{"text": "Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN", "spans": {"SYSTEM: Android": [[0, 7]], "VULNERABILITY: ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN": [[10, 74]]}, "info": {"source": "exploitdb", "exploit_id": "47921"}}
{"text": "FLEX 1080 < 1085 Web 1.6.0 - Denial of Service", "spans": {"SYSTEM: FLEX 1080 < 1085 Web 1.6.0": [[0, 26]], "VULNERABILITY: Denial of Service": [[29, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51438"}}
{"text": "WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM", "spans": {"SYSTEM: WeChat": [[0, 6]], "VULNERABILITY: Memory Corruption": [[9, 26]]}, "info": {"source": "exploitdb", "exploit_id": "47920"}}
{"text": "Android Binder - Use-After-Free (Metasploit)", "spans": {"SYSTEM: Android Binder": [[0, 14]], "VULNERABILITY: Use-After-Free": [[17, 31]], "TOOL: Metasploit": [[33, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48129"}}
{"text": "Tasks 9.7.3 - Insecure Permissions", "spans": {"SYSTEM: Tasks 9.7.3": [[0, 11]], "VULNERABILITY: Insecure Permissions": [[14, 34]]}, "info": {"source": "exploitdb", "exploit_id": "49563"}}
{"text": "Xiaomi browser 10.2.4.g - Browser Search History Disclosure", "spans": {"SYSTEM: Xiaomi browser 10.2.4.g": [[0, 23]], "VULNERABILITY: Browser Search History Disclosure": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50188"}}
{"text": "AWebServer GhostBuilding 18 - Denial of Service (DoS)", "spans": {"SYSTEM: AWebServer GhostBuilding 18": [[0, 27]], "VULNERABILITY: Denial of Service (DoS)": [[30, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50629"}}
{"text": "Bookeen Notea - Directory Traversal", "spans": {"SYSTEM: Bookeen Notea": [[0, 13]], "VULNERABILITY: Directory Traversal": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50897"}}
{"text": "ES File Explorer 4.1.9.7.4 - Arbitrary File Read", "spans": {"SYSTEM: ES File Explorer 4.1.9.7.4": [[0, 26]], "VULNERABILITY: Arbitrary File Read": [[29, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50070"}}
{"text": "Magic Home Pro 1.5.1 - Authentication Bypass", "spans": {"SYSTEM: Magic Home Pro 1.5.1": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49266"}}
{"text": "Roxy Fileman 1.4.5 -  Arbitrary File Upload", "spans": {"SYSTEM: Roxy Fileman 1.4.5": [[0, 18]], "VULNERABILITY: Arbitrary File Upload": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51355"}}
{"text": "Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Build Smart ERP 21.0817": [[0, 23]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50445"}}
{"text": "Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Enhanced Multimedia Router 3.0.4.27": [[0, 35]], "VULNERABILITY: Cross-Site Request Forgery": [[38, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48217"}}
{"text": "ENTAB ERP 1.0 - Username PII leak", "spans": {"SYSTEM: ENTAB ERP 1.0": [[0, 13]], "VULNERABILITY: Username PII leak": [[16, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51335"}}
{"text": "EQ Enterprise management system v2.2.0 - SQL Injection", "spans": {"SYSTEM: EQ Enterprise management system v2.2.0": [[0, 38]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51154"}}
{"text": "HelloWeb 2.0 - Arbitrary File Download", "spans": {"SYSTEM: HelloWeb 2.0": [[0, 12]], "VULNERABILITY: Arbitrary File Download": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48659"}}
{"text": "InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal", "spans": {"SYSTEM: InnovaStudio WYSIWYG Editor 5.4": [[0, 31]], "VULNERABILITY: Directory Traversal": [[61, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51362"}}
{"text": "OLK Web Store 2020 - Cross-Site Request Forgery", "spans": {"SYSTEM: OLK Web Store 2020": [[0, 18]], "VULNERABILITY: Cross-Site Request Forgery": [[21, 47]]}, "info": {"source": "exploitdb", "exploit_id": "47960"}}
{"text": "Password Manager for IIS v2.0 - XSS", "spans": {"SYSTEM: Password Manager for IIS v2.0": [[0, 29]], "VULNERABILITY: XSS": [[32, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51055"}}
{"text": "Snitz Forum v1.0 - Blind SQL Injection", "spans": {"SYSTEM: Snitz Forum v1.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51323"}}
{"text": "wkhtmltopdf 0.12.6 -  Server Side Request Forgery", "spans": {"SYSTEM: wkhtmltopdf 0.12.6": [[0, 18]], "VULNERABILITY: Server Side Request Forgery": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51039"}}
{"text": "BlogEngine 3.3.8 - 'Content' Stored XSS", "spans": {"SYSTEM: BlogEngine 3.3.8": [[0, 16]], "VULNERABILITY: XSS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48999"}}
{"text": "DotNetNuke 9.5 - File Upload Restrictions Bypass", "spans": {"SYSTEM: DotNetNuke 9.5": [[0, 14]], "VULNERABILITY: File Upload": [[17, 28]]}, "info": {"source": "exploitdb", "exploit_id": "48125"}}
{"text": "DotNetNuke 9.5 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: DotNetNuke 9.5": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48124"}}
{"text": "ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ELSI Smart Floor V3.3.3": [[0, 23]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51200"}}
{"text": "H8 SSRMS - 'id' IDOR", "spans": {"SYSTEM: H8 SSRMS": [[0, 8]], "VULNERABILITY: IDOR": [[16, 20]]}, "info": {"source": "exploitdb", "exploit_id": "49508"}}
{"text": "IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration", "spans": {"SYSTEM: IntelliChoice eFORCE Software Suite 2.5.9": [[0, 41]], "VULNERABILITY: Username Enumeration": [[44, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50164"}}
{"text": "Kartris 1.6 - Arbitrary File Upload", "spans": {"SYSTEM: Kartris 1.6": [[0, 11]], "VULNERABILITY: Arbitrary File Upload": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48445"}}
{"text": "Microsoft SharePoint Server 2019 - Remote Code Execution", "spans": {"SYSTEM: Microsoft SharePoint Server 2019": [[0, 32]], "VULNERABILITY: Remote Code Execution": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48747"}}
{"text": "Microsoft SharePoint Server 2019 - Remote Code Execution (2)", "spans": {"SYSTEM: Microsoft SharePoint Server 2019": [[0, 32]], "VULNERABILITY: Remote Code Execution": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50151"}}
{"text": "Nyron 1.0 - SQLi (Unauthenticated)", "spans": {"SYSTEM: Nyron 1.0": [[0, 9]], "VULNERABILITY: SQLi": [[12, 16]]}, "info": {"source": "exploitdb", "exploit_id": "50674"}}
{"text": "Orchard Core RC1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Orchard Core RC1": [[0, 16]], "VULNERABILITY: Persistent Cross-Site Scripting": [[19, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48456"}}
{"text": "ReQlogic v11.3 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ReQlogic v11.3": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[17, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51118"}}
{"text": "Sitecore - Remote Code Execution v8.2", "spans": {"SYSTEM: Sitecore": [[0, 8]], "VULNERABILITY: Remote Code Execution": [[11, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51876"}}
{"text": "Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)", "spans": {"SYSTEM: Smart Office Web 20.28": [[0, 22]], "VULNERABILITY: Information Disclosure": [[32, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51539"}}
{"text": "SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure", "spans": {"SYSTEM: SmarterTools SmarterTrack 7922": [[0, 30]], "VULNERABILITY: Information Disclosure": [[44, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50328"}}
{"text": "Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Umbraco CMS 7.12.4": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49488"}}
{"text": "Umbraco CMS 8.9.1 - Directory Traversal", "spans": {"SYSTEM: Umbraco CMS 8.9.1": [[0, 17]], "VULNERABILITY: Directory Traversal": [[20, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50241"}}
{"text": "Umbraco v8.14.1 - 'baseUrl' SSRF", "spans": {"SYSTEM: Umbraco v8.14.1": [[0, 15]], "VULNERABILITY: SSRF": [[28, 32]]}, "info": {"source": "exploitdb", "exploit_id": "50462"}}
{"text": "Adobe ColdFusion 8 - Remote Command Execution (RCE)", "spans": {"SYSTEM: Adobe ColdFusion 8": [[0, 18]], "VULNERABILITY: Remote Command Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50057"}}
{"text": "Aruba Instant (IAP) - Remote Code Execution", "spans": {"SYSTEM: Aruba Instant (IAP)": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50136"}}
{"text": "CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting", "spans": {"SYSTEM: CHIYU BF430 TCP IP Converter": [[0, 28]], "VULNERABILITY: Stored Cross-Site Scripting": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48040"}}
{"text": "CHIYU IoT devices - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: CHIYU IoT devices": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49922"}}
{"text": "CHIYU TCP/IP Converter devices - CRLF injection", "spans": {"SYSTEM: CHIYU TCP/IP Converter devices": [[0, 30]], "VULNERABILITY: CRLF injection": [[33, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49923"}}
{"text": "Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection", "spans": {"SYSTEM: Gemtek WVRTM-127ACN 01.01.02.141": [[0, 32]], "VULNERABILITY: Command Injection": [[59, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49079"}}
{"text": "IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: IPCop 2.1.9": [[0, 11]], "VULNERABILITY: Remote Code Execution (RCE)": [[14, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50183"}}
{"text": "IPFire 2.25 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: IPFire 2.25": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49869"}}
{"text": "LISTSERV 17 - Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: LISTSERV 17": [[0, 11]], "VULNERABILITY: Insecure Direct Object Reference": [[14, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51149"}}
{"text": "LISTSERV 17 - Reflected Cross Site Scripting (XSS)", "spans": {"SYSTEM: LISTSERV 17": [[0, 11]], "VULNERABILITY: Cross Site Scripting": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51148"}}
{"text": "Mailman 1.x > 2.1.23 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Mailman 1.x > 2.1.23": [[0, 20]], "VULNERABILITY: Cross Site Scripting": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48970"}}
{"text": "Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI", "spans": {"SYSTEM: Mitel MiCollab AWV 8.1.2.4 and 9.1.3": [[0, 36]], "VULNERABILITY: Directory Traversal": [[39, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51308"}}
{"text": "Movable Type 7 r.5002  - XMLRPC API OS Command Injection (Metasploit)", "spans": {"SYSTEM: Movable Type 7 r.5002": [[0, 21]], "VULNERABILITY: Command Injection": [[39, 56]], "TOOL: Metasploit": [[58, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50464"}}
{"text": "ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ZCBS/ZBBS/ZPBS v4.14k": [[0, 21]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[24, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51347"}}
{"text": "Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal", "spans": {"SYSTEM: Zen Load Balancer 3.10.1": [[0, 24]], "VULNERABILITY: Directory Traversal": [[39, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48308"}}
{"text": "Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)", "spans": {"SYSTEM: Zen Load Balancer 3.10.1": [[0, 24]], "VULNERABILITY: Directory Traversal": [[27, 46]], "TOOL: Metasploit": [[48, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48373"}}
{"text": "Zen Load Balancer 3.10.1 - Remote Code Execution", "spans": {"SYSTEM: Zen Load Balancer 3.10.1": [[0, 24]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48266"}}
{"text": "pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting", "spans": {"SYSTEM: pfSense 2.4.4-P3": [[0, 16]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48300"}}
{"text": "MinIO < 2024-01-31T20-20-33Z - Privilege Escalation", "spans": {"SYSTEM: MinIO < 2024-01-31T20-20-33Z": [[0, 28]], "VULNERABILITY: Privilege Escalation": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51976"}}
{"text": "Answerdev 1.0.3 - Account Takeover", "spans": {"SYSTEM: Answerdev 1.0.3": [[0, 15]], "VULNERABILITY: Account Takeover": [[18, 34]]}, "info": {"source": "exploitdb", "exploit_id": "51257"}}
{"text": "Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Casdoor 1.901.0": [[0, 15]], "VULNERABILITY: CSRF": [[46, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52281"}}
{"text": "Casdoor < v1.331.0 - '/api/set-password' CSRF", "spans": {"SYSTEM: Casdoor < v1.331.0": [[0, 18]], "VULNERABILITY: CSRF": [[41, 45]], "FILEPATH: /api/set-password": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51961"}}
{"text": "Ladder v0.0.21 - Server-side request forgery (SSRF)", "spans": {"SYSTEM: Ladder v0.0.21": [[0, 14]], "VULNERABILITY: SSRF": [[46, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51869"}}
{"text": "Minio 2022-07-29T19-40-48Z - Path traversal", "spans": {"SYSTEM: Minio 2022-07-29T19-40-48Z": [[0, 26]], "VULNERABILITY: Path traversal": [[29, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51734"}}
{"text": "Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download", "spans": {"SYSTEM: Pydio Cells 4.1.2": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51497"}}
{"text": "Pydio Cells 4.1.2 - Server-Side Request Forgery", "spans": {"SYSTEM: Pydio Cells 4.1.2": [[0, 17]], "VULNERABILITY: Server-Side Request Forgery": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51498"}}
{"text": "Pydio Cells 4.1.2 - Unauthorised Role Assignments", "spans": {"SYSTEM: Pydio Cells 4.1.2": [[0, 17]], "VULNERABILITY: Unauthorised Role Assignments": [[20, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51496"}}
{"text": "Amcrest Dahua NVR Camera IP2M-841 - Denial of Service (PoC)", "spans": {"SYSTEM: Amcrest Dahua NVR Camera IP2M-841": [[0, 33]], "VULNERABILITY: Denial of Service (PoC)": [[36, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48304"}}
{"text": "Cisco IP Phone 11.7 - Denial of service (PoC)", "spans": {"SYSTEM: Cisco IP Phone 11.7": [[0, 19]], "VULNERABILITY: Denial of service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48342"}}
{"text": "DD-WRT 45723 - UPNP Buffer Overflow (PoC)", "spans": {"SYSTEM: DD-WRT 45723": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[20, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49730"}}
{"text": "DLink DIR 819 A1 - Denial of Service", "spans": {"SYSTEM: DLink DIR 819 A1": [[0, 16]], "VULNERABILITY: Denial of Service": [[19, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51053"}}
{"text": "Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS", "spans": {"SYSTEM: Electrolink FM/DAB/TV Transmitter": [[0, 33]], "VULNERABILITY: Unauthenticated Remote DoS": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51774"}}
{"text": "Extreme Networks Aerohive HiveOS 11.0 - Remote Denial of Service (PoC)", "spans": {"SYSTEM: Extreme Networks Aerohive HiveOS 11.0": [[0, 37]], "VULNERABILITY: Denial of Service (PoC)": [[47, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48441"}}
{"text": "FortiRecorder 6.4.3 - Denial of Service", "spans": {"SYSTEM: FortiRecorder 6.4.3": [[0, 19]], "VULNERABILITY: Denial of Service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51326"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated)", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Device Reboot": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49685"}}
{"text": "Microtik SSH Daemon 6.44.3 - Denial of Service (PoC)", "spans": {"SYSTEM: Microtik SSH Daemon 6.44.3": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48228"}}
{"text": "Paradox Security Systems IPR512 - Denial Of Service", "spans": {"SYSTEM: Paradox Security Systems IPR512": [[0, 31]], "VULNERABILITY: Denial Of Service": [[34, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51356"}}
{"text": "qubes-mirage-firewall  v0.8.3 - Denial Of Service (DoS)", "spans": {"SYSTEM: qubes-mirage-firewall  v0.8.3": [[0, 29]], "VULNERABILITY: Denial Of Service": [[32, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51157"}}
{"text": "Router ZTE-H108NS - Stack Buffer Overflow (DoS)", "spans": {"SYSTEM: Router ZTE-H108NS": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[26, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51137"}}
{"text": "RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service", "spans": {"SYSTEM: RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10": [[0, 43]], "VULNERABILITY: Denial of Service": [[46, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51931"}}
{"text": "Siemens S7 Layer 2 - Denial of Service (DoS)", "spans": {"SYSTEM: Siemens S7 Layer 2": [[0, 18]], "VULNERABILITY: Denial of Service (DoS)": [[21, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50613"}}
{"text": "SoX 14.4.2 - Denial Of Service", "spans": {"SYSTEM: SoX 14.4.2": [[0, 10]], "VULNERABILITY: Denial Of Service": [[13, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51034"}}
{"text": "Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Denial Of Service", "spans": {"SYSTEM: Tinycontrol LAN Controller v3 (LK3) 1.58a": [[0, 41]], "VULNERABILITY: Remote Denial Of Service": [[44, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51730"}}
{"text": "TP-Link Archer C50 3 - Denial of Service (PoC)", "spans": {"SYSTEM: TP-Link Archer C50 3": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48255"}}
{"text": "TP-Link TL-WR940N V4 - Buffer OverFlow", "spans": {"SYSTEM: TP-Link TL-WR940N V4": [[0, 20]], "VULNERABILITY: Buffer OverFlow": [[23, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51561"}}
{"text": "VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service", "spans": {"SYSTEM: VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot)": [[0, 52]], "VULNERABILITY: Remote Denial Of Service": [[55, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51793"}}
{"text": "ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)", "spans": {"SYSTEM: ASUS ASMB8 iKVM 1.14.51": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52244"}}
{"text": "Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation", "spans": {"SYSTEM: Cyclades Serial Console Server 3.3.0": [[0, 36]], "VULNERABILITY: Local Privilege Escalation": [[39, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50773"}}
{"text": "DS Wireless Communication - Remote Code Execution", "spans": {"SYSTEM: DS Wireless Communication": [[0, 25]], "VULNERABILITY: Remote Code Execution": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51798"}}
{"text": "ECOA Building Automation System - Missing Encryption Of Sensitive Information", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Missing Encryption Of Sensitive Information": [[34, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50283"}}
{"text": "FS-S3900-24T4S - Privilege Escalation", "spans": {"SYSTEM: FS-S3900-24T4S": [[0, 14]], "VULNERABILITY: Privilege Escalation": [[17, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51414"}}
{"text": "Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account", "spans": {"SYSTEM: Ruckus IoT Controller 1.7.1.0": [[0, 29]], "VULNERABILITY: Undocumented Backdoor Account": [[32, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52242"}}
{"text": "Saflok - Key Derication Function Exploit", "spans": {"SYSTEM: Saflok": [[0, 6]], "VULNERABILITY: Key Derication Function Exploit": [[9, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51832"}}
{"text": "Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12 - 'ip6_setpktopt' Kernel Local Privilege Escalation (PoC)", "spans": {"SYSTEM: Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12": [[0, 56]], "VULNERABILITY: Local Privilege Escalation": [[82, 108]]}, "info": {"source": "exploitdb", "exploit_id": "48644"}}
{"text": "ABUS Security Camera TVIP 20000-21150 - LFI_ RCE and SSH Root Access", "spans": {"SYSTEM: ABUS Security Camera TVIP 20000-21150": [[0, 37]], "VULNERABILITY: RCE": [[45, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51294"}}
{"text": "Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow (DoS)", "spans": {"SYSTEM: Accu-Time Systems MAXIMUS 1.0": [[0, 29]], "VULNERABILITY: Remote Buffer Overflow": [[39, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50620"}}
{"text": "Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root", "spans": {"SYSTEM: Adtec Digital Multiple Products": [[0, 31]], "VULNERABILITY: Default Hardcoded Credentials Remote Root": [[34, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48954"}}
{"text": "Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Algo 8028 Control Panel": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50960"}}
{"text": "Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak", "spans": {"SYSTEM: Anevia Flamingo XL 3.2.9": [[0, 24]], "VULNERABILITY: Remote Root Jailbreak": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51516"}}
{"text": "Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution", "spans": {"SYSTEM: Anevia Flamingo XL 3.6.20": [[0, 25]], "VULNERABILITY: Remote Code Execution": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51515"}}
{"text": "Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution", "spans": {"SYSTEM: Anevia Flamingo XS 3.6.5": [[0, 24]], "VULNERABILITY: Remote Code Execution": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51514"}}
{"text": "Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Arris Router Firmware 9.1.103": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51269"}}
{"text": "Aruba Instant 8.7.1.0 - Arbitrary File Modification", "spans": {"SYSTEM: Aruba Instant 8.7.1.0": [[0, 21]], "VULNERABILITY: Arbitrary File Modification": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50133"}}
