Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2019/12/09 12:0 a.m.208 views

SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH) Exploit

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested Windows 7 SP1 x86...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/09/30 12:0 a.m.208 views

ACTi ACM-5611 Video Camera Remote Command Execution Exploit

Exploit for hardware platform in category web applications !/usr/bin/perl ACTi ACM-5611 Video Camera Remote Command Execution Exploit Copyright 2019 c Todor Donev Firmware Version = A1D-220-V3.08.08-AC Production ID = ACM5611-08G-X-00485 Factory Default Type = NTSC, Composite, Two Ways Audio 0x71...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/09/27 12:0 a.m.208 views

V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/06/26 12:0 a.m.208 views

WordPress iLive 1.0.4 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: iLive - Intelligent WordPress Live Chat Support Plugin v1.0.4 Stored XSS Injection Exploit Author: m0ze Vendor Homepage: http://www.ilive.wpapplab.com/ Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/10 12:0 a.m.208 views

McAfee ePO 5.9.1 - Registered Executable Local Access Bypass Vulnerability

Exploit for windows platform in category web applications Exploit Title: McAfee ePO 5.9.1 Registered Executable Local Access Bypass Exploit Author: @leonjza Vendor Homepage: https://www.mcafee.com/ Software Link: https://www.mcafee.com/enterprise/en-us/products/epolicy-orchestrator.html Version:...

4CVSS5.6AI score0.04699EPSS
Exploits4
0day.today
0day.today
added 2017/07/19 12:0 a.m.208 views

Microsoft Windows Kernel - IOCTL 0x120007 (NsiGetParameter) nsiproxy/netio Pool Memory Disclosure

Exploit for windows platform in category dos / poc / We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys \.\Nsi device discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit...

2.1CVSS7.7AI score0.03018EPSS
Exploits3
0day.today
0day.today
added 2017/03/25 12:0 a.m.208 views

Nuxeo Platform 6.x / 7.x Shell Upload Exploit

Exploit for php platform in category web applications Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform. By...

6.5CVSS8.7AI score0.34585EPSS
Exploits7
0day.today
0day.today
added 2016/07/04 12:0 a.m.208 views

Ktools Photostore 4.7.5 - Multiple Vulnerabilities

Exploit for php platform in category web applications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ktools Photostore = 4.7.5 Multiple Vulnerabilities Bug discovered by Yakir Wizman Date 01/07/2016 Affected versions prior to 4.7.5 Vendor Homepage - http://www.ktools.net...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/04/02 12:0 a.m.207 views

Daily Habit Tracker 1.0 - SQL Injection Vulnerability

Exploit Title: Daily Habit Tracker 1.0 - SQL Injection Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Debian CVE :...

9.8CVSS7.1AI score0.0133EPSS
Exploits4
0day.today
0day.today
added 2024/01/08 12:0 a.m.207 views

iGalerie 3.0.22 Cross Site Scripting Vulnerability

Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://www.igalerie.org/ Version: 3.0.22 Tested on: https://softaculous.com/demos/iGalerie 1 Go to home page and click edit https://127.0.0.1/iGalerie/ Titre : "sVg/onLy=1 onLoaD=confirm1// 2 Write i...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/10/09 12:0 a.m.207 views

OpenPLC WebServer 3 - Denial of Service Exploit

Exploit Title: OpenPLC WebServer 3 - Denial of Service Exploit Author: Kai Feng Vendor Homepage: https://autonomylogic.com/ Software Link: https://github.com/thiagoralves/OpenPLCv3.git Version: Version 3 and 2 Tested on: Ubuntu 20.04 import requests import sys import time import optparse import r...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/08/04 12:0 a.m.207 views

ReyeeOS 1.204.1614 - MITM Remote Code Execution Exploit

Exploit Title: ReyeeOS 1.204.1614 - MITM Remote Code Execution RCE Google Dork: None Exploit Author: Riyan Firmansyah of Seclab Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/support/documents/slideEW1200G-PRO-Firmware-B11P204 Version: ReyeeOS 1.204.1614...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/07/28 12:0 a.m.207 views

RosarioSIS 10.8.4 - CSV Injection Vulnerability

Exploit Title: RosarioSIS 10.8.4 - CSV Injection Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://www.rosariosis.org/ Software Link: https://gitlab.com/francoisjacquet/rosariosis/-/archive/v10.8.4/rosariosis-v10.8.4.zip Affected Version: 10.8.4 Category: WebApps Tested on: Windows 10 1...

