|
|
|
@ -3760,9 +3760,9 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
51850,exploits/hardware/remote/51850.txt,"Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)",2024-03-03,"Alok kumar",remote,hardware,,2024-03-03,2024-03-03,0,,,,,,
|
|
|
|
|
40120,exploits/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution / Escalate Privileges",2016-07-17,b0yd,remote,hardware,,2016-07-18,2016-12-09,0,CVE-2016-3989;CVE-2016-3962,,,,,https://www.securifera.com/blog/2016/07/17/time-to-patch-rce-on-meinberg-ntp-time-server/
|
|
|
|
|
40589,exploits/hardware/remote/40589.html,"MiCasaVerde VeraLite - Remote Code Execution",2016-10-20,"Jacob Baines",remote,hardware,,2016-10-20,2016-10-27,0,CVE-2013-4863;CVE-2016-6255,,,,,
|
|
|
|
|
52119,exploits/hardware/remote/52119.NA,"Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection",2025-04-04,"Armando Huesca Prida",remote,hardware,,2025-04-04,2025-04-04,0,CVE-2024-9054,,,,,
|
|
|
|
|
52120,exploits/hardware/remote/52120.NA,"Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)",2025-04-04,"Armando Huesca Prida",remote,hardware,,2025-04-04,2025-04-04,0,CVE-2024-43687,,,,,
|
|
|
|
|
52122,exploits/hardware/remote/52122.NA,"Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection",2025-04-05,"Armando Huesca Prida",remote,hardware,,2025-04-05,2025-04-05,0,CVE-2024-7801,,,,,
|
|
|
|
|
52119,exploits/hardware/remote/52119.NA,"Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection",2025-04-04,"Armando Huesca Prida",remote,hardware,,2025-04-04,2025-04-13,0,CVE-2024-9054,,,,,
|
|
|
|
|
52120,exploits/hardware/remote/52120.NA,"Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)",2025-04-04,"Armando Huesca Prida",remote,hardware,,2025-04-04,2025-04-13,0,CVE-2024-43687,,,,,
|
|
|
|
|
52122,exploits/hardware/remote/52122.NA,"Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection",2025-04-05,"Armando Huesca Prida",remote,hardware,,2025-04-05,2025-04-13,0,CVE-2024-7801,,,,,
|
|
|
|
|
45040,exploits/hardware/remote/45040.txt,"Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials",2018-07-17,LiquidWorm,remote,hardware,,2018-07-17,2018-07-17,0,,,,,,
|
|
|
|
|
45578,exploits/hardware/remote/45578.cpp,"MicroTik RouterOS < 6.43rc3 - Remote Root",2018-10-10,"Jacob Baines",remote,hardware,,2018-10-10,2018-10-10,0,CVE-2018-14847,Remote,,,,
|
|
|
|
|
41718,exploits/hardware/remote/41718.txt,"Miele Professional PG 8528 - Directory Traversal",2017-03-24,"Jens Regel",remote,hardware,,2017-03-24,2017-03-24,0,CVE-2017-7240,,,,,
|
|
|
|
@ -5471,7 +5471,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
39886,exploits/java/webapps/39886.txt,"Apache Continuum 1.4.2 - Multiple Vulnerabilities",2016-06-06,"David Shanahan",webapps,java,,2016-06-06,2016-06-14,1,,,,,http://www.exploit-db.comapache-continuum-1.4.2-bin.tar.gz,
|
|
|
|
|
49398,exploits/java/webapps/49398.rb,"Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)",2021-01-08,"SunCSR Team",webapps,java,,2021-01-08,2021-01-08,1,CVE-2020-17519,,,,,
|
|
|
|
|
48978,exploits/java/webapps/48978.py,"Apache Flink 1.9.x - File Upload RCE (Unauthenticated)",2020-11-02,bigger.wing,webapps,java,,2020-11-02,2020-11-02,0,,,,,,
|
|
|
|
|
52149,exploits/java/webapps/52149.py,"Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)",2025-04-09,"Yesith Alvarez",webapps,java,,2025-04-09,2025-04-09,0,CVE-2024-27348,,,,,
|
|
|
|
|
52149,exploits/java/webapps/52149.py,"Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)",2025-04-09,"Yesith Alvarez",webapps,java,,2025-04-09,2025-04-13,0,CVE-2024-27348,,,,,
|
|
|
|
|
37110,exploits/java/webapps/37110.py,"Apache JackRabbit - WebDAV XML External Entity",2015-05-26,"Mikhail Egorov",webapps,java,8080,2015-05-26,2017-11-02,0,CVE-2015-1833;OSVDB-122382,,,,,
|
|
|
|
|
45673,exploits/java/webapps/45673.py,"Apache OFBiz 16.11.04 - XML External Entity Injection",2018-10-24,"Jamie Parfet",webapps,java,,2018-10-24,2018-10-25,0,,"XML External Entity (XXE)",,,,
|
|
|
|
|
48408,exploits/java/webapps/48408.txt,"Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)",2020-05-01,"Faiz Ahmed Zaidi",webapps,java,,2020-05-01,2020-05-01,0,CVE-2019-0235,,,,,
|
|
|
|
@ -5514,7 +5514,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
50952,exploits/java/webapps/50952.py,"Confluence Data Center 7.18.0 - Remote Code Execution (RCE)",2022-06-10,"Fellipe Oliveira",webapps,java,,2022-06-10,2022-06-10,0,CVE-2022-26134,,,,,
|
|
|
|
|
50243,exploits/java/webapps/50243.py,"Confluence Server 7.12.4 - 'OGNL injection' Remote Code Execution (RCE) (Unauthenticated)",2021-09-01,"Fellipe Oliveira",webapps,java,,2021-09-01,2021-09-01,0,CVE-2021-26084,,,,,
|
|
|
|
|
36548,exploits/java/webapps/36548.txt,"Contus Job Portal - 'Category' SQL Injection",2012-01-13,Lazmania61,webapps,java,,2012-01-13,2015-03-30,1,,,,,,https://www.securityfocus.com/bid/51404/info
|
|
|
|
|
52128,exploits/java/webapps/52128.py,"DataEase 2.4.0 - Database Configuration Information Exposure",2025-04-06,ByteHunter,webapps,java,,2025-04-06,2025-04-06,0,CVE-2024-30269,,,,,
|
|
|
|
|
52128,exploits/java/webapps/52128.py,"DataEase 2.4.0 - Database Configuration Information Exposure",2025-04-06,ByteHunter,webapps,java,,2025-04-06,2025-04-13,0,CVE-2024-30269,,,,,
|
|
|
|
|
33048,exploits/java/webapps/33048.txt,"DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting",2009-05-19,r0t,webapps,java,,2009-05-19,2014-04-27,1,CVE-2009-2216;OSVDB-55296,,,,,https://www.securityfocus.com/bid/35450/info
|
|
|
|
|
34293,exploits/java/webapps/34293.txt,"dotDefender 4.02 - 'clave' Cross-Site Scripting",2010-07-12,"David K",webapps,java,,2010-07-12,2014-08-08,1,,,,,,https://www.securityfocus.com/bid/41541/info
|
|
|
|
|
33286,exploits/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Cross-Site Scripting",2009-10-14,"Michele Orru",webapps,java,,2009-10-14,2014-05-10,1,CVE-2009-4521;OSVDB-58941,,,,,https://www.securityfocus.com/bid/36674/info
|
|
|
|
@ -10404,7 +10404,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
52186,exploits/multiple/hardware/52186.txt,"ABB Cylon FLXeon 9.3.4 - Remote Code Execution (RCE)",2025-04-11,LiquidWorm,hardware,multiple,,2025-04-11,2025-04-11,0,CVE-2024-48841,,,,,
|
|
|
|
|
52178,exploits/multiple/hardware/52178.txt,"ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure",2025-04-11,LiquidWorm,hardware,multiple,,2025-04-11,2025-04-11,0,CVE-2024-48852,,,,,
|
|
|
|
|
52184,exploits/multiple/hardware/52184.txt,"ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning",2025-04-11,LiquidWorm,hardware,multiple,,2025-04-11,2025-04-11,0,CVE-2024-48849,,,,,
|
|
|
|
|
52160,exploits/multiple/hardware/52160.py,"Cosy+ firmware 21.2s7 - Command Injection",2025-04-10,CodeB0ss,hardware,multiple,,2025-04-10,2025-04-10,0,CVE-2024-33896,,,,,
|
|
|
|
|
52160,exploits/multiple/hardware/52160.py,"Cosy+ firmware 21.2s7 - Command Injection",2025-04-10,CodeB0ss,hardware,multiple,,2025-04-10,2025-04-13,0,CVE-2024-33896,,,,,
|
|
|
|
|
52183,exploits/multiple/hardware/52183.txt,"Netman 204 - Remote command without authentication",2025-04-11,"Parsa Rezaie Khiabanloo",hardware,multiple,,2025-04-11,2025-04-11,0,,,,,,
|
|
|
|
|
11651,exploits/multiple/local/11651.sh,"(Tod Miller's) Sudo/SudoEdit 1.6.9p21/1.7.2p4 - Local Privilege Escalation",2010-03-07,kingcope,local,multiple,,2010-03-06,,1,,,,,,
|
|
|
|
|
51849,exploits/multiple/local/51849.py,"A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc",2024-03-03,"George Washington",local,multiple,,2024-03-03,2024-03-03,0,,,,,,
|
|
|
|
@ -10647,7 +10647,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
21116,exploits/multiple/remote/21116.pl,"Amtote Homebet - Account Information Brute Force",2001-09-28,"Gary O'Leary-Steele",remote,multiple,,2001-09-28,2012-09-06,1,CVE-2001-1528;OSVDB-20236,,,,,https://www.securityfocus.com/bid/3371/info
|
|
|
|
|
21115,exploits/multiple/remote/21115.pl,"AmTote Homebet - World Accessible Log",2001-09-28,"Gary O'Leary-Steele",remote,multiple,,2001-09-28,2012-09-06,1,CVE-2001-1170;OSVDB-9788,,,,,https://www.securityfocus.com/bid/3370/info
|
|
|
|
|
22130,exploits/multiple/remote/22130.txt,"AN HTTPD 1.41 e - Cross-Site Scripting",2003-01-06,D4rkGr3y,remote,multiple,,2003-01-06,2012-10-21,1,CVE-2003-1271;OSVDB-59639,,,,,https://www.securityfocus.com/bid/6529/info
|
|
|
|
|
52121,exploits/multiple/remote/52121.py,"Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)",2025-04-04,"Ravindu Wickramasinghe",remote,multiple,,2025-04-04,2025-04-04,0,CVE-2024-42640,,,,,
|
|
|
|
|
52121,exploits/multiple/remote/52121.py,"Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)",2025-04-04,"Ravindu Wickramasinghe",remote,multiple,,2025-04-04,2025-04-13,0,CVE-2024-42640,,,,,
|
|
|
|
|
33497,exploits/multiple/remote/33497.txt,"AOLServer Terminal 4.5.1 - Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,remote,multiple,,2010-01-11,2014-05-26,1,CVE-2009-4494;OSVDB-61772,,,,,https://www.securityfocus.com/bid/37712/info
|
|
|
|
|
18442,exploits/multiple/remote/18442.html,"Apache - httpOnly Cookie Disclosure",2012-01-31,pilate,remote,multiple,,2012-01-31,2012-01-31,1,CVE-2012-0053;OSVDB-78556,,,,,https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
|
|
|
|
|
21067,exploits/multiple/remote/21067.c,"Apache 1.0/1.2/1.3 - Server Address Disclosure",2001-08-21,magnum,remote,multiple,,2001-08-21,2012-09-04,1,OSVDB-86902,,,,,https://www.securityfocus.com/bid/3169/info
|
|
|
|
@ -11088,7 +11088,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
17068,exploits/multiple/remote/17068.py,"jHTTPd 0.1a - Directory Traversal",2011-03-29,"AutoSec Tools",remote,multiple,,2011-03-29,2011-03-29,0,,,,,,
|
|
|
|
|