{"text": "ASKEY RTF3505VW-N1 - Privilege Escalation", "spans": {"SYSTEM: ASKEY RTF3505VW-N1": [[0, 18]], "VULNERABILITY: Privilege Escalation": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51155"}}
{"text": "Atcom 2.7.x.x - Authenticated Command Injection", "spans": {"SYSTEM: Atcom 2.7.x.x": [[0, 13]], "VULNERABILITY: Command Injection": [[30, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51742"}}
{"text": "Auerswald COMfortel 2.8F - Authentication Bypass", "spans": {"SYSTEM: Auerswald COMfortel 2.8F": [[0, 24]], "VULNERABILITY: Authentication Bypass": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50565"}}
{"text": "Auerswald COMpact 8.0B - Arbitrary File Disclosure", "spans": {"SYSTEM: Auerswald COMpact 8.0B": [[0, 22]], "VULNERABILITY: Arbitrary File Disclosure": [[25, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50568"}}
{"text": "Auerswald COMpact 8.0B - Multiple Backdoors", "spans": {"SYSTEM: Auerswald COMpact 8.0B": [[0, 22]], "VULNERABILITY: Multiple Backdoors": [[25, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50569"}}
{"text": "Auerswald COMpact 8.0B - Privilege Escalation", "spans": {"SYSTEM: Auerswald COMpact 8.0B": [[0, 22]], "VULNERABILITY: Privilege Escalation": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50567"}}
{"text": "AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal", "spans": {"SYSTEM: AVEVA InTouch Access Anywhere Secure Gateway 2020 R2": [[0, 52]], "VULNERABILITY: Path Traversal": [[55, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51028"}}
{"text": "Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)", "spans": {"SYSTEM: Aztech DSL5005EN Router": [[0, 23]], "VULNERABILITY: Admin Password Change": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52093"}}
{"text": "CHIYU IoT Devices - 'Telnet' Authentication Bypass", "spans": {"SYSTEM: CHIYU IoT Devices": [[0, 17]], "VULNERABILITY: Authentication Bypass": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49936"}}
{"text": "Cisco 7937G - DoS/Privilege Escalation", "spans": {"SYSTEM: Cisco 7937G": [[0, 11]], "VULNERABILITY: Privilege Escalation": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49057"}}
{"text": "Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers", "spans": {"SYSTEM: Cisco small business RV130W 1.0.3.44": [[0, 36]], "VULNERABILITY: Inject Counterfeit Routers": [[39, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50335"}}
{"text": "Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection", "spans": {"SYSTEM: Cypress Solutions CTM-200 2.7.1": [[0, 31]], "VULNERABILITY: Command Injection": [[49, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50408"}}
{"text": "Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)", "spans": {"SYSTEM: Cypress Solutions CTM-200/CTM-ONE": [[0, 33]], "VULNERABILITY: Hard-coded Credentials Remote Root": [[36, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50407"}}
{"text": "D-Link DIR-846 - Remote Command Execution (RCE) vulnerability", "spans": {"SYSTEM: D-Link DIR-846": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51243"}}
{"text": "D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution", "spans": {"SYSTEM: D-Link DNR-322L <=2.60B15": [[0, 25]], "VULNERABILITY: Authenticated Remote Code Execution": [[28, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51046"}}
{"text": "Dell EMC iDRAC7/iDRAC8 2.52.52.52 -  Remote Code Execution (RCE)", "spans": {"SYSTEM: Dell EMC iDRAC7/iDRAC8 2.52.52.52": [[0, 33]], "VULNERABILITY: Remote Code Execution (RCE)": [[37, 64]]}, "info": {"source": "exploitdb", "exploit_id": "52246"}}
{"text": "Dell EMC Networking PC5500 firmware versions 4.1.0.22 and  Cisco Sx / SMB - Information Disclosure", "spans": {"SYSTEM: Dell EMC Networking PC5500 firmware versions 4.1.0.22 and  Cisco Sx / SMB": [[0, 73]], "VULNERABILITY: Information Disclosure": [[76, 98]]}, "info": {"source": "exploitdb", "exploit_id": "51248"}}
{"text": "Delta Controls enteliTOUCH 3.40.3935 - Cookie User Password Disclosure", "spans": {"SYSTEM: Delta Controls enteliTOUCH 3.40.3935": [[0, 36]], "VULNERABILITY: Password Disclosure": [[51, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50880"}}
{"text": "Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Delta Controls enteliTOUCH 3.40.3935": [[0, 36]], "VULNERABILITY: CSRF": [[67, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50878"}}
{"text": "Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Delta Controls enteliTOUCH 3.40.3935": [[0, 36]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[39, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50879"}}
{"text": "Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)", "spans": {"SYSTEM: Denver Smart Wifi Camera SHC-150": [[0, 32]], "VULNERABILITY: Remote Code Execution (RCE)": [[44, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50160"}}
{"text": "Dixell XWEB 500 - Arbitrary File Write", "spans": {"SYSTEM: Dixell XWEB 500": [[0, 15]], "VULNERABILITY: Arbitrary File Write": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50639"}}
{"text": "DLINK DAP-1620 A1 v1.01 - Directory Traversal", "spans": {"SYSTEM: DLINK DAP-1620 A1 v1.01": [[0, 23]], "VULNERABILITY: Directory Traversal": [[26, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50919"}}
{"text": "DLINK DIR850 - Insecure Access Control", "spans": {"SYSTEM: DLINK DIR850": [[0, 12]], "VULNERABILITY: Insecure Access Control": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50906"}}
{"text": "DLINK DIR850 - Open Redirect", "spans": {"SYSTEM: DLINK DIR850": [[0, 12]], "VULNERABILITY: Open Redirect": [[15, 28]]}, "info": {"source": "exploitdb", "exploit_id": "50907"}}
{"text": "Dlink DSL2750U - 'Reboot' Command Injection", "spans": {"SYSTEM: Dlink DSL2750U": [[0, 14]], "VULNERABILITY: Command Injection": [[26, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50034"}}
{"text": "DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit)", "spans": {"SYSTEM: DLINK DWL-2600": [[0, 14]], "VULNERABILITY: Command Injection": [[38, 55]], "TOOL: Metasploit": [[57, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48274"}}
{"text": "Drobo 5N2 4.1.1 - Remote Command Injection", "spans": {"SYSTEM: Drobo 5N2 4.1.1": [[0, 15]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48214"}}
{"text": "DSL-124 Wireless N300 ADSL2+ - Backup File Disclosure", "spans": {"SYSTEM: DSL-124 Wireless N300 ADSL2+": [[0, 28]], "VULNERABILITY: Backup File Disclosure": [[31, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51129"}}
{"text": "EasyNas 1.1.0 - OS Command Injection", "spans": {"SYSTEM: EasyNas 1.1.0": [[0, 13]], "VULNERABILITY: Command Injection": [[19, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51266"}}
{"text": "EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow", "spans": {"SYSTEM: EBBISLAND EBBSHAVE 6100-09-04-1441": [[0, 34]], "VULNERABILITY: Remote Buffer Overflow": [[37, 59]]}, "info": {"source": "exploitdb", "exploit_id": "47888"}}
{"text": "ECOA Building Automation System - Hard-coded Credentials SSH Access", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Hard-coded Credentials SSH Access": [[34, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50282"}}
{"text": "Epson Stylus SX510W Printer Remote Power Off - Denial of Service", "spans": {"SYSTEM: Epson Stylus SX510W Printer Remote Power Off": [[0, 44]], "VULNERABILITY: Denial of Service": [[47, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51441"}}
{"text": "EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR)", "spans": {"SYSTEM: EuroTel ETL3100": [[0, 15]], "VULNERABILITY: Authorization Bypass": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51685"}}
{"text": "EuroTel ETL3100 - Transmitter Default Credentials", "spans": {"SYSTEM: EuroTel ETL3100": [[0, 15]], "VULNERABILITY: Transmitter Default Credentials": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51684"}}
{"text": "EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download", "spans": {"SYSTEM: EuroTel ETL3100": [[0, 15]], "VULNERABILITY: Transmitter Unauthenticated Config/Log Download": [[18, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51686"}}
{"text": "Franklin Fueling Systems  TS-550 - Exploit and Default Password", "spans": {"SYSTEM: Franklin Fueling Systems  TS-550": [[0, 32]], "VULNERABILITY: Exploit and Default Password": [[35, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51321"}}
{"text": "Franklin Fueling Systems TS-550 - Default Password", "spans": {"SYSTEM: Franklin Fueling Systems TS-550": [[0, 31]], "VULNERABILITY: Default Password": [[34, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51382"}}
{"text": "FRITZ!Box 7.20 - DNS Rebinding Protection Bypass", "spans": {"SYSTEM: FRITZ!Box 7.20": [[0, 14]], "VULNERABILITY: DNS Rebinding Protection Bypass": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49293"}}
{"text": "Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure", "spans": {"SYSTEM: Genexis Platinum 4410 Router 2.1": [[0, 32]], "VULNERABILITY: UPnP Credential Exposure": [[35, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49075"}}
{"text": "GL-iNet MT6000 4.5.5 - Arbitrary File Download", "spans": {"SYSTEM: GL-iNet MT6000 4.5.5": [[0, 20]], "VULNERABILITY: Arbitrary File Download": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51942"}}
{"text": "GL.iNet AR300M v3.216 Remote Code Execution - CVE-2023-46456 Exploit", "spans": {"SYSTEM: GL.iNet AR300M v3.216 Remote Code Execution": [[0, 43]], "VULNERABILITY: CVE-2023-46456 Exploit": [[46, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51854"}}
{"text": "GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit", "spans": {"SYSTEM: GL.iNet AR300M v4.3.7 Arbitrary File Read": [[0, 41]], "VULNERABILITY: CVE-2023-46455 Exploit": [[44, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51851"}}
{"text": "GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit", "spans": {"SYSTEM: GL.iNet AR300M v4.3.7 Remote Code Execution": [[0, 43]], "VULNERABILITY: CVE-2023-46454 Exploit": [[46, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51852"}}
{"text": "GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse", "spans": {"SYSTEM: GoAhead Web Server 5.1.1": [[0, 24]], "VULNERABILITY: Digest Authentication Capture Replay Nonce Reuse": [[27, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48958"}}
{"text": "H3C SSL VPN - Username Enumeration", "spans": {"SYSTEM: H3C SSL VPN": [[0, 11]], "VULNERABILITY: Username Enumeration": [[14, 34]]}, "info": {"source": "exploitdb", "exploit_id": "50742"}}
{"text": "Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution", "spans": {"SYSTEM: Hikvision Hybrid SAN Ds-a71024 Firmware": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51607"}}
{"text": "HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account", "spans": {"SYSTEM: HiSilicon DVR/NVR hi3520d firmware": [[0, 34]], "VULNERABILITY: Remote Backdoor Account": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48004"}}
{"text": "HNAS SMU 14.8.7825 - Information Disclosure", "spans": {"SYSTEM: HNAS SMU 14.8.7825": [[0, 18]], "VULNERABILITY: Information Disclosure": [[21, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51915"}}
{"text": "Honeywell PM43 < P10.19.050004 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Honeywell PM43 < P10.19.050004": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51885"}}
{"text": "Hughes Satellite Router HX200 v8.3.1.14 -  Remote File Inclusion", "spans": {"SYSTEM: Hughes Satellite Router HX200 v8.3.1.14": [[0, 39]], "VULNERABILITY: Remote File Inclusion": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51190"}}
{"text": "ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD", "spans": {"SYSTEM: ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07": [[0, 52]], "VULNERABILITY: Remote File CRUD": [[55, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50783"}}
{"text": "ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure", "spans": {"SYSTEM: ICT Protege GX/WX 2.08": [[0, 22]], "VULNERABILITY: Client-Side SHA1 Password Hash Disclosure": [[25, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50836"}}
{"text": "ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ICT Protege GX/WX 2.08": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[25, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50835"}}
{"text": "Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell", "spans": {"SYSTEM: Ilevia EVE X1/X5 Server 4.7.18.0.eden": [[0, 37]], "VULNERABILITY: Reverse Rootshell": [[40, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52437"}}
{"text": "iRZ Mobile Router - CSRF to RCE", "spans": {"SYSTEM: iRZ Mobile Router": [[0, 17]], "VULNERABILITY: CSRF": [[20, 24]]}, "info": {"source": "exploitdb", "exploit_id": "50832"}}
{"text": "KevinLAB BEMS 1.0 - Undocumented Backdoor Account", "spans": {"SYSTEM: KevinLAB BEMS 1.0": [[0, 17]], "VULNERABILITY: Undocumented Backdoor Account": [[20, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50145"}}
{"text": "Kramer VIAware - Remote Code Execution (RCE) (Root)", "spans": {"SYSTEM: Kramer VIAware": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50856"}}
{"text": "Kramer VIAware 2.5.0719.1034 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Kramer VIAware 2.5.0719.1034": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50848"}}
{"text": "KZTech T3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm", "spans": {"SYSTEM: KZTech T3500V 4G LTE CPE 2.0.1": [[0, 30]], "VULNERABILITY: Weak Default WiFi Password Algorithm": [[33, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49695"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Hard coded Credentials Shell Access": [[50, 85]]}, "info": {"source": "exploitdb", "exploit_id": "49682"}}
{"text": "Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)", "spans": {"SYSTEM: Maxima Max Pro Power": [[0, 20]], "VULNERABILITY: BLE Traffic Replay": [[23, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51850"}}
{"text": "Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection", "spans": {"SYSTEM: Microchip TimeProvider 4100 (Configuration modules) 2.4.6": [[0, 57]], "VULNERABILITY: Command Injection": [[63, 80]]}, "info": {"source": "exploitdb", "exploit_id": "52119"}}
{"text": "Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6": [[0, 69]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[72, 105]]}, "info": {"source": "exploitdb", "exploit_id": "52120"}}
{"text": "Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection", "spans": {"SYSTEM: Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6": [[0, 65]], "VULNERABILITY: SQL Injection": [[68, 81]]}, "info": {"source": "exploitdb", "exploit_id": "52122"}}
{"text": "Milesight Routers UR5X_ UR32L_ UR32_ UR35_ UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption", "spans": {"SYSTEM: Milesight Routers UR5X_ UR32L_ UR32_ UR35_ UR41": [[0, 47]], "VULNERABILITY: Credential Leakage Through Unprotected System Logs and Weak Password Encryption": [[50, 129]]}, "info": {"source": "exploitdb", "exploit_id": "51784"}}
{"text": "MiniDVBLinux 5.4  - Change Root Password", "spans": {"SYSTEM: MiniDVBLinux 5.4": [[0, 16]], "VULNERABILITY: Change Root Password": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51094"}}
{"text": "MiniDVBLinux 5.4  - Remote Root Command Injection", "spans": {"SYSTEM: MiniDVBLinux 5.4": [[0, 16]], "VULNERABILITY: Command Injection": [[32, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51096"}}
{"text": "MiniDVBLinux 5.4 - Arbitrary File Read", "spans": {"SYSTEM: MiniDVBLinux 5.4": [[0, 16]], "VULNERABILITY: Arbitrary File Read": [[19, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51097"}}
{"text": "MiniDVBLinux 5.4 - Unauthenticated Stream Disclosure", "spans": {"SYSTEM: MiniDVBLinux 5.4": [[0, 16]], "VULNERABILITY: Unauthenticated Stream Disclosure": [[19, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51095"}}
{"text": "MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution (RCE)", "spans": {"SYSTEM: MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP": [[0, 56]], "VULNERABILITY: Remote Code Execution (RCE)": [[59, 86]]}, "info": {"source": "exploitdb", "exploit_id": "51093"}}
{"text": "MiniDVBLinux <=5.4  - Config Download Exploit", "spans": {"SYSTEM: MiniDVBLinux <=5.4": [[0, 18]], "VULNERABILITY: Config Download Exploit": [[22, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51091"}}
{"text": "Mitrastar GPT-2541GNAC-N1 - Privilege escalation", "spans": {"SYSTEM: Mitrastar GPT-2541GNAC-N1": [[0, 25]], "VULNERABILITY: Privilege escalation": [[28, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50351"}}
{"text": "MSNSwitch Firmware MNT.2408 - Remote Code Execution", "spans": {"SYSTEM: MSNSwitch Firmware MNT.2408": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51027"}}
{"text": "mySCADA myPRO 7 - Hardcoded Credentials", "spans": {"SYSTEM: mySCADA myPRO 7": [[0, 15]], "VULNERABILITY: Hardcoded Credentials": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48620"}}
{"text": "Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Nexxt Router Firmware 42.103.1.5095": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51195"}}
{"text": "Nokia ASIKA 7.13.52 - Hard-coded private key disclosure", "spans": {"SYSTEM: Nokia ASIKA 7.13.52": [[0, 19]], "VULNERABILITY: Hard-coded private key disclosure": [[22, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51535"}}
{"text": "Omnia MPX 1.5.0+r1 - Path Traversal", "spans": {"SYSTEM: Omnia MPX 1.5.0+r1": [[0, 18]], "VULNERABILITY: Path Traversal": [[21, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50996"}}
{"text": "Optoma 1080PSTX Firmware C02 - Authentication Bypass", "spans": {"SYSTEM: Optoma 1080PSTX Firmware C02": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51444"}}
{"text": "Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Command Injection": [[51, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51306"}}
{"text": "Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Command Injection": [[54, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51300"}}
{"text": "Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Command Injection": [[48, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51301"}}
{"text": "Osprey Pump Controller 1.0.1 - Administrator Backdoor Access", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Administrator Backdoor Access": [[31, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51299"}}
{"text": "Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51303"}}
{"text": "Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Cross-Site Request Forgery": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51304"}}
{"text": "Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Predictable Session Token / Session Hijack": [[31, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51297"}}
{"text": "Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Unauthenticated File Disclosure": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51298"}}
{"text": "Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit", "spans": {"SYSTEM: Osprey Pump Controller 1.0.1": [[0, 28]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[31, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51305"}}
{"text": "Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS", "spans": {"SYSTEM: Osprey Pump Controller v1.0.1": [[0, 29]], "VULNERABILITY: XSS": [[58, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51302"}}
{"text": "pfsenseCE v2.6.0 - Anti-brute force protection bypass", "spans": {"SYSTEM: pfsenseCE v2.6.0": [[0, 16]], "VULNERABILITY: Anti-brute force protection bypass": [[19, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51352"}}
{"text": "Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass", "spans": {"SYSTEM: Positron Broadcast Signal Processor TRA7005 v1.20": [[0, 49]], "VULNERABILITY: Authentication Bypass": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51970"}}
{"text": "ProLink PRS1841 PLDT Home fiber - Default Password", "spans": {"SYSTEM: ProLink PRS1841 PLDT Home fiber": [[0, 31]], "VULNERABILITY: Default Password": [[34, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51158"}}
{"text": "R Radio Network FM Transmitter 1.07 system.cgi - Password Disclosure", "spans": {"SYSTEM: R Radio Network FM Transmitter 1.07 system.cgi": [[0, 46]], "VULNERABILITY: Password Disclosure": [[49, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51855"}}
{"text": "ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)", "spans": {"SYSTEM: ReyeeOS 1.204.1614": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51642"}}
{"text": "Ricoh Printer - Directory and File Exposure", "spans": {"SYSTEM: Ricoh Printer": [[0, 13]], "VULNERABILITY: Directory and File Exposure": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51755"}}
{"text": "Router ZTE-H108NS - Authentication Bypass", "spans": {"SYSTEM: Router ZTE-H108NS": [[0, 17]], "VULNERABILITY: Authentication Bypass": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51138"}}
{"text": "Ruijie Reyee Mesh Router - MITM Remote Code Execution (RCE)", "spans": {"SYSTEM: Ruijie Reyee Mesh Router": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51727"}}
{"text": "Ruijie Reyee Mesh Router - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Ruijie Reyee Mesh Router": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[27, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50930"}}