5.4CVSS5.5AI score0.02166EPSS
Exploits2
0day.today
0day.today
added 2023/07/19 12:0 a.m.207 views

Blackcat Cms v1.4 - Stored XSS Vulnerability

Exploit Title: Blackcat Cms v1.4 - Stored XSS Application: blackcat Cms Version: v1.4 Bugs: Stored XSS Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/05/05 12:0 a.m.207 views

Ulicms 2023.1 sniffing-vicuna - Remote Code Execution Vulnerability

Exploit Title: Ulicms-2023.1 sniffing-vicuna - Remote Code Execution RCE Application: Ulicms Version: 2023.1-sniffing-vicuna Bugs: RCE Technology: PHP Vendor URL: https://en.ulicms.de/ Software Link: https://www.ulicms.de/content/files/Releases/2023.1/ulicms-2023.1-sniffing-vicuna-full.zip Date o...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/04/06 12:0 a.m.207 views

BulletProof FTP Server 2019.0.0.51 Denial Of Service Exploit

Exploit Title: BulletProof FTP Server 2019.0.0.51 - Denial of Service Discovery by: Yehia Elghaly - Mrvar0x Vendor Homepage: https://barcodemagic.com/ Software Link: http://bpftpserver.com/products/bpftpserver/windows/download Tested Version: 2019.0.0.51 Tested on: Windows 7 x86 Steps To Crash:...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/05 12:0 a.m.207 views

PhotoShow 3.0 - Remote Code Execution Exploit

Exploit Title: PhotoShow 3.0 - Remote Code Execution Date: January 11, 2023 Exploit Author: LSCP Responsible Disclosure Lab Detailed Bug Description: https://lscp.llc/index.php/2021/07/19/how-white-box-hacking-works-remote-code-execution-and-stored-xss-in-photoshow-3-0/ Vendor Homepage:...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/27 12:0 a.m.207 views

Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Vulnerability

Exploit Title: Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal Exploit Author: nu11secur1ty Vendor: https://lavalite.org/ Software: https://github.com/LavaLite/cms/releases/tag/v9.0.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/LavaLite Description: The...

6.8AI score
Exploits0
0day.today
0day.today
added 2022/09/19 12:0 a.m.207 views

WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin ‘GetYourGuide Ticketing’ - Stored Cross-Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/search/GetYourGuide+Ticketing/ Version: 1.0.1 Tested on: Firefox Contact me: email protected Vulnerable code: " POC: ...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/01/25 12:0 a.m.207 views

CosaNostra Builder WebPanel Cross Site Request Forgery Vulnerability

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83C.txt Contact: email protected Media: twitter.com/malvuln Threat: CosaNostra Builder WebPanel Vulnerability: Cross Site Request Forgery CSRF Description: The Panel does...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/05 12:0 a.m.207 views

Windscribe VPN WindscribeService Named Pipe Privilege Escalation Exploit

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...

7.8CVSS0.5AI score0.09905EPSS
Exploits4
0day.today
0day.today
added 2019/12/27 12:0 a.m.207 views

AVE DOMINAplus 1.10.x Authentication Bypass Vulnerability

AVE DOMINAplus =1.10.x Authentication Bypass Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/01/24 12:0 a.m.207 views

Cisco RV320 Unauthenticated Configuration Export Vulnerability

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17. Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15,...

0.3AI score0.99876EPSS
Exploits19
0day.today
0day.today
added 2018/11/05 12:0 a.m.207 views

Morris Worm fingerd Stack Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...

0.4AI score
Exploits0
0day.today
0day.today
added 2008/01/30 12:0 a.m.207 views

PHP Links <= 1.3 (vote.php id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= PHP Links = 1.3 vote.php id Remote SQL Injection Vulnerability =================================================================...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/04/22 12:0 a.m.206 views

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass Vulnerability

Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables them to...

