Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2021/03/23 12:0 a.m.216 views

Codiad 2.8.4 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 ​ !/usr/bin/env python encoding: utf-8 ​ import requests...

10CVSS0.3AI score0.38444EPSS
Exploits4
0day.today
0day.today
added 2020/03/19 12:0 a.m.216 views

Windows/x64 - Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode 232 bytes

Shellcode Title: Windows\x64 Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode 232 bytes Shellcode Author: Bobby Cooke Date: March 2020-03-17 Tested On: Windows 10 Pro 1909 x86: HelpPane.exe, notepad.exe, certutil.exe Windows 10 Pro 1909 x8664: mmc.exe, xwizard.exe ! Will onl...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.216 views

Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execute Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...

6.5CVSS0.8AI score0.27074EPSS
Exploits6
0day.today
0day.today
added 2019/05/14 12:0 a.m.216 views

XOOPS CMS 2.5.9 SQL Injection Vulnerability

Exploit for php platform in category web applications + Sql Injection on XOOPS CMS v.2.5.9 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: email protected + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...

Exploits0
0day.today
0day.today
added 2018/06/22 12:0 a.m.216 views

phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0...

0.2AI score0.98391EPSS
Exploits21
0day.today
0day.today
added 2018/02/07 12:0 a.m.216 views

Cisco ASA - Crash PoC Exploit

Exploit for hardware platform in category dos / poc Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers =...

10CVSS0.87397EPSS
Exploits7
0day.today
0day.today
added 2017/09/30 12:0 a.m.216 views

Zyxel P-2812HNU-F1 DSL Router Command Injection Vulnerability

The Zyxel P-2812HNU-F1 DSL router suffers from a remote command injection vulnerability. Firmware versions V3.11TUE3 KPN and V3.11TUE8 KPN are affected. Zyxel P-2812HNU-F1 DSL router - command injection ================================================= The Zyxel P-2812 is common in the Netherland...

7.6AI score
Exploits0
0day.today
0day.today
added 2016/09/22 12:0 a.m.216 views

Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabiliti

Exploit for php platform in category web applications Video: https://www.youtube.com/watch?v=yOWz25sHMI SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Potential backdoor access through multiple vulnerabilities product...

7.1AI score0.53166EPSS
Exploits12
0day.today
0day.today
added 2015/04/12 12:0 a.m.216 views

Mac OS X Rootpipe Privilege Escalation Exploit

This Metasploit module exploits a hidden backdoor API in Apple's Admin framework on Mac OS X to escalate privileges to root, dubbed Rootpipe. Tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run this...

7.2CVSS0.6AI score0.09887EPSS
Exploits16
0day.today
0day.today
added 2014/04/03 12:0 a.m.216 views

OpenSSH rootkit backdoor tool with ssh sniffer

This is a private version of OpenSSH backdoor rootkit tool wih ssh sniffer. If u want to have a hidden acces to a unix server on ssh conexion you can us this tool safetly. Also this rootkit can catch all ssh conexiones from the server where install this tool. If a email protected or email protect...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/06/17 12:0 a.m.216 views

Ministry Malaysia XSS and SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/06/14 12:0 a.m.215 views

WP-UserOnline 2.88.0 - Stored Cross Site Scripting (Authenticated) Vulnerability

Exploit Title: WP-UserOnline 2.88.0 - Stored Cross Site Scripting XSS Authenticated Google Dork: inurl:/wp-content/plugins/wp-useronline/ Exploit Author: Onur Göğebakan Vendor Homepage: https://github.com/lesterchan/wp-useronline Software Link:...

5.5CVSS5.6AI score0.05291EPSS
Exploits6
0day.today
0day.today
added 2024/03/04 12:0 a.m.215 views

GL.iNet AR300M v4.3.7 Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

9.8CVSS7.4AI score0.23466EPSS
Exploits4
0day.today
0day.today
added 2024/03/04 12:0 a.m.215 views

R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure Vulnerability

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure Vendor: R Radio Network Product web page: http://www.pktc.ac.th Affected version: 1.07 Summary: R Radio FM Transmitter that includes FM Exciter and FM Amplifier parameter setup. Desc: The transmitter suffers from an improper acces...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/08/04 12:0 a.m.215 views

Wordpress EventON Calendar 4.4 Plugin - Unauthenticated Event Access Vulnerability

Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access Exploit Author: Miguel Santareno Vendor Homepage: https://www.myeventon.com/ Version: 4.4 Tested on: Google and Firefox latest version CVE : CVE-2023-2796 1. Description The plugin lacks authentication and...

5.3CVSS7.1AI score0.37468EPSS
Exploits5
0day.today
0day.today
added 2022/10/17 12:0 a.m.215 views

MiniDVBLinux 5.4 Arbitrary File Read Exploit

!/usr/bin/env python3 MiniDVBLinux 5.4 Arbitrary File Read Vulnerability Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: =5.4 Summary: MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Vide...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/05/11 12:0 a.m.215 views

Microfinance Management System 1.0 - (customer_number) SQL injection Vulnerability

Exploit Title: Microfinance Management System 1.0 - 'customernumber' SQLi Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/14822/microfinance-management-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/mims0.zip...