{"text": "Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Ruijie Switch PSG-5124 26293": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51888"}}
{"text": "Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem - 'Cable Haunt' Remote Code Execution", "spans": {"SYSTEM: Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem": [[0, 44]], "VULNERABILITY: Remote Code Execution": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "47936"}}
{"text": "Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10": [[0, 62]], "VULNERABILITY: Remote Code Execution (RCE)": [[65, 92]]}, "info": {"source": "exploitdb", "exploit_id": "50949"}}
{"text": "Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) - Remote Code Execution", "spans": {"SYSTEM: Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2)": [[0, 62]], "VULNERABILITY: Remote Code Execution": [[65, 86]]}, "info": {"source": "exploitdb", "exploit_id": "50987"}}
{"text": "Schneider Electric v1.0 - Directory traversal & Broken Authentication", "spans": {"SYSTEM: Schneider Electric v1.0": [[0, 23]], "VULNERABILITY: Directory traversal & Broken Authentication": [[26, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51320"}}
{"text": "Screen SFT DAB 600/C - Authentication Bypass Account Creation", "spans": {"SYSTEM: Screen SFT DAB 600/C": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51455"}}
{"text": "Screen SFT DAB 600/C - Authentication Bypass Admin Password Change", "spans": {"SYSTEM: Screen SFT DAB 600/C": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51458"}}
{"text": "Screen SFT DAB 600/C - Authentication Bypass Erase Account", "spans": {"SYSTEM: Screen SFT DAB 600/C": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51457"}}
{"text": "Screen SFT DAB 600/C - Authentication Bypass Password Change", "spans": {"SYSTEM: Screen SFT DAB 600/C": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51456"}}
{"text": "Screen SFT DAB 600/C - Authentication Bypass Reset Board Config", "spans": {"SYSTEM: Screen SFT DAB 600/C": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51459"}}
{"text": "Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)", "spans": {"SYSTEM: Screen SFT DAB 600/C": [[0, 20]], "VULNERABILITY: Information Disclosure": [[39, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51460"}}
{"text": "SDT-CW3B1 1.1.0 - OS Command Injection", "spans": {"SYSTEM: SDT-CW3B1 1.1.0": [[0, 15]], "VULNERABILITY: Command Injection": [[21, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50936"}}
{"text": "Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)", "spans": {"SYSTEM: Seagate Central Storage 2015.0916": [[0, 33]], "VULNERABILITY: Remote Command Execution": [[52, 76]], "TOOL: Metasploit": [[78, 88]]}, "info": {"source": "exploitdb", "exploit_id": "51487"}}
{"text": "Seowon SLR-120 Router - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Seowon SLR-120 Router": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50821"}}
{"text": "Shelly PRO 4PM v0.11.0 - Authentication Bypass", "spans": {"SYSTEM: Shelly PRO 4PM v0.11.0": [[0, 22]], "VULNERABILITY: Authentication Bypass": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51657"}}
{"text": "Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation", "spans": {"SYSTEM: Sielco Analog FM Transmitter 2.12": [[0, 33]], "VULNERABILITY: Privilege Escalation": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51366"}}
{"text": "Siklu MultiHaul TG series < 2.0.0 - unauthenticated credential disclosure", "spans": {"SYSTEM: Siklu MultiHaul TG series < 2.0.0": [[0, 33]], "VULNERABILITY: unauthenticated credential disclosure": [[36, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51932"}}
{"text": "SmartRG Router SR510n 2.6.13 - Remote Code Execution", "spans": {"SYSTEM: SmartRG Router SR510n 2.6.13": [[0, 28]], "VULNERABILITY: Remote Code Execution": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51031"}}
{"text": "SolarView Compact 6.0 - OS Command Injection", "spans": {"SYSTEM: SolarView Compact 6.0": [[0, 21]], "VULNERABILITY: Command Injection": [[27, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50940"}}
{"text": "SolarView Compact 6.00 - Command Injection", "spans": {"SYSTEM: SolarView Compact 6.00": [[0, 22]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51886"}}
{"text": "SolarView Compact 6.00 - Directory Traversal", "spans": {"SYSTEM: SolarView Compact 6.00": [[0, 22]], "VULNERABILITY: Directory Traversal": [[25, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50950"}}
{"text": "Sony IPELA Network Camera 1.82.01 - 'ftpclient.cgi' Remote Stack Buffer Overflow", "spans": {"SYSTEM: Sony IPELA Network Camera 1.82.01": [[0, 33]], "VULNERABILITY: Buffer Overflow": [[65, 80]]}, "info": {"source": "exploitdb", "exploit_id": "48842"}}
{"text": "SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow", "spans": {"SYSTEM: SOUND4 LinkAndShare Transmitter 1.1.2": [[0, 37]], "VULNERABILITY: Buffer Overflow": [[60, 75]]}, "info": {"source": "exploitdb", "exploit_id": "51259"}}
{"text": "Synology DiskStation Manager - smart.cgi Remote Command Execution (Metasploit)", "spans": {"SYSTEM: Synology DiskStation Manager": [[0, 28]], "VULNERABILITY: Remote Command Execution": [[41, 65]], "TOOL: Metasploit": [[67, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48514"}}
{"text": "Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access", "spans": {"SYSTEM: Tapo C310 RTSP server v1.3.0": [[0, 28]], "VULNERABILITY: Unauthorised Video Stream Access": [[31, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51107"}}
{"text": "Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities", "spans": {"SYSTEM: Techview LA-5570 Wireless Gateway Home Automation Controller": [[0, 60]], "VULNERABILITY: Multiple Vulnerabilities": [[63, 87]]}, "info": {"source": "exploitdb", "exploit_id": "51720"}}
{"text": "Telesquare SDT-CW3B1 1.1.0 - OS Command Injection", "spans": {"SYSTEM: Telesquare SDT-CW3B1 1.1.0": [[0, 26]], "VULNERABILITY: Command Injection": [[32, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50948"}}
{"text": "TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure", "spans": {"SYSTEM: TELSAT marKoni FM Transmitter 1.9.5": [[0, 35]], "VULNERABILITY: Information Disclosure": [[55, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51907"}}
{"text": "TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password", "spans": {"SYSTEM: TELSAT marKoni FM Transmitter 1.9.5": [[0, 35]], "VULNERABILITY: Insecure Access Control Change Password": [[38, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51908"}}
{"text": "TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection", "spans": {"SYSTEM: TELSAT marKoni FM Transmitter 1.9.5": [[0, 35]], "VULNERABILITY: Command Injection": [[43, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51906"}}
{"text": "TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution", "spans": {"SYSTEM: TEM Opera Plus FM Family Transmitter 35.45": [[0, 42]], "VULNERABILITY: Remote Code Execution": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51827"}}
{"text": "TEM Opera Plus FM Family Transmitter 35.45 - XSRF", "spans": {"SYSTEM: TEM Opera Plus FM Family Transmitter 35.45": [[0, 42]], "VULNERABILITY: XSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51828"}}
{"text": "Tenda D151 & D301 - Configuration Download (Unauthenticated)", "spans": {"SYSTEM: Tenda D151 & D301": [[0, 17]], "VULNERABILITY: Configuration Download": [[20, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49782"}}
{"text": "Tenda HG6 v3.3.0 - Remote Command Injection", "spans": {"SYSTEM: Tenda HG6 v3.3.0": [[0, 16]], "VULNERABILITY: Command Injection": [[26, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50916"}}
{"text": "Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing", "spans": {"SYSTEM: Tenda N300 F3 12.01.01.48": [[0, 25]], "VULNERABILITY: Malformed HTTP Request Header Processing": [[28, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51317"}}
{"text": "Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Admin Password Change", "spans": {"SYSTEM: Tinycontrol LAN Controller v3 (LK3) 1.58a": [[0, 41]], "VULNERABILITY: Remote Admin Password Change": [[44, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51732"}}
{"text": "Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Credentials Extraction", "spans": {"SYSTEM: Tinycontrol LAN Controller v3 (LK3) 1.58a": [[0, 41]], "VULNERABILITY: Remote Credentials Extraction": [[44, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51731"}}
{"text": "TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution", "spans": {"SYSTEM: TitanNit Web Control 2.01 / Atemio 7600": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51853"}}
{"text": "TP-Link Archer AX21 - Unauthenticated Command Injection", "spans": {"SYSTEM: TP-Link Archer AX21": [[0, 19]], "VULNERABILITY: Command Injection": [[38, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51677"}}
{"text": "TP-Link Router AX50 firmware 210730 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: TP-Link Router AX50 firmware 210730": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50962"}}
{"text": "TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: TP-Link TL-WR902AC firmware 210730 (V3)": [[0, 39]], "VULNERABILITY: Remote Code Execution (RCE)": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51192"}}
{"text": "TP-Link WDR4300 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: TP-Link WDR4300": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48994"}}
{"text": "TPC-110W - Missing Authentication for Critical Function", "spans": {"SYSTEM: TPC-110W": [[0, 8]], "VULNERABILITY: Missing Authentication for Critical Function": [[11, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51846"}}
{"text": "USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor", "spans": {"SYSTEM: USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36": [[0, 52]], "VULNERABILITY: Remote Root Backdoor": [[55, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50894"}}
{"text": "Verizon 4G LTE Network Extender - Weak Credentials Algorithm", "spans": {"SYSTEM: Verizon 4G LTE Network Extender": [[0, 31]], "VULNERABILITY: Weak Credentials Algorithm": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50875"}}
{"text": "Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Viessmann Vitogate 300 2.1.3.0": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51887"}}
{"text": "WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation", "spans": {"SYSTEM: WAGO 750-8212 PFC200 G2 2ETH RS": [[0, 31]], "VULNERABILITY: Privilege Escalation": [[34, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50793"}}
{"text": "WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated RCE", "spans": {"SYSTEM: WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4)": [[0, 45]], "VULNERABILITY: RCE": [[62, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51311"}}
{"text": "Zyxel NWA-1100-NH - Command Injection", "spans": {"SYSTEM: Zyxel NWA-1100-NH": [[0, 17]], "VULNERABILITY: Command Injection": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50870"}}
{"text": "Zyxel USG FLEX 5.21 - OS Command Injection", "spans": {"SYSTEM: Zyxel USG FLEX 5.21": [[0, 19]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50946"}}
{"text": "Zyxel zysh - Format string", "spans": {"SYSTEM: Zyxel zysh": [[0, 10]], "VULNERABILITY: Format string": [[13, 26]]}, "info": {"source": "exploitdb", "exploit_id": "51786"}}
{"text": "ABB FlowX v4.00 - Exposure of Sensitive Information", "spans": {"SYSTEM: ABB FlowX v4.00": [[0, 15]], "VULNERABILITY: Exposure of Sensitive Information": [[18, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51603"}}
{"text": "Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Adtran Personal Phone Manager 10.8.1": [[0, 36]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[54, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49785"}}
{"text": "Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Adtran Personal Phone Manager 10.8.1": [[0, 36]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[50, 86]]}, "info": {"source": "exploitdb", "exploit_id": "49786"}}
{"text": "Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration", "spans": {"SYSTEM: Adtran Personal Phone Manager 10.8.1": [[0, 36]], "VULNERABILITY: DNS Exfiltration": [[39, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49787"}}
{"text": "AirControl 1.4.2 - PreAuth Remote Code Execution", "spans": {"SYSTEM: AirControl 1.4.2": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48541"}}
{"text": "AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: AKCP sensorProbe SPX476": [[0, 23]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[37, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50080"}}
{"text": "All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: All-Dynamics Digital Signage System 2.0.2": [[0, 41]], "VULNERABILITY: Cross-Site Request Forgery": [[44, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48736"}}
{"text": "Altenergy Power Control Software C1.2.5 - OS command injection", "spans": {"SYSTEM: Altenergy Power Control Software C1.2.5": [[0, 39]], "VULNERABILITY: OS command injection": [[42, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51325"}}
{"text": "Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure", "spans": {"SYSTEM: Aptina AR0130 960P 1.3MP Camera": [[0, 31]], "VULNERABILITY: Remote Configuration Disclosure": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48127"}}
{"text": "Aquatronica Control System 5.1.6 - Information Disclosure", "spans": {"SYSTEM: Aquatronica Control System 5.1.6": [[0, 32]], "VULNERABILITY: Information Disclosure": [[35, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52028"}}
{"text": "Artica Proxy 4.3.0 - Authentication Bypass", "spans": {"SYSTEM: Artica Proxy 4.3.0": [[0, 18]], "VULNERABILITY: Authentication Bypass": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48744"}}
{"text": "ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)", "spans": {"SYSTEM: ASUS TM-AC1900": [[0, 14]], "VULNERABILITY: Arbitrary Command Execution": [[17, 44]], "TOOL: Metasploit": [[46, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49036"}}
{"text": "Ateme TITAN File 3.9 - SSRF File Enumeration", "spans": {"SYSTEM: Ateme TITAN File 3.9": [[0, 20]], "VULNERABILITY: SSRF": [[23, 27]]}, "info": {"source": "exploitdb", "exploit_id": "51582"}}
{"text": "ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure", "spans": {"SYSTEM: ATX MiniCMTS200a Broadband Gateway 2.0": [[0, 38]], "VULNERABILITY: Credential Disclosure": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49124"}}
{"text": "Avaya Aura Communication Manager 5.2 - Remote Code Execution", "spans": {"SYSTEM: Avaya Aura Communication Manager 5.2": [[0, 36]], "VULNERABILITY: Remote Code Execution": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48077"}}
{"text": "Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: Avaya IP Office Application Server 11.0.0.0": [[0, 43]], "VULNERABILITY: Cross-Site Scripting": [[57, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48105"}}
{"text": "Black Box Kvm Extender 3.4.31307 - Local File Inclusion", "spans": {"SYSTEM: Black Box Kvm Extender 3.4.31307": [[0, 32]], "VULNERABILITY: Local File Inclusion": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50100"}}
{"text": "BrightSign Digital Signage Diagnostic Web Server 8.2.26 - File Delete Path Traversal", "spans": {"SYSTEM: BrightSign Digital Signage Diagnostic Web Server 8.2.26": [[0, 55]], "VULNERABILITY: Path Traversal": [[70, 84]]}, "info": {"source": "exploitdb", "exploit_id": "48844"}}
{"text": "BrightSign Digital Signage Diagnostic Web Server 8.2.26 - Server-Side Request Forgery (Unauthenticated)", "spans": {"SYSTEM: BrightSign Digital Signage Diagnostic Web Server 8.2.26": [[0, 55]], "VULNERABILITY: Server-Side Request Forgery": [[58, 85]]}, "info": {"source": "exploitdb", "exploit_id": "48843"}}
{"text": "BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)", "spans": {"SYSTEM: BSA Radar 1.6.7234.24750": [[0, 24]], "VULNERABILITY: Cross-Site Request Forgery": [[27, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48653"}}
{"text": "Buffalo TeraStation Network Attached Storage (NAS) 1.66 - Authentication Bypass", "spans": {"SYSTEM: Buffalo TeraStation Network Attached Storage (NAS) 1.66": [[0, 55]], "VULNERABILITY: Authentication Bypass": [[58, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51012"}}
{"text": "Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal", "spans": {"SYSTEM: Carel pCOWeb HVAC BACnet Gateway 2.1.0": [[0, 38]], "VULNERABILITY: Directory Traversal": [[41, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50986"}}
{"text": "Check Point Security Gateway - Information Disclosure (Unauthenticated)", "spans": {"SYSTEM: Check Point Security Gateway": [[0, 28]], "VULNERABILITY: Information Disclosure": [[31, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52029"}}
{"text": "CHIYU IoT Devices - Denial of Service (DoS)", "spans": {"SYSTEM: CHIYU IoT Devices": [[0, 17]], "VULNERABILITY: Denial of Service (DoS)": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49937"}}
{"text": "Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion", "spans": {"SYSTEM: Cisco Adaptive Security Appliance Software 9.11": [[0, 47]], "VULNERABILITY: Local File Inclusion": [[50, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48722"}}
{"text": "Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion", "spans": {"SYSTEM: Cisco Adaptive Security Appliance Software 9.7": [[0, 46]], "VULNERABILITY: Arbitrary File Deletion": [[65, 88]]}, "info": {"source": "exploitdb", "exploit_id": "48723"}}
{"text": "Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)", "spans": {"SYSTEM: Cisco ASA 9.14.1.10 and FTD 6.6.0.1": [[0, 35]], "VULNERABILITY: Path Traversal": [[38, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49262"}}
{"text": "Cisco ASA and FTD 9.6.4.42 - Path Traversal", "spans": {"SYSTEM: Cisco ASA and FTD 9.6.4.42": [[0, 26]], "VULNERABILITY: Path Traversal": [[29, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48871"}}
{"text": "Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE", "spans": {"SYSTEM: Cisco Firepower Management Center < 6.6.7.1": [[0, 43]], "VULNERABILITY: RCE": [[60, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51881"}}
{"text": "Cisco UCS Manager 2.2(1d) - Remote Command Execution", "spans": {"SYSTEM: Cisco UCS Manager 2.2(1d)": [[0, 25]], "VULNERABILITY: Remote Command Execution": [[28, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49436"}}
{"text": "Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass", "spans": {"SYSTEM: Cisco UCS-IMC Supervisor 2.2.0.0": [[0, 32]], "VULNERABILITY: Authentication Bypass": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51589"}}
{"text": "Citrix ADC NetScaler - Local File Inclusion (Metasploit)", "spans": {"SYSTEM: Citrix ADC NetScaler": [[0, 20]], "VULNERABILITY: Local File Inclusion": [[23, 43]], "TOOL: Metasploit": [[45, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49038"}}
{"text": "COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass", "spans": {"SYSTEM: COMMAX Biometric Access Control System 1.0.0": [[0, 44]], "VULNERABILITY: Authentication Bypass": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50206"}}
{"text": "COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure", "spans": {"SYSTEM: COMMAX CVD-Axx DVR 5.1.4": [[0, 24]], "VULNERABILITY: Weak Default Credentials Stream Disclosure": [[27, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50210"}}
{"text": "COMMAX Smart Home IoT Control System CDP-1020n - SQL Injection Authentication Bypass", "spans": {"SYSTEM: COMMAX Smart Home IoT Control System CDP-1020n": [[0, 46]], "VULNERABILITY: Authentication Bypass": [[63, 84]]}, "info": {"source": "exploitdb", "exploit_id": "50207"}}
{"text": "COMMAX Smart Home Ruvie CCTV Bridge DVR Service - Config Write / DoS (Unauthenticated)", "spans": {"SYSTEM: COMMAX Smart Home Ruvie CCTV Bridge DVR Service": [[0, 47]], "VULNERABILITY: Config Write / DoS": [[50, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50209"}}
{"text": "COMMAX Smart Home Ruvie CCTV Bridge DVR Service - RTSP Credentials Disclosure", "spans": {"SYSTEM: COMMAX Smart Home Ruvie CCTV Bridge DVR Service": [[0, 47]], "VULNERABILITY: RTSP Credentials Disclosure": [[50, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50208"}}
{"text": "COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNC_Ctrl.dll' Heap Buffer Overflow", "spans": {"SYSTEM: COMMAX UMS Client ActiveX Control 1.7.0.2": [[0, 41]], "VULNERABILITY: Buffer Overflow": [[64, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50232"}}
{"text": "COMMAX WebViewer ActiveX Control 2.1.4.5 - 'Commax_WebViewer.ocx' Buffer Overflow", "spans": {"SYSTEM: COMMAX WebViewer ActiveX Control 2.1.4.5": [[0, 40]], "VULNERABILITY: Buffer Overflow": [[66, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50231"}}
{"text": "Compro Technology IP Camera - ' index_MJpeg.cgi' Stream Disclosure", "spans": {"SYSTEM: Compro Technology IP Camera": [[0, 27]], "VULNERABILITY: Stream Disclosure": [[49, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50253"}}
{"text": "Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure", "spans": {"SYSTEM: Compro Technology IP Camera": [[0, 27]], "VULNERABILITY: Screenshot Disclosure": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50254"}}
{"text": "Compro Technology IP Camera - 'killps.cgi' Denial of Service (DoS)", "spans": {"SYSTEM: Compro Technology IP Camera": [[0, 27]], "VULNERABILITY: Denial of Service (DoS)": [[43, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50250"}}
{"text": "Compro Technology IP Camera - 'Multiple' Credential Disclosure", "spans": {"SYSTEM: Compro Technology IP Camera": [[0, 27]], "VULNERABILITY: Credential Disclosure": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50252"}}
{"text": "Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated)", "spans": {"SYSTEM: Compro Technology IP Camera": [[0, 27]], "VULNERABILITY: RTSP stream disclosure": [[30, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50251"}}
{"text": "Comtrend AR-5387un router - Persistent XSS (Authenticated)", "spans": {"SYSTEM: Comtrend AR-5387un router": [[0, 25]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48908"}}
{"text": "Comtrend VR-3033 - Command Injection", "spans": {"SYSTEM: Comtrend VR-3033": [[0, 16]], "VULNERABILITY: Command Injection": [[19, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48142"}}
{"text": "Creston Web Interface 1.0.0.2159 - Credential Disclosure", "spans": {"SYSTEM: Creston Web Interface 1.0.0.2159": [[0, 32]], "VULNERABILITY: Credential Disclosure": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50675"}}
{"text": "D-Link DAP-1325 - Broken Access Control", "spans": {"SYSTEM: D-Link DAP-1325": [[0, 15]], "VULNERABILITY: Broken Access Control": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51556"}}
{"text": "D-Link DIR-615 T1 20.10 - CAPTCHA Bypass", "spans": {"SYSTEM: D-Link DIR-615 T1 20.10": [[0, 23]], "VULNERABILITY: CAPTCHA Bypass": [[26, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48551"}}
{"text": "D-Link DSR-250N 3.12 - Denial of Service (PoC)", "spans": {"SYSTEM: D-Link DSR-250N 3.12": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48863"}}
{"text": "Dbltek GoIP - Local File Inclusion", "spans": {"SYSTEM: Dbltek GoIP": [[0, 11]], "VULNERABILITY: Local File Inclusion": [[14, 34]]}, "info": {"source": "exploitdb", "exploit_id": "50775"}}
{"text": "DBPower C300 HD Camera - Remote Configuration Disclosure", "spans": {"SYSTEM: DBPower C300 HD Camera": [[0, 22]], "VULNERABILITY: Remote Configuration Disclosure": [[25, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48095"}}
{"text": "Denver IP Camera SHO-110 - Unauthenticated Snapshot", "spans": {"SYSTEM: Denver IP Camera SHO-110": [[0, 24]], "VULNERABILITY: Unauthenticated Snapshot": [[27, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50162"}}
{"text": "Dingtian-DT-R002 3.1.276A - Authentication Bypass", "spans": {"SYSTEM: Dingtian-DT-R002 3.1.276A": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50984"}}
{"text": "DLINK DPH-400SE - Exposure of Sensitive Information", "spans": {"SYSTEM: DLINK DPH-400SE": [[0, 15]], "VULNERABILITY: Exposure of Sensitive Information": [[18, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51709"}}
{"text": "Draytek VigorAP 1000C - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Draytek VigorAP 1000C": [[0, 21]], "VULNERABILITY: Persistent Cross-Site Scripting": [[24, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48436"}}
{"text": "Eaton Intelligent Power Manager 1.6 - Directory Traversal", "spans": {"SYSTEM: Eaton Intelligent Power Manager 1.6": [[0, 35]], "VULNERABILITY: Directory Traversal": [[38, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48614"}}
{"text": "ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: CSRF": [[73, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50278"}}
{"text": "ECOA Building Automation System - Arbitrary File Deletion", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Arbitrary File Deletion": [[34, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50286"}}
{"text": "ECOA Building Automation System - Configuration Download Information Disclosure", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Information Disclosure": [[57, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50280"}}
{"text": "ECOA Building Automation System - Cookie Poisoning Authentication Bypass", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50279"}}
{"text": "ECOA Building Automation System - Directory Traversal Content Disclosure", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Directory Traversal": [[34, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50277"}}
{"text": "ECOA Building Automation System - Local File Disclosure", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Local File Disclosure": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50285"}}
{"text": "ECOA Building Automation System - Path Traversal Arbitrary File Upload", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Path Traversal": [[34, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50276"}}
{"text": "ECOA Building Automation System - Remote Privilege Escalation", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Privilege Escalation": [[41, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50284"}}
{"text": "ECOA Building Automation System - Weak Default Credentials", "spans": {"SYSTEM: ECOA Building Automation System": [[0, 31]], "VULNERABILITY: Weak Default Credentials": [[34, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50275"}}
{"text": "Edimax EW-7438RPn - Cross-Site Request Forgery (MAC Filtering)", "spans": {"SYSTEM: Edimax EW-7438RPn": [[0, 17]], "VULNERABILITY: Cross-Site Request Forgery": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48366"}}
{"text": "Edimax EW-7438RPn - Information Disclosure (WiFi Password)", "spans": {"SYSTEM: Edimax EW-7438RPn": [[0, 17]], "VULNERABILITY: Information Disclosure": [[20, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48365"}}
{"text": "Edimax EW-7438RPn 1.13 - Remote Code Execution", "spans": {"SYSTEM: Edimax EW-7438RPn 1.13": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48377"}}
{"text": "Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution", "spans": {"SYSTEM: Edimax Technology EW-7438RPn-v3 Mini 1.27": [[0, 41]], "VULNERABILITY: Remote Code Execution": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48318"}}
{"text": "Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass", "spans": {"SYSTEM: Eibiz i-Media Server Digital Signage 3.8.0": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48763"}}
{"text": "Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure", "spans": {"SYSTEM: Eibiz i-Media Server Digital Signage 3.8.0": [[0, 42]], "VULNERABILITY: Configuration Disclosure": [[45, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48764"}}
{"text": "Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation", "spans": {"SYSTEM: Eibiz i-Media Server Digital Signage 3.8.0": [[0, 42]], "VULNERABILITY: Privilege Escalation": [[45, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48774"}}
{"text": "Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass", "spans": {"SYSTEM: Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0": [[0, 53]], "VULNERABILITY: Authentication Bypass": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52004"}}
{"text": "Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass", "spans": {"SYSTEM: Elber ESE DVB-S/S2 Satellite Receiver 1.5.x": [[0, 43]], "VULNERABILITY: Authentication Bypass": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "52069"}}
{"text": "Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config", "spans": {"SYSTEM: Elber ESE DVB-S/S2 Satellite Receiver 1.5.x": [[0, 43]], "VULNERABILITY: Device Config": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52070"}}
{"text": "Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass", "spans": {"SYSTEM: Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link": [[0, 51]], "VULNERABILITY: Authentication Bypass": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "52006"}}
{"text": "Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure", "spans": {"SYSTEM: Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link": [[0, 51]], "VULNERABILITY: Device Config Disclosure": [[54, 78]]}, "info": {"source": "exploitdb", "exploit_id": "52007"}}
{"text": "Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass", "spans": {"SYSTEM: Elber Signum DVB-S/S2 IRD For Radio Networks 1.999": [[0, 50]], "VULNERABILITY: Authentication Bypass": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52002"}}
{"text": "Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure", "spans": {"SYSTEM: Elber Signum DVB-S/S2 IRD For Radio Networks 1.999": [[0, 50]], "VULNERABILITY: Device Config Disclosure": [[53, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52003"}}
{"text": "Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass", "spans": {"SYSTEM: Elber Wayber Analog/Digital Audio STL 4.00": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "52071"}}
{"text": "Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure", "spans": {"SYSTEM: Elber Wayber Analog/Digital Audio STL 4.00": [[0, 42]], "VULNERABILITY: Device Config Disclosure": [[45, 69]]}, "info": {"source": "exploitdb", "exploit_id": "52072"}}
{"text": "Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure", "spans": {"SYSTEM: Electrolink FM/DAB/TV Transmitter (controlloLogin.js)": [[0, 53]], "VULNERABILITY: Credentials Disclosure": [[56, 78]]}, "info": {"source": "exploitdb", "exploit_id": "51771"}}
{"text": "Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass", "spans": {"SYSTEM: Electrolink FM/DAB/TV Transmitter (Login Cookie)": [[0, 48]], "VULNERABILITY: Authentication Bypass": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51772"}}
{"text": "Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure", "spans": {"SYSTEM: Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm)": [[0, 54]], "VULNERABILITY: Credentials Disclosure": [[57, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51770"}}
{"text": "Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution", "spans": {"SYSTEM: Electrolink FM/DAB/TV Transmitter": [[0, 33]], "VULNERABILITY: Remote Code Execution": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51775"}}
{"text": "Electrolink FM/DAB/TV Transmitter - Remote Authentication Removal", "spans": {"SYSTEM: Electrolink FM/DAB/TV Transmitter": [[0, 33]], "VULNERABILITY: Remote Authentication Removal": [[36, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51773"}}
{"text": "ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure", "spans": {"SYSTEM: ESCAM QD-900 WIFI HD Camera": [[0, 27]], "VULNERABILITY: Remote Configuration Disclosure": [[30, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48107"}}
{"text": "F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion", "spans": {"SYSTEM: F5 Big-IP 13.1.3 Build 0.0.6": [[0, 28]], "VULNERABILITY: Local File Inclusion": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48711"}}
{"text": "F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: F5 BIG-IP 16.0.x": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49738"}}
{"text": "FatPipe Networks WARP 10.2.2 - Authorization Bypass", "spans": {"SYSTEM: FatPipe Networks WARP 10.2.2": [[0, 28]], "VULNERABILITY: Authorization Bypass": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50339"}}
{"text": "FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2": [[0, 40]], "VULNERABILITY: CSRF": [[83, 87]]}, "info": {"source": "exploitdb", "exploit_id": "50338"}}
{"text": "FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Config Download (Unauthenticated)", "spans": {"SYSTEM: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2": [[0, 40]], "VULNERABILITY: Config Download": [[43, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50340"}}
{"text": "FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Hidden Backdoor Account (Write Access)", "spans": {"SYSTEM: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2": [[0, 40]], "VULNERABILITY: Hidden Backdoor Account": [[43, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50341"}}
{"text": "FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Remote Privilege Escalation", "spans": {"SYSTEM: FatPipe Networks WARP/IPVPN/MPVPN 10.2.2": [[0, 40]], "VULNERABILITY: Privilege Escalation": [[50, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50342"}}
{"text": "Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Fifthplay S.A.M.I 2019.2_HP": [[0, 27]], "VULNERABILITY: Persistent Cross-Site Scripting": [[30, 61]]}, "info": {"source": "exploitdb", "exploit_id": "47979"}}
{"text": "FLIR AX8 1.46.16  - Remote Command Injection", "spans": {"SYSTEM: FLIR AX8 1.46.16": [[0, 16]], "VULNERABILITY: Command Injection": [[27, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52240"}}
{"text": "Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification", "spans": {"SYSTEM: Fortinet FortiOS 6.0.4": [[0, 22]], "VULNERABILITY: Unauthenticated SSL VPN User Password Modification": [[25, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49074"}}
{"text": "Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE", "spans": {"SYSTEM: Genexis PLATINUM 4410 2.1 P4410-V2-1.28": [[0, 39]], "VULNERABILITY: RCE": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49764"}}
{"text": "Genexis Platinum-4410 - 'SSID' Persistent XSS", "spans": {"SYSTEM: Genexis Platinum-4410": [[0, 21]], "VULNERABILITY: XSS": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48948"}}
{"text": "Genexis Platinum-4410 2.1 - Authentication Bypass", "spans": {"SYSTEM: Genexis Platinum-4410 2.1": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47961"}}
{"text": "Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF", "spans": {"SYSTEM: Genexis Platinum-4410 P4410-V2-1.28": [[0, 35]], "VULNERABILITY: CSRF": [[64, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49000"}}
{"text": "Genexis Platinum-4410 P4410-V2-1.28 - Cross Site Request Forgery to Reboot", "spans": {"SYSTEM: Genexis Platinum-4410 P4410-V2-1.28": [[0, 35]], "VULNERABILITY: Cross Site Request Forgery to Reboot": [[38, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48972"}}
{"text": "Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Genexis Platinum-4410 P4410-V2-1.31A": [[0, 36]], "VULNERABILITY: Persistent Cross-Site Scripting": [[52, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49709"}}
{"text": "GeoVision Camera GV-ADR2701 - Authentication Bypass", "spans": {"SYSTEM: GeoVision Camera GV-ADR2701": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51179"}}
{"text": "GeoVision Geowebserver 5.3.3 - Local FIle Inclusion", "spans": {"SYSTEM: GeoVision Geowebserver 5.3.3": [[0, 28]], "VULNERABILITY: Local FIle Inclusion": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50211"}}
{"text": "GLiNet - Router Authentication Bypass", "spans": {"SYSTEM: GLiNet": [[0, 6]], "VULNERABILITY: Authentication Bypass": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51865"}}
{"text": "Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection", "spans": {"SYSTEM: Grandstream UCM6200 Series CTI Interface": [[0, 40]], "VULNERABILITY: SQL Injection": [[59, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48270"}}
{"text": "Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection", "spans": {"SYSTEM: Grandstream UCM6200 Series WebSocket 1.0.20.20": [[0, 46]], "VULNERABILITY: SQL Injection": [[65, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48271"}}
{"text": "Hikvision Web Server Build 210702 - Command Injection", "spans": {"SYSTEM: Hikvision Web Server Build 210702": [[0, 33]], "VULNERABILITY: Command Injection": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50441"}}
{"text": "HiSecOS 04.0.01 - Privilege Escalation", "spans": {"SYSTEM: HiSecOS 04.0.01": [[0, 15]], "VULNERABILITY: Privilege Escalation": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51537"}}
{"text": "HiSilicon Video Encoders - Full admin access via backdoor password", "spans": {"SYSTEM: HiSilicon Video Encoders": [[0, 24]], "VULNERABILITY: Full admin access via backdoor password": [[27, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48902"}}
{"text": "HiSilicon Video Encoders - RCE via unauthenticated command injection", "spans": {"SYSTEM: HiSilicon Video Encoders": [[0, 24]], "VULNERABILITY: RCE": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "48900"}}
{"text": "HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware", "spans": {"SYSTEM: HiSilicon video encoders": [[0, 24]], "VULNERABILITY: RCE": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "48901"}}
{"text": "HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal", "spans": {"SYSTEM: HiSilicon Video Encoders": [[0, 24]], "VULNERABILITY: Unauthenticated file disclosure via path traversal": [[27, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48899"}}
{"text": "HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)", "spans": {"SYSTEM: HiSilicon Video Encoders": [[0, 24]], "VULNERABILITY: Unauthenticated RTSP buffer overflow": [[27, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48903"}}
{"text": "Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR", "spans": {"SYSTEM: Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01": [[0, 79]], "VULNERABILITY: IDOR": [[82, 86]]}, "info": {"source": "exploitdb", "exploit_id": "51872"}}
{"text": "HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: HP OfficeJet 4630/7110 MYM1FN2025AR/2117A": [[0, 41]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[44, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50227"}}
{"text": "Huawei DG8045 Router 1.0 - Credential Disclosure", "spans": {"SYSTEM: Huawei DG8045 Router 1.0": [[0, 24]], "VULNERABILITY: Credential Disclosure": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50701"}}
{"text": "Huawei HG255 - Directory Traversal (Metasploit)", "spans": {"SYSTEM: Huawei HG255": [[0, 12]], "VULNERABILITY: Directory Traversal": [[15, 34]], "TOOL: Metasploit": [[36, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47923"}}
{"text": "Huawei HG630 2 Router - Authentication Bypass", "spans": {"SYSTEM: Huawei HG630 2 Router": [[0, 21]], "VULNERABILITY: Authentication Bypass": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48310"}}
{"text": "HughesNet HT2000W Satellite Modem - Password Reset", "spans": {"SYSTEM: HughesNet HT2000W Satellite Modem": [[0, 33]], "VULNERABILITY: Password Reset": [[36, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52073"}}
{"text": "I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure", "spans": {"SYSTEM: I6032B-P POE 2.0MP Outdoor Camera": [[0, 33]], "VULNERABILITY: Remote Configuration Disclosure": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48118"}}
{"text": "iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)", "spans": {"SYSTEM: iBall-Baton WRA150N Rom-0 Backup": [[0, 32]], "VULNERABILITY: File Disclosure": [[35, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49386"}}
{"text": "IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal", "spans": {"SYSTEM: IBM InfoPrint 4247-Z03 Impact Matrix Printer": [[0, 44]], "VULNERABILITY: Directory Traversal": [[47, 66]]}, "info": {"source": "exploitdb", "exploit_id": "47835"}}
{"text": "IBM RICOH 6400 Printer - HTML Injection", "spans": {"SYSTEM: IBM RICOH 6400 Printer": [[0, 22]], "VULNERABILITY: HTML Injection": [[25, 39]]}, "info": {"source": "exploitdb", "exploit_id": "47918"}}
{"text": "IBM RICOH Infoprint 1532 Printer - Persistent Cross-Site Scripting", "spans": {"SYSTEM: IBM RICOH Infoprint 1532 Printer": [[0, 32]], "VULNERABILITY: Persistent Cross-Site Scripting": [[35, 66]]}, "info": {"source": "exploitdb", "exploit_id": "47850"}}
{"text": "IBM RICOH InfoPrint 6500 Printer - HTML Injection", "spans": {"SYSTEM: IBM RICOH InfoPrint 6500 Printer": [[0, 32]], "VULNERABILITY: HTML Injection": [[35, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47917"}}
{"text": "iDS6 DSSPro Digital Signage System 6.2 - CAPTCHA Security Bypass", "spans": {"SYSTEM: iDS6 DSSPro Digital Signage System 6.2": [[0, 38]], "VULNERABILITY: CAPTCHA Security Bypass": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48991"}}
{"text": "iDS6 DSSPro Digital Signage System 6.2 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: iDS6 DSSPro Digital Signage System 6.2": [[0, 38]], "VULNERABILITY: CSRF": [[69, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48990"}}
{"text": "iDS6 DSSPro Digital Signage System 6.2 - Improper Access Control Privilege Escalation", "spans": {"SYSTEM: iDS6 DSSPro Digital Signage System 6.2": [[0, 38]], "VULNERABILITY: Privilege Escalation": [[65, 85]]}, "info": {"source": "exploitdb", "exploit_id": "48992"}}
{"text": "Intelbras Router RF 301K - 'DNS Hijacking' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Intelbras Router RF 301K": [[0, 24]], "VULNERABILITY: CSRF": [[71, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49969"}}
{"text": "Intelbras Router RF 301K 1.1.2 - Authentication Bypass", "spans": {"SYSTEM: Intelbras Router RF 301K 1.1.2": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49126"}}
{"text": "Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)", "spans": {"SYSTEM: Intelbras Wireless N 150Mbps WRN240": [[0, 35]], "VULNERABILITY: Authentication Bypass": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48158"}}
{"text": "IQrouter 3.3.1 Firmware - Remote Code Execution", "spans": {"SYSTEM: IQrouter 3.3.1 Firmware": [[0, 23]], "VULNERABILITY: Remote Code Execution": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48358"}}
{"text": "Karel IP Phone IP1211 Web Management Panel - Directory Traversal", "spans": {"SYSTEM: Karel IP Phone IP1211 Web Management Panel": [[0, 42]], "VULNERABILITY: Directory Traversal": [[45, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48857"}}
