Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2023/05/05 12:0 a.m.243 views

Online Pizza Ordering System v1.0 - Unauthenticated File Upload Exploit

Exploit Title: Online Pizza Ordering System 1.0 - Unauthenticated File Upload Exploit Author: URGAN Vendor Homepage: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Link:...

9.8CVSS9.7AI score0.03624EPSS
Exploits4
0day.today
0day.today
added 2023/05/05 12:0 a.m.243 views

Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Vulnerability

Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880 Introduction...

6.8CVSS5.4AI score0.02902EPSS
Exploits4
0day.today
0day.today
added 2023/04/24 12:0 a.m.243 views

Nokia OneNDS 17 Insecure Permissions / Privilege Escalation Vulnerability

=============================================================================== title: Incorrect Permission Assignment product: Nokia OneNDS 17 vulnerability type: Security Misconfiguration severity: High CVSS Score: 7.8 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H found on: 31/03/20...

7.8CVSS7.8AI score0.00329EPSS
Exploits2
0day.today
0day.today
added 2023/04/06 12:0 a.m.243 views

LDAP Tool Box Self Service Password v1.5.2 - Account takeover Vulnerability

Exploit Title: LDAP Tool Box Self Service Password v1.5.2 - Account takeover Exploit Author: Tahar BENNACEF aka tar.gz Software Link: https://github.com/ltb-project/self-service-password Version: 1.5.2 Tested on: Ubuntu Self Service Password is a PHP application that allows users to change their...

6.8AI score
Exploits0
0day.today
0day.today
added 2022/09/29 12:0 a.m.243 views

Joomla AdsManager 3.2.0 SQL Injection Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : JULOA │ │ Software : AdsManager...

0.7AI score
Exploits0
0day.today
0day.today
added 2022/07/31 12:0 a.m.243 views

Transposh WordPress Translation 1.0.8.1 Remote Code Execution Vulnerability

ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Reliance on File Name or Extension of Externally-Supplied File CWE-646 Date found: 2022-02-21 Date published:...

7.2CVSS0.2AI score0.01441EPSS
Exploits4
0day.today
0day.today
added 2022/07/31 12:0 a.m.243 views

Transposh WordPress Translation 1.0.8.1 SQL Injection Vulnerability

Transposh WordPress Translation versions 1.0.8.1 and below have a "tpeditor" page at "/wp-admin/admin.php?page=tpeditor" that is vulnerable to two authenticated, blind SQL injections when user-supplied input to the HTTP GET parameters "order" and "orderby" is processed by the web application. 1...

7.2CVSS0.6AI score0.01202EPSS
Exploits5
0day.today
0day.today
added 2022/07/26 12:0 a.m.243 views

Hospital Information System 1.0 SQL Injection Exploit

Exploit Title: Hospital Information System - SQL Injection via login page Exploit Author: saitamang Vendor Homepage: https://code-projects.org Software Link: https://download-media.code-projects.org/2019/11/HOSPITALINFORMATIONSYSTEMINPHPWITHSOURCECODE.zip Version: 1.0 Tested on: Centos 7 apache2 ...

Exploits0
0day.today
0day.today
added 2022/06/17 12:0 a.m.243 views

Warehouse Management System 2022 Multiple SQL injection Vulnerabilities

Title: Warehouse Management System 2022 ML-SQLi Author: nu11secur1ty Date: 06.13.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php-codeigniter-warehouse-management-system-free-source-code Reference:...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/05/12 12:0 a.m.243 views

Cyclos 4.14.7 - DOM Based Cross-Site Scripting Vulnerability

Exploit Title: Cyclos 4.14.7 - DOM Based Cross-Site Scripting XSS Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31674 Description: Cyclos 4 PRO 4.14.7 and before...

6.1CVSS6.4AI score0.03837EPSS
Exploits4
0day.today
0day.today
added 2022/03/30 12:0 a.m.243 views

Fingerprint Attendance 1.0 Shell Upload Vulnerability

Title: Fingerprint Attendance 1.0 Shell Upload Author: Hejap Zairy Vendor: https://www.vetbossel.in/fingerprint-attendance-project-php/ Software: https://app.box.com/s/xlyqalhvayq8oi25tqykcbouzrrjytqy Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache registered user can...

