Auto Coupons for WooCommerce < 3.0.15 - Reflected Cross-Site Scripting
Description The Auto Coupons for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 3.0.14 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
7.1CVSS
6.3AI Score
0.0004EPSS
Exploit for Injection in Vm2 Project Vm2
CVE-2023-30547 PoC Exploit for VM2 Sandbox Escape...
10CVSS
9.6AI Score
0.002EPSS
Exploit for Incorrect Authorization in Dompdf Project Dompdf
CVE-2023-23924 Dompdf vulnerable to URI validation failure...
10CVSS
9.7AI Score
0.01EPSS
Exploit for Prototype Pollution in Qs Project Qs
CVE-2022-24999 This repository contain exploits samples of...
7.5CVSS
2.2AI Score
0.01EPSS
Exploit for Code Injection in Exiftool Project Exiftool
CVE-2021-22204 Summary of the CVE Improper sanitization...
7.8CVSS
7.6AI Score
0.89EPSS
Exploit for Improper Privilege Management in Sudo Project Sudo
CVE-2023-22809 sudo Privilege escalation Affected sudo...
7.8CVSS
8.2AI Score
0.001EPSS
Exploit for Improper Privilege Management in Sudo Project Sudo
CVE-2023-22809 CVE-2023-22809 is a critical...
7.8CVSS
8.3AI Score
0.001EPSS
10CVSS
7.3AI Score
0.003EPSS
WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection
WordPress Pricing Deals for WooCommerce plugin through 2.0.2.02 contains a SQL injection vulnerability. The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or...
9.8CVSS
10AI Score
0.04EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
pkexec-exploit Local Privilege Escalation in polkit's pkexec...
8.2AI Score
Exploit for Out-of-bounds Write in Polkit Project Polkit
PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec...
8.2AI Score
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 One day for the polkit privilege escalation...
7.8CVSS
8.8AI Score
0.001EPSS
Exploit for Code Injection in Exiftool Project Exiftool
Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code...
7.8CVSS
8.5AI Score
0.89EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation...
7.8CVSS
8.5AI Score
0.001EPSS
Exploit for Injection in Vm2 Project Vm2
CVE-2023-30547 vm2 is a sandbox that can run untrusted code...
10CVSS
6.8AI Score
0.002EPSS
Exploit for Improper Preservation of Permissions in Podman Project Podman
CVE-2022-1227_Exploit A script for exploiting CVE-2022-1227....
8.8CVSS
8.8AI Score
0.002EPSS
Grant "Browse Project" permission to "User Custom Field Value" makes project visible to all users
{panel:bgColor=#e7f4fa} NOTE: This bug report is for JIRA Server. Using JIRA Cloud? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-37117]. {panel} If in your permission schema, you grant Browse Project permission to "User Custom Field Value", the project is visible...
6.6AI Score
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 CVE-2021-4034 Add Root User - Pkexec Local...
7.8CVSS
8.7AI Score
0.001EPSS
7.8CVSS
8.4AI Score
0.001EPSS
Exploit for Cross-Site Request Forgery (CSRF) in Sitemap Project Sitemap
CVE-2022-0952 Sitemap by click5 < 1.0.36 - Unauthenticated...
8.8CVSS
8.8AI Score
0.453EPSS
7.8CVSS
7.7AI Score
0.001EPSS
9.8CVSS
7AI Score
0.804EPSS
9.8CVSS
7.9AI Score
0.974EPSS
9.8CVSS
8.2AI Score
0.974EPSS
Malicious code in eslint-plugin-cdp-project (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Exploit for Out-of-bounds Write in Polkit Project Polkit
PwnKit-Exploit CVE-2021-4034 ...
8.1AI Score
Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit
Polkit Vulnerability - CVE-2021-3560 :closed_book: ...
7.8CVSS
8.6AI Score
0.012EPSS
Exploit for Uncontrolled Resource Consumption in Quic-Go Project Quic-Go
QUIC-attacks (CVE-2022-30591) The current repository serves...
7.5AI Score
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 CVE-2021-4034 centos8可用版本...
7.8CVSS
8.6AI Score
0.001EPSS
Exploit for Off-by-one Error in Sudo Project Sudo
PE_CVE-CVE-2021-3156 Exploit for Ubuntu 20.04 using...
7.8CVSS
8.6AI Score
0.97EPSS
Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit
Description As part of my cybersecurity thesis I wanted to...
7.8CVSS
8.3AI Score
0.012EPSS
kanboard -- Project Takeover via IDOR in ProjectPermissionController
[email protected] reports: Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to a project only get checked on the URL...
8.2CVSS
8AI Score
0.0004EPSS
8.2AI Score
Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit
PolicyKit CVE-2021-3560 Exploit (Authentication Agent)...
7.8CVSS
7.3AI Score
0.012EPSS
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users are able to see backlog items that they should not see. This issue has been patched in Tuleap Community Edition version...
4.3CVSS
6.8AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of...
7.8CVSS
8.5AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
██████╗ ██╗ ██╗██╗ ██╗███╗ ██╗███████╗██████╗ ██╔══██...
8AI Score
Exploit for Server-Side Request Forgery in Fusion Builder Project Fusion Builder
Fubucker | CVE-2022-1386 - Fusion Builder Automatic Mass Tool...
9.6AI Score
Art Gallery Management System Project v1.0 - Cross-Site Scripting
A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the artname parameter under ART TYPE option in the navigation...
6.1CVSS
5.9AI Score
0.003EPSS
Exploit for Off-by-one Error in Sudo Project Sudo
CVE-2021-3156 [toc] 漏洞简介 漏洞编号: CVE-2021-3156...
7.8CVSS
7.9AI Score
0.97EPSS
Argo CD's API server does not enforce project sourceNamespaces
Impact I can convince the UI to let me do things with an invalid Application. 1. Admin gives me p, michael, applications, , demo/ , allow, where demo can just deploy to the demo namespace 2. Admin gives me AppProject dev which reconciles from ns dev-apps 3. Admin gives me p, michael,...
4.8CVSS
5AI Score
0.0004EPSS
Enrollment System Project v1.0 - SQL Injection Authentication Bypass
Enrollment System Project V1.0, developed by Sourcecodester, has been found to be vulnerable to SQL Injection (SQLI) attacks. This vulnerability allows an attacker to manipulate the SQL queries executed by the application. The system fails to properly validate user-supplied input in the username...
9.8CVSS
10AI Score
0.006EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034-PwnKit PwnKit PoC for Polkit pkexec...
7.8CVSS
8.6AI Score
0.001EPSS
WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload
WordPress SP Project & Document Manager plugin before 4.22 is susceptible to authenticated shell upload. The plugin allows users to upload files; however, the plugin attempts to prevent PHP and other similar executable files from being uploaded via checking the file extension. PHP files can still.....
8.8CVSS
8.7AI Score
0.969EPSS
Exploit for Code Injection in Exiftool Project Exiftool
CVE-2021-22204 Exploit for CVE-2021-22204 (ExifTool) -...
7.8CVSS
8.2AI Score
0.89EPSS
Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Argo CD's API server does not enforce project sourceNamespaces in...
4.8CVSS
4.9AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034-CTF-writeup This is a CTF pwn challenge that I...
7.8CVSS
8.6AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034-CTF-writeup This is a CTF pwn challenge that I...
7.8CVSS
8.6AI Score
0.001EPSS
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...
7.2AI Score
0.0004EPSS
Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through...
5.3CVSS
7.2AI Score
0.0004EPSS