{"text": "KevinLAB BEMS 1.0 - Authentication Bypass", "spans": {"SYSTEM: KevinLAB BEMS 1.0": [[0, 17]], "VULNERABILITY: Authentication Bypass": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50146"}}
{"text": "KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticated)", "spans": {"SYSTEM: KevinLAB BEMS 1.0": [[0, 17]], "VULNERABILITY: Path Traversal": [[25, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50147"}}
{"text": "Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)", "spans": {"SYSTEM: Kyocera Command Center RX ECOSYS M2035dn": [[0, 40]], "VULNERABILITY: Directory Traversal": [[43, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50738"}}
{"text": "Kyocera Printer d-COPIA253MF - Directory Traversal (PoC)", "spans": {"SYSTEM: Kyocera Printer d-COPIA253MF": [[0, 28]], "VULNERABILITY: Directory Traversal": [[31, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48561"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Authentication Bypass": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49681"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated)", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Command Injection": [[50, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49680"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated)", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Config Download": [[50, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49686"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated)", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Factory Reset": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49684"}}
{"text": "KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution", "spans": {"SYSTEM: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1": [[0, 47]], "VULNERABILITY: Remote Code Execution": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49683"}}
{"text": "Linksys AX3200 V1.1.00 - Command Injection", "spans": {"SYSTEM: Linksys AX3200 V1.1.00": [[0, 22]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51035"}}
{"text": "Linksys EA7500 2.0.8.194281 - Cross-Site Scripting", "spans": {"SYSTEM: Linksys EA7500 2.0.8.194281": [[0, 27]], "VULNERABILITY: Cross-Site Scripting": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49708"}}
{"text": "Linksys RE6500 1.0.11.001 - Unauthenticated RCE", "spans": {"SYSTEM: Linksys RE6500 1.0.11.001": [[0, 25]], "VULNERABILITY: RCE": [[44, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49270"}}
{"text": "Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download", "spans": {"SYSTEM: Longjing Technology BEMS API 1.21": [[0, 33]], "VULNERABILITY: Arbitrary File Download": [[43, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50163"}}
{"text": "MAC 1200R - Directory Traversal", "spans": {"SYSTEM: MAC 1200R": [[0, 9]], "VULNERABILITY: Directory Traversal": [[12, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51315"}}
{"text": "Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation", "spans": {"SYSTEM: Macally WIFISD2-2A82 2.000.010": [[0, 30]], "VULNERABILITY: Privilege Escalation": [[47, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49256"}}
{"text": "MCL-Net 4.3.5.8788 - Information Disclosure", "spans": {"SYSTEM: MCL-Net 4.3.5.8788": [[0, 18]], "VULNERABILITY: Information Disclosure": [[21, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51542"}}
{"text": "Mida eFramework 2.8.9 - Remote Code Execution", "spans": {"SYSTEM: Mida eFramework 2.8.9": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48835"}}
{"text": "Mida eFramework 2.9.0 - Back Door Access", "spans": {"SYSTEM: Mida eFramework 2.9.0": [[0, 21]], "VULNERABILITY: Back Door Access": [[24, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48823"}}
{"text": "Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection", "spans": {"SYSTEM: Mikrotik Router Monitoring System 1.2.3": [[0, 39]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48474"}}
{"text": "Mitsubishi Electric & INEA SmartRTU - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Mitsubishi Electric & INEA SmartRTU": [[0, 35]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[38, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50423"}}
{"text": "Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure", "spans": {"SYSTEM: Mitsubishi Electric & INEA SmartRTU": [[0, 35]], "VULNERABILITY: Source Code Disclosure": [[38, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50422"}}
{"text": "Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)", "spans": {"SYSTEM: Multilaser Router RE018 AC1200": [[0, 30]], "VULNERABILITY: Cross-Site Request Forgery": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49775"}}
{"text": "Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak", "spans": {"SYSTEM: Nanometrics Centaur 4.3.23": [[0, 26]], "VULNERABILITY: Unauthenticated Remote Memory Leak": [[29, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48098"}}
{"text": "NEC Electra Elite IPK II WebPro 01.03.01 - Session Enumeration", "spans": {"SYSTEM: NEC Electra Elite IPK II WebPro 01.03.01": [[0, 40]], "VULNERABILITY: Session Enumeration": [[43, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48425"}}
{"text": "NetGear D1500 V1.0.0.21_1.0.1PE - 'Wireless Repeater' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: NetGear D1500 V1.0.0.21_1.0.1PE": [[0, 31]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[54, 87]]}, "info": {"source": "exploitdb", "exploit_id": "50201"}}
{"text": "Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Netgear DGN2200v1": [[0, 17]], "VULNERABILITY: Remote Command Execution": [[20, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50099"}}
{"text": "Netgear R7000 Router - Remote Code Execution", "spans": {"SYSTEM: Netgear R7000 Router": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48588"}}
{"text": "Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Netgear WNAP320 2.0.3": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[37, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50069"}}
{"text": "Netis E1+ 1.2.32533 - Backdoor Account (root)", "spans": {"SYSTEM: Netis E1+ 1.2.32533": [[0, 19]], "VULNERABILITY: Backdoor Account": [[22, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48382"}}
{"text": "Netis E1+ V1.2.32533 - Unauthenticated WiFi Password Leak", "spans": {"SYSTEM: Netis E1+ V1.2.32533": [[0, 20]], "VULNERABILITY: Unauthenticated WiFi Password Leak": [[23, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48384"}}
{"text": "Netis WF2419 2.2.36123 - Remote Code Execution", "spans": {"SYSTEM: Netis WF2419 2.2.36123": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48149"}}
{"text": "Netlink GPON Router 1.0.11 - Remote Code Execution", "spans": {"SYSTEM: Netlink GPON Router 1.0.11": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48225"}}
{"text": "Netlink XPON 1GE WiFi V2801RGW - Remote Command Execution", "spans": {"SYSTEM: Netlink XPON 1GE WiFi V2801RGW": [[0, 30]], "VULNERABILITY: Remote Command Execution": [[33, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48470"}}
{"text": "Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting (XSS) (Unauthenticated)", "spans": {"SYSTEM: Network Video Recorder NVR304-16EP": [[0, 34]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[37, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50744"}}
{"text": "NuCom 11N Wireless Router 5.07.90 - Remote Privilege Escalation", "spans": {"SYSTEM: NuCom 11N Wireless Router 5.07.90": [[0, 33]], "VULNERABILITY: Privilege Escalation": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49634"}}
{"text": "OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306": [[0, 51]], "VULNERABILITY: Remote Code Execution": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49955"}}
{"text": "P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: P5 FNIP-8x16A FNIP-4xSH 1.0.20": [[0, 30]], "VULNERABILITY: Cross-Site Request Forgery": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48362"}}
{"text": "Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)", "spans": {"SYSTEM: Panasonic Sanyo CCTV Network Camera 2.03-0x": [[0, 43]], "VULNERABILITY: Cross-Site Request Forgery": [[46, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50172"}}
{"text": "piSignage 2.6.4 - Directory Traversal", "spans": {"SYSTEM: piSignage 2.6.4": [[0, 15]], "VULNERABILITY: Directory Traversal": [[18, 37]]}, "info": {"source": "exploitdb", "exploit_id": "47882"}}
{"text": "PNPSCADA 2.200816204020 - 'interf' SQL Injection (Authenticated)", "spans": {"SYSTEM: PNPSCADA 2.200816204020": [[0, 23]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48757"}}
{"text": "PnPSCADA v2.x - Unauthenticated PostgreSQL Injection", "spans": {"SYSTEM: PnPSCADA v2.x": [[0, 13]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51448"}}
{"text": "QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure", "spans": {"SYSTEM: QiHang Media Web Digital Signage 3.0.9": [[0, 38]], "VULNERABILITY: Credential Disclosure": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48748"}}
{"text": "QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: QiHang Media Web Digital Signage 3.0.9": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48751"}}
{"text": "QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion", "spans": {"SYSTEM: QiHang Media Web Digital Signage 3.0.9": [[0, 38]], "VULNERABILITY: Arbitrary File Deletion": [[57, 80]]}, "info": {"source": "exploitdb", "exploit_id": "48749"}}
{"text": "QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure", "spans": {"SYSTEM: QiHang Media Web Digital Signage 3.0.9": [[0, 38]], "VULNERABILITY: Unauthenticated Arbitrary File Disclosure": [[41, 82]]}, "info": {"source": "exploitdb", "exploit_id": "48750"}}
{"text": "RAD SecFlow-1v SF_0290_2.3.01.26  - Persistent Cross-Site Scripting", "spans": {"SYSTEM: RAD SecFlow-1v SF_0290_2.3.01.26": [[0, 32]], "VULNERABILITY: Persistent Cross-Site Scripting": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48807"}}
{"text": "RAD SecFlow-1v SF_0290_2.3.01.26 - Cross-Site Request Forgery (Reboot)", "spans": {"SYSTEM: RAD SecFlow-1v SF_0290_2.3.01.26": [[0, 32]], "VULNERABILITY: Cross-Site Request Forgery": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48809"}}
{"text": "Razer Sila - Command Injection", "spans": {"SYSTEM: Razer Sila": [[0, 10]], "VULNERABILITY: Command Injection": [[13, 30]]}, "info": {"source": "exploitdb", "exploit_id": "50865"}}
{"text": "Razer Sila - Local File Inclusion (LFI)", "spans": {"SYSTEM: Razer Sila": [[0, 10]], "VULNERABILITY: Local File Inclusion": [[13, 33]]}, "info": {"source": "exploitdb", "exploit_id": "50864"}}
{"text": "ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure", "spans": {"SYSTEM: ReQuest Serious Play F3 Media Server 7.0.3": [[0, 42]], "VULNERABILITY: Debug Log Disclosure": [[45, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48950"}}
{"text": "ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: ReQuest Serious Play F3 Media Server 7.0.3": [[0, 42]], "VULNERABILITY: Remote Code Execution": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48952"}}
{"text": "ReQuest Serious Play F3 Media Server 7.0.3 - Remote Denial of Service", "spans": {"SYSTEM: ReQuest Serious Play F3 Media Server 7.0.3": [[0, 42]], "VULNERABILITY: Denial of Service": [[52, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48951"}}
{"text": "ReQuest Serious Play Media Player 3.0 - Directory Traversal File Disclosure", "spans": {"SYSTEM: ReQuest Serious Play Media Player 3.0": [[0, 37]], "VULNERABILITY: Directory Traversal": [[40, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48949"}}
{"text": "RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection", "spans": {"SYSTEM: RICOH Aficio SP 5200S Printer": [[0, 29]], "VULNERABILITY: HTML Injection": [[46, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48161"}}
{"text": "RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection", "spans": {"SYSTEM: RICOH Aficio SP 5210SF Printer": [[0, 30]], "VULNERABILITY: HTML Injection": [[47, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48164"}}
{"text": "Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE)", "spans": {"SYSTEM: Ricon Industrial Cellular Router S9922XL": [[0, 40]], "VULNERABILITY: Remote Command Execution": [[43, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50096"}}
{"text": "Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution", "spans": {"SYSTEM: Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21": [[0, 47]], "VULNERABILITY: Remote Code Execution": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49110"}}
{"text": "Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal", "spans": {"SYSTEM: Ruijie Networks Switch eWeb S29_RGOS 11.4": [[0, 41]], "VULNERABILITY: Directory Traversal": [[44, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48755"}}
{"text": "SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: SAM SUNNY TRIPOWER 5.0": [[0, 22]], "VULNERABILITY: Insecure Direct Object Reference": [[25, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50860"}}
{"text": "Satellian 1.12 - Remote Code Execution", "spans": {"SYSTEM: Satellian 1.12": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "47976"}}
{"text": "Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection", "spans": {"SYSTEM: Schneider Electric U.Motion Builder 1.3.4": [[0, 41]], "VULNERABILITY: Command Injection": [[58, 75]]}, "info": {"source": "exploitdb", "exploit_id": "47991"}}
{"text": "Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection", "spans": {"SYSTEM: Seagate BlackArmor NAS sg2000-2000.1331": [[0, 39]], "VULNERABILITY: Command Injection": [[42, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50132"}}
{"text": "Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read", "spans": {"SYSTEM: Secure Computing SnapGear Management Console SG560 3.1.5": [[0, 56]], "VULNERABILITY: Arbitrary File Read": [[59, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48556"}}
{"text": "SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure", "spans": {"SYSTEM: SecuSTATION IPCAM-130 HD Camera": [[0, 31]], "VULNERABILITY: Remote Configuration Disclosure": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48110"}}
{"text": "SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure", "spans": {"SYSTEM: SecuSTATION SC-831 HD Camera": [[0, 28]], "VULNERABILITY: Remote Configuration Disclosure": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48115"}}
{"text": "Selea Targa 512 IP OCR-ANPR Camera - Stream Disclosure (Unauthenticated)", "spans": {"SYSTEM: Selea Targa 512 IP OCR-ANPR Camera": [[0, 34]], "VULNERABILITY: Stream Disclosure": [[37, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49459"}}
{"text": "Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Selea Targa IP OCR-ANPR Camera": [[0, 30]], "VULNERABILITY: Remote Code Execution": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49460"}}
{"text": "Selea Targa IP OCR-ANPR Camera - 'files_list' Remote Stored XSS", "spans": {"SYSTEM: Selea Targa IP OCR-ANPR Camera": [[0, 30]], "VULNERABILITY: XSS": [[60, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49454"}}
{"text": "Selea Targa IP OCR-ANPR Camera - CSRF Add Admin", "spans": {"SYSTEM: Selea Targa IP OCR-ANPR Camera": [[0, 30]], "VULNERABILITY: CSRF": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49458"}}
{"text": "Selea Targa IP OCR-ANPR Camera - Developer Backdoor Config Overwrite", "spans": {"SYSTEM: Selea Targa IP OCR-ANPR Camera": [[0, 30]], "VULNERABILITY: Developer Backdoor Config Overwrite": [[33, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49455"}}
{"text": "Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated)", "spans": {"SYSTEM: Selea Targa IP OCR-ANPR Camera": [[0, 30]], "VULNERABILITY: Directory Traversal": [[33, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49456"}}
{"text": "Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)", "spans": {"SYSTEM: Selea Targa IP OCR-ANPR Camera": [[0, 30]], "VULNERABILITY: SSRF": [[42, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49457"}}
{"text": "Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Seowon 130-SLC router": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50295"}}
{"text": "Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)", "spans": {"SYSTEM: Seowon 130-SLC router 1.0.11": [[0, 28]], "VULNERABILITY: RCE": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49097"}}
{"text": "Seowon SlC 130 Router - Remote Code Execution", "spans": {"SYSTEM: Seowon SlC 130 Router": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48759"}}
{"text": "Sickbeard 0.1 - Remote Command Injection", "spans": {"SYSTEM: Sickbeard 0.1": [[0, 13]], "VULNERABILITY: Command Injection": [[23, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48646"}}
{"text": "Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking", "spans": {"SYSTEM: Sielco Analog FM Transmitter 2.12": [[0, 33]], "VULNERABILITY: Cookie Brute Force Session Hijacking": [[41, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51363"}}
{"text": "Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery", "spans": {"SYSTEM: Sielco Analog FM Transmitter 2.12": [[0, 33]], "VULNERABILITY: Cross-Site Request Forgery": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51364"}}
{"text": "Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password", "spans": {"SYSTEM: Sielco Analog FM Transmitter 2.12": [[0, 33]], "VULNERABILITY: Improper Access Control Change Admin Password": [[36, 81]]}, "info": {"source": "exploitdb", "exploit_id": "51365"}}
{"text": "Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP", "spans": {"SYSTEM: Sielco PolyEco Digital FM Transmitter 2.0.6": [[0, 43]], "VULNERABILITY: Account Takeover / Lockout / EoP": [[46, 78]]}, "info": {"source": "exploitdb", "exploit_id": "51371"}}
{"text": "Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit", "spans": {"SYSTEM: Sielco PolyEco Digital FM Transmitter 2.0.6": [[0, 43]], "VULNERABILITY: Authentication Bypass": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51367"}}
{"text": "Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset", "spans": {"SYSTEM: Sielco PolyEco Digital FM Transmitter 2.0.6": [[0, 43]], "VULNERABILITY: Authorization Bypass": [[46, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51368"}}
{"text": "Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation", "spans": {"SYSTEM: Sielco PolyEco Digital FM Transmitter 2.0.6": [[0, 43]], "VULNERABILITY: Radio Data System POST Manipulation": [[46, 81]]}, "info": {"source": "exploitdb", "exploit_id": "51369"}}
{"text": "Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure", "spans": {"SYSTEM: Sielco PolyEco Digital FM Transmitter 2.0.6": [[0, 43]], "VULNERABILITY: Information Disclosure": [[62, 84]]}, "info": {"source": "exploitdb", "exploit_id": "51370"}}
{"text": "Sipwise C5 NGCP CSC - 'Multiple' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Sipwise C5 NGCP CSC": [[0, 19]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49800"}}
{"text": "Sipwise C5 NGCP CSC - Click2Dial Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Sipwise C5 NGCP CSC": [[0, 19]], "VULNERABILITY: CSRF": [[61, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49801"}}
{"text": "SnapGear Management Console SG560 3.1.5 - Cross-Site Request Forgery (Add Super User)", "spans": {"SYSTEM: SnapGear Management Console SG560 3.1.5": [[0, 39]], "VULNERABILITY: Cross-Site Request Forgery": [[42, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48554"}}
{"text": "Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS", "spans": {"SYSTEM: Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019": [[0, 45]], "VULNERABILITY: XSS": [[55, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51857"}}
{"text": "SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: SolarView Compact 6.00": [[0, 22]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50968"}}
{"text": "SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: SolarView Compact 6.00": [[0, 22]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[38, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50967"}}
{"text": "SonicWall SMA 10.2.1.0-17sv - Password Reset", "spans": {"SYSTEM: SonicWall SMA 10.2.1.0-17sv": [[0, 27]], "VULNERABILITY: Password Reset": [[30, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50430"}}
{"text": "Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Sonicwall SonicOS 6.5.4": [[0, 23]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[40, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50485"}}
{"text": "Sonicwall SonicOS 7.0 - Host Header Injection", "spans": {"SYSTEM: Sonicwall SonicOS 7.0": [[0, 21]], "VULNERABILITY: Host Header Injection": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50414"}}
{"text": "SonicWall SSL-VPN 8.0.0.0 - 'visualdoor' Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: SonicWall SSL-VPN 8.0.0.0": [[0, 25]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49499"}}
{"text": "Sony BRAVIA Digital Signage 1.7.8 - System API Information Disclosure", "spans": {"SYSTEM: Sony BRAVIA Digital Signage 1.7.8": [[0, 33]], "VULNERABILITY: Information Disclosure": [[47, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49187"}}
{"text": "Sony BRAVIA Digital Signage 1.7.8 - Unauthenticated Remote File Inclusion", "spans": {"SYSTEM: Sony BRAVIA Digital Signage 1.7.8": [[0, 33]], "VULNERABILITY: Remote File Inclusion": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49186"}}
