[webapps] WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
https://www.exploit-db.com/exploits/50186
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
https://www.exploit-db.com/exploits/50186
Exploit-Db
OffSec’s Exploit Database Archive
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
[webapps] Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://www.exploit-db.com/exploits/50185
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://www.exploit-db.com/exploits/50185
Exploit Database
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection. CVE-2020-35848CVE-2020-35847 . webapps exploit for Multiple platform
[local] Amica Prodigy 1.7 - Privilege Escalation
Amica Prodigy 1.7 - Privilege Escalation
https://www.exploit-db.com/exploits/50184
Amica Prodigy 1.7 - Privilege Escalation
https://www.exploit-db.com/exploits/50184
Exploit Database
Amica Prodigy 1.7 - Privilege Escalation
Amica Prodigy 1.7 - Privilege Escalation. CVE-2021-35312 . local exploit for Windows platform
[webapps] IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50183
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50183
Exploit Database
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated).. webapps exploit for CGI platform
[webapps] GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
https://www.exploit-db.com/exploits/50181
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
https://www.exploit-db.com/exploits/50181
Exploit Database
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)
GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated).. webapps exploit for Multiple platform
[webapps] Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50180
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50180
Exploit Database
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
Moodle 3.9 - Remote Code Execution (RCE) (Authenticated).. webapps exploit for PHP platform
[webapps] CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
https://www.exploit-db.com/exploits/50179
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
https://www.exploit-db.com/exploits/50179
Exploit Database
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated). CVE-2021-36654 . webapps exploit for PHP platform
[webapps] ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
https://www.exploit-db.com/exploits/50178
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
https://www.exploit-db.com/exploits/50178
Exploit Database
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE). CVE-2020-9496 . webapps exploit for Java platform
[webapps] Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
https://www.exploit-db.com/exploits/50177
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
https://www.exploit-db.com/exploits/50177
Exploit Database
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS).. webapps exploit for PHP platform
[webapps] qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
https://www.exploit-db.com/exploits/50176
qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
https://www.exploit-db.com/exploits/50176
Exploit Database
qdPM 9.2 - Password Exposure (Unauthenticated)
qdPM 9.2 - Password Exposure (Unauthenticated).. webapps exploit for PHP platform
[webapps] qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50175
qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50175
Exploit Database
qdPM 9.1 - Remote Code Execution (Authenticated)
qdPM 9.1 - Remote Code Execution (Authenticated). CVE-2020-7246 . webapps exploit for PHP platform
[webapps] WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50174
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
https://www.exploit-db.com/exploits/50174
Exploit Database
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS).. webapps exploit for PHP platform
[webapps] Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50173
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50173
Exploit Database
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE).. webapps exploit for PHP platform
[webapps] Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF
Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF
https://www.exploit-db.com/exploits/50172
Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF
https://www.exploit-db.com/exploits/50172
Exploit Database
Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)
Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password).. webapps exploit for Hardware platform
[webapps] Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
https://www.exploit-db.com/exploits/50171
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
https://www.exploit-db.com/exploits/50171
Exploit Database
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS).. webapps exploit for PHP platform
[remote] Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50170
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50170
Exploit Database
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE).. remote exploit for Java platform
[webapps] Men Salon Management System 1.0 - SQL Injection Authentication Bypass
Men Salon Management System 1.0 - SQL Injection Authentication Bypass
https://www.exploit-db.com/exploits/50169
Men Salon Management System 1.0 - SQL Injection Authentication Bypass
https://www.exploit-db.com/exploits/50169
Exploit Database
Men Salon Management System 1.0 - SQL Injection Authentication Bypass
Men Salon Management System 1.0 - SQL Injection Authentication Bypass.. webapps exploit for PHP platform
[webapps] Oracle Fatwire 6.3 - Multiple Vulnerabilities
Oracle Fatwire 6.3 - Multiple Vulnerabilities
https://www.exploit-db.com/exploits/50167
Oracle Fatwire 6.3 - Multiple Vulnerabilities
https://www.exploit-db.com/exploits/50167
Exploit Database
Oracle Fatwire 6.3 - Multiple Vulnerabilities
Oracle Fatwire 6.3 - Multiple Vulnerabilities.. webapps exploit for Multiple platform
[webapps] CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50166
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50166
Exploit Database
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE). CVE-2021-29995 . webapps exploit for Java platform
[webapps] Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
https://www.exploit-db.com/exploits/50165
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
https://www.exploit-db.com/exploits/50165
Exploit Database
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection.. webapps exploit for PHP platform