7.7AI score
Exploits0
0day.today
0day.today
added 2023/05/05 12:0 a.m.206 views

Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution Vulnerability

Exploit Title: Codigo Markdown Editor v1.0.1 Electron - Arbitrary Code Execution Exploit Author: 8bitsec Vendor Homepage: https://alfonzm.github.io/codigo/ Software Link: https://github.com/alfonzm/codigo-app Version: 1.0.1 Tested on: Mac OS 13 Release Date: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/05/12 12:0 a.m.206 views

Beehive Forum - Account Takeover Vulnerability

Exploit Title: Beehive Forum - Account Takeover Exploit Author: Pablo Santiago Vendor Homepage: https://www.beehiveforum.co.uk/ Software Link: https://sourceforge.net/projects/beehiveforum/ Version: 1.5.2 Tested on: Kali Linux and Ubuntu 20.0.4 CVE N/A PoC: https://imgur.com/a/hVlgpCg...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/05/12 12:0 a.m.206 views

Prime95 Version 30.7 build 9 - Remote Code Execution Exploit

Exploit Title: Prime95 Version 30.7 build 9 - Remote Code Execution RCE Discovered by: Yehia Elghaly Vendor Homepage: https://www.mersenne.org/ Software Link : https://www.mersenne.org/ftproot/gimps/p95v307b9.win32.zip Tested Version: 30.7 build 9 Vulnerability Type: Buffer Overflow RCE Local...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/05/06 12:0 a.m.206 views

PHProjekt PhpSimplyGest / MyProjects 1.3.0 Cross Site Scripting Vulnerability

Exploit Title: PHProjekt PhpSimplyGest / MyProjects, 1.3.0 - Stored XSS Cross-Site Scripting Exploit Author: Andrea Intilangelo Vendor Homepage: http://www.phprojekt.altervista.org removed demo was at http://phprojekt.altervista.org/phpsimplygest130 Software Link:...

5.4CVSS0.2AI score0.02517EPSS
Exploits4
0day.today
0day.today
added 2022/05/03 12:0 a.m.206 views

WordPress Stafflist 3.1.2 Cross Site Request Forgery Vulnerability

Exploit Title: WordPress Plugin stafflist 3.1.2 - CSRF Authenticated Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A CSRF vulnerability exists in staff record...

0.5AI score
Exploits0
0day.today
0day.today
added 2022/03/30 12:0 a.m.206 views

Medical Hub Directory Site 1.0 Cross Site Scripting Vulnerability

Title: Medical Hub Directory Site 1.0 XSS Stored Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15252/simple-medical-hub-directory-site-phpoop-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/mhds.zip Reference:...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/03/07 12:0 a.m.206 views

Attendance and Payroll System v1.0 - Remote Code Execution Exploit

Exploit Title: Attendance and Payroll System v1.0 - Remote Code Execution RCE Exploit Author: pr0z Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip Version: v1.0 Tested on: Linux, MySQL, Apache import...

0.1AI score
Exploits0
0day.today
0day.today
added 2021/11/03 12:0 a.m.206 views

OpenAM 13.0 - LDAP Injection Exploit

Exploit Title: OpenAM 13.0 - LDAP Injection Exploit Author: Charlton Trezevant, GuidePoint Security Vendor Homepage: https://www.forgerock.com/ Software Link: https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/13.0.0,...

7.5CVSS7.5AI score0.76385EPSS
Exploits5
0day.today
0day.today
added 2021/09/22 12:0 a.m.206 views

Filerun 2021.03.26 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2021/09/17 12:0 a.m.206 views

Cloudron 6.2 Cross Site Scripting Vulnerability

Exploit Title: Cloudron 6.2 - Cross Site Scripting Reflected Exploit Author: Akıner Kısa Vendor Homepage: https://cloudron.io Software Link: https://www.cloudron.io/get.html Version: 6.3 Tested on: Demo / Localhost CVE : CVE-2021-31721 Proof of Concept: 1. Go to...

6.1CVSS6.4AI score0.00887EPSS
Exploits3
0day.today
0day.today
added 2020/07/09 12:0 a.m.206 views

FrootVPN 4.8 - (frootvpn) Unquoted Service Path Vulnerability

Exploit : FrootVPN 4.8 - 'frootvpn' Unquoted Service Path Author : v3n0m Vendor : https://frootvpn.com/ App Link : https://frootvpn.com/en/download-client?platform=win Version : 4.8 Tested on : Windows 10 Pro build 19041.329 Credits : YOGYACARDERLINK, bejo6, Ika Atikasari PoC: Microsoft Windows...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/07/07 12:0 a.m.206 views

Microsoft Windows MSHTA.EXE .HTA File XML Injection Vulnerability

Microsoft Windows MSHTA.EXE .HTA File XML Injection Vulnerability Vendor www.microsoft.com Product Windows MSHTA.EXE .HTA File An HTML Application HTA is a Microsoft Windows program whose source code consists of HTML, Dynamic HTML, and one or more scripting languages supported by Internet Explore...

Exploits0
0day.today
0day.today
added 2020/06/24 12:0 a.m.206 views

Gila CMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

Exploit for perl platform in category web applications ===== Tempest Security Intelligence - ADV-07/2020 ========================== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of...

6.8CVSS0.1AI score0.01814EPSS
Exploits7
0day.today
0day.today
added 2020/02/05 12:0 a.m.206 views

xglance-bin 11.00 - Privilege Escalation Exploit

Exploit Title: xglance-bin 11.00 - Privilege Escalation Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More details on...

4.4CVSS0.5AI score0.0708EPSS
Exploits9
0day.today
0day.today
added 2019/12/03 12:0 a.m.206 views

Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link: https://www.intelbras.com/pt-br/roteador-wireless-smart-dual-band-action-rf-1200...

0.5AI score0.09632EPSS
Exploits5
0day.today
0day.today
added 2019/07/02 12:0 a.m.206 views

Linux/ARM64 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (176 bytes)

/ Title: Linux/ARM64 - Bind 4444/TCP Shell /bin/sh + IPv6 Shellcode 176 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/04/19 12:0 a.m.206 views

RechnungsZentrale V2 <= 1.1.3 Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ RechnungsZentrale V2 = 1.1.3 Remote Inclusion Vulnerability ============================================================ - GroundZero Security Research and Software Development...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/04/02 12:0 a.m.206 views

ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================================= ReloadCMS nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent:...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/10/11 12:0 a.m.205 views

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vulnerability

ABB Cylon Aspect version 3.07.02 suffers from a vulnerability that allows an unauthenticated attacker to enable or disable the SSH daemon by sending a POST request to sshUpdate.php with a simple JSON payload. This can be exploited to start the SSH service on the remote host without proper...

7.5AI score
Exploits0
0day.today
0day.today
added 2024/04/01 12:0 a.m.205 views

Intel PowerGadget 3.6 Local Privilege Escalation Vulnerability

Vulnerability summary: Local Privilege Escalation from regular user to SYSTEM, via conhost.exe hijacking triggered by MSI installer in repair mode Affected Products: Intel PowerGadget Affected Versions: tested on PowerGadget3.6.msi a3834b2559c18e6797ba945d685bf174, file signed on ‎Monday, ‎Februa...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/08/21 12:0 a.m.205 views

EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR) Vulnerability

Exploit Title: EuroTel ETL3100 - Transmitter Authorization Bypass IDOR Exploit Author: LiquidWorm Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/04/03 12:0 a.m.205 views

sleuthkit 4.11.1 - Command Injection Exploit

Exploit Title: sleuthkit 4.11.1 - Command Injection CVE-2022-45639 Vendor Homepage: https://github.com/sleuthkit Vulnerability Type: Command injection Attack Type: Local Version: 4.11.1 Exploit Author: Dino Barlattani, Giuseppe Granato Link poc: https://www.binaryworld.it/guidepoc.aspCVE-2022-456...

7.8CVSS7.8AI score0.0466EPSS
Exploits4
0day.today
0day.today
added 2023/03/27 12:0 a.m.205 views

Aero CMS v0.0.1 - SQL Injection (no auth) Vulnerability

Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64...

6.8AI score
Exploits0
0day.today
0day.today
added 2021/11/06 12:0 a.m.205 views

PHP Event Calendar Lite Edition SQL Injection Vulnerability

Product: PHP Event Calendar Manufacturer: Kayson Group Ltd. Affected Versions: PHP Event Calendar Lite edition Tested Versions: PHP Event Calendar Lite edition Vulnerability Type: SQL injection CWE-89 Risk Level: High Solution Status: Closed Manufacturer Notification: 2021-08-09 Solution Date:...

10CVSS9.2AI score0.02433EPSS
Exploits3
Total number of security vulnerabilities5000