Exploitdb Exploits

EIP-2026-107868 EXPLOITDB text

Inout Webmail Ultimate Edition 4.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107866 EXPLOITDB text

Inout StickBoard 1.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107865 EXPLOITDB text

Inout SocialTiles 2.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107864 EXPLOITDB text

Inout SmartDeal 1.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107863 EXPLOITDB text

Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107861 EXPLOITDB text

Inout QuerySpace 1.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107857 EXPLOITDB text

Inout Celebrities 1.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-107856 EXPLOITDB text

Inout CareerLamp 1.0 Script - Improper Access Restrictions

by Ihsan Sencan

View

EIP-2026-106892 EXPLOITDB text

Entrepreneur Matrimonial Script - Authentication Bypass

by Ihsan Sencan

View

EIP-2026-106775 EXPLOITDB text

Education Website Script - Authentication Bypass

by Ihsan Sencan

View

EIP-2026-106186 EXPLOITDB text

Courier Business Website Script - Authentication Bypass

by Ihsan Sencan

View

EIP-2026-103345 EXPLOITDB text

Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution

by Ozer Goker

View

CVE-2016-6433 EXPLOITDB HIGH ruby VERIFIED

Cisco Firepower Mgmt Cntr <6.0.1 - RCE

The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.

by Metasploit

CVSS 8.8

View

EIP-2026-116813 EXPLOITDB text

aSc Timetables 2017 - Local Buffer Overflow

by Peter Baris

View

EIP-2026-110103 EXPLOITDB text

Online Food Delivery 2.04 - Authentication Bypass

by Dawid Morawski

View

EIP-2026-107999 EXPLOITDB text

Itech Job Portal Script 9.11 - Authentication Bypass

by Dawid Morawski

View

CVE-2017-6340 EXPLOITDB MEDIUM text VERIFIED

Trend Micro InterScan Web Security Virtual Appliance < 6.5 - Stored XSS via Report Template Name

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements incorrect access control that allows any authenticated, remote user (even with low privileges like 'Auditor') to create or modify reports, and consequently take advantage of this XSS vulnerability. The JavaScript is executed when victims visit reports or auditlog pages.

by SlidingWindow

CVSS 5.4

View

EIP-2026-101782 EXPLOITDB text

Huawei Flybox B660 - Cross-Site Request Forgery (2)

by Vulnerability-Lab

View

CVE-2017-20196 EXPLOITDB MEDIUM text

Itechscripts School Management Software 2.75 - SQL Injection

A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

by Ihsan Sencan

CVSS 6.3

View

EIP-2026-115007 EXPLOITDB text VERIFIED

Boxoft Wav 1.0 - Buffer Overflow

by Vulnerability-Lab

View

EIP-2026-112423 EXPLOITDB text VERIFIED

Starting Page 1.3 - 'category' SQL Injection

by Ben Lee

View

EIP-2026-110545 EXPLOITDB text

Penny Auction Script - Arbitrary File Upload

by Ihsan Sencan

View

EIP-2026-109666 EXPLOITDB text VERIFIED

My Link Trader 1.1 - 'id' SQL Injection

by Dawid Morawski

View

EIP-2026-108019 EXPLOITDB perl

iTechscripts Freelancer Script 5.11 - 'sk' SQL Injection

by v3n0m

View

EIP-2026-108014 EXPLOITDB text

Itech Travel Portal Script 9.33 - SQL Injection

by Ihsan Sencan

View