LiquidWorm

790 exploits Active since Jun 2006
EIP-2026-102375 EXPLOITDB text WORKING POC
Hippo CMS 10.1 - Multiple Vulnerabilities
EIP-2026-102368 EXPLOITDB text WORKING POC
Furukawa Electric ConsciusMAP 2.8.1 - Remote Code Execution
CVE-2017-9650 EXPLOITDB HIGH python WORKING POC
ALC WebCTRL <6.5 - RCE
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to upload a malicious file allowing the execution of arbitrary code.
CVSS 7.8
CVE-2017-9640 EXPLOITDB MEDIUM text WORKING POC
ALC WebCTRL <6.5 - Path Traversal
A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software.
CVSS 6.3
EIP-2026-102115 EXPLOITDB text WRITEUP
WEMS BEMS 21.3.1 - Undocumented Backdoor Account
EIP-2026-102351 EXPLOITDB text WRITEUP
Ametys CMS 3.5.2 - 'lang' XPath Injection
EIP-2026-102532 EXPLOITDB text WRITEUP
Resin Application Server 4.0.36 - Source Code Disclosure
CVE-2015-7904 EXPLOITDB text WORKING POC
Infinite Automation Mango Automation <2.6.0 - RCE
Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file.
EIP-2026-102499 EXPLOITDB text WRITEUP
ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities
EIP-2026-102475 EXPLOITDB python WORKING POC
DALIM SOFTWARE ES Core 5.0 build 7184.1 - User Enumeration
EIP-2026-102474 EXPLOITDB text WORKING POC
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery
EIP-2026-102473 EXPLOITDB text WORKING POC
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Directory Traversal
EIP-2026-102472 EXPLOITDB html WORKING POC
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request Forgery
EIP-2026-102456 EXPLOITDB text WORKING POC
Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities
EIP-2026-102442 EXPLOITDB text WORKING POC
NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting
EIP-2026-101959 EXPLOITDB python WORKING POC
Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE)
CVE-2018-18428 EXPLOITDB HIGH text WORKING POC
Tp-link Tl-sc3130 Firmware - Information Disclosure
TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI.
CVSS 7.5
EIP-2026-102026 EXPLOITDB text WORKING POC
SOYAL Biometric Access Control System 5.0 - Master Code Disclosure
EIP-2026-102025 EXPLOITDB html WORKING POC
SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF
EIP-2026-102003 EXPLOITDB html WORKING POC
Sipwise C5 NGCP CSC - Click2Dial Cross-Site Request Forgery (CSRF)
EIP-2026-102002 EXPLOITDB html WORKING POC
Sipwise C5 NGCP CSC - 'Multiple' Persistent Cross-Site Scripting (XSS)
EIP-2026-102000 EXPLOITDB text WORKING POC
Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure
EIP-2026-101999 EXPLOITDB text WORKING POC
Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation
EIP-2026-101998 EXPLOITDB text WRITEUP
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset
EIP-2026-101997 EXPLOITDB python WORKING POC
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit