[webapps] Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50173
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50173
Exploit Database
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE).. webapps exploit for PHP platform
[webapps] WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50174
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50174
Exploit Database
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS).. webapps exploit for PHP platform
[webapps] qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
https://www.exploit-db.com/exploits/50176
qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
https://www.exploit-db.com/exploits/50176
Exploit Database
qdPM 9.2 - Password Exposure (Unauthenticated)
qdPM 9.2 - Password Exposure (Unauthenticated).. webapps exploit for PHP platform
[webapps] qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50175
qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50175
Exploit Database
qdPM 9.1 - Remote Code Execution (Authenticated)
qdPM 9.1 - Remote Code Execution (Authenticated). CVE-2020-7246 . webapps exploit for PHP platform
[webapps] Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
https://www.exploit-db.com/exploits/50177
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
https://www.exploit-db.com/exploits/50177
Exploit Database
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS).. webapps exploit for PHP platform
[webapps] ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
https://www.exploit-db.com/exploits/50178
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
https://www.exploit-db.com/exploits/50178
Exploit Database
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE). CVE-2020-9496 . webapps exploit for Java platform
[webapps] GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
https://www.exploit-db.com/exploits/50181
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
https://www.exploit-db.com/exploits/50181
Exploit Database
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated).. webapps exploit for Multiple platform
[webapps] Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50180
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50180
Exploit Database
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated).. webapps exploit for PHP platform
[webapps] CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
https://www.exploit-db.com/exploits/50179
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
https://www.exploit-db.com/exploits/50179
Exploit Database
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated). CVE-2021-36654 . webapps exploit for PHP platform
[webapps] Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://www.exploit-db.com/exploits/50185
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://www.exploit-db.com/exploits/50185
Exploit Database
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection. CVE-2020-35848CVE-2020-35847 . webapps exploit for Multiple platform
[local] Amica Prodigy 1.7 - Privilege Escalation
Amica Prodigy 1.7 - Privilege Escalation
https://www.exploit-db.com/exploits/50184
Amica Prodigy 1.7 - Privilege Escalation
https://www.exploit-db.com/exploits/50184
Exploit Database
Amica Prodigy 1.7 - Privilege Escalation
Amica Prodigy 1.7 - Privilege Escalation. CVE-2021-35312 . local exploit for Windows platform
[webapps] IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50183
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50183
Exploit Database
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated).. webapps exploit for CGI platform
[webapps] WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50187
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50187
Exploit Database
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS).. webapps exploit for PHP platform
[webapps] WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
https://www.exploit-db.com/exploits/50186
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
https://www.exploit-db.com/exploits/50186
Exploit-Db
OffSec’s Exploit Database Archive
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
[local] Xiaomi browser 10.2.4.g - Browser Search History Disclosure
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
https://www.exploit-db.com/exploits/50188
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
https://www.exploit-db.com/exploits/50188
[webapps] Simple Library Management System 1.0 - 'rollno' SQL Injection
Simple Library Management System 1.0 - 'rollno' SQL Injection
https://www.exploit-db.com/exploits/50189
Simple Library Management System 1.0 - 'rollno' SQL Injection
https://www.exploit-db.com/exploits/50189
Exploit Database
Simple Library Management System 1.0 - 'rollno' SQL Injection
Simple Library Management System 1.0 - 'rollno' SQL Injection.. webapps exploit for PHP platform
[webapps] Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
https://www.exploit-db.com/exploits/50191
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
https://www.exploit-db.com/exploits/50191
Exploit Database
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE). CVE-2021-37425 . webapps exploit for Multiple platform
[webapps] COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
https://www.exploit-db.com/exploits/50190
COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
https://www.exploit-db.com/exploits/50190
Exploit Database
COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection.. webapps exploit for PHP platform
[webapps] RATES SYSTEM 1.0 - 'Multiple' SQL Injections
RATES SYSTEM 1.0 - 'Multiple' SQL Injections
https://www.exploit-db.com/exploits/50192
RATES SYSTEM 1.0 - 'Multiple' SQL Injections
https://www.exploit-db.com/exploits/50192
Exploit Database
RATES SYSTEM 1.0 - 'Multiple' SQL Injections
RATES SYSTEM 1.0 - 'Multiple' SQL Injections.. webapps exploit for PHP platform
[webapps] 4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
https://www.exploit-db.com/exploits/50193
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
https://www.exploit-db.com/exploits/50193
Exploit Database
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
4images 1.8 - 'limitnumber' SQL Injection (Authenticated).. webapps exploit for PHP platform