25191,exploits/multiple/remote/25191.txt,"JoWood Chaser 1.0/1.50 - Remote Buffer Overflow",2005-03-07,"Luigi Auriemma",remote,multiple,,2005-03-07,2013-05-06,1,,,,,,https://www.securityfocus.com/bid/12733/info
|
|
|
|
|
24981,exploits/multiple/remote/24981.txt,"JPegToAvi 1.5 - File List Buffer Overflow",2004-12-15,"James Longstreet",remote,multiple,,2004-12-15,2013-04-30,1,,,,,,https://www.securityfocus.com/bid/11976/info
|
|
|
|
|
52158,exploits/multiple/remote/52158.py,"K7 Ultimate Security K7RKScan.sys 17.0.2019 - Denial Of Service (DoS)",2025-04-10,"M. Akil Gündoğan",remote,multiple,,2025-04-10,2025-04-10,0,CVE-2024-36424,,,,,
|
|
|
|
|
52158,exploits/multiple/remote/52158.py,"K7 Ultimate Security K7RKScan.sys 17.0.2019 - Denial Of Service (DoS)",2025-04-10,"M. Akil Gündoğan",remote,multiple,,2025-04-10,2025-04-13,0,CVE-2024-36424,,,,,
|
|
|
|
|
11817,exploits/multiple/remote/11817.txt,"KDE 4.4.1 - Ksysguard Remote Code Execution (via Cross Application Scripting)",2010-03-20,emgent,remote,multiple,,2010-03-19,,1,,,,,,
|
|
|
|
|
24414,exploits/multiple/remote/24414.txt,"Keene Digital Media Server 1.0.2 - Directory Traversal",2004-08-26,"GulfTech Security",remote,multiple,,2004-08-26,2018-01-05,1,"BID: 11057;GTSA-00044",,,,,http://gulftech.org/advisories/Digital%20Media%20Server%20Arbitrary%20File%20Access/44
|
|
|
|
|
20181,exploits/multiple/remote/20181.txt,"Kerberos 4 4.0/5 5.0 - KDC Spoofing",2000-08-28,"Dug Song",remote,multiple,,2000-08-28,2012-08-05,1,OSVDB-84635,,,,,https://www.securityfocus.com/bid/1616/info
|
|
|
|
@ -11665,8 +11665,8 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
44151,exploits/multiple/remote/44151.txt,"μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure",2018-02-20,"Google Security Research",remote,multiple,,2018-02-20,2018-02-21,1,,,,,,https://bugs.chromium.org/p/project-zero/issues/detail?id=1524
|
|
|
|
|
34111,exploits/multiple/webapps/34111.txt,"(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections",2010-06-09,"L0rd CrusAd3r",webapps,multiple,,2010-06-09,2014-07-19,1,,,,,,https://www.securityfocus.com/bid/40676/info
|
|
|
|
|
33760,exploits/multiple/webapps/33760.txt,"(Multiple Products) - 'banner.swf' Cross-Site Scripting",2010-03-15,MustLive,webapps,multiple,,2010-03-15,2014-06-15,1,,,,,,https://www.securityfocus.com/bid/38732/info
|
|
|
|
|
52115,exploits/multiple/webapps/52115.NA,"ABB Cylon Aspect 3.07.02 - File Disclosure (Authenticated)",2025-04-03,LiquidWorm,webapps,multiple,,2025-04-03,2025-04-03,0,CVE-na,,,,,
|
|
|
|
|
52107,exploits/multiple/webapps/52107.NA,"ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)",2025-04-02,LiquidWorm,webapps,multiple,,2025-04-02,2025-04-02,0,CVE-2024-6298,,,,,
|
|
|
|
|
52115,exploits/multiple/webapps/52115.NA,"ABB Cylon Aspect 3.07.02 - File Disclosure",2025-04-03,LiquidWorm,webapps,multiple,,2025-04-03,2025-04-13,0,CVE-na,,,,,
|
|
|
|
|
52107,exploits/multiple/webapps/52107.NA,"ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)",2025-04-02,LiquidWorm,webapps,multiple,,2025-04-02,2025-04-13,0,CVE-2024-6298,,,,,
|
|
|
|
|
43378,exploits/multiple/webapps/43378.py,"Ability Mail Server 3.3.2 - Cross-Site Scripting",2017-12-20,"Aloyce J. Makalanga",webapps,multiple,,2017-12-20,2017-12-20,0,CVE-2017-17752,,,,http://www.exploit-db.comams3.exe,
|
|
|
|
|
49298,exploits/multiple/webapps/49298.txt,"Academy-LMS 4.3 - Stored XSS",2020-12-21,"Vinicius Alves",webapps,multiple,,2020-12-21,2022-06-03,0,,,,,,
|
|
|
|
|
49991,exploits/multiple/webapps/49991.txt,"Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References (IDOR)",2021-06-14,"Abdulazeez Alaseeri",webapps,multiple,,2021-06-14,2021-06-14,0,CVE-2021-34369,,,,,
|
|
|
|
@ -11805,7 +11805,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
50601,exploits/multiple/webapps/50601.txt,"Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration",2021-12-16,"Daniel Morales",webapps,multiple,,2021-12-16,2021-12-16,0,CVE-2021-44848,,,,,
|
|
|
|
|
11403,exploits/multiple/webapps/11403.txt,"Cisco Collaboration Server 5 - Cross-Site Scripting / Source Code Disclosure",2010-02-11,s4squatch,webapps,multiple,80,2010-02-10,,1,OSVDB-62460;CVE-2010-0642;OSVDB-62459;CVE-2010-0641,,,,,
|
|
|
|
|
44324,exploits/multiple/webapps/44324.py,"Cisco node-jos < 0.11.0 - Re-sign Tokens",2018-03-20,zioBlack,webapps,multiple,,2018-03-21,2019-07-25,0,CVE-2018-0114,,,,,https://github.com/zi0Black/POC-CVE-2018-0114/tree/d3bddb421726a9eddbabfd6a1ca58ff4abca93af
|
|
|
|
|
52155,exploits/multiple/webapps/52155.py,"Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover",2025-04-10,"Mohammed Adel",webapps,multiple,,2025-04-10,2025-04-10,0,CVE-2024-20419,,,,,
|
|
|
|
|
52155,exploits/multiple/webapps/52155.py,"Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover",2025-04-10,"Mohammed Adel",webapps,multiple,,2025-04-10,2025-04-13,0,CVE-2024-20419,,,,,
|
|
|
|
|
37816,exploits/multiple/webapps/37816.txt,"Cisco Unified Communications Manager - Multiple Vulnerabilities",2015-08-18,"Bernhard Mueller",webapps,multiple,,2015-08-18,2015-08-18,0,CVE-2014-8008;CVE-2014-6271;OSVDB-126132;OSVDB-126131;OSVDB-117422,,,,,http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
|
|
|
|
|
48975,exploits/multiple/webapps/48975.py,"Citadel WebCit < 926 - Session Hijacking Exploit",2020-10-30,"Simone Quatrini",webapps,multiple,,2020-10-30,2020-10-30,0,,,,,,
|
|
|
|
|
47930,exploits/multiple/webapps/47930.txt,"Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal",2020-01-16,"Dhiraj Mishra",webapps,multiple,,2020-01-16,2020-01-16,0,CVE-2019-19781,,,,,
|
|
|
|
@ -11847,7 +11847,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
18473,exploits/multiple/webapps/18473.txt,"Cyberoam Central Console 2.00.2 - Remote File Inclusion",2012-02-08,Vulnerability-Lab,webapps,multiple,,2012-02-08,2012-02-08,0,OSVDB-79326;CVE-2012-1047,,,,,https://www.vulnerability-lab.com/get_content.php?id=405
|
|
|
|
|
47063,exploits/multiple/webapps/47063.html,"CyberPanel 1.8.4 - Cross-Site Request Forgery",2019-07-01,"Bilgi Birikim Sistemleri",webapps,multiple,,2019-07-01,2019-07-03,0,,"Cross-Site Request Forgery (CSRF)",,,,
|
|
|
|
|
50230,exploits/multiple/webapps/50230.py,"CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated)",2021-08-27,"numan türle",webapps,multiple,,2021-08-27,2021-08-27,0,,,,,,
|
|
|
|
|
52172,exploits/multiple/webapps/52172.py,"CyberPanel 2.3.6 - Remote Code Execution (RCE)",2025-04-11,"Luka Petrovic (refr4g)",webapps,multiple,,2025-04-11,2025-04-11,0,CVE-2024-51378,,,,,
|
|
|
|
|
52172,exploits/multiple/webapps/52172.py,"CyberPanel 2.3.6 - Remote Code Execution (RCE)",2025-04-11,"Luka Petrovic (refr4g)",webapps,multiple,,2025-04-11,2025-04-13,0,CVE-2024-51378,,,,,
|
|
|
|
|
50909,exploits/multiple/webapps/50909.txt,"Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting (XSS)",2022-05-11,"Tin Pham",webapps,multiple,,2022-05-11,2022-05-11,0,CVE-2021-31673,,,,,
|
|
|
|
|
50908,exploits/multiple/webapps/50908.txt,"Cyclos 4.14.7 - DOM Based Cross-Site Scripting (XSS)",2022-05-11,"Tin Pham",webapps,multiple,,2022-05-11,2022-05-11,0,CVE-2021-31674,,,,,
|
|
|
|
|
43847,exploits/multiple/webapps/43847.py,"DarkComet (C2 Server) - File Upload",2018-01-15,"Pseudo Laboratories",webapps,multiple,,2018-01-21,2018-01-21,0,,Malware,,,,https://pseudolaboratories.github.io/DarkComet-upload-vulnerability/
|
|
|
|
@ -11983,7 +11983,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
15473,exploits/multiple/webapps/15473.html,"IBM OmniFind - Cross-Site Request Forgery",2010-11-09,"Fatih Kilic",webapps,multiple,,2010-11-09,2010-11-09,0,CVE-2010-3891;OSVDB-69083,,,,,
|
|
|
|
|
46017,exploits/multiple/webapps/46017.txt,"IBM Operational Decision Manager 8.x - XML External Entity Injection",2018-12-19,"Mohamed M.Fouad",webapps,multiple,9443,2018-12-19,2018-12-19,1,CVE-2018-1821,"XML External Entity (XXE)",,,,
|
|
|
|
|
32631,exploits/multiple/webapps/32631.txt,"IBM Rational ClearCase 7/8 - Cross-Site Scripting",2008-12-01,IBM,webapps,multiple,,2008-12-01,2014-04-01,1,CVE-2008-5330;OSVDB-50369,,,,,https://www.securityfocus.com/bid/32574/info
|
|
|
|
|
52123,exploits/multiple/webapps/52123.NA,"IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow",2025-04-05,"Giulio Garzia",webapps,multiple,,2025-04-05,2025-04-05,0,CVE-2024-35133,,,,,
|
|
|
|
|
52123,exploits/multiple/webapps/52123.NA,"IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow",2025-04-05,"Giulio Garzia",webapps,multiple,,2025-04-05,2025-04-13,0,CVE-2024-35133,,,,,
|
|
|
|
|
45190,exploits/multiple/webapps/45190.txt,"IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting",2018-08-13,"Vikas Khanna",webapps,multiple,,2018-08-13,2018-08-13,1,CVE-2018-1563;CVE-2018-1513,,,,,
|
|
|
|
|
34908,exploits/multiple/webapps/34908.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/acl?method' Cross-Site Scripting",2010-10-22,IBM,webapps,multiple,,2010-10-22,2014-10-06,1,CVE-2010-4120;OSVDB-68885,,,,,https://www.securityfocus.com/bid/44382/info
|
|
|
|
|
34909,exploits/multiple/webapps/34909.txt,"IBM Tivoli Access Manager for E-Business - '/ibm/wpm/domain?method' Cross-Site Scripting",2010-10-22,IBM,webapps,multiple,,2010-10-22,2014-10-06,1,CVE-2010-4120;OSVDB-68886,,,,,https://www.securityfocus.com/bid/44382/info
|
|
|
|
@ -12008,7 +12008,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
49351,exploits/multiple/webapps/49351.html,"IncomCMS 2.0 - Insecure File Upload",2021-01-05,MoeAlBarbari,webapps,multiple,,2021-01-05,2021-01-05,0,CVE-2020-29597,,,,,
|
|
|
|
|
48693,exploits/multiple/webapps/48693.go,"INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution",2020-07-26,"Patrick Hener",webapps,multiple,,2020-07-26,2020-07-26,0,CVE-2020-15492,,,,,
|
|
|
|
|
34408,exploits/multiple/webapps/34408.txt,"Innovaphone PBX Admin-GUI - Cross-Site Request Forgery",2014-08-25,"Rainer Giedat",webapps,multiple,80,2014-08-25,2014-08-25,0,CVE-2014-5335;OSVDB-110269,,,,,
|
|
|
|
|
52151,exploits/multiple/webapps/52151.txt,"Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)",2025-04-09,"Andrew Lemon/Red Threat",webapps,multiple,,2025-04-09,2025-04-09,0,CVE-2024-38944,,,,,
|
|
|
|
|
52151,exploits/multiple/webapps/52151.txt,"Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)",2025-04-09,"Andrew Lemon/Red Threat",webapps,multiple,,2025-04-09,2025-04-13,0,CVE-2024-38944,,,,,
|
|
|
|
|
14004,exploits/multiple/webapps/14004.txt,"Interscan Web Security 5.0 - Arbitrary File Upload / Privilege Escalation",2010-06-23,"Ivan Huertas",webapps,multiple,,2010-06-23,2010-06-23,1,OSVDB-65973,,cybsec_advisory_2010_0604_InterScan_Web_Security_5_0_Local_Privilege_Escalation.pdf,,,
|
|
|
|
|
14001,exploits/multiple/webapps/14001.txt,"Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download",2010-06-23,"Ivan Huertas",webapps,multiple,,2010-06-23,2010-06-23,1,OSVDB-65774,,cybsec_advisory_2010_0606_InterScan_Web_Security_5_0_Arbitrary_File_Download.pdf,,,
|
|
|
|
|
49188,exploits/multiple/webapps/49188.txt,"Invision Community 4.5.4 - 'Field Name' Stored Cross-Site Scripting",2020-12-03,"Hemant Patidar",webapps,multiple,,2020-12-03,2021-01-06,0,CVE-2020-29477,,,,,
|
|
|
|
@ -12051,7 +12051,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
44487,exploits/multiple/webapps/44487.txt,"Kodi 17.6 - Persistent Cross-Site Scripting",2018-04-18,"Manuel García Cárdenas",webapps,multiple,,2018-04-18,2018-04-18,0,CVE-2018-8831,"Cross-Site Scripting (XSS)",,,,
|
|
|
|
|
50521,exploits/multiple/webapps/50521.py,"KONGA 0.14.9 - Privilege Escalation",2021-11-15,"Fabricio Salomao",webapps,multiple,,2021-11-15,2021-11-15,0,,,,,http://www.exploit-db.comkonga-0.14.9.zip,
|
|
|
|
|
34224,exploits/multiple/webapps/34224.txt,"Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection",2010-06-29,TurboBorland,webapps,multiple,,2010-06-29,2014-08-01,1,,,,,,https://www.securityfocus.com/bid/41229/info
|
|
|
|
|
52097,exploits/multiple/webapps/52097.NA,"KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)",2025-03-27,"Okan Kurtulus",webapps,multiple,,2025-03-27,2025-03-27,0,CVE-2024-46528,,,,,https://github.com/advisories/GHSA-p26r-gfgc-c47h
|
|
|
|
|
52097,exploits/multiple/webapps/52097.NA,"KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)",2025-03-27,"Okan Kurtulus",webapps,multiple,,2025-03-27,2025-04-13,0,CVE-2024-46528,,,,,https://github.com/advisories/GHSA-p26r-gfgc-c47h
|
|
|
|
|
52125,exploits/multiple/webapps/52125.py,"Kubio AI Page Builder 2.5.1 - Local File Inclusion (LFI)",2025-04-05,4m3rr0r,webapps,multiple,,2025-04-05,2025-04-05,0,CVE-2025-2294,,,,,
|
|
|
|
|
49733,exploits/multiple/webapps/49733.txt,"Latrix 0.6.0 - 'txtaccesscode' SQL Injection",2021-04-01,cptsticky,webapps,multiple,,2021-04-01,2021-04-01,0,,,,,,
|
|
|
|
|
48453,exploits/multiple/webapps/48453.txt,"LibreNMS 1.46 - 'search' SQL Injection",2020-05-11,Punt,webapps,multiple,,2020-05-11,2020-05-11,0,,,,,,
|
|
|
|
@ -12078,7 +12078,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
49081,exploits/multiple/webapps/49081.py,"M/Monit 3.7.4 - Password Disclosure",2020-11-19,"Dolev Farhi",webapps,multiple,,2020-11-19,2020-11-19,0,,,,,,
|
|
|
|
|
49080,exploits/multiple/webapps/49080.py,"M/Monit 3.7.4 - Privilege Escalation",2020-11-19,"Dolev Farhi",webapps,multiple,,2020-11-19,2020-11-19,0,,,,,,
|
|
|
|
|
51847,exploits/multiple/webapps/51847.txt,"Magento ver. 2.4.6 - XSLT Server Side Injection",2024-03-03,tmrswrr,webapps,multiple,,2024-03-03,2024-03-03,0,,,,,,
|
|
|
|
|
52170,exploits/multiple/webapps/52170.txt,"MagnusSolution magnusbilling 7.3.0 - Command Injection",2025-04-11,CodeSecLab,webapps,multiple,,2025-04-11,2025-04-11,0,CVE-2023-30258,,,,,
|
|
|
|
|
52170,exploits/multiple/webapps/52170.txt,"MagnusSolution magnusbilling 7.3.0 - Command Injection",2025-04-11,CodeSecLab,webapps,multiple,,2025-04-11,2025-04-13,0,CVE-2023-30258,,,,,
|
|
|
|
|
50971,exploits/multiple/webapps/50971.txt,"Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS)",2022-06-27,Vulnz,webapps,multiple,,2022-06-27,2022-06-27,0,,,,,,
|
|
|
|
|
9714,exploits/multiple/webapps/9714.txt,"Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion",2009-10-18,"Don Tukulesto",webapps,multiple,,2009-10-17,,1,OSVDB-58288;CVE-2009-3333,,,,,
|
|
|
|
|
39236,exploits/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",webapps,multiple,,2016-01-14,2016-01-14,0,OSVDB-133027,,,,,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5291.php
|
|
|
|
@ -12220,7 +12220,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
51646,exploits/multiple/webapps/51646.txt,"Ozeki SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)",2023-08-04,"Ahmet Ümit BAYRAM",webapps,multiple,,2023-08-04,2023-08-04,0,,,,,,
|
|
|
|
|
43440,exploits/multiple/webapps/43440.txt,"P-Synch < 6.2.5 - Multiple Vulnerabilities",2003-05-30,"GulfTech Security",webapps,multiple,,2018-01-05,2018-01-05,0,GTSA-00005,,,,,http://gulftech.org/advisories/P-Synch%20Multiple%20Vulnerabilities/5
|
|
|
|
|
51343,exploits/multiple/webapps/51343.txt,"Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)",2023-04-08,omurugur,webapps,multiple,,2023-04-08,2023-04-08,0,CVE-2022-0020,,,,,
|
|
|
|
|
52129,exploits/multiple/webapps/52129.py,"Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover",2025-04-06,ByteHunter,webapps,multiple,,2025-04-06,2025-04-06,0,CVE-2024-5910,,,,,
|
|
|
|
|
52129,exploits/multiple/webapps/52129.py,"Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover",2025-04-06,ByteHunter,webapps,multiple,,2025-04-06,2025-04-13,0,CVE-2024-5910,,,,,
|
|
|
|
|
51391,exploits/multiple/webapps/51391.py,"PaperCut NG/MG 22.0.4 - Authentication Bypass",2023-04-25,MaanVader,webapps,multiple,,2023-04-25,2023-04-25,0,CVE-2023-27350,,,,,
|
|
|
|
|
51452,exploits/multiple/webapps/51452.py,"PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE)",2023-05-23,MaanVader,webapps,multiple,,2023-05-23,2023-05-23,0,CVE-2023-27350,,,,,
|
|
|
|
|
35210,exploits/multiple/webapps/35210.txt,"Password Manager Pro / Pro MSP - Blind SQL Injection",2014-11-10,"Pedro Ribeiro",webapps,multiple,,2014-11-10,2018-01-25,0,CVE-2014-8499;CVE-2014-8498;OSVDB-114485;OSVDB-114484;OSVDB-114483,,,,,https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/ManageEngine/me_pmp_privesc.txt
|
|
|
|
@ -12254,7 +12254,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
44276,exploits/multiple/webapps/44276.txt,"Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials",2018-03-12,LiquidWorm,webapps,multiple,,2018-03-12,2018-03-12,0,,,,,,
|
|
|
|
|
50229,exploits/multiple/webapps/50229.txt,"ProcessMaker 3.5.4 - Local File inclusion",2021-08-26,"Ai Ho",webapps,multiple,,2021-08-26,2021-08-26,0,,,,,,
|
|
|
|
|
9728,exploits/multiple/webapps/9728.txt,"ProdLer 2.0 - Remote File Inclusion",2009-09-21,cr4wl3r,webapps,multiple,,2009-09-20,,1,OSVDB-58298;CVE-2009-3324,,,,,
|
|
|
|
|
52103,exploits/multiple/webapps/52103.py,"Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass",2025-03-28,VeryLazyTech,webapps,multiple,,2025-03-28,2025-03-28,0,CVE-2024-4358,,,,,
|
|
|
|
|
52103,exploits/multiple/webapps/52103.py,"Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass",2025-03-28,VeryLazyTech,webapps,multiple,,2025-03-28,2025-04-13,0,CVE-2024-4358,,,,,
|
|
|
|
|
35219,exploits/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",webapps,multiple,,2014-11-17,2014-11-17,0,OSVDB-114840;CVE-2014-9237,,,,,
|
|
|
|
|
51264,exploits/multiple/webapps/51264.txt,"Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)",2023-04-05,"Andreas Finstad",webapps,multiple,,2023-04-05,2023-04-05,0,CVE-2023-23286,,,,,
|
|
|
|
|
12730,exploits/multiple/webapps/12730.txt,"ProWeb Design - SQL Injection",2010-05-24,cyberlog,webapps,multiple,,2010-05-23,,1,,,,,,
|
|
|
|
@ -12323,7 +12323,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
49986,exploits/multiple/webapps/49986.txt,"Solar-Log 500 2.8.2 - Incorrect Access Control",2021-06-11,Luca.Chiou,webapps,multiple,,2021-06-11,2021-06-11,0,,,,,,
|
|
|
|
|
49987,exploits/multiple/webapps/49987.txt,"Solar-Log 500 2.8.2 - Unprotected Storage of Credentials",2021-06-11,Luca.Chiou,webapps,multiple,,2021-06-11,2021-06-11,0,,,,,,
|
|
|
|
|
52055,exploits/multiple/webapps/52055.py,"SolarWinds Platform 2024.1 SR1 - Race Condition",2024-06-26,"Elhussain Fathy",webapps,multiple,,2024-06-26,2024-06-26,0,CVE-2024-28999,,,,,
|
|
|
|
|
52101,exploits/multiple/webapps/52101.py,"Sonatype Nexus Repository 3.53.0-01 - Path Traversal",2025-03-28,VeryLazyTech,webapps,multiple,,2025-03-28,2025-03-28,0,CVE-2024-4956,,,,,
|
|
|
|
|
52101,exploits/multiple/webapps/52101.py,"Sonatype Nexus Repository 3.53.0-01 - Path Traversal",2025-03-28,VeryLazyTech,webapps,multiple,,2025-03-28,2025-04-13,0,CVE-2024-4956,,,,,
|
|
|
|
|
22852,exploits/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,webapps,multiple,,2012-11-20,2012-11-20,0,OSVDB-87640;OSVDB-87639;OSVDB-87638,,,,,https://www.vulnerability-lab.com/get_content.php?id=549
|
|
|
|
|
24204,exploits/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution",2013-01-18,"Nikolas Sotiriu",webapps,multiple,,2013-01-18,2016-12-04,0,CVE-2013-1359;OSVDB-89347,,,,,
|
|
|
|
|
24203,exploits/multiple/webapps/24203.txt,"SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass",2013-01-18,"Nikolas Sotiriu",webapps,multiple,,2013-01-18,2013-01-18,0,CVE-2013-1360;OSVDB-89346,,,,,
|
|
|
|
@ -12408,7 +12408,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
