xistence

77 exploits Active since Jul 1997
EIP-2026-105092 EXPLOITDB text WORKING POC
Alienvault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities
CVE-2015-7858 EXPLOITDB ruby WORKING POC
Joomla! 3.2-3.4.3 - SQL Injection
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297.
EIP-2026-104880 EXPLOITDB text WORKING POC
Aanval 7.1 build 70151 - Multiple Vulnerabilities
EIP-2026-104784 EXPLOITDB ruby WORKING POC
Western Digital Arkeia < 10.0.10 - Remote Code Execution (Metasploit)
CVE-2008-5191 EXPLOITDB ruby WORKING POC
SePortal 2.4 - SQL Injection via poll_id or sp_id Parameter
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
EIP-2026-104711 EXPLOITDB ruby WORKING POC
Alienvault Open Source SIEM (OSSIM) - SQL Injection / Remote Code Execution (Metasploit)
EIP-2026-104325 EXPLOITDB text WRITEUP
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
EIP-2026-104329 EXPLOITDB text WRITEUP
ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities
EIP-2026-104327 EXPLOITDB python WORKING POC
ManageEngine Security Manager Plus 5.5 build 5505 - Directory Traversal
CVE-2015-7387 EXPLOITDB text WRITEUP
ManageEngine EventLog Analyzer < 10.6 - SQL Injection via event/runQuery.do Query Parameter
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrated by "SELECT 1;INSERT INTO." Fixed in Build 11200.
EIP-2026-103979 EXPLOITDB ruby WORKING POC
ManageEngine Security Manager Plus 5.5 build 5505 - SQL Injection (Metasploit)
CVE-2015-7709 EXPLOITDB ruby WORKING POC
Western Digital Arkeia <11.0.12 - Command Injection
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFS_EXEC_CMD operation.
EIP-2026-104121 EXPLOITDB ruby WORKING POC
VNC Keyboard - Remote Code Execution (Metasploit)
EIP-2026-103989 EXPLOITDB text WORKING POC
Motion - Multiple Vulnerabilities
EIP-2026-103978 EXPLOITDB python WORKING POC
ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection
CVE-2015-3306 EXPLOITDB ruby WORKING POC
ProFTPD 1.3.5 - Unauthenticated Arbitrary File Read and Write via mod_copy Site Commands
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
CVE-2014-1683 EXPLOITDB ruby WORKING POC
SkyBlueCanvas CMS <1.1 r248-04 - RCE
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS before 1.1 r248-04, when the pid parameter is 4, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) name, (2) email, (3) subject, or (4) message parameter to index.php.
EIP-2026-102563 EXPLOITDB python WORKING POC
Astium VoIP PBX 2.1 build 25399 - Remote Crash (PoC)
CVE-2015-7766 EXPLOITDB ruby WORKING POC
ZOHO ManageEngine OpManager <11.6 - Auth Bypass
PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT/**/INTO."
EIP-2026-102503 EXPLOITDB text WORKING POC
ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities
CVE-2011-2757 EXPLOITDB text WORKING POC
ManageEngine ServiceDesk Plus <= 8.0.0.12 - Path Traversal via FileDownload.jsp FILENAME Parameter
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.
EIP-2026-102502 EXPLOITDB text WRITEUP
ManageEngine ServiceDesk Plus 9.1 build 9110 - Directory Traversal
EIP-2026-102131 EXPLOITDB text WORKING POC
YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities
EIP-2026-101488 EXPLOITDB python WORKING POC
Ubiquiti AirOS 5.5.2 - (Authenticated) Remote Command Execution
EIP-2026-102063 EXPLOITDB text WORKING POC
TP-Link TD-W8951ND - Multiple Vulnerabilities