Exploit-DB
2.42K subscribers
9.31K links
Offensive Security Exploit Database
Download Telegram
[webapps] qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
https://www.exploit-db.com/exploits/50176
[webapps] ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
https://www.exploit-db.com/exploits/50178
[webapps] GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
https://www.exploit-db.com/exploits/50181
[webapps] WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50187
[webapps] WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
https://www.exploit-db.com/exploits/50186
[local] Xiaomi browser 10.2.4.g - Browser Search History Disclosure
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
https://www.exploit-db.com/exploits/50188
[webapps] Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50195
[webapps] easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)
easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50194