12610,exploits/multiple/webapps/12610.txt,"VMware View Portal 3.1 - Cross-Site Scripting",2010-05-14,"Alexey Sintsov",webapps,multiple,,2010-05-13,,1,CVE-2010-1143,,,,,
|
|
|
|
|
48804,exploits/multiple/webapps/48804.py,"VTENEXT 19 CE - Remote Code Execution",2020-09-11,"Marco Ruela",webapps,multiple,,2020-09-11,2020-09-11,0,,,,,,
|
|
|
|
|
10999,exploits/multiple/webapps/10999.txt,"W-Agora 4.2.1 - Multiple Vulnerabilities",2010-01-04,indoushka,webapps,multiple,,2010-01-03,,0,OSVDB-63644,,,,http://www.exploit-db.comw-agora-4.2.1-php.zip,
|
|
|
|
|
52130,exploits/multiple/webapps/52130.py,"Watcharr 1.43.0 - Remote Code Execution (RCE)",2025-04-06,"Suphawith Phusanbai",webapps,multiple,,2025-04-06,2025-04-06,0,CVE-2024-48827,,,,,
|
|
|
|
|
52130,exploits/multiple/webapps/52130.py,"Watcharr 1.43.0 - Remote Code Execution (RCE)",2025-04-06,"Suphawith Phusanbai",webapps,multiple,,2025-04-06,2025-04-13,0,CVE-2024-48827,,,,,
|
|
|
|
|
52132,exploits/multiple/webapps/52132.sh,"WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE)",2025-04-06,Swammers8,webapps,multiple,,2025-04-06,2025-04-06,0,,,,,,
|
|
|
|
|
31233,exploits/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc?camnum' Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",webapps,multiple,,2008-02-18,2014-01-28,1,CVE-2008-5674;OSVDB-42927,,,,,https://www.securityfocus.com/bid/27875/info
|
|
|
|
|
31234,exploits/multiple/webapps/31234.txt,"WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic?id' Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",webapps,multiple,,2008-02-18,2014-01-28,1,CVE-2008-5674;OSVDB-42928,,,,,https://www.securityfocus.com/bid/27875/info
|
|
|
|
@ -12899,7 +12899,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
44216,exploits/perl/webapps/44216.txt,"Routers2 2.24 - Cross-Site Scripting",2018-02-28,"Lorenzo Di Fuccia",webapps,perl,,2018-02-28,2018-02-28,1,CVE-2018-6193,,,,,
|
|
|
|
|
51509,exploits/perl/webapps/51509.py,"Thruk Monitoring Web Interface 3.06 - Path Traversal",2023-06-09,"Galoget Latorre",webapps,perl,,2023-06-09,2023-06-09,0,CVE-2023-34096,,,,,
|
|
|
|
|
44386,exploits/perl/webapps/44386.txt,"VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal",2018-04-02,LiquidWorm,webapps,perl,,2018-04-02,2018-04-02,0,,,,,,
|
|
|
|
|
52114,exploits/perl/webapps/52114.py,"Webmin Usermin 2.100 - Username Enumeration",2025-04-03,Kjesper,webapps,perl,,2025-04-03,2025-04-03,0,CVE-2024-44762,,,,,
|
|
|
|
|
52114,exploits/perl/webapps/52114.py,"Webmin Usermin 2.100 - Username Enumeration",2025-04-03,Kjesper,webapps,perl,,2025-04-03,2025-04-13,0,CVE-2024-44762,,,,,
|
|
|
|
|
1651,exploits/php/dos/1651.php,"ADODB < 4.70 - 'tmssql.php' Denial of Service",2006-04-09,rgod,dos,php,,2006-04-08,2016-07-07,1,,,,,http://www.exploit-db.comadodb468.tgz,
|
|
|
|
|
30753,exploits/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - 'index.php' Denial of Service",2007-11-12,L4teral,dos,php,,2007-11-12,2014-01-06,1,CVE-2007-5984;OSVDB-45282,,,,,https://www.securityfocus.com/bid/26410/info
|
|
|
|
|
40996,exploits/php/dos/40996.txt,"DirectAdmin 1.50.1 - Denial of Service",2017-01-08,"IeDb ir",dos,php,,2017-01-08,2017-01-09,0,,,,,,
|
|
|
|
@ -13466,8 +13466,8 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
51058,exploits/php/webapps/51058.txt,"Abantecart v1.3.2 - Authenticated Remote Code Execution",2023-03-25,"Sarang Tumne",webapps,php,,2023-03-25,2023-06-23,1,CVE-2022-26521,,,,,
|
|
|
|
|
27934,exploits/php/webapps/27934.txt,"Abarcar Realty Portal 5.1.5 - 'content.php' SQL Injection",2006-06-01,SpC-x,webapps,php,,2006-06-01,2013-08-29,1,CVE-2006-2853;OSVDB-26226,,,,,https://www.securityfocus.com/bid/18218/info
|
|
|
|
|
28944,exploits/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",webapps,php,,2006-11-08,2013-10-14,1,,,,,,https://www.securityfocus.com/bid/20970/info
|
|
|
|
|
52112,exploits/php/webapps/52112.NA,"ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials",2025-04-03,LiquidWorm,webapps,php,,2025-04-03,2025-04-03,0,CVE-2024-4007,,,,,
|
|
|
|
|
52108,exploits/php/webapps/52108.NA,"ABB Cylon Aspect 3.08.01 - Arbitrary File Delete",2025-04-02,LiquidWorm,webapps,php,,2025-04-02,2025-04-02,0,CVE-2024-6209,,,,,
|
|
|
|
|
52112,exploits/php/webapps/52112.NA,"ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials",2025-04-03,LiquidWorm,webapps,php,,2025-04-03,2025-04-13,0,CVE-2024-4007,,,,,
|
|
|
|
|
52108,exploits/php/webapps/52108.NA,"ABB Cylon Aspect 3.08.01 - Arbitrary File Delete",2025-04-02,LiquidWorm,webapps,php,,2025-04-02,2025-04-13,0,CVE-2024-6209,,,,,
|
|
|
|
|
8555,exploits/php/webapps/8555.txt,"ABC Advertise 1.0 - Admin Password Disclosure",2009-04-27,SirGod,webapps,php,,2009-04-26,,1,OSVDB-54287;CVE-2009-1550,,,,,
|
|
|
|
|
45836,exploits/php/webapps/45836.txt,"ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)",2018-11-13,"Ihsan Sencan",webapps,php,80,2018-11-13,2018-11-13,0,,"Cross-Site Request Forgery (CSRF)",,,http://www.exploit-db.comabc_v_0_6_4.zip,
|
|
|
|
|
4338,exploits/php/webapps/4338.pl,"ABC estore 3.0 - 'cat_id' Blind SQL Injection",2007-08-29,k1tk4t,webapps,php,,2007-08-28,,1,OSVDB-38434;CVE-2007-4627,,,,,
|
|
|
|
@ -14247,7 +14247,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
10816,exploits/php/webapps/10816.txt,"Aptgp.1.3.0c - Cross-Site Scripting",2009-12-30,indoushka,webapps,php,,2009-12-29,,0,,,,,,
|
|
|
|
|
12567,exploits/php/webapps/12567.html,"Aqar Script 1.0 - Remote Bypass",2010-05-11,indoushka,webapps,php,,2010-05-10,,0,,,,,,
|
|
|
|
|
8432,exploits/php/webapps/8432.txt,"Aqua CMS - 'Username' SQL Injection",2009-04-14,halkfild,webapps,php,,2009-04-13,,1,OSVDB-53691;CVE-2009-1317;OSVDB-53690,,,,,http://crackfor.me/bugtraq/aquacms.v1.1.txt
|
|
|
|
|
52164,exploits/php/webapps/52164.py,"AquilaCMS 1.409.20 - Remote Command Execution (RCE)",2025-04-10,"Eui Chul Chung",webapps,php,,2025-04-10,2025-04-10,0,CVE-2024-48573,,,,,
|
|
|
|
|
52164,exploits/php/webapps/52164.py,"AquilaCMS 1.409.20 - Remote Command Execution (RCE)",2025-04-10,"Eui Chul Chung",webapps,php,,2025-04-10,2025-04-13,0,CVE-2024-48573,,,,,
|
|
|
|
|
2931,exploits/php/webapps/2931.txt,"AR Memberscript - 'usercp_menu.php' Remote File Inclusion",2006-12-14,ex0,webapps,php,,2006-12-13,,1,OSVDB-57302;CVE-2006-6590,,,,,
|
|
|
|
|
38015,exploits/php/webapps/38015.txt,"AR Web Content Manager (AWCM) - 'cookie_gen.php' Arbitrary Cookie Generation",2012-11-08,"Sooel Son",webapps,php,,2012-11-08,2017-10-20,1,CVE-2012-2437;OSVDB-87922,,,,,https://www.securityfocus.com/bid/56465/info
|
|
|
|
|
27642,exploits/php/webapps/27642.txt,"AR-Blog 5.2 - 'print.php' Cross-Site Scripting",2006-04-14,ALMOKANN3,webapps,php,,2006-04-14,2013-08-17,1,CVE-2006-1893;OSVDB-24863,,,,,https://www.securityfocus.com/bid/17522/info
|
|
|
|
@ -14309,7 +14309,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
51215,exploits/php/webapps/51215.txt,"Art Gallery Management System Project v1.0 - SQL Injection (cid) Unauthenticated",2023-04-03,"Rahul Patwari",webapps,php,,2023-04-03,2023-04-28,1,CVE-2023-23162,,,,,
|
|
|
|
|
51216,exploits/php/webapps/51216.txt,"Art Gallery Management System Project v1.0 - SQL Injection (editid) authenticated",2023-04-03,"Rahul Patwari",webapps,php,,2023-04-03,2023-04-28,1,CVE-2023-23163,,,,,
|
|
|
|
|
34560,exploits/php/webapps/34560.html,"ArtGK CMS - Cross-Site Scripting / HTML Injection",2010-09-01,"High-Tech Bridge SA",webapps,php,,2010-09-01,2014-09-08,1,,,,,,https://www.securityfocus.com/bid/42923/info
|
|
|
|
|
52146,exploits/php/webapps/52146.py,"Artica Proxy 4.50 - Remote Code Execution (RCE)",2025-04-09,Madan,webapps,php,,2025-04-09,2025-04-09,0,CVE-2024-2054,,,,,
|
|
|
|
|
52146,exploits/php/webapps/52146.py,"Artica Proxy 4.50 - Remote Code Execution (RCE)",2025-04-09,Madan,webapps,php,,2025-04-09,2025-04-13,0,CVE-2024-2054,,,,,
|
|
|
|
|
43206,exploits/php/webapps/43206.txt,"Artica Web Proxy 3.06 - Remote Code Execution",2017-12-01,hyp3rlinx,webapps,php,,2017-12-01,2017-12-01,0,CVE-2017-17055,,,,,
|
|
|
|
|
31028,exploits/php/webapps/31028.txt,"Article Dashboard - '/admin/login.php' Multiple SQL Injections",2008-01-15,Xcross87,webapps,php,,2008-01-15,2014-01-19,1,CVE-2008-0286;OSVDB-40273,,,,,https://www.securityfocus.com/bid/27286/info
|
|
|
|
|
4221,exploits/php/webapps/4221.txt,"Article Directory - 'index.php' Remote File Inclusion",2007-07-24,mozi,webapps,php,,2007-07-23,,1,OSVDB-39107;CVE-2007-4007,,,,,
|
|
|
|
@ -15686,7 +15686,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
38339,exploits/php/webapps/38339.txt,"Centreon 2.6.1 - Multiple Vulnerabilities",2015-09-28,LiquidWorm,webapps,php,80,2015-09-28,2015-09-28,0,,,,,,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5263.php
|
|
|
|
|
23362,exploits/php/webapps/23362.py,"Centreon Enterprise Server 2.3.3 < 2.3.9-4 - Blind SQL Injection",2012-12-13,modpr0be,webapps,php,,2012-12-13,2012-12-13,0,CVE-2012-5967;OSVDB-88430,,,,,
|
|
|
|
|
11979,exploits/php/webapps/11979.pl,"Centreon IT & Network Monitoring 2.1.5 - SQL Injection",2010-03-31,"Jonathan Salwan",webapps,php,,2010-03-30,,1,OSVDB-63347;CVE-2010-1301,,,,,
|
|
|
|
|
52156,exploits/php/webapps/52156.py,"Centron 19.04 - Remote Code Execution (RCE)",2025-04-10,"Starry Sky",webapps,php,,2025-04-10,2025-04-10,0,CVE-2019-13024,,,,,
|
|
|
|
|
52156,exploits/php/webapps/52156.py,"Centron 19.04 - Remote Code Execution (RCE)",2025-04-10,"Starry Sky",webapps,php,,2025-04-10,2025-04-13,0,CVE-2019-13024,,,,,
|
|
|
|
|
38074,exploits/php/webapps/38074.txt,"Cerb 7.0.3 - Cross-Site Request Forgery",2015-09-02,"High-Tech Bridge SA",webapps,php,80,2015-09-02,2015-09-02,0,CVE-2015-6545;OSVDB-126097,,,,http://www.exploit-db.comcerb-7.0.3.tar.gz,https://www.htbridge.com/advisory/HTB23269
|
|
|
|
|
39526,exploits/php/webapps/39526.sh,"Cerberus Helpdesk (Cerb5) 5 < 6.7 - Password Hash Disclosure",2016-03-07,asdizzle_,webapps,php,80,2016-03-07,2016-03-10,1,,,,http://www.exploit-db.com/screenshots/idlt40000/kali-20-clean-2016-03-10-19-35-06.png,http://www.exploit-db.comcerb5-5_4_4.zip,
|
|
|
|
|
25803,exploits/php/webapps/25803.txt,"Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-08,"Dedi Dwianto",webapps,php,,2005-06-08,2013-05-29,1,,,,,,https://www.securityfocus.com/bid/13897/info
|
|
|
|
@ -15814,7 +15814,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
50116,exploits/php/webapps/50116.py,"Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE",2021-07-09,"Eleonora Guardini",webapps,php,,2021-07-09,2021-07-09,0,,,,,,
|
|
|
|
|
50965,exploits/php/webapps/50965.txt,"ChurchCRM 4.4.5 - SQLi",2022-06-14,nu11secur1ty,webapps,php,,2022-06-14,2022-06-14,0,CVE-2022-31325,,,,,
|
|
|
|
|
51319,exploits/php/webapps/51319.py,"ChurchCRM 4.5.1 - Authenticated SQL Injection",2023-04-07,Arvandy,webapps,php,,2023-04-07,2023-04-07,0,CVE-2023-24787,,,,,
|
|
|
|
|
52152,exploits/php/webapps/52152.NA,"ChurchCRM 5.9.1 - SQL Injection",2025-04-09,"Sanan Qasimzada",webapps,php,,2025-04-09,2025-04-09,0,CVE-2024-39304,,,,,
|
|
|
|
|
52152,exploits/php/webapps/52152.NA,"ChurchCRM 5.9.1 - SQL Injection",2025-04-09,"Sanan Qasimzada",webapps,php,,2025-04-09,2025-04-13,0,CVE-2024-39304,,,,,
|
|
|
|
|
51296,exploits/php/webapps/51296.txt,"ChurchCRM v4.5.3-121fcc1 - SQL Injection",2023-04-06,nu11secur1ty,webapps,php,,2023-04-06,2023-04-06,0,,,,,,
|
|
|
|
|
51477,exploits/php/webapps/51477.txt,"ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)",2023-05-23,"Rahad Chowdhury",webapps,php,,2023-05-23,2023-05-23,0,CVE-2023-31699,,,,,
|
|
|
|
|
15887,exploits/php/webapps/15887.txt,"ChurchInfo 1.2.12 - SQL Injection",2011-01-01,dun,webapps,php,,2011-01-01,2011-01-01,1,OSVDB-70253,,,,http://www.exploit-db.comchurchinfo-1.2.12.zip,
|
|
|
|
@ -16216,11 +16216,11 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
44567,exploits/php/webapps/44567.txt,"Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery",2018-05-02,"Qian Wu_ Bo Wang_ Jiawang Zhang",webapps,php,80,2018-05-02,2018-05-02,0,CVE-2018-9302,"Server-Side Request Forgery (SSRF)",,,http://www.exploit-db.comcockpit-0.5.5.tar.gz,
|
|
|
|
|
49390,exploits/php/webapps/49390.txt,"Cockpit CMS 0.6.1 - Remote Code Execution",2021-01-07,"Rafael Resende",webapps,php,,2021-01-07,2021-01-07,0,,,,,,
|
|
|
|
|
3251,exploits/php/webapps/3251.txt,"CoD2: DreamStats 4.2 - 'index.php' Remote File Inclusion",2007-02-02,"ThE dE@Th",webapps,php,,2007-02-01,,1,OSVDB-33095;CVE-2007-0757,,,,,
|
|
|
|
|
52159,exploits/php/webapps/52159.txt,"CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)",2025-04-10,"Raj Nandi",webapps,php,,2025-04-10,2025-04-10,0,CVE-2024-7815,,,,,
|
|
|
|
|
52159,exploits/php/webapps/52159.txt,"CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)",2025-04-10,"Raj Nandi",webapps,php,,2025-04-10,2025-04-13,0,CVE-2024-7815,,,,,
|
|
|
|
|
3599,exploits/php/webapps/3599.txt,"CodeBB 1.0 Beta 2 - 'phpbb_root_path' Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",webapps,php,,2007-03-27,,1,OSVDB-35423;CVE-2007-1839;OSVDB-35422,,,,,
|
|
|
|
|
3711,exploits/php/webapps/3711.html,"CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion",2007-04-11,"John Martinelli",webapps,php,,2007-04-10,2016-11-14,1,OSVDB-34831;CVE-2007-1996,,,,,
|
|
|
|
|
41550,exploits/php/webapps/41550.txt,"Codecanyon Clone Script - SQL Injection",2017-03-08,"Ihsan Sencan",webapps,php,,2017-03-08,2017-03-08,0,,,,,,
|
|
|
|
|
52100,exploits/php/webapps/52100.py,"CodeCanyon RISE CRM 3.7.0 - SQL Injection",2025-03-28,"Jobyer From Bytium",webapps,php,,2025-03-28,2025-03-28,0,CVE-2024-8945,,,,,
|
|
|
|
|
52100,exploits/php/webapps/52100.py,"CodeCanyon RISE CRM 3.7.0 - SQL Injection",2025-03-28,"Jobyer From Bytium",webapps,php,,2025-03-28,2025-04-13,0,CVE-2024-8945,,,,,
|
|
|
|
|
6071,exploits/php/webapps/6071.txt,"CodeDB 1.1.1 - 'list.php' Local File Inclusion",2008-07-14,cOndemned,webapps,php,,2008-07-13,2016-12-13,1,OSVDB-47027;CVE-2008-3190,,,,,
|
|
|
|
|
26505,exploits/php/webapps/26505.txt,"Codegrrl - 'Protection.php' Code Execution",2005-11-14,"Robin Verton",webapps,php,,2005-11-14,2013-07-01,1,CVE-2005-3571;OSVDB-20816,,,,,https://www.securityfocus.com/bid/15417/info
|
|
|
|
|
33751,exploits/php/webapps/33751.txt,"CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Inclusions",2010-03-11,eidelweiss,webapps,php,,2010-03-11,2014-06-14,1,,,,,,https://www.securityfocus.com/bid/38672/info
|
|
|
|
@ -17993,7 +17993,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
33874,exploits/php/webapps/33874.txt,"Ektron CMS400.NET 7.5.2 - Multiple Vulnerabilities",2010-04-26,"Richard Moore",webapps,php,,2010-04-26,2016-12-18,1,,,,,,https://www.securityfocus.com/bid/39679/info
|
|
|
|
|
45681,exploits/php/webapps/45681.txt,"Ekushey Project Manager CRM 3.1 - Cross-Site Scripting",2018-10-25,"Ismail Tasdelen",webapps,php,80,2018-10-25,2018-10-25,0,CVE-2018-18417,"Cross-Site Scripting (XSS)",,,,
|
|
|
|
|
46869,exploits/php/webapps/46869.py,"eLabFTW 1.8.5 - Arbitrary File Upload / Remote Code Execution",2019-05-20,liquidsky,webapps,php,,2019-05-20,2021-06-17,0,CVE-2019-12185,,,,,
|
|
|
|
|
52106,exploits/php/webapps/52106.NA,"Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS",2025-04-02,"arfaoui haythem",webapps,php,,2025-04-02,2025-04-02,0,CVE-2024-42831,,,,,
|
|
|
|
|
52106,exploits/php/webapps/52106.NA,"Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS",2025-04-02,"arfaoui haythem",webapps,php,,2025-04-02,2025-04-13,0,CVE-2024-42831,,,,,
|
|
|
|
|
48705,exploits/php/webapps/48705.txt,"elaniin CMS - Authentication Bypass",2020-07-26,BKpatron,webapps,php,,2020-07-26,2020-07-26,0,,,,,,
|
|
|
|
|
47858,exploits/php/webapps/47858.txt,"elaniin CMS 1.0 - Authentication Bypass",2020-01-06,riamloo,webapps,php,,2020-01-06,2020-04-13,1,,,,,,
|
|
|
|
|
37054,exploits/php/webapps/37054.py,"ElasticSearch < 1.4.5 / < 1.5.2 - Directory Traversal",2015-05-18,pandujar,webapps,php,,2015-05-21,2015-05-21,0,CVE-2015-3337;OSVDB-121335,,,,,https://github.com/pandujar/elasticpwn/
|
|
|
|
@ -18605,7 +18605,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
17099,exploits/php/webapps/17099.txt,"Feng Office 1.7.3.3 - Cross-Site Request Forgery",2011-04-01,"High-Tech Bridge SA",webapps,php,,2011-04-01,2011-04-01,1,OSVDB-71472,,,,,http://www.htbridge.ch/advisory/xsrf_csrf_in_feng_office.html
|
|
|
|
|
35041,exploits/php/webapps/35041.py,"Feng Office 1.7.4 - Arbitrary File Upload",2014-10-23,"AutoSec Tools",webapps,php,,2014-10-23,2014-10-23,0,,,,,,
|
|
|
|
|
35042,exploits/php/webapps/35042.txt,"Feng Office 1.7.4 - Cross-Site Scripting",2014-10-23,"AutoSec Tools",webapps,php,,2014-10-23,2016-11-12,0,,,,,,https://www.securityfocus.com/bid/47049/info
|
|
|
|
|
52154,exploits/php/webapps/52154.NA,"Feng Office 3.11.1.2 - SQL Injection",2025-04-10,"Andrey Stoykov",webapps,php,,2025-04-10,2025-04-10,0,CVE-2024-6039,,,,,
|
|
|
|
|
52154,exploits/php/webapps/52154.NA,"Feng Office 3.11.1.2 - SQL Injection",2025-04-10,"Andrey Stoykov",webapps,php,,2025-04-10,2025-04-13,0,CVE-2024-6039,,,,,
|
|
|
|
|
46471,exploits/php/webapps/46471.rb,"Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)",2019-02-28,AkkuS,webapps,php,,2019-02-28,2019-03-08,0,CVE-2019-9623,,,,,
|
|
|
|
|
35914,exploits/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",webapps,php,80,2015-01-26,2015-01-26,1,OSVDB-117806;OSVDB-117612;OSVDB-117533;OSVDB-117532;CVE-2015-1374;CVE-2015-1373;CVE-2015-1372;OSVDB-117531;CVE-2015-1371;OSVDB-117530,,,,,
|
|
|
|
|
10552,exploits/php/webapps/10552.txt,"FestOs 2.2.1 - Multiple Remote File Inclusions",2009-12-19,cr4wl3r,webapps,php,,2009-12-18,,0,,,,,http://www.exploit-db.comfestos_2_2_1.tar.gz,
|
|
|
|
@ -18706,8 +18706,8 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
52054,exploits/php/webapps/52054.txt,"Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)",2024-06-26,tmrswrr,webapps,php,,2024-06-26,2024-06-26,0,,,,,,
|
|
|
|
|
8549,exploits/php/webapps/8549.txt,"Flatchat 3.0 - 'pmscript.php' Local File Inclusion",2009-04-27,SirGod,webapps,php,,2009-04-26,,1,OSVDB-54111;CVE-2009-1486,,,,,
|
|
|
|
|
1405,exploits/php/webapps/1405.pl,"FlatCMS 1.01 - 'file_editor.php' Remote Command Execution",2006-01-04,cijfer,webapps,php,,2006-01-03,,1,,,,,,
|
|
|
|
|
52166,exploits/php/webapps/52166.txt,"flatCore 1.5 - Cross Site Request Forgery (CSRF)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-11,0,CVE-2019-13961,,,,,
|
|
|
|
|
52165,exploits/php/webapps/52165.txt,"flatCore 1.5.5 - Arbitrary File Upload",2025-04-10,CodeSecLab,webapps,php,,2025-04-10,2025-04-10,0,CVE-2019-10652,,,,,
|
|
|
|
|
52166,exploits/php/webapps/52166.txt,"flatCore 1.5 - Cross Site Request Forgery (CSRF)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-13,0,CVE-2019-13961,,,,,
|
|
|
|
|
52165,exploits/php/webapps/52165.txt,"flatCore 1.5.5 - Arbitrary File Upload",2025-04-10,CodeSecLab,webapps,php,,2025-04-10,2025-04-13,0,CVE-2019-10652,,,,,
|
|
|
|
|
50262,exploits/php/webapps/50262.py,"FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)",2021-09-06,"Mason Soroka-Gill",webapps,php,,2021-09-06,2021-09-06,0,CVE-2021-39608,,,,http://www.exploit-db.comflatCore-CMS-2.0.7.tar.gz,
|
|
|
|
|
51068,exploits/php/webapps/51068.txt,"FlatCore CMS 2.1.1 - Stored Cross-Site Scripting (XSS)",2023-03-27,"Sinem Şahin",webapps,php,,2023-03-27,2023-03-27,0,,,,,,
|
|
|
|
|
11515,exploits/php/webapps/11515.txt,"FlatFile Login System - Remote Password Disclosure",2010-02-20,ViRuSMaN,webapps,php,,2010-02-19,,1,,,,,http://www.exploit-db.com269_flatfile_login.zip,
|
|