9.8CVSS0.4AI score0.13829EPSS
Exploits4
0day.today
0day.today
added 2022/04/06 12:0 a.m.215 views

Multi Store Inventory Management System 1.0 Account Takeover Vulnerability

Exploit Title: Multi Store Inventory Management System - Account Takeover Unauthenticated Exploit Author: Saud Alenazi Vendor Homepage: https://www.bdtask.com/ Software Link: https://www.campcodes.com/projects/php/complete-multi-store-inventory-management-system-in-php-mysql/ Version: 1.0 Tested...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/01/31 12:0 a.m.215 views

Moxa TN-5900 Firmware Post Authentication Command Injection Exploit

Moxa TN-5900 versions 3.1 and below suffer from an issue where a user who has authenticated to the management web application is able to leverage a command injection vulnerability in the p12 processing code of the certificate management function webCERMGMTUpload. Title: Moxa TN-5900 Post...

9.8CVSS0.3AI score0.03586EPSS
Exploits2
0day.today
0day.today
added 2021/10/25 12:0 a.m.215 views

WordPress Media-Tags 3.2.0.2 Plugin - Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on Windows How to...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/08 12:0 a.m.215 views

Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit

Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7 x64 and Windows 7...

7.5CVSS8.2AI score0.86863EPSS
Exploits17
0day.today
0day.today
added 2020/08/11 12:0 a.m.215 views

Cisco 7937G Denial Of Service Exploit

CVE-2020-16138.py: Exploit Title: Cisco 7937G DoS 2 MSF Module Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: ', 'type': 'cve', 'ref': '2020-', 'type': 'edb', 'ref': '' , 'type': 'dos', 'options': 'rhost': 'type': 'address', 'description': 'Target address...

7.5CVSS0.1AI score0.7977EPSS
Exploits6
0day.today
0day.today
added 2020/07/07 12:0 a.m.215 views

RiteCMS 2.2.1 - Authenticated Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux 1- Go to following url. http://HOST/cms/ 2- Default username and password is...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/06/16 12:0 a.m.215 views

Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution Exploit

This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including 2.3.4.2103. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

10CVSS9.2AI score0.84558EPSS
Exploits9
0day.today
0day.today
added 2020/06/08 12:0 a.m.215 views

NeonLMS Learning Management System PHP Laravel Script 4.6 Shell Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: NeonLMS - Learning Management System PHP Laravel Script -Authenticated Arbitrary File Upload Exploit Author: th3d1gger Vendor Homepage: https://www.neonlms.com/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/30 12:0 a.m.215 views

WordPress Plainview Activity Monitor 20161228 Remote Command Execution Exploit

WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit...

9CVSS1.2AI score0.7699EPSS
Exploits11
0day.today
0day.today
added 2019/07/02 12:0 a.m.215 views

Linux/ARM64 - execve("/bin/sh", NULL, NULL) Shellcode (40 Bytes)

/ Title: Linux/ARM64 - execve"/bin/sh", NULL, NULL Shellcode 40 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xerus...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/09/24 12:0 a.m.215 views

IBM AIX 6.1 / 7.1 - Local root Privilege Escalation Vulnerability

Exploit for aix platform in category local exploits !/bin/sh Exploit Title: IBM AIX 6.1 / 7.1 local root privilege escalation Date: 2013-09-24 Exploit Author: Kristian Erik Hermansen Vendor Homepage: http://www.ibm.com Software Link: http://www-03.ibm.com/systems/power/software/aix/about.html...

7.2CVSS6.3AI score0.02846EPSS
Exploits8
0day.today
0day.today
added 2011/01/02 12:0 a.m.215 views

KLINK SQL Injection Vulnerability

Exploit for php platform in category web applications Dork : "allinurl:.php?txtCodiInfo=" An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. Example 1:...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/10/11 12:0 a.m.214 views

ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Directory Traversal Vulnerability

ABB Cylon Aspect version 3.08.01 has a directory traversal vulnerability that can be exploited by an unauthenticated attacker to list the contents of arbitrary directories without reading file contents, leading to information disclosure of directory structures and filenames. This may expose...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/05/23 12:0 a.m.214 views

FusionInvoice 2023-1.0 - Cross-Site Scripting Vulnerability

Exploit Title: FusionInvoice 2023-1.0 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.squarepiginteractive.com Software Link: https://www.fusioninvoice.com/store Version: 2023-1.0 Tested on: Latest Version of Desktop Web Browsers ATTOW: Firefox...