{"text": "Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)", "spans": {"SYSTEM: Sony Playstation 4 (PS4) < 6.72": [[0, 31]], "VULNERABILITY: Use-After-Free": [[73, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49308"}}
{"text": "Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)", "spans": {"SYSTEM: Sony Playstation 4 (PS4) < 7.02": [[0, 31]], "VULNERABILITY: Use-After-Free": [[73, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49309"}}
{"text": "Sophos XG115w Firewall 17.0.10 MR-10 - Authentication Bypass", "spans": {"SYSTEM: Sophos XG115w Firewall 17.0.10 MR-10": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51006"}}
{"text": "SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF", "spans": {"SYSTEM: SOYAL Biometric Access Control System 5.0": [[0, 41]], "VULNERABILITY: CSRF": [[68, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49677"}}
{"text": "SOYAL Biometric Access Control System 5.0 - Master Code Disclosure", "spans": {"SYSTEM: SOYAL Biometric Access Control System 5.0": [[0, 41]], "VULNERABILITY: Master Code Disclosure": [[44, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49676"}}
{"text": "SpinetiX Fusion Digital Signage 3.4.8 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: SpinetiX Fusion Digital Signage 3.4.8": [[0, 37]], "VULNERABILITY: Cross-Site Request Forgery": [[40, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48846"}}
{"text": "SpinetiX Fusion Digital Signage 3.4.8 - Database Backup Disclosure", "spans": {"SYSTEM: SpinetiX Fusion Digital Signage 3.4.8": [[0, 37]], "VULNERABILITY: Database Backup Disclosure": [[40, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48845"}}
{"text": "SpinetiX Fusion Digital Signage 3.4.8 - Username Enumeration", "spans": {"SYSTEM: SpinetiX Fusion Digital Signage 3.4.8": [[0, 37]], "VULNERABILITY: Username Enumeration": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48847"}}
{"text": "SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: SuperMicro IPMI 03.40": [[0, 21]], "VULNERABILITY: Cross-Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48652"}}
{"text": "SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: SuperMicro IPMI WebInterface 03.40": [[0, 34]], "VULNERABILITY: Cross-Site Request Forgery": [[37, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48668"}}
{"text": "Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)", "spans": {"SYSTEM: Symantec SiteMinder WebAgent v12.52": [[0, 35]], "VULNERABILITY: XSS": [[60, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51530"}}
{"text": "Telesquare TLR-2855KS6 - Arbitrary File Creation", "spans": {"SYSTEM: Telesquare TLR-2855KS6": [[0, 22]], "VULNERABILITY: Arbitrary File Creation": [[25, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50862"}}
{"text": "Telesquare TLR-2855KS6 - Arbitrary File Deletion", "spans": {"SYSTEM: Telesquare TLR-2855KS6": [[0, 22]], "VULNERABILITY: Arbitrary File Deletion": [[25, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50863"}}
{"text": "Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting", "spans": {"SYSTEM: Tenda AC5 AC1200 Wireless": [[0, 25]], "VULNERABILITY: Stored Cross Site Scripting": [[51, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49478"}}
{"text": "Thecus N4800Eco Nas Server Control Panel - Comand Injection", "spans": {"SYSTEM: Thecus N4800Eco Nas Server Control Panel": [[0, 40]], "VULNERABILITY: Comand Injection": [[43, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49926"}}
{"text": "Tiandy IPC and NVR 9.12.7 - Credential Disclosure", "spans": {"SYSTEM: Tiandy IPC and NVR 9.12.7": [[0, 25]], "VULNERABILITY: Credential Disclosure": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48799"}}
{"text": "TL-WR849N 0.9.1 4.16 - Authentication Bypass (Upload Firmware)", "spans": {"SYSTEM: TL-WR849N 0.9.1 4.16": [[0, 20]], "VULNERABILITY: Authentication Bypass": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48152"}}
{"text": "TLR-2005KSH - Arbitrary File Delete", "spans": {"SYSTEM: TLR-2005KSH": [[0, 11]], "VULNERABILITY: Arbitrary File Delete": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50935"}}
{"text": "TLR-2005KSH - Arbitrary File Upload", "spans": {"SYSTEM: TLR-2005KSH": [[0, 11]], "VULNERABILITY: Arbitrary File Upload": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50931"}}
{"text": "TP LINK TL-WR849N - Remote Code Execution", "spans": {"SYSTEM: TP LINK TL-WR849N": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48155"}}
{"text": "TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated)", "spans": {"SYSTEM: TP-Link Devices": [[0, 15]], "VULNERABILITY: Stored Cross-site Scripting": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49720"}}
{"text": "TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE)", "spans": {"SYSTEM: TP-Link Tapo c200 1.1.15": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[27, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51017"}}
{"text": "TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass", "spans": {"SYSTEM: TP-Link TL-WA855RE V5_200415": [[0, 28]], "VULNERABILITY: Device Reset Auth Bypass": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49092"}}
{"text": "TP-Link TL-WR740N - Authenticated Directory Transversal", "spans": {"SYSTEM: TP-Link TL-WR740N": [[0, 17]], "VULNERABILITY: Authenticated Directory Transversal": [[20, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51606"}}
{"text": "TP-Link TL-WR740N - Buffer Overflow 'DOS'", "spans": {"SYSTEM: TP-Link TL-WR740N": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[20, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51866"}}
{"text": "TP-LINK TL-WR740N - Multiple HTML Injection", "spans": {"SYSTEM: TP-LINK TL-WR740N": [[0, 17]], "VULNERABILITY: Multiple HTML Injection": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51769"}}
{"text": "TP-Link TL-WR740N - UnAuthenticated Directory Transversal", "spans": {"SYSTEM: TP-Link TL-WR740N": [[0, 17]], "VULNERABILITY: UnAuthenticated Directory Transversal": [[20, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51768"}}
{"text": "TP-Link TL-WR841N - Command Injection", "spans": {"SYSTEM: TP-Link TL-WR841N": [[0, 17]], "VULNERABILITY: Command Injection": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50058"}}
{"text": "TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot", "spans": {"SYSTEM: TP-Link TP-SG105E 1.0.0": [[0, 23]], "VULNERABILITY: Unauthenticated Remote Reboot": [[26, 55]]}, "info": {"source": "exploitdb", "exploit_id": "47958"}}
{"text": "TVT NVMS 1000 - Directory Traversal", "spans": {"SYSTEM: TVT NVMS 1000": [[0, 13]], "VULNERABILITY: Directory Traversal": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48311"}}
{"text": "Ubee EVW327 - 'Enable Remote Access' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Ubee EVW327": [[0, 11]], "VULNERABILITY: CSRF": [[65, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49920"}}
{"text": "UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass", "spans": {"SYSTEM: UBICOD Medivision Digital Signage 1.5.1": [[0, 39]], "VULNERABILITY: Authorization Bypass": [[42, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48684"}}
{"text": "UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: UBICOD Medivision Digital Signage 1.5.1": [[0, 39]], "VULNERABILITY: Cross-Site Request Forgery": [[42, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48694"}}
{"text": "UCM6202 1.0.18.13 - Remote Command Injection", "spans": {"SYSTEM: UCM6202 1.0.18.13": [[0, 17]], "VULNERABILITY: Command Injection": [[27, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48247"}}
{"text": "Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Uniview NVR301-04S2-P4": [[0, 22]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[25, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51130"}}
{"text": "Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation", "spans": {"SYSTEM: Visual Tools DVR VX16 4.2.28": [[0, 28]], "VULNERABILITY: Local Privilege Escalation": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50104"}}
{"text": "Vodafone H-500-s 3.5.10 - WiFi Password Disclosure", "spans": {"SYSTEM: Vodafone H-500-s 3.5.10": [[0, 23]], "VULNERABILITY: Password Disclosure": [[31, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50636"}}
{"text": "Wago PFC200 - Authenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Wago PFC200": [[0, 11]], "VULNERABILITY: Authenticated Remote Code Execution": [[14, 49]], "TOOL: Metasploit": [[51, 61]]}, "info": {"source": "exploitdb", "exploit_id": "47998"}}
{"text": "Wavlink WN530HG4 - Password Disclosure", "spans": {"SYSTEM: Wavlink WN530HG4": [[0, 16]], "VULNERABILITY: Password Disclosure": [[19, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50991"}}
{"text": "Wavlink WN533A8 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Wavlink WN533A8": [[0, 15]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[18, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50989"}}
{"text": "Wavlink WN533A8 - Password Disclosure", "spans": {"SYSTEM: Wavlink WN533A8": [[0, 15]], "VULNERABILITY: Password Disclosure": [[18, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50990"}}
{"text": "YeaLink SIP-TXXXP 53.84.0.15 - 'cmd' Command Injection (Authenticated)", "spans": {"SYSTEM: YeaLink SIP-TXXXP 53.84.0.15": [[0, 28]], "VULNERABILITY: Command Injection": [[37, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50509"}}
{"text": "ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation", "spans": {"SYSTEM: ZBL EPON ONU Broadband Router 1.0": [[0, 33]], "VULNERABILITY: Privilege Escalation": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49737"}}
{"text": "ZTE Router F602W - Captcha Bypass", "spans": {"SYSTEM: ZTE Router F602W": [[0, 16]], "VULNERABILITY: Captcha Bypass": [[19, 33]]}, "info": {"source": "exploitdb", "exploit_id": "48801"}}
{"text": "Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery (CSRF)", "spans": {"SYSTEM: Zucchetti Axess CLOKI Access Control 1.64": [[0, 41]], "VULNERABILITY: CSRF": [[72, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50595"}}
{"text": "Zyxel Armor X1 WAP6806 - Directory Traversal", "spans": {"SYSTEM: Zyxel Armor X1 WAP6806": [[0, 22]], "VULNERABILITY: Directory Traversal": [[25, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48669"}}
{"text": "Color Notes 1.4 - Denial of Service (PoC)", "spans": {"SYSTEM: Color Notes 1.4": [[0, 15]], "VULNERABILITY: Denial of Service (PoC)": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49952"}}
{"text": "Macaron Notes great notebook 5.5 - Denial of Service (PoC)", "spans": {"SYSTEM: Macaron Notes great notebook 5.5": [[0, 32]], "VULNERABILITY: Denial of Service (PoC)": [[35, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49953"}}
{"text": "My Notes Safe 5.3 - Denial of Service (PoC)", "spans": {"SYSTEM: My Notes Safe 5.3": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49954"}}
{"text": "n+otes 1.6.2 - Denial of Service (PoC)", "spans": {"SYSTEM: n+otes 1.6.2": [[0, 12]], "VULNERABILITY: Denial of Service (PoC)": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49979"}}
{"text": "Notex the best notes 6.4 - Denial of Service (PoC)", "spans": {"SYSTEM: Notex the best notes 6.4": [[0, 24]], "VULNERABILITY: Denial of Service (PoC)": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50003"}}
{"text": "P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)", "spans": {"SYSTEM: P2PWIFICAM2 for iOS 10.4.1": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47993"}}
{"text": "Post-it 5.0.1 - Denial of Service (PoC)", "spans": {"SYSTEM: Post-it 5.0.1": [[0, 13]], "VULNERABILITY: Denial of Service (PoC)": [[16, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50002"}}
{"text": "ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service (PoC)", "spans": {"SYSTEM: ProficySCADA for iOS 5.0.25920": [[0, 30]], "VULNERABILITY: Denial of Service (PoC)": [[44, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48236"}}
{"text": "Secure Notepad Private Notes 3.0.3 - Denial of Service (PoC)", "spans": {"SYSTEM: Secure Notepad Private Notes 3.0.3": [[0, 34]], "VULNERABILITY: Denial of Service (PoC)": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50001"}}
{"text": "Sticky Notes & Color Widgets 1.4.2 - Denial of Service (PoC)", "spans": {"SYSTEM: Sticky Notes & Color Widgets 1.4.2": [[0, 34]], "VULNERABILITY: Denial of Service (PoC)": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49957"}}
{"text": "Sticky Notes Widget Version 3.0.6 - Denial of Service (PoC)", "spans": {"SYSTEM: Sticky Notes Widget Version 3.0.6": [[0, 33]], "VULNERABILITY: Denial of Service (PoC)": [[36, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49978"}}
{"text": "WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC)", "spans": {"SYSTEM: WebSSH for iOS 14.16.10": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49883"}}
{"text": "memono Notepad Version 4.2 - Denial of Service (PoC)", "spans": {"SYSTEM: memono Notepad Version 4.2": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49977"}}
{"text": "AirKeyboard iOS App 1.0.5 - Remote Input Injection", "spans": {"SYSTEM: AirKeyboard iOS App 1.0.5": [[0, 25]], "VULNERABILITY: Remote Input Injection": [[28, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52333"}}
{"text": "Wifi HD Wireless Disk Drive 11 - Local File Inclusion", "spans": {"SYSTEM: Wifi HD Wireless Disk Drive 11": [[0, 30]], "VULNERABILITY: Local File Inclusion": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51015"}}
{"text": "AirDisk Pro 5.5.3 for iOS - Persistent Cross-Site Scripting", "spans": {"SYSTEM: AirDisk Pro 5.5.3 for iOS": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48321"}}
{"text": "Easy Transfer 1.7 for iOS - Directory Traversal", "spans": {"SYSTEM: Easy Transfer 1.7 for iOS": [[0, 25]], "VULNERABILITY: Directory Traversal": [[28, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48395"}}
{"text": "File Transfer iFamily 2.1 - Directory Traversal", "spans": {"SYSTEM: File Transfer iFamily 2.1": [[0, 25]], "VULNERABILITY: Directory Traversal": [[28, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48327"}}
{"text": "HardDrive 2.1 for iOS - Arbitrary File Upload", "spans": {"SYSTEM: HardDrive 2.1 for iOS": [[0, 21]], "VULNERABILITY: Arbitrary File Upload": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48406"}}
{"text": "Mini Mouse 9.3.0 - Local File inclusion", "spans": {"SYSTEM: Mini Mouse 9.3.0": [[0, 16]], "VULNERABILITY: Local File inclusion": [[19, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49747"}}
{"text": "Owlfiles File Manager 12.0.1 - Multiple Vulnerabilities", "spans": {"SYSTEM: Owlfiles File Manager 12.0.1": [[0, 28]], "VULNERABILITY: Multiple Vulnerabilities": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51036"}}
{"text": "Playable 9.18 iOS - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Playable 9.18 iOS": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48340"}}
{"text": "Sky File 2.1.0 iOS - Directory Traversal", "spans": {"SYSTEM: Sky File 2.1.0 iOS": [[0, 18]], "VULNERABILITY: Directory Traversal": [[21, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48375"}}
{"text": "Super Backup 2.0.5 for iOS - Directory Traversal", "spans": {"SYSTEM: Super Backup 2.0.5 for iOS": [[0, 26]], "VULNERABILITY: Directory Traversal": [[29, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48405"}}
{"text": "SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting", "spans": {"SYSTEM: SuperBackup 2.0.5 for iOS": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48322"}}
{"text": "H2 Database 1.4.199 - JNI Code Execution", "spans": {"SYSTEM: H2 Database 1.4.199": [[0, 19]], "VULNERABILITY: JNI Code Execution": [[22, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49384"}}
{"text": "AD Manager Plus 7122 - Remote Code Execution (RCE)", "spans": {"SYSTEM: AD Manager Plus 7122": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51183"}}
{"text": "Apache Log4j 2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Apache Log4j 2": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50592"}}
{"text": "Apache Log4j2 2.14.1 - Information Disclosure", "spans": {"SYSTEM: Apache Log4j2 2.14.1": [[0, 20]], "VULNERABILITY: Information Disclosure": [[23, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50590"}}
{"text": "CatDV 9.2 - RMI Authentication Bypass", "spans": {"SYSTEM: CatDV 9.2": [[0, 9]], "VULNERABILITY: Authentication Bypass": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49621"}}
{"text": "Cisco DCNM JBoss 10.4 - Credential Leakage", "spans": {"SYSTEM: Cisco DCNM JBoss 10.4": [[0, 21]], "VULNERABILITY: Credential Leakage": [[24, 42]]}, "info": {"source": "exploitdb", "exploit_id": "47885"}}
{"text": "GitLab CE/EE < 16.7.2 - Password Reset", "spans": {"SYSTEM: GitLab CE/EE < 16.7.2": [[0, 21]], "VULNERABILITY: Password Reset": [[24, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51889"}}
{"text": "JetBrains TeamCity 2018.2.4 - Remote Code Execution", "spans": {"SYSTEM: JetBrains TeamCity 2018.2.4": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "47891"}}
{"text": "JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: JetBrains TeamCity 2023.05.3": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51884"}}
{"text": "Liferay Portal - Java Unmarshalling via JSONWS RCE (Metasploit)", "spans": {"SYSTEM: Liferay Portal": [[0, 14]], "VULNERABILITY: RCE": [[47, 50]], "TOOL: Metasploit": [[52, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48332"}}
{"text": "Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)", "spans": {"SYSTEM: Neo4j 3.4.18": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50170"}}
{"text": "Alkacon OpenCMS 15.0 - Multiple Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Alkacon OpenCMS 15.0": [[0, 20]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[32, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51564"}}
{"text": "Ametys CMS v4.4.1 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Ametys CMS v4.4.1": [[0, 17]], "VULNERABILITY: Cross Site Scripting": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50692"}}
{"text": "Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)", "spans": {"SYSTEM: Apache Flink 1.11.0": [[0, 19]], "VULNERABILITY: Arbitrary File Read": [[38, 57]], "TOOL: Metasploit": [[59, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49398"}}
{"text": "Apache Flink 1.9.x - File Upload RCE (Unauthenticated)", "spans": {"SYSTEM: Apache Flink 1.9.x": [[0, 18]], "VULNERABILITY: RCE": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48978"}}
{"text": "Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Apache HugeGraph Server 1.2.0": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52149"}}
{"text": "Apache OFBiz 17.12.03 - Cross-Site Request Forgery (Account Takeover)", "spans": {"SYSTEM: Apache OFBiz 17.12.03": [[0, 21]], "VULNERABILITY: Cross-Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48408"}}
{"text": "Apache OFBiz 18.12.12 - Directory Traversal", "spans": {"SYSTEM: Apache OFBiz 18.12.12": [[0, 21]], "VULNERABILITY: Directory Traversal": [[24, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52020"}}
{"text": "Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution", "spans": {"SYSTEM: Apache Struts 2": [[0, 15]], "VULNERABILITY: DefaultActionMapper Prefixes OGNL Code Execution": [[18, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48917"}}
{"text": "ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)", "spans": {"SYSTEM: ApacheOfBiz 17.12.01": [[0, 20]], "VULNERABILITY: Remote Command Execution": [[23, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50178"}}
{"text": "AppSmith 1.47 - Remote Code Execution (RCE)", "spans": {"SYSTEM: AppSmith 1.47": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52118"}}
{"text": "Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read", "spans": {"SYSTEM: Atlassian Confluence 7.12.2": [[0, 27]], "VULNERABILITY: Arbitrary File Read": [[48, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50377"}}
{"text": "Cisco Data Center Network Manager 11.2 - Remote Code Execution", "spans": {"SYSTEM: Cisco Data Center Network Manager 11.2": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48018"}}
{"text": "Cisco Data Center Network Manager 11.2.1 - 'getVmHostData' SQL Injection", "spans": {"SYSTEM: Cisco Data Center Network Manager 11.2.1": [[0, 40]], "VULNERABILITY: SQL Injection": [[59, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48019"}}
{"text": "Cisco Data Center Network Manager 11.2.1 - 'LanFabricImpl' Command Injection", "spans": {"SYSTEM: Cisco Data Center Network Manager 11.2.1": [[0, 40]], "VULNERABILITY: Command Injection": [[59, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48020"}}
{"text": "Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Cisco Digital Network Architecture Center 1.3.1.4": [[0, 49]], "VULNERABILITY: Persistent Cross-Site Scripting": [[52, 83]]}, "info": {"source": "exploitdb", "exploit_id": "48459"}}
{"text": "CITSmart ITSM 9.1.2.22 - LDAP Injection", "spans": {"SYSTEM: CITSmart ITSM 9.1.2.22": [[0, 22]], "VULNERABILITY: LDAP Injection": [[25, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49762"}}
{"text": "CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated)", "spans": {"SYSTEM: CITSmart ITSM 9.1.2.27": [[0, 22]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49763"}}
{"text": "CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: CloverDX 5.9.0": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50166"}}
{"text": "Confluence Data Center 7.18.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Confluence Data Center 7.18.0": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50952"}}
