Enesdex

7 exploits Active since Jan 2020
CVE-2021-47900 EXPLOITDB CRITICAL python WORKING POC
Gila CMS <2.0.0 - RCE
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell_exec() to run system commands by sending crafted requests to the admin endpoint.
CVSS 9.8
CVE-2021-47854 EXPLOITDB CRITICAL python WORKING POC
DD-WRT <45723 - Buffer Overflow
DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target device.
CVSS 9.8
CVE-2020-5510 EXPLOITDB CRITICAL text WRITEUP
PHPGurukul Hostel Mgt Sys <2.0 - SQL Injection
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
CVSS 9.8
EIP-2026-113352 EXPLOITDB python WORKING POC
WebsiteBaker 2.12.2 - Remote Code Execution
EIP-2026-112449 EXPLOITDB python WORKING POC
Student Enrollment 1.0 - Unauthenticated Remote Code Execution
EIP-2026-110087 EXPLOITDB text WORKING POC
Online Discussion Forum Site 1.0 - Remote Code Execution
EIP-2026-110143 EXPLOITDB bash WORKING POC
Online Marriage Registration System 1.0 - Remote Code Execution (1)