0.5AI score
Exploits0
0day.today
0day.today
added 2021/09/13 12:0 a.m.243 views

Apartment Visitor Management System (AVMS) 1.0 - SQL injection to Remote Code Execution 0day Exploit

Exploit Title: Apartment Visitor Management System AVMS 1.0 - SQLi to RCE Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10395 Version: 1.0 Tested on:...

0.6AI score
Exploits0
0day.today
0day.today
added 2021/04/14 12:0 a.m.243 views

MariaDB 10.2 /MySQL - (wsrep_provider) OS Command Execution Vulnerability

Exploit Title: MariaDB 10.2 /MySQL - 'wsrepprovider' OS Command Execution Exploit Author: Central InfoSec Version: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL...

7.2CVSS1.1AI score0.38179EPSS
Exploits9
0day.today
0day.today
added 2020/07/07 12:0 a.m.243 views

BIG-IP 15.0.0 < 15.1.0.3 - Traffic Management User Interface (TMUI) Remote Code Execution Exploit

Exploit for linux platform in category web applications BIG-IP 15.0.0 " echo exit 1 fi server=$1?hostname argument required localip=$2?Locaip argument required port=$3?Port argument required if ! -f $server.der then echo "$server.der does not exist - extracting cert" openssl sclient \ -showcerts ...

10CVSS10AI score0.99999EPSS
Exploits60
0day.today
0day.today
added 2019/06/07 12:0 a.m.243 views

Nvidia GeForce Experience Web Helper - Command Injection Exploit

Exploit for windows platform in category local exploits //Send request to local GFE server function submitRequestport,secret var xhr = new XMLHttpRequest; xhr.open"POST", "http://127.0.0.1:"+port+"/gfeupdate/autoGFEInstall/", true; xhr.setRequestHeader"Accept",...

6.8AI score0.00932EPSS
Exploits3
0day.today
0day.today
added 2018/05/18 12:0 a.m.243 views

DynoRoot DHCP - Client Command Injection Exploit

Exploit for linux platform in category local exploits Exploit Title: DynoRoot DHCP - Client Command Injection Exploit Author: Kevin Kirsche Exploit Repository: https://github.com/kkirsche/CVE-2018-1111 Exploit Discoverer: Felix Wilhelm Vendor Homepage: https://www.redhat.com/ Version: RHEL 6.x /...

0.94457EPSS
Exploits14
0day.today
0day.today
added 2014/09/19 12:0 a.m.243 views

WordPress Theme Konzept Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title : WordPress Theme Konzept Arbitrary File Upload Vulnerability Exploit Author : NULLPointer Contact : https://www.facebook.com/xenith.gianni Date : 19/09/2014 Vendor Homepage :...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/08/04 12:0 a.m.242 views

Devika v1 - Path Traversal via (snapshot_path) Exploit

Exploit Title: Devika v1 - Path Traversal via 'snapshotpath' Parameter Exploit Author: Alperen Ergel Contact: @alpernae IG/X Vendor Homepage: https://devikaai.co/ Software Link: https://github.com/stitionai/devika Version: v1 Tested on: Windows 11 Home Edition CVE: CVE-2024-40422 !/usr/bin/python...

9.1CVSS7AI score0.11414EPSS
Exploits6
0day.today
0day.today
added 2023/07/04 12:0 a.m.242 views

Rukovoditel 3.4.1 - Multiple Stored XSS Vulnerability

Exploit Title: Rukovoditel 3.4.1 - Multiple Stored XSS Version: 3.4.1 Bugs: Multiple Stored XSS Technology: PHP Vendor URL: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Date of found: 24-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Detail...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/04/10 12:0 a.m.242 views

Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing Vulnerability

Title: Microsoft-Edge-Chromium-based-Webview2-1.0.1661.34-Spoofing-Vulnerability Author: nu11secur1ty Date: 04.10.2023 Vendor: https://developer.microsoft.com/en-us/ Software: https://developer.microsoft.com/en-us/microsoft-edge/webview2/ Reference:...

8.2CVSS8.3AI score0.03525EPSS
Exploits2
0day.today
0day.today
added 2023/03/28 12:0 a.m.242 views

Hashicorp Consul v1.0 - Remote Command Execution Exploit

Exploit Title: Hashicorp Consul v1.0 - Remote Command Execution RCE Exploit Author: GatoGamer1155, 0bfxgh0st Vendor Homepage: https://www.consul.io/ Description: Exploit for gain reverse shell on Remote Command Execution via API References: https://www.consul.io/api/agent/service.html Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/05/31 12:0 a.m.242 views

Ingredient Stock Management System 1.0 Account Takeover Vulnerability

Exploit Title: Ingredient Stock Management System v1.0 - Account Takeover Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15364/ingredients-stock-management-system-phpoop-free-source-code.html Version:...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/05/17 12:0 a.m.242 views

Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting XSS Exploit Author: Pankaj Kumar Thakur Vendor Homepage: https://surveysparrow.com/ Software Link: https://surveysparrow.com/enterprise-survey-software/ Version: 2022 Tested on: Windows CVE : CVE-2022-2972...

5.4CVSS5.6AI score0.02324EPSS
Exploits4
0day.today
0day.today
added 2022/04/11 12:0 a.m.242 views

SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference Vulnerability

Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept ============ Normal us...

8.1CVSS8.2AI score0.06693EPSS
Exploits4
0day.today
0day.today
added 2022/03/30 12:0 a.m.242 views

WordPress Easy Cookie Policy 1.6.2 Plugin - Broken Access Control to Stored XSS Vulnerability

Exploit Title: WordPress Plugin Easy Cookie Policy 1.6.2 - Broken Access Control to Stored XSS Author: 0xB9 Software Link: https://wordpress.org/plugins/easy-cookies-policy/ Version: 1.6.2 Tested on: Windows 10 CVE: CVE-2021-24405 1. Description: Broken access control allows any authenticated use...

6.5CVSS0.4AI score0.10703EPSS
Exploits5
0day.today
0day.today
added 2022/02/16 12:0 a.m.242 views

Multi-Vendor Online Groceries Management System 1.0 - (id) Blind SQL Injection Vulnerability

Exploit Title: Multi-Vendor Online Groceries Management System 1.0 - 'id' Blind SQL Injection Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/01/05 12:0 a.m.242 views

BeyondTrust Remote Support 6.0 - Reflected Cross-Site Scripting (Unauthenticated) Vulnerability

Exploit Title: BeyondTrust Remote Support 6.0 - Reflected Cross-Site Scripting XSS Unauthenticated Google Dork: intext:"BeyondTrust" "Redistribution Prohibited" Exploit Author: Malcrove Vendor Homepage: https://www.beyondtrust.com/ Version: v6.0 and earlier versions Summary: Unauthenticated...

Exploits0
0day.today
0day.today
added 2021/12/20 12:0 a.m.242 views

Video Sharing Website 1.0 SQL Injection Vulnerability

Title: Video Sharing Website 1.0 SQL - Injection Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14584/video-sharing-website-using-phpmysqli-source-code.html Description: The email parameter from ajax.php app of Video Sharing...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/08/15 12:0 a.m.242 views

QiHang Media Web Digital Signage 3.0.9 Arbitrary File Deletion Vulnerability

Exploit for hardware platform in category web applications QiHang Media Web QH.aspx Digital Signage 3.0.9 Unauthenticated Arbitrary File Deletion Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.242 views

CyberArk PSMP 10.9.1 - Policy Restriction Bypass Vulnerability

Exploit Title: CyberArk PSMP 10.9.1 - Policy Restriction Bypass Exploit Author: LAHBAL Said Vendor Homepage: https://www.cyberark.com/ Software Link: https://www.cyberark.com/ Version: PSMP = 11.1 Prerequisites Policy allows us to overwrite PSMRemoteMachine Description An issue was discovered in...