{"text": "Confluence Server 7.12.4 - 'OGNL injection' Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Confluence Server 7.12.4": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[44, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50243"}}
{"text": "DataEase 2.4.0 - Database Configuration Information Exposure", "spans": {"SYSTEM: DataEase 2.4.0": [[0, 14]], "VULNERABILITY: Database Configuration Information Exposure": [[17, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52128"}}
{"text": "Eclipse Jetty 11.0.5 - Sensitive File Disclosure", "spans": {"SYSTEM: Eclipse Jetty 11.0.5": [[0, 20]], "VULNERABILITY: Sensitive File Disclosure": [[23, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50478"}}
{"text": "ERPNext 12.29 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ERPNext 12.29": [[0, 13]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51255"}}
{"text": "Exhibitor Web UI 1.7.1 - Remote Code Execution", "spans": {"SYSTEM: Exhibitor Web UI 1.7.1": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48654"}}
{"text": "ForgeRock Access Manager 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: ForgeRock Access Manager 14.6.3": [[0, 31]], "VULNERABILITY: Remote Code Execution (RCE)": [[34, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50131"}}
{"text": "Furukawa Electric ConsciusMAP 2.8.1 - Remote Code Execution", "spans": {"SYSTEM: Furukawa Electric ConsciusMAP 2.8.1": [[0, 35]], "VULNERABILITY: Remote Code Execution": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48380"}}
{"text": "Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Goanywhere Encryption helper 7.1.1": [[0, 34]], "VULNERABILITY: Remote Code Execution (RCE)": [[37, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51339"}}
{"text": "Java-springboot-codebase 1.1 - Arbitrary File Read", "spans": {"SYSTEM: Java-springboot-codebase 1.1": [[0, 28]], "VULNERABILITY: Arbitrary File Read": [[31, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52304"}}
{"text": "Jenkins 2.235.3 - 'Description' Stored XSS", "spans": {"SYSTEM: Jenkins 2.235.3": [[0, 15]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49237"}}
{"text": "Jenkins 2.235.3 - 'tooltip' Stored Cross-Site Scripting", "spans": {"SYSTEM: Jenkins 2.235.3": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49232"}}
{"text": "Jenkins 2.235.3 - 'X-Forwarded-For' Stored XSS", "spans": {"SYSTEM: Jenkins 2.235.3": [[0, 15]], "VULNERABILITY: XSS": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49244"}}
{"text": "Jenkins 2.441 - Local File Inclusion", "spans": {"SYSTEM: Jenkins 2.441": [[0, 13]], "VULNERABILITY: Local File Inclusion": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51993"}}
{"text": "Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in", "spans": {"SYSTEM: Jenkins 2.63": [[0, 12]], "VULNERABILITY: Sandbox bypass in pipeline: Groovy plug-in": [[15, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48904"}}
{"text": "Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting", "spans": {"SYSTEM: Jenkins Gitlab Hook Plugin 1.4.2": [[0, 32]], "VULNERABILITY: Reflected Cross-Site Scripting": [[35, 65]]}, "info": {"source": "exploitdb", "exploit_id": "47927"}}
{"text": "Jetty 9.4.37.v20210219 - Information Disclosure", "spans": {"SYSTEM: Jetty 9.4.37.v20210219": [[0, 22]], "VULNERABILITY: Information Disclosure": [[25, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50438"}}
{"text": "Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal", "spans": {"SYSTEM: Jinfornet Jreport 15.6": [[0, 22]], "VULNERABILITY: Directory Traversal": [[41, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48260"}}
{"text": "Jira 8.3.4 - Information Disclosure (Username Enumeration)", "spans": {"SYSTEM: Jira 8.3.4": [[0, 10]], "VULNERABILITY: Information Disclosure": [[13, 35]]}, "info": {"source": "exploitdb", "exploit_id": "47990"}}
{"text": "Karaf v4.4.3 Console - RCE", "spans": {"SYSTEM: Karaf v4.4.3 Console": [[0, 20]], "VULNERABILITY: RCE": [[23, 26]]}, "info": {"source": "exploitdb", "exploit_id": "51895"}}
{"text": "Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)", "spans": {"SYSTEM: Keycloak 12.0.1": [[0, 15]], "VULNERABILITY: Server-Side Request Forgery (SSRF)": [[39, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50405"}}
{"text": "Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation", "spans": {"SYSTEM: Kronos WebTA 4.0": [[0, 16]], "VULNERABILITY: Privilege Escalation": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48001"}}
{"text": "LabVantage 8.3 - Information Disclosure", "spans": {"SYSTEM: LabVantage 8.3": [[0, 14]], "VULNERABILITY: Information Disclosure": [[17, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48090"}}
{"text": "Liferay CE Portal 6.0.2 - Remote Command Execution", "spans": {"SYSTEM: Liferay CE Portal 6.0.2": [[0, 23]], "VULNERABILITY: Remote Command Execution": [[26, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47972"}}
{"text": "Liferay Portal 6.2.5 - Insecure Permissions", "spans": {"SYSTEM: Liferay Portal 6.2.5": [[0, 20]], "VULNERABILITY: Insecure Permissions": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51244"}}
{"text": "ManageEngine ADSelfService Build prior to 6003 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: ManageEngine ADSelfService Build prior to 6003": [[0, 46]], "VULNERABILITY: Remote Code Execution": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48739"}}
{"text": "ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection", "spans": {"SYSTEM: ManageEngine Applications Manager 13": [[0, 36]], "VULNERABILITY: SQL Injection": [[60, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48692"}}
{"text": "ManageEngine Applications Manager 14700 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: ManageEngine Applications Manager 14700": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48793"}}
{"text": "ManageEngine EventLog Analyzer 10.0 - Information Disclosure", "spans": {"SYSTEM: ManageEngine EventLog Analyzer 10.0": [[0, 35]], "VULNERABILITY: Information Disclosure": [[38, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48119"}}
{"text": "ManageEngine Network Configuration Manager 12.2 - 'apiKey' SQL Injection", "spans": {"SYSTEM: ManageEngine Network Configuration Manager 12.2": [[0, 47]], "VULNERABILITY: SQL Injection": [[59, 72]]}, "info": {"source": "exploitdb", "exploit_id": "47949"}}
{"text": "ManageEngine Service Desk 10.0 - Cross-Site Scripting", "spans": {"SYSTEM: ManageEngine Service Desk 10.0": [[0, 30]], "VULNERABILITY: Cross-Site Scripting": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48473"}}
{"text": "Nacos 2.0.3 - Access Control vulnerability", "spans": {"SYSTEM: Nacos 2.0.3": [[0, 11]], "VULNERABILITY: Access Control vulnerability": [[14, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51205"}}
{"text": "Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Netlify CMS 2.10.192": [[0, 20]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[23, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51576"}}
{"text": "Novel Boutique House-plus 3.5.1 - Arbitrary File Download", "spans": {"SYSTEM: Novel Boutique House-plus 3.5.1": [[0, 31]], "VULNERABILITY: Arbitrary File Download": [[34, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49724"}}
{"text": "OpenAM 13.0 - LDAP Injection", "spans": {"SYSTEM: OpenAM 13.0": [[0, 11]], "VULNERABILITY: LDAP Injection": [[14, 28]]}, "info": {"source": "exploitdb", "exploit_id": "50480"}}
{"text": "Oracle Hospitality RES 3700 5.7 - Remote Code Execution", "spans": {"SYSTEM: Oracle Hospitality RES 3700 5.7": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48477"}}
{"text": "Oracle Weblogic 10.3.6.0.0 - Remote Command Execution", "spans": {"SYSTEM: Oracle Weblogic 10.3.6.0.0": [[0, 26]], "VULNERABILITY: Remote Command Execution": [[29, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47895"}}
{"text": "Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)", "spans": {"SYSTEM: Oracle WebLogic Server 12.2.1.0": [[0, 31]], "VULNERABILITY: RCE": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49479"}}
{"text": "Oracle WebLogic Server 12.2.1.4.0 - Remote Code Execution", "spans": {"SYSTEM: Oracle WebLogic Server 12.2.1.4.0": [[0, 33]], "VULNERABILITY: Remote Code Execution": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48320"}}
{"text": "Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)", "spans": {"SYSTEM: Oracle WebLogic Server 14.1.1.0": [[0, 31]], "VULNERABILITY: RCE": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49461"}}
{"text": "Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)", "spans": {"SYSTEM: Scopia XT Desktop 8.3.915.4": [[0, 27]], "VULNERABILITY: Cross-Site Request Forgery": [[30, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48798"}}
{"text": "Shopizer 2.16.0 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Shopizer 2.16.0": [[0, 15]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[29, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49901"}}
{"text": "Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Sonatype Nexus 3.21.1": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49385"}}
{"text": "Spring Boot common-user-management 0.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Spring Boot common-user-management 0.1": [[0, 38]], "VULNERABILITY: Remote Code Execution (RCE)": [[41, 68]]}, "info": {"source": "exploitdb", "exploit_id": "52206"}}
{"text": "Spring Cloud 3.2.2 - Remote Command Execution (RCE)", "spans": {"SYSTEM: Spring Cloud 3.2.2": [[0, 18]], "VULNERABILITY: Remote Command Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51577"}}
{"text": "Spring Cloud Gateway 3.1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Spring Cloud Gateway 3.1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50799"}}
{"text": "Sysaid 20.1.11 b26 - Remote Command Execution", "spans": {"SYSTEM: Sysaid 20.1.11 b26": [[0, 18]], "VULNERABILITY: Remote Command Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48188"}}
{"text": "Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape", "spans": {"SYSTEM: Tomcat proprietaryEvaluate 9.0.0.M1": [[0, 35]], "VULNERABILITY: Sandbox Escape": [[38, 52]]}, "info": {"source": "exploitdb", "exploit_id": "47892"}}
{"text": "TylerTech Eagle 2018.3.11 - Remote Code Execution", "spans": {"SYSTEM: TylerTech Eagle 2018.3.11": [[0, 25]], "VULNERABILITY: Remote Code Execution": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48462"}}
{"text": "VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution", "spans": {"SYSTEM: VMWAre vCloud Director 9.7.0.15498291": [[0, 37]], "VULNERABILITY: Remote Code Execution": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48549"}}
{"text": "WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure", "spans": {"SYSTEM: WatchGuard Fireware AD Helper Component 5.8.5.10317": [[0, 51]], "VULNERABILITY: Credential Disclosure": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48203"}}
{"text": "WebLogic Server 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 - Unauthenticated RCE via GET request", "spans": {"SYSTEM: WebLogic Server 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0": [[0, 78]], "VULNERABILITY: RCE": [[97, 100]]}, "info": {"source": "exploitdb", "exploit_id": "48971"}}
{"text": "WSO2 3.1.0 - Arbitrary File Delete", "spans": {"SYSTEM: WSO2 3.1.0": [[0, 10]], "VULNERABILITY: Arbitrary File Delete": [[13, 34]]}, "info": {"source": "exploitdb", "exploit_id": "48313"}}
{"text": "WSO2 3.1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WSO2 3.1.0": [[0, 10]], "VULNERABILITY: Persistent Cross-Site Scripting": [[13, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48319"}}
{"text": "Zoho ManageEngine ServiceDesk Plus MSP 9.4 - User Enumeration", "spans": {"SYSTEM: Zoho ManageEngine ServiceDesk Plus MSP 9.4": [[0, 42]], "VULNERABILITY: User Enumeration": [[45, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50027"}}
{"text": "AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)", "spans": {"SYSTEM: AVideo Platform 8.1": [[0, 19]], "VULNERABILITY: Cross Site Request Forgery": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48003"}}
{"text": "AVideo Platform 8.1 - Information Disclosure (User Enumeration)", "spans": {"SYSTEM: AVideo Platform 8.1": [[0, 19]], "VULNERABILITY: Information Disclosure": [[22, 44]]}, "info": {"source": "exploitdb", "exploit_id": "47997"}}
{"text": "EasyPMS 1.0.0 - Authentication Bypass", "spans": {"SYSTEM: EasyPMS 1.0.0": [[0, 13]], "VULNERABILITY: Authentication Bypass": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48858"}}
{"text": "NSClient++ 0.5.2.35 - Authenticated Remote Code Execution", "spans": {"SYSTEM: NSClient++ 0.5.2.35": [[0, 19]], "VULNERABILITY: Authenticated Remote Code Execution": [[22, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48360"}}
{"text": "openMAINT 1.1-2.4.2 - Arbitrary File Upload", "spans": {"SYSTEM: openMAINT 1.1-2.4.2": [[0, 19]], "VULNERABILITY: Arbitrary File Upload": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48866"}}
{"text": "Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information", "spans": {"SYSTEM: Swagger UI 4.1.3": [[0, 16]], "VULNERABILITY: User Interface (UI) Misrepresentation of Critical Information": [[19, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51379"}}
{"text": "Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure (PoC)", "spans": {"SYSTEM: Verodin Director Web Console 3.5.4.0": [[0, 36]], "VULNERABILITY: Password Disclosure": [[60, 79]]}, "info": {"source": "exploitdb", "exploit_id": "48002"}}
{"text": "BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE", "spans": {"SYSTEM: BMC Compuware iStrobe Web": [[0, 25]], "VULNERABILITY: RCE": [[45, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51991"}}
{"text": "Desktop Central 9.1.0 - Multiple Vulnerabilities", "spans": {"SYSTEM: Desktop Central 9.1.0": [[0, 21]], "VULNERABILITY: Multiple Vulnerabilities": [[24, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51082"}}
{"text": "dizqueTV 1.5.3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: dizqueTV 1.5.3": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52079"}}
{"text": "Openfire 4.6.0 - 'groupchatJID' Stored XSS", "spans": {"SYSTEM: Openfire 4.6.0": [[0, 14]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49233"}}
{"text": "Openfire 4.6.0 - 'path' Stored XSS", "spans": {"SYSTEM: Openfire 4.6.0": [[0, 14]], "VULNERABILITY: XSS": [[31, 34]]}, "info": {"source": "exploitdb", "exploit_id": "49229"}}
{"text": "Openfire 4.6.0 - 'sql' Stored XSS", "spans": {"SYSTEM: Openfire 4.6.0": [[0, 14]], "VULNERABILITY: XSS": [[30, 33]]}, "info": {"source": "exploitdb", "exploit_id": "49235"}}
{"text": "Openfire 4.6.0 - 'users' Stored XSS", "spans": {"SYSTEM: Openfire 4.6.0": [[0, 14]], "VULNERABILITY: XSS": [[32, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49234"}}
{"text": "Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Pentaho BA Server EE 9.3.0.0-428": [[0, 32]], "VULNERABILITY: Remote Code Execution (RCE)": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51350"}}
{"text": "STARFACE 7.3.0.10 - Authentication with Password Hash Possible", "spans": {"SYSTEM: STARFACE 7.3.0.10": [[0, 17]], "VULNERABILITY: Authentication with Password Hash Possible": [[20, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51503"}}
{"text": "ZKTeco ZEM/ZMM 8.88 - Missing Authentication", "spans": {"SYSTEM: ZKTeco ZEM/ZMM 8.88": [[0, 19]], "VULNERABILITY: Missing Authentication": [[22, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51112"}}
{"text": "BearFTP 0.1.0 - 'PASV' Denial of Service", "spans": {"SYSTEM: BearFTP 0.1.0": [[0, 13]], "VULNERABILITY: Denial of Service": [[23, 40]]}, "info": {"source": "exploitdb", "exploit_id": "47987"}}
{"text": "dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service (PoC)", "spans": {"SYSTEM: dnsmasq-utils 2.79-1": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[38, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48301"}}
{"text": "Go SSH servers 0.0.2 - Denial of Service (PoC)", "spans": {"SYSTEM: Go SSH servers 0.0.2": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48121"}}
{"text": "Grafana 7.0.1 - Denial of Service (PoC)", "spans": {"SYSTEM: Grafana 7.0.1": [[0, 13]], "VULNERABILITY: Denial of Service (PoC)": [[16, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48638"}}
{"text": "libupnp 1.6.18 - Stack-based buffer overflow (DoS)", "spans": {"SYSTEM: libupnp 1.6.18": [[0, 14]], "VULNERABILITY: Stack-based buffer overflow": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49119"}}
{"text": "Redir 3.3 - Denial of Service (PoC)", "spans": {"SYSTEM: Redir 3.3": [[0, 9]], "VULNERABILITY: Denial of Service (PoC)": [[12, 35]]}, "info": {"source": "exploitdb", "exploit_id": "47919"}}
{"text": "Sudo 1.8.25p - 'pwfeedback' Buffer Overflow (PoC)", "spans": {"SYSTEM: Sudo 1.8.25p": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[28, 43]]}, "info": {"source": "exploitdb", "exploit_id": "47995"}}
{"text": "usersctp - Out-of-Bounds Reads in sctp_load_addresses_from_init", "spans": {"SYSTEM: usersctp": [[0, 8]], "VULNERABILITY: Out-of-Bounds Read": [[11, 29]]}, "info": {"source": "exploitdb", "exploit_id": "48034"}}
{"text": "VIM 8.2 - Denial of Service (PoC)", "spans": {"SYSTEM: VIM 8.2": [[0, 7]], "VULNERABILITY: Denial of Service (PoC)": [[10, 33]]}, "info": {"source": "exploitdb", "exploit_id": "48008"}}
{"text": "(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]", "spans": {"SYSTEM: (shellcode) Linux-x64": [[0, 21]], "VULNERABILITY: create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]": [[24, 101]]}, "info": {"source": "exploitdb", "exploit_id": "51834"}}
{"text": "Apport 2.20 - Local Privilege Escalation", "spans": {"SYSTEM: Apport 2.20": [[0, 11]], "VULNERABILITY: Local Privilege Escalation": [[14, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49572"}}
{"text": "aptdaemon < 1.1.1 - File Existence Disclosure", "spans": {"SYSTEM: aptdaemon < 1.1.1": [[0, 17]], "VULNERABILITY: File Existence Disclosure": [[20, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48962"}}
{"text": "binutils 2.37 - Objdump Segmentation Fault", "spans": {"SYSTEM: binutils 2.37": [[0, 13]], "VULNERABILITY: Objdump Segmentation Fault": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50858"}}
{"text": "Blueman < 2.1.4 - Local Privilege Escalation", "spans": {"SYSTEM: Blueman < 2.1.4": [[0, 15]], "VULNERABILITY: Local Privilege Escalation": [[18, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48963"}}
{"text": "Dell Security Management Server <1.9.0 - Local Privilege Escalation", "spans": {"SYSTEM: Dell Security Management Server <1.9.0": [[0, 38]], "VULNERABILITY: Local Privilege Escalation": [[41, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51934"}}
{"text": "Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Diamorphine Rootkit": [[0, 19]], "VULNERABILITY: Privilege Escalation": [[29, 49]], "TOOL: Metasploit": [[51, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48131"}}
{"text": "Enlightenment v0.25.3 - Privilege escalation", "spans": {"SYSTEM: Enlightenment v0.25.3": [[0, 21]], "VULNERABILITY: Privilege escalation": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51180"}}
{"text": "ExifTool 12.23 - Arbitrary Code Execution", "spans": {"SYSTEM: ExifTool 12.23": [[0, 14]], "VULNERABILITY: Arbitrary Code Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50911"}}
{"text": "glibc 2.38 - Buffer Overflow", "spans": {"SYSTEM: glibc 2.38": [[0, 10]], "VULNERABILITY: Buffer Overflow": [[13, 28]]}, "info": {"source": "exploitdb", "exploit_id": "52479"}}
{"text": "Gnome Fonts Viewer 3.34.0 - Heap Corruption", "spans": {"SYSTEM: Gnome Fonts Viewer 3.34.0": [[0, 25]], "VULNERABILITY: Heap Corruption": [[28, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48803"}}
{"text": "GNU screen v4.9.0 - Privilege Escalation", "spans": {"SYSTEM: GNU screen v4.9.0": [[0, 17]], "VULNERABILITY: Privilege Escalation": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51252"}}
{"text": "Google Chrome  109.0.5414.74 - Code Execution via missing lib file (Ubuntu)", "spans": {"SYSTEM: Google Chrome  109.0.5414.74": [[0, 28]], "VULNERABILITY: Code Execution via missing lib file": [[31, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51331"}}
{"text": "Google SLO-Generator 2.0.0 - Code Execution", "spans": {"SYSTEM: Google SLO-Generator 2.0.0": [[0, 26]], "VULNERABILITY: Code Execution": [[29, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50385"}}
{"text": "libbabl 0.1.62 - Broken Double Free Detection (PoC)", "spans": {"SYSTEM: libbabl 0.1.62": [[0, 14]], "VULNERABILITY: Double Free": [[24, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49259"}}
{"text": "Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation", "spans": {"SYSTEM: Linux Kernel 2.6.19 < 5.9": [[0, 25]], "VULNERABILITY: Local Privilege Escalation": [[39, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50135"}}
{"text": "Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)", "spans": {"SYSTEM: Linux Kernel 5.1.x": [[0, 18]], "VULNERABILITY: Local Privilege Escalation": [[45, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50541"}}
{"text": "Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe)", "spans": {"SYSTEM: Linux Kernel 5.8 < 5.16.11": [[0, 26]], "VULNERABILITY: Local Privilege Escalation": [[29, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50808"}}
