L0RD

57 exploits Active since May 2018
EIP-2026-112452 EXPLOITDB text WORKING POC
Student Profile Management System Script 2.0.6 - Authentication Bypass
EIP-2026-112483 EXPLOITDB text WORKING POC
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
EIP-2026-112484 EXPLOITDB text WORKING POC
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
EIP-2026-112486 EXPLOITDB text WORKING POC
Superfood 1.0 - Multiple Vulnerabilities
CVE-2018-12519 EXPLOITDB HIGH text WORKING POC
ShopNx through 2017-11-17 - Unrestricted Upload of File with Dangerous Type
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
CVSS 8.8
EIP-2026-111564 EXPLOITDB text WORKING POC
PSNews Website 1.0.0 - 'Keywords' SQL Injection
EIP-2026-111508 EXPLOITDB text WORKING POC
Private Message PHP Script 2.0 - Cross-Site Scripting
EIP-2026-110585 EXPLOITDB text WORKING POC
PHIMS - Hospital Management Information System - 'Password' SQL Injection
EIP-2026-110503 EXPLOITDB text WORKING POC
Paypal Clone Script 1.0.9 - 'id' / 'acctype' SQL Injection
EIP-2026-110189 EXPLOITDB text WORKING POC
Online Test Script 2.0.7 - 'cid' SQL Injection
CVE-2018-12908 EXPLOITDB CRITICAL text WORKING POC
Brynamics - Exposure of Sensitive Information via Direct Request to /dashboard/deposit
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.
CVSS 9.8
EIP-2026-109636 EXPLOITDB text WORKING POC
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting
EIP-2026-109948 EXPLOITDB text WORKING POC
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
EIP-2026-109947 EXPLOITDB text WORKING POC
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
EIP-2026-109838 EXPLOITDB text WORKING POC
Naukri Clone Script 3.0.3 - 'indus' SQL Injection
EIP-2026-109537 EXPLOITDB text WORKING POC
Model Agency Media House & Model Gallery 1.0 - Multiple Vulnerabilities
EIP-2026-109342 EXPLOITDB text WORKING POC
Matrimonial Website Script 2.1.6 - 'uid' SQL Injection
EIP-2026-109524 EXPLOITDB text WORKING POC
Mobile Card Selling Platform 1 - Cross-Site Request Forgery
EIP-2026-109375 EXPLOITDB text WORKING POC
Mcard Mobile Card Selling Platform 1 - SQL Injection
EIP-2026-108657 EXPLOITDB text WORKING POC
Joomla! Component Full Social 1.1.0 - 'search_query' SQL Injection
EIP-2026-107831 EXPLOITDB text WORKING POC
Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery
EIP-2026-107971 EXPLOITDB text WORKING POC
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
CVE-2018-13849 EXPLOITDB MEDIUM text WORKING POC
instagram-clone < 2018-04-23 - Cross-Site Scripting via edit_requests.php onmouseover Payload
edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.
CVSS 6.1
EIP-2026-107567 EXPLOITDB text WORKING POC
Healwire Online Pharmacy 3.0 - Cross-Site Scripting / Cross-Site Request Forgery
EIP-2026-107027 EXPLOITDB text WORKING POC
Facebook Clone Script 1.0.5 - Cross-Site Request Forgery