LiquidWorm

790 exploits Active since Jun 2006
CVE-2018-13032 EXPLOITDB HIGH text WORKING POC
Ecessa Shieldlink Sl175ehq Firmware - CSRF
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
CVSS 8.8
EIP-2026-101667 EXPLOITDB text WORKING POC
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site Request Forgery
EIP-2026-101665 EXPLOITDB text WORKING POC
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
EIP-2026-101662 EXPLOITDB text WORKING POC
Dasan Networks GPON ONT WiFi Router H64X Series - Privilege Escalation
EIP-2026-101661 EXPLOITDB text WORKING POC
Dasan Networks GPON ONT WiFi Router H64X Series - Cross-Site Request Forgery
EIP-2026-101660 EXPLOITDB text WORKING POC
Dasan Networks GPON ONT WiFi Router H64X Series - Configuration Download
EIP-2026-101659 EXPLOITDB text WORKING POC
Dasan Networks GPON ONT WiFi Router H64X Series - Authentication Bypass
CVE-2019-10846 EXPLOITDB MEDIUM text WORKING POC
Computrols Building Automation System < 19.0.0 - XSS
Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter.
CVSS 6.1
CVE-2014-8657 EXPLOITDB text WORKING POC
Compal Broadband Networks - DoS
The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to cause a denial of service (disconnect all wifi clients) via a request to wirelessChannelStatus.html.
CVE-2019-10848 EXPLOITDB MEDIUM text WORKING POC
Computrols Building Automation Software - Information Disclosure
Computrols CBAS 18.0.0 allows Username Enumeration.
CVSS 5.3
EIP-2026-101581 EXPLOITDB python WORKING POC
CBAS-Web 19.0.0 - Remote Code Execution
CVE-2019-10847 EXPLOITDB HIGH text WORKING POC
Computrols Building Automation Software < 19.0.0 - CSRF
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.
CVSS 8.8
EIP-2026-101580 EXPLOITDB text WORKING POC
Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal
EIP-2026-101562 EXPLOITDB text WORKING POC
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution
EIP-2026-101552 EXPLOITDB text WRITEUP
Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities
EIP-2026-101490 EXPLOITDB text WORKING POC
Verizon 4G LTE Network Extender - Weak Credentials Algorithm
EIP-2026-101489 EXPLOITDB python WORKING POC
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor
CVE-2019-7670 EXPLOITDB HIGH python WORKING POC
Prima Systems FlexAir <2.3.38 - Command Injection
Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component, which could allow attackers to execute commands directly on the operating system.
CVSS 7.2
CVE-2019-9189 EXPLOITDB HIGH text WORKING POC
Primasystems Flexair < 2.3.38 - Unrestricted File Upload
Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authenticated attacker to gain full system access.
CVSS 8.8
EIP-2026-101913 EXPLOITDB text WORKING POC
Pelco Sarix/Spectra Cameras - Remote Code Execution
EIP-2026-101912 EXPLOITDB text WORKING POC
Pelco Sarix/Spectra Cameras - Cross-Site Request Forgery / Cross-Site Scripting
EIP-2026-101911 EXPLOITDB text WORKING POC
Pelco Sarix/Spectra Cameras - Cross-Site Request Forgery (Enable SSH Root Access)
EIP-2026-101910 EXPLOITDB text WORKING POC
Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)
EIP-2026-101907 EXPLOITDB text WRITEUP
Option CloudGate CG0192-11897 - Multiple Vulnerabilities
CVE-2019-7272 EXPLOITDB MEDIUM text WORKING POC
Optergy Proton/Enterprise - Info Disclosure
Optergy Proton/Enterprise devices allow Username Disclosure.
CVSS 5.3