Exploits0
0day.today
0day.today
added 2019/05/25 12:0 a.m.242 views

FairStars Audio Converter Pro 1.82 - (.tta) Denial of Service Exploit

Exploit Title: FairStars Audio Converter Pro 1.82 - '.tta' Denial of Service PoC Date: 25.5.2019 Vendor Homepage:http://www.fairstars.com/ Software Link: http://www.fairstars.com/download/facpsetup.exe Exploit Author: Achilles Tested Version: 1.82 Tested on: Windows 7 x64 Sp1 Windows XP Sp3 1.- R...

0.2AI score
Exploits0
0day.today
0day.today
added 2017/08/30 12:0 a.m.242 views

User Login and Management - Multiple Vulnerabilities

Exploit for php platform in category web applications ----------------------------------------------------------------------------------- | |---------------------------------------------------------------------------------- 1 admin dashboard authentication bypass Description : An Attackers are ab...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/05/17 12:0 a.m.242 views

Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1107 Windows: COM Aggregate Marshaler/IRemUnknown2 Type Confusion EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: When...

1.9CVSS6.4AI score0.84138EPSS
Exploits15
0day.today
0day.today
added 2013/05/01 12:0 a.m.242 views

Sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit

sudo versions 1.8.0 through 1.8.3p1 sudodebug root exploit with glibc FORTIFYSOURCE bypass. include include include include include include include include include include define OFFSET 65000 define NUMTHREADS 0 / files that we create on disk / define BACKDOOR "e.c" define BDCOMPILED "e" define...

7.2CVSS0.4AI score0.02992EPSS
Exploits6
0day.today
0day.today
added 2005/12/07 12:0 a.m.242 views

SimpleBBS <= 1.1 Remote Commands Execution Exploit (c code)

Exploit for unknown platform in category web applications =========================================================== SimpleBBS !--total 188 drwxrwxrwx 2 f1 f1 4096 Dec 6 17:02 . drwxr-xr-x 7 f1 f1 4096 Nov 17 2002 .. -rw-r--r-- 1 f1 f1 916 Oct 20 09:30 WSFTP.LOG -rwxrwxrwx 1 f1 f1 28 Nov 17 2002...

7.1AI score
Exploits0
0day.today
0day.today
added 2025/01/27 12:0 a.m.241 views

SpagoBI 3.5.1 Cross Site Scripting Vulnerability

CVE-2024-54795 Severity : Medium 5.4 CVSS score : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by multiple stored XSS inside of the worksheet designer page. Poc Steps to Reproduce : 1. While editing a document insertin...

5.4CVSS7.1AI score0.00497EPSS
Exploits3
0day.today
0day.today
added 2024/04/22 12:0 a.m.241 views

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass Vulnerability

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables them to...

7.7AI score
Exploits0
0day.today
0day.today
added 2023/10/09 12:0 a.m.241 views

Shuttle Booking Software v1.0 - Multiple SQL injection Vulnerabilities

Title: Shuttle-Booking-Software v1.0 - Multiple-SQLi Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/shuttle-booking-software/sectionPricing Reference: https://portswigger.net/web-security/sql-injection Description: The locationid parameter appears to...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/09/05 12:0 a.m.241 views

Webigniter 28.7.23 XSS Reflected Vulnerability

Title: WEBIGniter-28.7.23-XSS-Reflected Author: nu11secur1ty Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Description: The value of the redirect request parameter is copied into the value of an HTML tag...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/09/04 12:0 a.m.241 views

Ivanti Avalanche < v6.4.0.0 - Remote Code Execution Exploit

""" Exploit Title: Ivanti Avalanche IIIss'.formatself.namesize, self.valuesize, self.type, self.namesize, self.valuesize, self.name, self.value Create a header structure class HP: def initself, hdr, payload: self.hdr = hdr self.payload = payload self.pad = b'\x00' 16 - lenself.hdr + lenself.paylo...

