LiquidWorm

790 exploits Active since Jun 2006
EIP-2026-104691 EXPLOITDB text WORKING POC
ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS
CVE-2024-4007 EXPLOITDB HIGH WRITEUP
ABB ASPECT; NEXUS Series; MATRIX Series <3.07 - Info Disclosure
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
CVSS 8.8
CVE-2008-2032 EXPLOITDB c WORKING POC
Acritum Femitter Server 1.03 - DoS
The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-104692 EXPLOITDB text WORKING POC
ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS
EIP-2026-104807 EXPLOITDB text WORKING POC
11in1 CMS 1.0.1 - 'do.php' CRLF Injection
EIP-2026-104690 EXPLOITDB text WORKING POC
ABB Cylon Aspect 3.08.02 (webServerUpdate.php) - Input Validation Config Poisoning
EIP-2026-104693 EXPLOITDB text WORKING POC
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
CVE-2015-1059 EXPLOITDB python WORKING POC
AdaptCMS 3.0.3 - Code Injection
Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads.
EIP-2026-104907 EXPLOITDB text WORKING POC
AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities
EIP-2026-104689 EXPLOITDB text WORKING POC
ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal
CVE-2024-6209 EXPLOITDB CRITICAL WORKING POC
ABB ASPECT - Enterprise <3.08.01 - Info Disclosure
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized
CVSS 10.0
EIP-2026-104616 EXPLOITDB text WORKING POC
Horos 2.1.0 Web Portal - Directory Traversal
EIP-2026-104918 EXPLOITDB text WRITEUP
acontent 1.1 - Multiple Vulnerabilities
EIP-2026-104744 EXPLOITDB python WORKING POC
Omeka 2.2.1 - Remote Code Execution
EIP-2026-104746 EXPLOITDB python WORKING POC
Oxwall 1.7.0 - Remote Code Execution
CVE-2024-48840 EXPLOITDB CRITICAL text WORKING POC
ABB Aspect-ent-2 Firmware < 3.08.03 - Code Injection
Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
CVSS 10.0
CVE-2024-48844 EXPLOITDB HIGH text WORKING POC
ABB Aspect-ent-2 Firmware - Resource Allocation Without Limits
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
CVSS 7.7
EIP-2026-104405 EXPLOITDB text WORKING POC
Practico 13.9 - Multiple Vulnerabilities
CVE-2015-5285 EXPLOITDB text WORKING POC
Kallithea <0.3 - HTTP Response Splitting
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.
EIP-2026-104277 EXPLOITDB text WORKING POC
i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw
EIP-2026-104354 EXPLOITDB text WORKING POC
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download
EIP-2026-104570 EXPLOITDB python WORKING POC
Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service
EIP-2026-104438 EXPLOITDB text WORKING POC
SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS
EIP-2026-104379 EXPLOITDB text WORKING POC
Oracle OpenSSO 8.0 - Multiple Cross-Site Scripting POST Injection Vulnerabilities
CVE-2015-2080 EXPLOITDB HIGH text WORKING POC
Fedora < 9.2.9.v20150224 - Information Disclosure
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
CVSS 7.5