|
|
@ -19360,7 +19360,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
49798,exploits/php/webapps/49798.py,"GetSimple CMS My SMTP Contact Plugin 1.1.2 - Persistent Cross-Site Scripting",2021-04-23,boku,webapps,php,,2021-04-23,2021-11-01,0,,,,,,
|
|
|
|
|
48745,exploits/php/webapps/48745.txt,"GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)",2020-08-13,boku,webapps,php,,2020-08-13,2020-08-13,0,,,,,,
|
|
|
|
|
51475,exploits/php/webapps/51475.py,"GetSimple CMS v3.3.16 - Remote Code Execution (RCE)",2023-05-23,"Youssef Muhammad",webapps,php,,2023-05-23,2023-05-26,1,CVE-2022-41544,,,,,
|
|
|
|
|
52168,exploits/php/webapps/52168.txt,"GetSimpleCMS 3.3.16 - Remote Code Execution (RCE)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-11,0,CVE-2021-28976,,,,,
|
|
|
|
|
52168,exploits/php/webapps/52168.txt,"GetSimpleCMS 3.3.16 - Remote Code Execution (RCE)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-13,0,CVE-2021-28976,,,,,
|
|
|
|
|
4738,exploits/php/webapps/4738.txt,"gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion",2007-12-18,MhZ91,webapps,php,,2007-12-17,2016-10-20,1,OSVDB-44780;CVE-2007-6476;OSVDB-44779;CVE-2007-6475;OSVDB-41376;CVE-2007-6474;OSVDB-41375,,,,http://www.exploit-db.comGF-3XPLORER_2.4_.rar,
|
|
|
|
|
645,exploits/php/webapps/645.pl,"GFHost PHP GMail - Remote Command Execution",2004-11-21,spabam,webapps,php,,2004-11-20,,1,OSVDB-11626,,,,,http://www.zone-h.org/advisories/read/id=4904
|
|
|
|
|
25693,exploits/php/webapps/25693.txt,"GForge 3.x - Arbitrary Command Execution",2005-05-24,"Filippo Spike Morelli",webapps,php,,2005-05-24,2013-05-24,1,CVE-2005-1752;OSVDB-16930,,,,,https://www.securityfocus.com/bid/13716/info
|
|
|
|
@ -19454,7 +19454,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
17992,exploits/php/webapps/17992.txt,"GNUBoard 4.33.02 - 'tp.php?PATH_INFO' SQL Injection",2011-10-17,flyh4t,webapps,php,,2011-10-17,2017-10-17,0,CVE-2011-4066;OSVDB-76614,,,,,
|
|
|
|
|
36973,exploits/php/webapps/36973.txt,"GNUBoard 4.34.20 - 'download.php' HTML Injection",2012-03-20,wh1ant,webapps,php,,2012-03-20,2015-05-11,1,CVE-2012-4873;OSVDB-80217,,,,,https://www.securityfocus.com/bid/52622/info
|
|
|
|
|
39116,exploits/php/webapps/39116.txt,"GNUBoard 4.3x - 'ajax.autosave.php' Multiple SQL Injections",2014-03-19,"Claepo Wang",webapps,php,,2014-03-19,2015-12-29,1,CVE-2014-2339;OSVDB-104445,,,,,https://www.securityfocus.com/bid/66228/info
|
|
|
|
|
52167,exploits/php/webapps/52167.txt,"Gnuboard5 5.3.2.8 - SQL Injection",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-11,0,CVE-2020-18662,,,,,
|
|
|
|
|
52167,exploits/php/webapps/52167.txt,"Gnuboard5 5.3.2.8 - SQL Injection",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-13,0,CVE-2020-18662,,,,,
|
|
|
|
|
3876,exploits/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusions",2007-05-08,GoLd_M,webapps,php,,2007-05-07,,1,OSVDB-38256;CVE-2007-2609;OSVDB-38255;OSVDB-38254;OSVDB-38253;OSVDB-38252;OSVDB-38251;OSVDB-38250;OSVDB-38249;OSVDB-38248,,,,,
|
|
|
|
|
32207,exploits/php/webapps/32207.txt,"GNUPanel 0.3.5_R4 - Multiple Vulnerabilities",2014-03-12,"Necmettin COSKUN",webapps,php,80,2014-03-12,2014-03-12,1,OSVDB-104385;OSVDB-104384,,,,http://www.exploit-db.comgnupanel_lenny_squeeze_wheezy_precise_0.3.5_R4.tar.bz2,
|
|
|
|
|
30082,exploits/php/webapps/30082.txt,"GNUTurk - 'Mods.php' Cross-Site Scripting",2007-05-25,vagrant,webapps,php,,2007-05-25,2013-12-06,1,CVE-2007-2879;OSVDB-38139,,,,,https://www.securityfocus.com/bid/24152/info
|
|
|
|
@ -22659,7 +22659,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
40545,exploits/php/webapps/40545.txt,"Learning Management System 0.1 - Authentication Bypass",2016-10-14,lahilote,webapps,php,,2016-10-17,2016-10-19,0,,,,,http://www.exploit-db.comlms.zip,
|
|
|
|
|
45635,exploits/php/webapps/45635.txt,"Learning with Texts 1.6.2 - 'start' SQL Injection",2018-10-18,"Ihsan Sencan",webapps,php,,2018-10-18,2018-10-18,0,,"SQL Injection (SQLi)",,,http://www.exploit-db.comlwt_v_1_6_2.zip,
|
|
|
|
|
4680,exploits/php/webapps/4680.txt,"LearnLoop 2.0beta7 - 'sFilePath' Remote File Disclosure",2007-11-29,GoLd_M,webapps,php,,2007-11-28,2016-10-20,1,OSVDB-39698;CVE-2007-6214,,,,http://www.exploit-db.comlearnloop2.0beta7.tar.gz,
|
|
|
|
|
52171,exploits/php/webapps/52171.txt,"LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection",2025-04-11,"Francisco Moraga (BTshell)",webapps,php,,2025-04-11,2025-04-11,0,CVE-2024-8522,,,,,
|
|
|
|
|
52171,exploits/php/webapps/52171.txt,"LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection",2025-04-11,"Francisco Moraga (BTshell)",webapps,php,,2025-04-11,2025-04-13,0,CVE-2024-8522,,,,,
|
|
|
|
|
23313,exploits/php/webapps/23313.txt,"Ledscripts LedForums - Multiple HTML Injections",2003-10-30,ProXy,webapps,php,,2003-10-30,2012-12-12,1,CVE-2003-1197;OSVDB-8934,,,,,https://www.securityfocus.com/bid/8934/info
|
|
|
|
|
38908,exploits/php/webapps/38908.txt,"Leed - 'id' SQL Injection",2013-12-18,"Alexandre Herzog",webapps,php,,2013-12-18,2015-12-08,1,CVE-2013-2627;OSVDB-101156,,,,,https://www.securityfocus.com/bid/64426/info
|
|
|
|
|
10930,exploits/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection",2010-01-02,Sora,webapps,php,,2010-01-01,,1,OSVDB-61472;CVE-2010-0980,,,,http://www.exploit-db.coml4d_stats_web.zip,
|
|
|
|
@ -22850,7 +22850,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
6206,exploits/php/webapps/6206.txt,"LiteNews 0.1 - Insecure Cookie Handling",2008-08-05,Scary-Boys,webapps,php,,2008-08-04,,1,OSVDB-47552;CVE-2008-3508,,,,,
|
|
|
|
|
17528,exploits/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injections",2011-07-13,"Robert Cooper",webapps,php,,2011-07-13,2012-10-28,1,,,,,,
|
|
|
|
|
26535,exploits/php/webapps/26535.txt,"Litespeed 2.1.5 - 'ConfMgr.php' Cross-Site Scripting",2005-11-17,"Gama Sec",webapps,php,,2005-11-17,2013-07-02,1,CVE-2005-3695;OSVDB-20908,,,,,https://www.securityfocus.com/bid/15485/info
|
|
|
|
|
52099,exploits/php/webapps/52099.py,"Litespeed Cache 6.5.0.1 - Authentication Bypass",2025-03-28,"Caner Tercan",webapps,php,,2025-03-28,2025-03-28,0,CVE-2024-44000,,,,,
|
|
|
|
|
52099,exploits/php/webapps/52099.py,"Litespeed Cache 6.5.0.1 - Authentication Bypass",2025-03-28,"Caner Tercan",webapps,php,,2025-03-28,2025-04-13,0,CVE-2024-44000,,,,,
|
|
|
|
|
11503,exploits/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting",2010-02-19,d1dn0t,webapps,php,,2010-02-18,2010-08-31,1,OSVDB-62449,,,,http://www.exploit-db.comlsws-4.0.12-std-i386-linux.tar.gz,
|
|
|
|
|
49523,exploits/php/webapps/49523.txt,"LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)",2021-02-05,SunCSR,webapps,php,,2021-02-05,2021-02-05,0,,,,,,
|
|
|
|
|
25787,exploits/php/webapps/25787.txt,"LiteWEB Web Server 2.5 - Authentication Bypass",2005-06-03,"Ziv Kamir",webapps,php,,2005-06-03,2013-05-28,1,,,,,,https://www.securityfocus.com/bid/13850/info
|
|
|
|
@ -23694,7 +23694,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
27125,exploits/php/webapps/27125.txt,"miniBloggie 1.0 - 'login.php' SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",webapps,php,,2006-01-24,2013-07-27,1,CVE-2006-0417;OSVDB-22729,,,,,https://www.securityfocus.com/bid/16367/info
|
|
|
|
|
2519,exploits/php/webapps/2519.txt,"Minichat 6.0 - 'ftag.php' Remote File Inclusion",2006-10-11,Zickox,webapps,php,,2006-10-10,,1,OSVDB-29693;CVE-2006-5283,,,,,
|
|
|
|
|
18410,exploits/php/webapps/18410.txt,"MiniCMS 1.0/2.0 - PHP Code Injection",2012-01-22,Or4nG.M4N,webapps,php,,2012-01-22,2012-01-22,0,OSVDB-82331;OSVDB-82330;CVE-2012-5231,,,,,
|
|
|
|
|
52175,exploits/php/webapps/52175.txt,"MiniCMS 1.1 - Cross Site Scripting (XSS)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-11,0,CVE-2018-1000638,,,,,
|
|
|
|
|
52175,exploits/php/webapps/52175.txt,"MiniCMS 1.1 - Cross Site Scripting (XSS)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-13,0,CVE-2018-1000638,,,,,
|
|
|
|
|
49193,exploits/php/webapps/49193.txt,"MiniCMS 1.10 - 'content box' Stored XSS",2020-12-04,yudp,webapps,php,,2020-12-04,2020-12-04,0,,,,,,
|
|
|
|
|
44362,exploits/php/webapps/44362.html,"MiniCMS 1.10 - Cross-Site Request Forgery",2018-03-30,zixian,webapps,php,80,2018-03-30,2018-03-30,0,CVE-2018-9092,"Cross-Site Request Forgery (CSRF)",,,http://www.exploit-db.comMiniCMS-1.10.tar.gz,
|
|
|
|
|
2796,exploits/php/webapps/2796.php,"miniCWB 1.0.0 - 'contact.php' Local File Inclusion",2006-11-17,Kacper,webapps,php,,2006-11-16,,1,,,,,,
|
|
|
|
@ -23941,7 +23941,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
6194,exploits/php/webapps/6194.pl,"moziloCMS 1.10.1 - 'download.php' Arbitrary Download File",2008-08-02,Ams,webapps,php,,2008-08-01,,1,OSVDB-47327;CVE-2008-3589,,,,,
|
|
|
|
|
8394,exploits/php/webapps/8394.txt,"moziloCMS 1.11 - Local File Inclusion / Full Path Disclosure / Cross-Site Scripting",2009-04-10,SirGod,webapps,php,,2009-04-09,2016-12-15,1,OSVDB-54907;CVE-2009-4209;OSVDB-54906;OSVDB-54905;OSVDB-54891;CVE-2009-1369;OSVDB-48644;CVE-2009-1368;CVE-2009-1367;CVE-2008-6126,,,,,
|
|
|
|
|
48781,exploits/php/webapps/48781.txt,"moziloCMS 2.0 - Persistent Cross-Site Scripting (Authenticated)",2020-09-01,"Abdulkadir Kaya",webapps,php,,2020-09-01,2020-09-01,0,,,,,,
|
|
|
|
|
52096,exploits/php/webapps/52096.NA,"MoziloCMS 3.0 - Remote Code Execution (RCE)",2025-03-27,"Olakojo Olaoluwa Joshua",webapps,php,,2025-03-27,2025-03-27,0,CVE-2024-44871,,,,,
|
|
|
|
|
52096,exploits/php/webapps/52096.NA,"MoziloCMS 3.0 - Remote Code Execution (RCE)",2025-03-27,"Olakojo Olaoluwa Joshua",webapps,php,,2025-03-27,2025-04-13,0,CVE-2024-44871,,,,,
|
|
|
|
|
3761,exploits/php/webapps/3761.txt,"Mozzers SubSystem final - 'subs.php' Remote Code Execution",2007-04-18,Dj7xpl,webapps,php,,2007-04-17,2016-09-30,1,OSVDB-42404;CVE-2007-2169,,,,http://www.exploit-db.comSubSystem-final1-ns.zip,
