterprise LTSC Build 17763 !/usr/bin/env python3 import socket...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/04/20 12:0 a.m.257 views

Fast CD Ripper V1.8rc1 Denial of Service Exploit

Exploit Title: Fast CD Ripper V1.8rc1 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.litexmedia.com Software Link: https://en.softonic.com/download/fast-cd-ripper/windows/post-download Exploit Author: Achilles Tested Version: V1.7-V1.8rc1 Tested on: Windows 7 x64 1.- Run...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/03/30 12:0 a.m.257 views

Joomla! 4.1.0 Zip Slip File Overwrite / Path Traversal Vulnerabilities

Joomla! versions 4.1.0 and below suffer from path traversal and file overwrite vulnerabilities due to misplaced trust in the handling of compressed archives. ------------------------------------------------- Joomla! getTarInfo$this-data; 114. 115. for $i = 0, $n = \count$this-metadata; $i...

7.5CVSS0.6AI score0.02007EPSS
Exploits3
0day.today
0day.today
added 2022/03/10 12:0 a.m.257 views

WOW21 5.0.1.9 - (Service WOW21_Servic) Unquoted Service Path Vulnerability

Exploit Title: WOW21 5.0.1.9 - 'Service WOW21Service' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Vendor : ilwebmaster21 Version : WOW21Service 5.0.1.9 Vendor Homepage : https://wow21.life/ Tested on OS: Windows 10 Pro x64 PoC : ============== C:\sc qc WOW21Service SC...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/08/31 12:0 a.m.257 views

WordPress ProfilePress 3.1.3 Plugin - Privilege Escalation (Unauthenticated) Exploit

Exploit Title: WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation Unauthenticated Exploit Author: Numan Rajkotiya Vendor Homepage: https://profilepress.net/ Software Link: https://downloads.wordpress.org/plugin/wp-user-avatar.3.0.zip Version: 1 ProfilePress Formerly WP User Avatar 3.0 -...

9.8CVSS0.5AI score0.68862EPSS
Exploits8
0day.today
0day.today
added 2019/12/11 12:0 a.m.257 views

Product Key Explorer 4.2.0.0 - (Key) Denial of Service Exploit

Exploit Title: Product Key Explorer 4.2.0.0 - 'Key' Denial of Service POC Discovery by: SajjadBnd Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested ...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.257 views

Webiness Inventory 2.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2012/04/07 12:0 a.m.257 views

Bonza-Cart E-Commerce - SQLi/XSS Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/11/16 12:0 a.m.257 views

PHPWebThings <= 1.4 (forum) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================= PHPWebThings / && print "+ MD5 hash of password is: $1\n"; print "- Unable to retrieve hash of password\n" if!$1; 0day.today 2018-04-08...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/10/30 12:0 a.m.256 views

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure Vulnerability

ABB Cylon Aspect version 3.08.01 is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information. ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page:...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/04/22 12:0 a.m.256 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vulnerability

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables...

7.7AI score
Exploits0
0day.today
0day.today
added 2023/08/08 12:0 a.m.256 views

GNOME Files 43.4 Privilege Escalation Vulnerability

GNOME Files version 43.4 nautilus on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges. Affected: GNOME Files 43.4 nautilus on fedora 37 Description: If an user A opens in GNOME files zip archive containing setuid file F,...

7.5AI score
Exploits0
0day.today
0day.today
added 2023/07/11 12:0 a.m.256 views

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path (MTSchedulerService) Vulnerabil

Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService" Vulnerability Exploit Author: Idan Malihi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.7 Tested on: Microsoft Windows 10 Pro...

7.1AI score
Exploits3
0day.today
0day.today
added 2023/05/02 12:0 a.m.256 views

PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting Vulnerability

Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please login from this...

6.9AI score
Exploits0
0day.today
0day.today
added 2023/04/14 12:0 a.m.256 views

Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password Vulnerability

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/14 12:0 a.m.256 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Vulnerability

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3 FPGA:10....

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/06 12:0 a.m.256 views

flatnux 2021-03.25 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: flatnux-2021-03.25 - Remote Code Execution Authenticated Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://en.altervista.org Software Link: http://flatnux.altervista.org/flatnux.html Version: 2021-03.25 Tested on: Windows/Linux POST...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/06 12:0 a.m.256 views

Employee Task Management System v1.0 - SQL Injection Vulnerability

Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version:...

8.8CVSS8.8AI score0.01684EPSS
Exploits5
0day.today
0day.today
added 2023/04/05 12:0 a.m.256 views

Responsive FileManager 9.9.5 - Remote Code Execution Exploit

Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution RCE Exploit Author: Galoget Latorre @galoget Vendor Homepage: https://responsivefilemanager.com Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.9.5/responsivefilemanager.zip Dockerfile:...

8.8CVSS8.7AI score0.08627EPSS
Exploits5
0day.today
0day.today
added 2023/03/28 12:0 a.m.256 views

RSA NetWitness Endpoint EDR Agent 12.x Incorrect Access Control / Code Execution

RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands. + Credits: John Page aka hyp3rlinx + Websit...