9.8CVSS8.9AI score0.98919EPSS
Exploits7
0day.today
0day.today
added 2023/07/19 12:0 a.m.241 views

Vaidya-Mitra 1.0 - Multiple SQL injection Vulnerability

Title: Vaidya-Mitra 1.0 - Multiple SQLi Author: nu11secur1ty Vendor: https://mayurik.com/ Software: free: https://www.sourcecodester.com/php/16720/free-hospital-management-system-small-practices.html, https://mayurik.com/source-code/P5890/best-hospital-management-system-in-php Reference:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/06/06 12:0 a.m.241 views

Barebones CMS v2.0.2 - Stored Cross-Site Scripting (Authenticated) Vulnerability

Exploit Title: Barebones CMS v2.0.2 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: tmrswrr Vendor Homepage: https://barebonescms.com/ Software Link: https://github.com/cubiclesoft/barebones-cms/archive/master.zip Version: v2.0.2 Tested : https://demo.barebonescms.com/ ---...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/04/03 12:0 a.m.241 views

Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path Vulnerability

Exploit Title: Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path Exploit Author: Laguin Benjamin MONK-MODE Vendor Homepage: https://personifyinc.com/ Software Link: https://personifyinc.com/download/chromacam Tested Version: Chromacam-4.0.3.0 Vulnerability Type: Unquoted Service Pa...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/28 12:0 a.m.241 views

ReQlogic v11.3 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: ReQlogic v11.3 - Reflected Cross-Site Scripting XSS Exploit Author: Okan Kurtulus Vendor Homepage: https://reqlogic.com Version: 11.3 Tested on: Linux CVE : 2022-41441 Proof of Concept: 1- Install ReQlogic v11.3 2- Go to...

6.1CVSS6.5AI score0.05187EPSS
Exploits3
0day.today
0day.today
added 2022/10/03 12:0 a.m.241 views

Joomla jMarket 5.15 Cross Site Scripting Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Joobi │ │ Software : jMarket 5.1...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/07/20 12:0 a.m.241 views

Asus GameSDK 1.0.0.4 Unquoted Service Path Vulnerability

Exploit Title: Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted Service Path Privilege Escalation Exploit Author: Angelo Pio Amirante Version: 1.0.0.4 Tested on: Windows 10 Patched version: 1.0.5.0 CVE: CVE-2022-35899 Step to discover the unquoted service path: wmic service get...

7.8CVSS7.8AI score0.00857EPSS
Exploits5
0day.today
0day.today
added 2022/04/06 12:0 a.m.241 views

Gadget Store Management System 1.0 Shell Upload Vulnerability

Exploit Title: Gadget Store Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.campcodes.com/ Software Link: https://www.campcodes.com/projects/php/gadget-store-management-system/ Version: 1.0 Tested on: XAMPP, Linux Contact...

Exploits0
0day.today
0day.today
added 2022/03/07 12:0 a.m.241 views

Cloudflare WARP 1.4 - Unquoted Service Path Vulnerability

Exploit Title: Cloudflare WARP 1.4 - Unquoted Service Path Exploit Author: Hejap Zairy Vendor Homepage: https://www.cloudflare.com/ Software Link: https://developers.cloudflare.com/warp-client/get-started/windows/ Version: 1.4.107 Tested: Windows 10 Pro x64 es C:\Users\Hejapsc qc CloudflareWARP S...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/25 12:0 a.m.241 views

WordPress Ninja Tables 4.1.7 Plugin - Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting XSS Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/ninja-tables/ Software Link: https://wpmanageninja.com/downloads/ninja-tables-pro-add-on/ Version: 4.1.7 Tested on Windows How t...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/08 12:0 a.m.241 views

Dolibarr ERP / CRM 14.0.2 Cross Site Scripting / Privilege Escalation Vulnerabilities

Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation. Exploit Title: Dolibarr ERP & CRM v14.0.2 Stored XSS / Privilege Escalation Exploit Author: Oscar Gutierrez m4xp0w3r Vendor Homepage: https://www.dolibarr.org/ Software Link...

0.2AI score
Exploits0
Total number of security vulnerabilities5000