|
|
|
|
|
12219,exploits/php/webapps/12219.txt,"Mp3 Online Id Tag Editor - Remote File Inclusion",2010-04-14,indoushka,webapps,php,,2010-04-13,,0,,,,,,
|
|
|
|
|
4650,exploits/php/webapps/4650.txt,"Mp3 ToolBox 1.0 Beta 5 - 'skin_file' Remote File Inclusion",2007-11-23,Crackers_Child,webapps,php,,2007-11-22,2016-10-20,1,OSVDB-39681;CVE-2007-6139,,,,http://www.exploit-db.commp3_toolbox_beta-5.zip,
|
|
|
|
@ -24661,7 +24661,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
44030,exploits/php/webapps/44030.txt,"News Website Script 2.0.4 - 'search' SQL Injection",2018-02-13,"Varun Bagaria",webapps,php,,2018-02-13,2018-02-13,0,,,,,,
|
|
|
|
|
46456,exploits/php/webapps/46456.txt,"News Website Script 2.0.5 - SQL Injection",2019-02-25,"Mr Winst0n",webapps,php,,2019-02-25,2019-02-25,0,,,,,,
|
|
|
|
|
23012,exploits/php/webapps/23012.txt,"News Wizard 2.0 - Full Path Disclosure",2003-08-11,G00db0y,webapps,php,,2003-08-11,2012-11-29,1,,,,,,https://www.securityfocus.com/bid/8389/info
|
|
|
|
|
52174,exploits/php/webapps/52174.txt,"NEWS-BUZZ News Management System 1.0 - SQL Injection",2025-04-11,egsec,webapps,php,,2025-04-11,2025-04-11,0,CVE-2024-10758,,,,,
|
|
|
|
|
52174,exploits/php/webapps/52174.txt,"NEWS-BUZZ News Management System 1.0 - SQL Injection",2025-04-11,egsec,webapps,php,,2025-04-11,2025-04-13,0,CVE-2024-10758,,,,,
|
|
|
|
|
3406,exploits/php/webapps/3406.pl,"News-Letterman 1.1 - 'eintrag.php?sqllog' Remote File Inclusion",2007-03-04,bd0rk,webapps,php,,2007-03-03,2016-09-27,1,OSVDB-35355;CVE-2007-1340,,,,http://www.exploit-db.comletterman1.1.zip,
|
|
|
|
|
31447,exploits/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-20,ZoRLu,webapps,php,,2008-03-20,2014-02-06,1,,,,,,https://www.securityfocus.com/bid/28353/info
|
|
|
|
|
26458,exploits/php/webapps/26458.txt,"News2Net 3.0 - 'index.php' SQL Injection",2005-11-02,Mousehack,webapps,php,,2005-11-02,2013-06-26,1,CVE-2005-3469;OSVDB-20450,,,,,https://www.securityfocus.com/bid/15274/info
|
|
|
|
@ -25833,7 +25833,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
50961,exploits/php/webapps/50961.py,"Pandora FMS v7.0NG.742 - Remote Code Execution (RCE) (Authenticated)",2022-06-14,UNICORD,webapps,php,,2022-06-14,2022-06-14,0,CVE-2020-5844,,,,,
|
|
|
|
|
48064,exploits/php/webapps/48064.py,"PANDORAFMS 7.0 - Authenticated Remote Code Execution",2020-02-13,"Engin Demirbilek",webapps,php,,2020-02-13,2020-02-13,0,CVE-2020-8947,,,,,
|
|
|
|
|
48707,exploits/php/webapps/48707.txt,"PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting",2020-07-26,AppleBois,webapps,php,,2020-07-26,2020-07-26,0,CVE-2020-11749,,,,,
|
|
|
|
|
52157,exploits/php/webapps/52157.py,"PandoraFMS 7.0NG.772 - SQL Injection",2025-04-10,"Osama Yousef",webapps,php,,2025-04-10,2025-04-10,0,CVE-2023-44088,,,,,
|
|
|
|
|
52157,exploits/php/webapps/52157.py,"PandoraFMS 7.0NG.772 - SQL Injection",2025-04-10,"Osama Yousef",webapps,php,,2025-04-10,2025-04-13,0,CVE-2023-44088,,,,,
|
|
|
|
|
48700,exploits/php/webapps/48700.txt,"PandoraFMS NG747 7.0 - 'filename' Persistent Cross-Site Scripting",2020-07-26,"Emre ÖVÜNÇ",webapps,php,,2020-07-26,2020-12-07,0,,,,,,
|
|
|
|
|
25111,exploits/php/webapps/25111.txt,"PaNews 2.0 - Cross-Site Scripting",2005-02-16,pi3ch,webapps,php,,2005-02-16,2013-05-01,1,,,,,,https://www.securityfocus.com/bid/12576/info
|
|
|
|
|
25145,exploits/php/webapps/25145.txt,"PANews 2.0 - PHP Remote Code Execution",2005-02-21,tjomka,webapps,php,,2005-02-21,2013-05-02,1,,,,,,https://www.securityfocus.com/bid/12611/info
|
|
|
|
@ -27341,7 +27341,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
47438,exploits/php/webapps/47438.py,"phpIPAM 1.4 - SQL Injection",2019-09-30,"Kevin Kirsche",webapps,php,80,2019-09-30,2019-09-30,0,CVE-2019-16692,"SQL Injection (SQLi)",,,http://www.exploit-db.comphpipam-1.4.tar.gz,
|
|
|
|
|
50684,exploits/php/webapps/50684.py,"PHPIPAM 1.4.4 - SQLi (Authenticated)",2022-01-25,"Rodolfo Tavares",webapps,php,,2022-01-25,2022-01-25,0,CVE-2022-23046,,,,,
|
|
|
|
|
50963,exploits/php/webapps/50963.py,"phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)",2022-06-14,"Guilherme Alves",webapps,php,,2022-06-14,2022-06-14,0,,,,,,
|
|
|
|
|
52176,exploits/php/webapps/52176.txt,"phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-11,0,CVE-2023-24657,,,,,
|
|
|
|
|
52176,exploits/php/webapps/52176.txt,"phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-13,0,CVE-2023-24657,,,,,
|
|
|
|
|
20278,exploits/php/webapps/20278.txt,"phpix 1.0 - Directory Traversal",2000-10-07,Synnergy.net,webapps,php,,2000-10-07,2012-08-06,1,CVE-2000-0919;OSVDB-472,,,,,https://www.securityfocus.com/bid/1773/info
|
|
|
|
|
23558,exploits/php/webapps/23558.txt,"PHPix 2.0.3 - Arbitrary Command Execution",2004-01-20,"Max Stepanov",webapps,php,,2004-01-20,2012-12-20,1,OSVDB-3745,,,,,https://www.securityfocus.com/bid/9458/info
|
|
|
|
|
48138,exploits/php/webapps/48138.txt,"PhpIX 2012 Professional - 'id' SQL Injection",2020-02-26,indoushka,webapps,php,,2020-02-26,2020-02-26,0,,,,,,
|
|
|
|
@ -28715,7 +28715,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
8095,exploits/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - Local File Inclusion Command Execution",2009-02-23,Osirys,webapps,php,,2009-02-22,,1,,,,,,
|
|
|
|
|
29632,exploits/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",webapps,php,,2007-02-22,2017-02-14,1,CVE-2007-1152;OSVDB-37398,,,,,https://www.securityfocus.com/bid/22667/info
|
|
|
|
|
26018,exploits/php/webapps/26018.txt,"Pyrox Search 1.0.5 - 'Newsearch.php' Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,webapps,php,,2005-07-21,2013-06-08,1,,,,,,https://www.securityfocus.com/bid/14343/info
|
|
|
|
|
52153,exploits/php/webapps/52153.NA,"PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)",2025-04-09,"Vuln Seeker Cybersecurity Team",webapps,php,,2025-04-09,2025-04-09,0,CVE-2024-6244,,,,,
|
|
|
|
|
52153,exploits/php/webapps/52153.NA,"PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)",2025-04-09,"Vuln Seeker Cybersecurity Team",webapps,php,,2025-04-09,2025-04-13,0,CVE-2024-6244,,,,,
|
|
|
|
|
8031,exploits/php/webapps/8031.pph,"Q-News 2.0 - Remote Command Execution",2009-02-10,Fireshot,webapps,php,,2009-02-09,2017-02-08,1,,,,,,
|
|
|
|
|
26600,exploits/php/webapps/26600.txt,"Q-News 2.0 - Remote File Inclusion",2005-11-26,[GB],webapps,php,,2005-11-26,2013-07-05,1,CVE-2005-3859;OSVDB-21137,,,,,https://www.securityfocus.com/bid/15576/info
|
|
|
|
|
16116,exploits/php/webapps/16116.txt,"Qcodo Development Framework 0.3.3 - Full Information Disclosure",2011-02-05,"Daniel Godoy",webapps,php,,2011-02-05,2011-02-05,1,,,,,,
|
|
|
|
@ -29076,7 +29076,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
52133,exploits/php/webapps/52133.txt,"Reservit Hotel 2.1 - Stored Cross-Site Scripting (XSS)",2025-04-06,"Ilteris Kaan Pehlivan",webapps,php,,2025-04-06,2025-04-06,0,CVE-2024-9458,,,,,
|
|
|
|
|
43676,exploits/php/webapps/43676.txt,"Reservo Image Hosting Script 1.5 - Cross-Site Scripting",2018-01-17,"Dennis Veninga",webapps,php,,2018-01-17,2018-01-17,0,CVE-2018-5705,,,,,
|
|
|
|
|
48627,exploits/php/webapps/48627.txt,"Reside Property Management 3.0 - 'profile' SQL Injection",2020-06-30,"Behzad Khalifeh",webapps,php,,2020-06-30,2020-06-30,0,,,,,,
|
|
|
|
|
52150,exploits/php/webapps/52150.NA,"ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)",2025-04-09,"Jeremia Geraldi Sihombing",webapps,php,,2025-04-09,2025-04-09,0,CVE-2024-39143,,,,,
|
|
|
|
|
52150,exploits/php/webapps/52150.NA,"ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)",2025-04-09,"Jeremia Geraldi Sihombing",webapps,php,,2025-04-09,2025-04-13,0,CVE-2024-39143,,,,,
|
|
|
|
|
35541,exploits/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",webapps,php,,2014-12-15,2014-12-15,0,OSVDB-115821;OSVDB-115820;OSVDB-115819;OSVDB-115818,,,,,
|
|
|
|
|
46274,exploits/php/webapps/46274.txt,"ResourceSpace 8.6 - 'collection_edit.php' SQL Injection",2019-01-28,dd_,webapps,php,80,2019-01-28,2019-01-28,0,,"SQL Injection (SQLi)",,,http://www.exploit-db.comResourceSpace_8_6_12117.zip,
|
|
|
|
|
46308,exploits/php/webapps/46308.txt,"ResourceSpace 8.6 - 'watched_searches.php' SQL Injection",2019-02-04,dd_,webapps,php,80,2019-02-04,2019-02-05,0,,"SQL Injection (SQLi)",,,http://www.exploit-db.comResourceSpace_8_6_12117.zip,
|
|
|
|
@ -29182,7 +29182,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
8198,exploits/php/webapps/8198.pl,"RoomPHPlanning 1.6 - 'userform.php' Create Admin User",2009-03-10,"Jonathan Salwan",webapps,php,,2009-03-09,2016-12-02,1,,,,,http://www.exploit-db.comrp_1.6.zip,
|
|
|
|
|
8797,exploits/php/webapps/8797.txt,"roomphplanning 1.6 - Multiple Vulnerabilities",2009-05-26,"ThE g0bL!N",webapps,php,,2009-05-25,2016-12-02,1,OSVDB-62791;CVE-2009-4671;OSVDB-54772;CVE-2009-4670;OSVDB-54771;CVE-2009-4669;OSVDB-54770;OSVDB-54769,,,,http://www.exploit-db.comrp_1.6.zip,
|
|
|
|
|
51622,exploits/php/webapps/51622.txt,"RosarioSIS 10.8.4 - CSV Injection",2023-07-28,"Ranjeet Jaiswal",webapps,php,,2023-07-28,2023-07-31,1,CVE-2023-29918,,,,,
|
|
|
|
|
52169,exploits/php/webapps/52169.txt,"RosarioSIS 7.6 - SQL Injection",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-11,0,CVE-2021-44567,,,,,
|
|
|
|
|
52169,exploits/php/webapps/52169.txt,"RosarioSIS 7.6 - SQL Injection",2025-04-11,CodeSecLab,webapps,php,,2025-04-11,2025-04-13,0,CVE-2021-44567,,,,,
|
|
|
|
|
10793,exploits/php/webapps/10793.txt,"RoseOnlineCMS 3 B1 - 'admin' Local File Inclusion",2009-12-30,cr4wl3r,webapps,php,,2009-12-29,,1,OSVDB-61563;CVE-2009-4581,,,,,
|
|
|
|
|
11158,exploits/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Authentication Bypass",2010-01-16,cr4wl3r,webapps,php,,2010-01-15,,1,,,,,http://www.exploit-db.comRoseOnlineCMS_v3_b1.rar,
|
|
|
|
|
3548,exploits/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - 'op' Local File Inclusion",2007-03-23,GoLd_M,webapps,php,,2007-03-22,2016-09-30,1,OSVDB-38601;CVE-2007-1636,,,,http://www.exploit-db.comRoseOnlineCMS_v3_B1.rar,
|
|
|
|
@ -29201,7 +29201,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
20549,exploits/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting",2012-08-16,"Shai rod",webapps,php,,2012-08-16,2012-08-16,1,CVE-2012-4668;CVE-2012-3508;OSVDB-85142;OSVDB-84741,,,,http://www.exploit-db.comroundcubemail-0.8.0.tar.gz,
|
|
|
|
|
39245,exploits/php/webapps/39245.txt,"Roundcube Webmail 1.1.3 - Directory Traversal",2016-01-15,"High-Tech Bridge SA",webapps,php,80,2016-01-15,2016-12-28,0,CVE-2015-8770;OSVDB-132194,,,,http://www.exploit-db.comroundcubemail-1.1.3-complete.tar.gz,https://www.htbridge.com/advisory/HTB23283
|
|
|
|
|
49510,exploits/php/webapps/49510.py,"Roundcube Webmail 1.2 - File Disclosure",2021-02-01,stonepresto,webapps,php,,2021-02-01,2021-02-01,0,,,,,,
|
|
|
|
|
52173,exploits/php/webapps/52173.txt,"Roundcube Webmail 1.6.6 - Stored Cross Site Scripting (XSS)",2025-04-11,AmirZargham,webapps,php,,2025-04-11,2025-04-11,0,CVE-2024-37383,,,,,
|
|
|
|
|
52173,exploits/php/webapps/52173.txt,"Roundcube Webmail 1.6.6 - Stored Cross Site Scripting (XSS)",2025-04-11,AmirZargham,webapps,php,,2025-04-11,2025-04-13,0,CVE-2024-37383,,,,,
|
|
|
|
|
39963,exploits/php/webapps/39963.txt,"Roxy Fileman 1.4.4 - Arbitrary File Upload",2016-06-16,"Tyrell Sassen",webapps,php,80,2016-06-16,2016-06-16,0,,,,,http://www.exploit-db.comRoxyFileman-1.4.4-php.zip,
|
|
|
|
|
46172,exploits/php/webapps/46172.txt,"Roxy Fileman 1.4.5 - Arbitrary File Download",2019-01-16,"Ihsan Sencan",webapps,php,80,2019-01-16,2019-01-16,0,,,,,http://www.exploit-db.comRoxyFileman-1.4.5-php.zip,
|
|
|
|
|
46085,exploits/php/webapps/46085.txt,"Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal",2019-01-07,"Pongtorn Angsuchotmetee_ Vittawat Masaree",webapps,php,80,2019-01-07,2019-01-07,0,CVE-2018-20526;CVE-2018-20525,Traversal,,,http://www.exploit-db.comRoxyFileman-1.4.5-php.zip,
|
|
|
|
@ -31498,8 +31498,8 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
29704,exploits/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php?PATH_INFO' Cross-Site Scripting",2007-02-26,CorryL,webapps,php,,2007-02-26,2013-11-19,1,CVE-2007-1291;OSVDB-33858,,,,,https://www.securityfocus.com/bid/22799/info
|
|
|
|
|
29705,exploits/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - 'register.php?PATH_INFO' Cross-Site Scripting",2007-02-26,CorryL,webapps,php,,2007-02-26,2013-11-19,1,CVE-2007-1291;OSVDB-33859,,,,,https://www.securityfocus.com/bid/22799/info
|
|
|
|
|
29703,exploits/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php?s' SQL Injection",2007-02-26,CorryL,webapps,php,,2007-02-26,2013-11-19,1,CVE-2007-1289;OSVDB-35817,,,,,https://www.securityfocus.com/bid/22799/info
|
|
|
|
|
52161,exploits/php/webapps/52161.go,"Typecho 1.3.0 - Race Condition",2025-04-10,cyberaz0r,webapps,php,,2025-04-10,2025-04-10,0,CVE-2024-35539,,,,,
|
|
|
|
|
52162,exploits/php/webapps/52162.go,"Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)",2025-04-10,cyberaz0r,webapps,php,,2025-04-10,2025-04-10,0,CVE-2024-35540,,,,,
|
|
|
|
|
52161,exploits/php/webapps/52161.go,"Typecho 1.3.0 - Race Condition",2025-04-10,cyberaz0r,webapps,php,,2025-04-10,2025-04-13,0,CVE-2024-35539,,,,,
|
|
|
|
|
52162,exploits/php/webapps/52162.go,"Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)",2025-04-10,cyberaz0r,webapps,php,,2025-04-10,2025-04-13,0,CVE-2024-35540,,,,,
|
|
|
|
|
49128,exploits/php/webapps/49128.txt,"TypeSetter 5.1 - CSRF (Change admin e-mail)",2020-12-01,"Alperen Ergel",webapps,php,,2020-12-01,2020-12-01,0,,,,,,
|
|
|
|
|
44028,exploits/php/webapps/44028.txt,"TypeSetter CMS 5.1 - 'Host' Header Injection",2018-02-13,"Navina Asrani",webapps,php,,2018-02-13,2018-02-13,0,CVE-2018-6889,,,,,
|
|
|
|
|
48852,exploits/php/webapps/48852.txt,"Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting",2020-10-01,"Alperen Ergel",webapps,php,,2020-10-01,2020-10-01,0,,,,,,
|
|
|
|
@ -34395,7 +34395,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
7074,exploits/php/webapps/7074.txt,"X10media Mp3 Search Engine 1.6 - Remote File Disclosure",2008-11-09,THUNDER,webapps,php,,2008-11-08,,1,OSVDB-49797;CVE-2008-6960,,,,,
|
|
|
|
|
8408,exploits/php/webapps/8408.txt,"X10media Mp3 Search Engine < 1.6.2 - Admin Access",2009-04-13,THUNDER,webapps,php,,2009-04-12,2017-01-02,1,,,,,,
|
|
|
|
|
28557,exploits/php/webapps/28557.txt,"X2CRM 3.4.1 - Multiple Vulnerabilities",2013-09-25,"High-Tech Bridge SA",webapps,php,80,2013-09-25,2013-09-25,0,CVE-2013-5693;CVE-2013-5692;OSVDB-97366;OSVDB-97365,,,,,https://www.htbridge.com/advisory/HTB23172
|
|
|
|
|
52098,exploits/php/webapps/52098.NA,"X2CRM 8.5 - Stored Cross-Site Scripting (XSS)",2025-03-27,"Okan Kurtulus",webapps,php,,2025-03-27,2025-03-27,0,CVE-2024-48120,,,,,
|
|
|
|
|
52098,exploits/php/webapps/52098.NA,"X2CRM 8.5 - Stored Cross-Site Scripting (XSS)",2025-03-27,"Okan Kurtulus",webapps,php,,2025-03-27,2025-04-13,0,CVE-2024-48120,,,,,
|
|
|
|
|
51346,exploits/php/webapps/51346.txt,"X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated)",2023-04-08,"Betul Denizler",webapps,php,,2023-04-08,2023-04-08,0,CVE-2022-48177,,,,,
|
|
|
|
|
51345,exploits/php/webapps/51345.txt,"X2CRM v6.6/6.9 - Stored Cross-Site Scripting (XSS) (Authenticated)",2023-04-08,"Betul Denizler",webapps,php,,2023-04-08,2023-04-08,0,CVE-2022-48178,,,,,
|
|
|
|
|
38323,exploits/php/webapps/38323.txt,"X2Engine 4.2 - Arbitrary File Upload",2015-09-25,Portcullis,webapps,php,80,2015-09-25,2015-09-25,0,CVE-2015-5074;OSVDB-128086,,,,http://www.exploit-db.comX2CRM-4.2.tar.gz,https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5074/
|
|
|
|
@ -35418,7 +35418,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
52001,exploits/typescript/webapps/52001.txt,"Flowise 1.6.5 - Authentication Bypass",2024-04-21,"Maerifat Majeed",webapps,typescript,,2024-04-21,2024-04-21,0,CVE-2024-31621,,,,,
|
|
|
|
|
51385,exploits/typescript/webapps/51385.txt,"FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)",2023-04-20,"Rodolfo Mariano",webapps,typescript,,2023-04-20,2023-04-20,0,,,,,,
|
|
|
|
|
51073,exploits/typescript/webapps/51073.txt,"Grafana <=6.2.4 - HTML Injection",2023-03-27,"SimranJeet Singh",webapps,typescript,,2023-03-27,2023-06-09,1,CVE-2019-13068,,,,,
|
|
|
|
|
52102,exploits/typescript/webapps/52102.py,"Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)",2025-03-28,VeryLazyTech,webapps,typescript,,2025-03-28,2025-03-28,0,CVE-2024-23692,,,,,
|
|
|
|
|
52102,exploits/typescript/webapps/52102.py,"Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)",2025-03-28,VeryLazyTech,webapps,typescript,,2025-03-28,2025-04-13,0,CVE-2024-23692,,,,,
|
|
|
|
|
19817,exploits/ultrix/dos/19817.txt,"Data General DG/UX 5.4 - inetd Service Exhaustion Denial of Service",2000-03-16,"The Unicorn",dos,ultrix,,2000-03-16,2012-07-14,1,OSVDB-83869,,,,,https://www.securityfocus.com/bid/1071/info
|
|
|
|
|
698,exploits/ultrix/local/698.c,"Ultrix 4.5/MIPS - dxterm 0 Local Buffer Overflow",2004-12-20,"Kristoffer Brånemyr",local,ultrix,,2004-12-19,,1,OSVDB-12626;CVE-2004-1326,,,,,
|
|
|
|
|
22068,exploits/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,dos,unix,,2002-12-04,2016-12-19,1,CVE-2002-2272;OSVDB-7394,,,,,https://www.securityfocus.com/bid/6320/info
|
|
|
|
@ -44380,7 +44380,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|
|
|
|
38968,exploits/windows/remote/38968.txt,"Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132)",2015-12-14,"Google Security Research",remote,windows,,2015-12-14,2015-12-14,1,CVE-2015-6132;OSVDB-131342;MS15-132,,,,,https://code.google.com/p/google-security-research/issues/detail?id=556
|
|
|
|
|
28198,exploits/windows/remote/28198.py,"Microsoft Office 2000/2002 - Property Code Execution",2006-07-11,anonymous,remote,windows,,2006-07-11,2013-09-10,1,CVE-2006-2389;OSVDB-27149,,,,,https://www.securityfocus.com/bid/18911/info
|
|
|
|
|
24526,exploits/windows/remote/24526.py,"Microsoft Office 2010 - Download Execute",2013-02-20,g11tch,remote,windows,,2013-02-20,2013-02-23,1,OSVDB-69085;CVE-2010-3333,,,http://www.exploit-db.com/screenshots/idlt25000/screen-shot-2013-02-20-at-92423-am.png,,
|
|
|
|
|
52113,exploits/windows/remote/52113.NA,"Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure",2025-04-03,"Metin Yunus Kandemir",remote,windows,,2025-04-03,2025-04-03,0,CVE-2024-38200,,,,,
|
|
|
|
|
52113,exploits/windows/remote/52113.NA,"Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure",2025-04-03,"Metin Yunus Kandemir",remote,windows,,2025-04-03,2025-04-13,0,CVE-2024-38200,,,,,
|
|
|
|
|
20122,exploits/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit)",2012-07-31,Metasploit,remote,windows,8082,2012-07-31,2012-07-31,1,CVE-2010-3964;OSVDB-69817;MS10-104,"Metasploit Framework (MSF)",,,,http://www.zerodayinitiative.com/advisories/ZDI-10-287/
|
|
|
|
|
16537,exploits/windows/remote/16537.rb,"Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (MS09-043) (Metasploit)",2010-07-20,Metasploit,remote,windows,,2010-07-20,2016-10-27,1,CVE-2009-1136;OSVDB-55806;MS09-043,"Metasploit Framework (MSF)",,,,http://www.microsoft.com/technet/security/advisory/973472.mspx
|
|
|
|
|
9224,exploits/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Remote Overflow",2009-07-21,"Ahmed Obied",remote,windows,,2009-07-20,2017-11-22,1,,,,,,
|
|
|
|
|