6.7CVSS6.7AI score0.0157EPSS
Exploits5
0day.today
0day.today
added 2022/04/25 12:0 a.m.256 views

Joomla Sexy Polling 2.1.7 SQL Injection Vulnerability

SexyPolling SQL Injection ==================== | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/04/01 12:0 a.m.256 views

WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin uleak-security-dashboard 1.2.3 - Stored Cross-Site Scripting Authenticated Date: 31-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/uleak-security-dashboard/ Version: 1.2.3 Tested on: Firefox Contact me: h at...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/03/14 12:0 a.m.256 views

Student Grading System v1.0 SQL Injection Vulnerability

Title: Student Grading System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14522/student-grading-system-using-phpmysql-source-code.html Reference:...

Exploits0
0day.today
0day.today
added 2022/02/21 12:0 a.m.256 views

Datarobot Remote Code Execution Vulnerability

Exploit Title: Datarobot -- Remote Code Execution Vendor Homepage: https://www.datarobot.com Software Link: https://app.datarobot.com/ Version: TBD - awaiting build version from vendor Tested on: The issue affects all versions of the product up to the date of this submission Exploit Authors: Mike...

9.8CVSS0.5AI score0.03278EPSS
Exploits2
0day.today
0day.today
added 2022/02/09 12:0 a.m.256 views

Exam Reviewer Management System 1.0 - (id) SQL Injection Vulnerability

Exploit Title: Exam Reviewer Management System 1.0 - ‘id’ SQL Injection Exploit Author: Juli Agarwal@agarwaljuli Vendor Homepage: https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/07/04 12:0 a.m.256 views

AnyDesk GUI Format String Write Exploit

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

9.8CVSS0.3AI score0.80551EPSS
Exploits8
0day.today
0day.today
added 2018/06/13 12:0 a.m.256 views

DHCP Client - Command Injection (DynoRoot) Exploit

Exploit for linux platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DHCP Client Command Injection DynoRoot', 'Description' = %q This module exploits the...

0.1AI score0.94457EPSS
Exploits14
0day.today
0day.today
added 2017/10/02 12:0 a.m.256 views

Dnsmasq < 2.78 - 2-byte Heap-Based Overflow Exploit

Exploit for multiple platform in category dos / poc ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open three...

7.5CVSS9.1AI score0.84925EPSS
Exploits6
0day.today
0day.today
added 2012/06/18 12:0 a.m.256 views

e107 Plugin - Tap Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/06/09 12:0 a.m.256 views

AirOs (NanoStation,AirGrid) M5 Multiple Vulnerabilities

Exploit for hardware platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1...

7.1AI score
Exploits0
0day.today
0day.today
added 2025/02/15 12:0 a.m.255 views

ABB Cylon FLXeon 9.3.4 cert.js System Logs Information Disclosure Vulnerability

ABB Cylon FLXeon version 9.3.4 has an issue where an authenticated attacker can access sensitive information via the system logs page of ABB Cylon FLXeon controllers. The logs expose critical data, including the OpenSSL password for stored certificates. This information can be leveraged for furth...

6.9CVSS6.8AI score0.02366EPSS
Exploits7
0day.today
0day.today
added 2025/01/01 12:0 a.m.255 views

PHP CPMS 2.0 Shell Upload Exploit

PHP CPMS version 2.0 suffers from a remote shell upload vulnerability...

7.6AI score
Exploits0
0day.today
0day.today
added 2024/03/27 12:0 a.m.255 views

Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS Vulnerabilities

Exploit Title:Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS Exploit Author: Hakkı TOKLU Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: 1.0 Tested on: Windows 11 / PHP...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/01/22 12:0 a.m.255 views

MajorDoMo Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in MajorDoMo versions before 0662e5e. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MajorDoMo Command Injection', 'Descriptio...

9.8CVSS7.8AI score0.38263EPSS
Exploits6
0day.today
0day.today
added 2023/10/09 12:0 a.m.255 views

Coppermine Gallery 1.6.25 - Remote Code Execution Vulnerability

Exploit Title: coppermine-gallery 1.6.25 RCE Application: coppermine-gallery Version: v1.6.25 Bugs: RCE Technology: PHP Vendor URL: https://coppermine-gallery.net/ Software Link: https://github.com/coppermine-gallery/cpg1.6.x/archive/refs/tags/v1.6.25.zip Date of found: 05.09.2023 Author: Mirabba...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/09/04 12:0 a.m.255 views

D-LINK DPH-400SE - Exposure of Sensitive Information Vulnerability

Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the web portal, the...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/04/05 12:0 a.m.255 views

Kardex Mlog MCC 5.7.12 - Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: Kardex Mlog MCC 5.7.12 - RCE Remote Code Execution Date: 12/13/2022 Exploit Author: Patrick Hener Vendor Homepage: https://www.kardex.com/en/mlog-control-center Version: 5.7.12+0-a203c2a213-master Tested on: Windows Server 2016 CVE : CVE-2023-22855 Writeup:...

9.8CVSS9.2AI score0.14832EPSS
Exploits8
Total number of security vulnerabilities5000