5.8CVSS7.1AI score0.02246EPSS
Exploits4
0day.today
0day.today
added 2023/04/06 12:0 a.m.214 views

WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated Remote Code Execution Exploit

Exploit Title: WIMAX SWC-5100W Firmware V1.11.0.1 :1.9.9.4 - Authenticated RCE Vulnerability Name: Ballin' Mada Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.seowonintech.co.kr/eng/main Version: Bootloader1.18.19.0 , HW 0.0.7.0, FW1.11.0.1 : 1.9.9.4 Tested on: Unix CVE :...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/27 12:0 a.m.214 views

D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution Exploit

Exploit Title: D-Link DNR-322L Exploit Writeup: https://lukasec.ch/posts/dlinkdnr322.html Vendor Homepage: https://dlink.com Vendor Advisory: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10305 Software Link: http://legacyfiles.us.dlink.com/DNR-322L/REVA/FIRMWARE...

6.8AI score
Exploits0
0day.today
0day.today
added 2022/02/08 12:0 a.m.214 views

WordPress Security Audit 1.0.0 Plugin - Stored Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting XSS Exploit Author: Shweta Mahajan Vendor Homepage: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Software Link: https://en-gb.wordpress.org/plugins/titan-labs-security-audit/ Tested on Windows CVE...

4.8CVSS5.2AI score0.05063EPSS
Exploits5
0day.today
0day.today
added 2022/01/05 12:0 a.m.214 views

Hospitals Patient Records Management System 1.0 - Account TakeOver Vulnerability

Exploit Title: Hospitals Patient Records Management System 1.0 - Account TakeOver Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2022/01/05 12:0 a.m.214 views

Online Admission System 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Online Admission System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/rskoolrash/Online-Admission-System Software Link: https://github.com/rskoolrash/Online-Admission-System Tested on: LAMP Stack Debian 10...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/07/26 12:0 a.m.214 views

Socusoft Photo to Video Converter Professional 8.07 (Output Folder) Buffer Overflow (SEH Egghunter)

Exploit Title: Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow SEH Egghunter Exploit Author: MasterVlad Vendor Homepage: http://www.dvd-photo-slideshow.com/photo-to-video-converter.html Software Link:...

0.8AI score
Exploits0
0day.today
0day.today
added 2020/07/13 12:0 a.m.214 views

Park Ticketing Management System 1.0 - (viewid) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/03/06 12:0 a.m.214 views

Google Chrome 80 JSCreate Side-Effect Type Confusion Exploit

This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw...

8.8CVSS7.4AI score0.78808EPSS
Exploits6
0day.today
0day.today
added 2019/12/09 12:0 a.m.214 views

Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/11 12:0 a.m.214 views

Webmin 1.910 - (Package Updates) Remote Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin %q This module exploits an arbitrary command execution vulnerability in Webmin 1.910 and lower versions. Any user authorized to the "Packa...

0.7AI score
Exploits0
0day.today
0day.today
added 2018/11/12 12:0 a.m.214 views

TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link:...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/01/04 12:0 a.m.214 views

Multiple CPUs - Spectre Information Disclosure (PoC) Exploit

Exploit for multiple platform in category local exploits include include include ifdef MSCVER include / for rdtscp and clflush / pragma optimize"gt",on else include / for rdtscp and clflush / endif / Victim code. / unsigned int array1size = 16; uint8t unused164; uint8t array1160 =...

4.7CVSS6.8AI score0.93838EPSS
Exploits12
0day.today
0day.today
added 2016/12/05 12:0 a.m.214 views

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

Exploit for hardware platform in category remote exploits Exploit Title : Shuttle Tech ADSL WIRELESS 920 WM - Multiple Vulnerabilities Version: Gan9.8U6X-B-TW-R1B0201T1RP Exploit Author : Persian Hack Team Tested on Win Date 2016/12/05 1. Cross Site Scripting PoC : First We Need To login To Panel...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/03/22 12:0 a.m.214 views

CMS Openpage (index.php) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================== CMS Openpage index.php SQL Injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/03/06 12:0 a.m.214 views

D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== D2-Shoutbox 4.2 IPB Mod load Remote SQL Injection Exploit =========================================================== !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/10/23 12:0 a.m.214 views

PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit

Exploit for unknown platform in category web applications ============================================================= PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit ============================================================= ?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/01/25 12:0 a.m.214 views

AWStats configdir Remote Command Execution Exploit (c code)

Exploit for cgi platform in category web applications =========================================================== AWStats configdir Remote Command Execution Exploit c code =========================================================== / AwStats exploit by Thunder, email protected This exploit makes...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/01/13 12:0 a.m.214 views

ITA Forum <= 1.49 SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================= ITA Forum = 1.49 SQL Injection Exploit ======================================= !/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/08/08 12:0 a.m.213 views

Open WebUI 0.1.105 Persistent Cross Site Scripting Vulnerability

Title: Open WebUI Stored Cross-Site Scripting Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt 1. Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-79: Improper...

6.1CVSS7AI score0.0062EPSS
Exploits3
Total number of security vulnerabilities5000