{"text": "Linux Kernel 6.2 -  Userspace Processes To Enable Mitigation", "spans": {"SYSTEM: Linux Kernel 6.2": [[0, 16]], "VULNERABILITY: Userspace Processes To Enable Mitigation": [[20, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51384"}}
{"text": "Linux PAM Environment - Variable Injection Local Privilege Escalation", "spans": {"SYSTEM: Linux PAM Environment": [[0, 21]], "VULNERABILITY: Local Privilege Escalation": [[43, 69]]}, "info": {"source": "exploitdb", "exploit_id": "52386"}}
{"text": "MariaDB 10.2 - 'wsrep_provider' OS Command Execution", "spans": {"SYSTEM: MariaDB 10.2": [[0, 12]], "VULNERABILITY: OS Command Execution": [[32, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49765"}}
{"text": "Mini-XML 3.2 - Heap Overflow", "spans": {"SYSTEM: Mini-XML 3.2": [[0, 12]], "VULNERABILITY: Heap Overflow": [[15, 28]]}, "info": {"source": "exploitdb", "exploit_id": "50465"}}
{"text": "MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)", "spans": {"SYSTEM: MySQL User-Defined (Linux) x32 / x86_64": [[0, 39]], "VULNERABILITY: Local Privilege Escalation": [[53, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50236"}}
{"text": "NVIDIA Container Toolkit 1.16.1 - Time-of-check Time-of-Use (TOCTOU)", "spans": {"SYSTEM: NVIDIA Container Toolkit 1.16.1": [[0, 31]], "VULNERABILITY: Time-of-check Time-of-Use": [[34, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52095"}}
{"text": "OpenSMTPD - OOB Read Local Privilege Escalation (Metasploit)", "spans": {"SYSTEM: OpenSMTPD": [[0, 9]], "VULNERABILITY: Local Privilege Escalation": [[21, 47]], "TOOL: Metasploit": [[49, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48185"}}
{"text": "PackageKit < 1.1.13 - File Existence Disclosure", "spans": {"SYSTEM: PackageKit < 1.1.13": [[0, 19]], "VULNERABILITY: File Existence Disclosure": [[22, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48961"}}
{"text": "PolicyKit-1 0.105-31 - Privilege Escalation", "spans": {"SYSTEM: PolicyKit-1 0.105-31": [[0, 20]], "VULNERABILITY: Privilege Escalation": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50689"}}
{"text": "Polkit 0.105-26 0.117-2 - Local Privilege Escalation", "spans": {"SYSTEM: Polkit 0.105-26 0.117-2": [[0, 23]], "VULNERABILITY: Local Privilege Escalation": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50011"}}
{"text": "Reliable Datagram Sockets (RDS) - rds_atomic_free_op NULL pointer dereference Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Reliable Datagram Sockets (RDS)": [[0, 31]], "VULNERABILITY: Privilege Escalation": [[78, 98]], "TOOL: Metasploit": [[100, 110]]}, "info": {"source": "exploitdb", "exploit_id": "47957"}}
{"text": "Socat 1.7.3.4 - Heap-Based Overflow (PoC)", "spans": {"SYSTEM: Socat 1.7.3.4": [[0, 13]], "VULNERABILITY: Heap-Based Overflow": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "47999"}}
{"text": "sudo 1.8.0 to 1.9.12p1 - Privilege Escalation", "spans": {"SYSTEM: sudo 1.8.0 to 1.9.12p1": [[0, 22]], "VULNERABILITY: Privilege Escalation": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51217"}}
{"text": "Sudo 1.8.25p - 'pwfeedback' Buffer Overflow", "spans": {"SYSTEM: Sudo 1.8.25p": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[28, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48052"}}
{"text": "Sudo 1.9.17 Host Option - Elevation of Privilege", "spans": {"SYSTEM: Sudo 1.9.17 Host Option": [[0, 23]], "VULNERABILITY: Elevation of Privilege": [[26, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52354"}}
{"text": "Sudo chroot 1.9.17 - Local Privilege Escalation", "spans": {"SYSTEM: Sudo chroot 1.9.17": [[0, 18]], "VULNERABILITY: Local Privilege Escalation": [[21, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52352"}}
{"text": "tar-fs 3.0.0 - Arbitrary File Write/Overwrite", "spans": {"SYSTEM: tar-fs 3.0.0": [[0, 12]], "VULNERABILITY: Arbitrary File Write": [[15, 35]]}, "info": {"source": "exploitdb", "exploit_id": "52268"}}
{"text": "xglance-bin 11.00 - Privilege Escalation", "spans": {"SYSTEM: xglance-bin 11.00": [[0, 17]], "VULNERABILITY: Privilege Escalation": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48000"}}
{"text": "Airspan AirSpot 5410 version 0.3.4.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Airspan AirSpot 5410 version 0.3.4.1": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51011"}}
{"text": "AnyDesk 5.5.2 - Remote Code Execution", "spans": {"SYSTEM: AnyDesk 5.5.2": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49613"}}
{"text": "Apache CouchDB 3.2.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Apache CouchDB 3.2.1": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50914"}}
{"text": "Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit)", "spans": {"SYSTEM: Apache James Server 2.3.2": [[0, 25]], "VULNERABILITY: Arbitrary File Write": [[51, 71]], "TOOL: Metasploit": [[73, 83]]}, "info": {"source": "exploitdb", "exploit_id": "48130"}}
{"text": "Apache James Server 2.3.2 - Remote Command Execution (RCE) (Authenticated) (2)", "spans": {"SYSTEM: Apache James Server 2.3.2": [[0, 25]], "VULNERABILITY: Remote Command Execution": [[28, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50347"}}
{"text": "Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution", "spans": {"SYSTEM: Aruba ClearPass Policy Manager 6.7.0": [[0, 36]], "VULNERABILITY: Remote Command Execution": [[55, 79]]}, "info": {"source": "exploitdb", "exploit_id": "48661"}}
{"text": "ASTPP VoIP 4.0.1 - Remote Code Execution", "spans": {"SYSTEM: ASTPP VoIP 4.0.1": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "47889"}}
{"text": "Barco WePresent - file_transfer.cgi Command Injection (Metasploit)", "spans": {"SYSTEM: Barco WePresent": [[0, 15]], "VULNERABILITY: Command Injection": [[36, 53]], "TOOL: Metasploit": [[55, 65]]}, "info": {"source": "exploitdb", "exploit_id": "47924"}}
{"text": "crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow", "spans": {"SYSTEM: crossfire-server 1.9.0": [[0, 22]], "VULNERABILITY: Remote Buffer Overflow": [[35, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50216"}}
{"text": "CTROMS Terminal OS Port Portal - 'Password Reset' Authentication Bypass (Metasploit)", "spans": {"SYSTEM: CTROMS Terminal OS Port Portal": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[50, 71]], "TOOL: Metasploit": [[73, 83]]}, "info": {"source": "exploitdb", "exploit_id": "48196"}}
{"text": "Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)", "spans": {"SYSTEM: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580": [[0, 62]], "VULNERABILITY: Local File Inclusion": [[65, 85]]}, "info": {"source": "exploitdb", "exploit_id": "50861"}}
{"text": "GNU gdbserver 9.2 - Remote Command Execution (RCE)", "spans": {"SYSTEM: GNU gdbserver 9.2": [[0, 17]], "VULNERABILITY: Remote Command Execution": [[20, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50539"}}
{"text": "GNU Wget < 1.18 - Arbitrary File Upload (2)", "spans": {"SYSTEM: GNU Wget < 1.18": [[0, 15]], "VULNERABILITY: Arbitrary File Upload": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49815"}}
{"text": "HD-Network Real-time Monitoring System 2.0 - Local File Inclusion (LFI)", "spans": {"SYSTEM: HD-Network Real-time Monitoring System 2.0": [[0, 42]], "VULNERABILITY: Local File Inclusion": [[45, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50588"}}
{"text": "LBT-T300-mini1 - Remote Buffer Overflow", "spans": {"SYSTEM: LBT-T300-mini1": [[0, 14]], "VULNERABILITY: Remote Buffer Overflow": [[17, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51922"}}
{"text": "Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution", "spans": {"SYSTEM: Linux Kernel 5.4": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49754"}}
{"text": "Mitel mitel-cs018 - Call Data Information Disclosure", "spans": {"SYSTEM: Mitel mitel-cs018": [[0, 17]], "VULNERABILITY: Information Disclosure": [[30, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49176"}}
{"text": "Multiple DrayTek Products - Pre-authentication Remote Root Code Execution", "spans": {"SYSTEM: Multiple DrayTek Products": [[0, 25]], "VULNERABILITY: Pre-authentication Remote Root Code Execution": [[28, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48268"}}
{"text": "Nagios XI - Authenticated Remote Command Execution (Metasploit)", "spans": {"SYSTEM: Nagios XI": [[0, 9]], "VULNERABILITY: Remote Command Execution": [[26, 50]], "TOOL: Metasploit": [[52, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48191"}}
{"text": "netkit-telnet-0.17 telnetd (Fedora 31) - 'BraveStarr' Remote Code Execution", "spans": {"SYSTEM: netkit-telnet-0.17 telnetd (Fedora 31)": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48170"}}
{"text": "Nexus Repository Manager - Java EL Injection RCE (Metasploit)", "spans": {"SYSTEM: Nexus Repository Manager": [[0, 24]], "VULNERABILITY: RCE": [[45, 48]], "TOOL: Metasploit": [[50, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48343"}}
{"text": "OneTrust SDK 6.33.0 - Denial Of Service (DoS)", "spans": {"SYSTEM: OneTrust SDK 6.33.0": [[0, 19]], "VULNERABILITY: Denial Of Service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52340"}}
{"text": "OpenSMTPD - MAIL FROM Remote Code Execution (Metasploit)", "spans": {"SYSTEM: OpenSMTPD": [[0, 9]], "VULNERABILITY: Remote Code Execution": [[22, 43]], "TOOL: Metasploit": [[45, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48038"}}
{"text": "OpenSMTPD 6.6.1 - Remote Code Execution", "spans": {"SYSTEM: OpenSMTPD 6.6.1": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "47984"}}
{"text": "OpenSMTPD 6.6.3 - Arbitrary File Read", "spans": {"SYSTEM: OpenSMTPD 6.6.3": [[0, 15]], "VULNERABILITY: Arbitrary File Read": [[18, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48139"}}
{"text": "OpenSSH server (sshd) 9.8p1 - Race Condition", "spans": {"SYSTEM: OpenSSH server (sshd) 9.8p1": [[0, 27]], "VULNERABILITY: Race Condition": [[30, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52269"}}
{"text": "Pachev FTP Server 1.0 - Path Traversal", "spans": {"SYSTEM: Pachev FTP Server 1.0": [[0, 21]], "VULNERABILITY: Path Traversal": [[24, 38]]}, "info": {"source": "exploitdb", "exploit_id": "47956"}}
{"text": "Pandora FMS - Ping Authenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Pandora FMS": [[0, 11]], "VULNERABILITY: Authenticated Remote Code Execution": [[19, 54]], "TOOL: Metasploit": [[56, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48334"}}
{"text": "ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution (2)", "spans": {"SYSTEM: ProFTPd 1.3.5": [[0, 13]], "VULNERABILITY: Remote Command Execution": [[27, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49908"}}
{"text": "Proxmox VE - TOTP Brute Force", "spans": {"SYSTEM: Proxmox VE": [[0, 10]], "VULNERABILITY: TOTP Brute Force": [[13, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51763"}}
{"text": "Raspberry Pi 5.10 - Default Credentials", "spans": {"SYSTEM: Raspberry Pi 5.10": [[0, 17]], "VULNERABILITY: Default Credentials": [[20, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50576"}}
{"text": "Rconfig 3.x - Chained Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Rconfig 3.x": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[22, 43]], "TOOL: Metasploit": [[45, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48223"}}
{"text": "Redis - Replication Code Execution (Metasploit)", "spans": {"SYSTEM: Redis": [[0, 5]], "VULNERABILITY: Replication Code Execution": [[8, 34]], "TOOL: Metasploit": [[36, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48272"}}
{"text": "ThinkPHP - Multiple PHP Injection RCEs (Metasploit)", "spans": {"SYSTEM: ThinkPHP": [[0, 8]], "VULNERABILITY: RCE": [[34, 37]], "TOOL: Metasploit": [[40, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48333"}}
{"text": "uftpd 2.10 - Directory Traversal (Authenticated)", "spans": {"SYSTEM: uftpd 2.10": [[0, 10]], "VULNERABILITY: Directory Traversal": [[13, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51000"}}
{"text": "Unraid 6.8.0 - Auth Bypass PHP Code Execution (Metasploit)", "spans": {"SYSTEM: Unraid 6.8.0": [[0, 12]], "VULNERABILITY: Auth Bypass PHP Code Execution": [[15, 45]], "TOOL: Metasploit": [[47, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48353"}}
{"text": "vCloud Director 9.7.0.15498291 - Remote Code Execution", "spans": {"SYSTEM: vCloud Director 9.7.0.15498291": [[0, 30]], "VULNERABILITY: Remote Code Execution": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48540"}}
{"text": "aaPanel 6.8.21 - Directory Traversal (Authenticated)", "spans": {"SYSTEM: aaPanel 6.8.21": [[0, 14]], "VULNERABILITY: Directory Traversal": [[17, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50780"}}
{"text": "ASTPP 4.0.1 VoIP Billing - Database Backup Download", "spans": {"SYSTEM: ASTPP 4.0.1 VoIP Billing": [[0, 24]], "VULNERABILITY: Database Backup Download": [[27, 51]]}, "info": {"source": "exploitdb", "exploit_id": "47900"}}
{"text": "Aurba 501 - Authenticated RCE", "spans": {"SYSTEM: Aurba 501": [[0, 9]], "VULNERABILITY: RCE": [[26, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52074"}}
{"text": "BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI'  Remote Code Execution", "spans": {"SYSTEM: BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1": [[0, 104]], "VULNERABILITY: Remote Code Execution": [[149, 170]]}, "info": {"source": "exploitdb", "exploit_id": "48642"}}
{"text": "BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI'  Remote Code Execution (PoC)", "spans": {"SYSTEM: BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1": [[0, 104]], "VULNERABILITY: Remote Code Execution": [[149, 170]]}, "info": {"source": "exploitdb", "exploit_id": "48643"}}
{"text": "Boa Web Server v0.94.14 - Authentication Bypass", "spans": {"SYSTEM: Boa Web Server v0.94.14": [[0, 23]], "VULNERABILITY: Authentication Bypass": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51139"}}
{"text": "Cassandra Web 0.5.0 - Remote File Read", "spans": {"SYSTEM: Cassandra Web 0.5.0": [[0, 19]], "VULNERABILITY: Remote File Read": [[22, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49362"}}
{"text": "CentOS Web Panel 0.9.8.1081 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: CentOS Web Panel 0.9.8.1081": [[0, 27]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[30, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50200"}}
{"text": "Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: Centos Web Panel 7 v0.9.8.1147": [[0, 30]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[33, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51194"}}
{"text": "Centos WebPanel 7 - 'term' SQL Injection", "spans": {"SYSTEM: Centos WebPanel 7": [[0, 17]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48212"}}
{"text": "Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Cipi Control Panel 3.1.15": [[0, 25]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[28, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50788"}}
{"text": "F-Secure Internet Gatekeeper 5.40 - Heap Overflow (PoC)", "spans": {"SYSTEM: F-Secure Internet Gatekeeper 5.40": [[0, 33]], "VULNERABILITY: Heap Overflow": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47996"}}
{"text": "Mahara 19.10.2 CMS - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Mahara 19.10.2 CMS": [[0, 18]], "VULNERABILITY: Persistent Cross-Site Scripting": [[21, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48367"}}
{"text": "Metabase 0.46.6 - Pre-Auth Remote Code Execution", "spans": {"SYSTEM: Metabase 0.46.6": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51797"}}
{"text": "Nokia BMC Log Scanner - Remote Code Execution", "spans": {"SYSTEM: Nokia BMC Log Scanner": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51896"}}
{"text": "Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - 'getPreviewImage' Directory Traversal/Local File Inclusion", "spans": {"SYSTEM: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0": [[0, 83]], "VULNERABILITY: Directory Traversal": [[104, 123]]}, "info": {"source": "exploitdb", "exploit_id": "48964"}}
{"text": "Pi-hole 4.4.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Pi-hole 4.4.0": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48519"}}
{"text": "Pi-hole < 4.4 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Pi-hole < 4.4": [[0, 13]], "VULNERABILITY: Authenticated Remote Code Execution": [[16, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48442"}}
{"text": "Pi-hole < 4.4 - Authenticated Remote Code Execution / Privileges Escalation", "spans": {"SYSTEM: Pi-hole < 4.4": [[0, 13]], "VULNERABILITY: Authenticated Remote Code Execution": [[16, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48443"}}
{"text": "Raysync 3.3.3.8 - RCE", "spans": {"SYSTEM: Raysync 3.3.3.8": [[0, 15]], "VULNERABILITY: RCE": [[18, 21]]}, "info": {"source": "exploitdb", "exploit_id": "49265"}}
{"text": "Rocket.Chat 3.12.1 - NoSQL Injection (Unauthenticated)", "spans": {"SYSTEM: Rocket.Chat 3.12.1": [[0, 18]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49960"}}
{"text": "Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated) (2)", "spans": {"SYSTEM: Rocket.Chat 3.12.1": [[0, 18]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50108"}}
{"text": "ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2)", "spans": {"SYSTEM: ScadaBR 1.0": [[0, 11]], "VULNERABILITY: Arbitrary File Upload": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49735"}}
{"text": "Selenium 3.141.59 - Remote Code Execution (Firefox/geckodriver)", "spans": {"SYSTEM: Selenium 3.141.59": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49915"}}
{"text": "TerraMaster TOS 4.2.06 - RCE (Unauthenticated)", "spans": {"SYSTEM: TerraMaster TOS 4.2.06": [[0, 22]], "VULNERABILITY: RCE": [[25, 28]]}, "info": {"source": "exploitdb", "exploit_id": "49321"}}
{"text": "TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: TerraMaster TOS 4.2.06": [[0, 22]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[25, 62]], "TOOL: Metasploit": [[64, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49330"}}
{"text": "Usermin 1.820 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Usermin 1.820": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50234"}}
{"text": "Webmin 1.962 - 'Package Updates' Escape Bypass RCE (Metasploit)", "spans": {"SYSTEM: Webmin 1.962": [[0, 12]], "VULNERABILITY: RCE": [[47, 50]], "TOOL: Metasploit": [[52, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49318"}}
{"text": "Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Webmin 1.973": [[0, 12]], "VULNERABILITY: CSRF": [[53, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50144"}}
{"text": "Webmin 1.973 - 'save_user.cgi' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Webmin 1.973": [[0, 12]], "VULNERABILITY: CSRF": [[59, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50126"}}
{"text": "Webmin 1.984 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Webmin 1.984": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50809"}}
{"text": "Webmin 1.996 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Webmin 1.996": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50998"}}
{"text": "ZeroShell 3.9.0 - 'cgi-bin/kerbynet' Remote Root Command Injection (Metasploit)", "spans": {"SYSTEM: ZeroShell 3.9.0": [[0, 15]], "VULNERABILITY: Command Injection": [[49, 66]], "TOOL: Metasploit": [[68, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49096"}}
{"text": "ZeroShell 3.9.0 - Remote Command Execution", "spans": {"SYSTEM: ZeroShell 3.9.0": [[0, 15]], "VULNERABILITY: Remote Command Execution": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49862"}}
{"text": "Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated)", "spans": {"SYSTEM: Zoom Meeting Connector 4.6.239.20200613": [[0, 39]], "VULNERABILITY: Remote Root Exploit": [[42, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49360"}}
{"text": "D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi (Metasploit)", "spans": {"SYSTEM: D-Link Devices": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[33, 57]], "TOOL: Metasploit": [[70, 80]]}, "info": {"source": "exploitdb", "exploit_id": "48037"}}
{"text": "TP-Link Archer A7/C7 - Unauthenticated LAN Remote Code Execution (Metasploit)", "spans": {"SYSTEM: TP-Link Archer A7/C7": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[43, 64]], "TOOL: Metasploit": [[66, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48331"}}
{"text": "Palo Alto PAN-OS  < v11.1.2-h3  - Command Injection and Arbitrary File Creation", "spans": {"SYSTEM: Palo Alto PAN-OS  < v11.1.2-h3": [[0, 30]], "VULNERABILITY: Command Injection": [[34, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51996"}}
{"text": "Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Wing FTP Server 6.3.8": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48676"}}
{"text": "Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption (Denial of Service)", "spans": {"SYSTEM: Fetch Softworks Fetch FTP Client 5.8": [[0, 36]], "VULNERABILITY: Denial of Service": [[63, 80]]}, "info": {"source": "exploitdb", "exploit_id": "50696"}}
{"text": "Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)", "spans": {"SYSTEM: Google Chrome Browser 111.0.5563.64": [[0, 35]], "VULNERABILITY: AXPlatformNodeCocoa Fatal OOM/Crash": [[38, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51361"}}
{"text": "HospitalRun  1.0.0-beta - Local Root Exploit for macOS", "spans": {"SYSTEM: HospitalRun  1.0.0-beta": [[0, 23]], "VULNERABILITY: Local Root Exploit for macOS": [[26, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51310"}}
{"text": "Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)", "spans": {"SYSTEM: Laravel Valet 2.0.3": [[0, 19]], "VULNERABILITY: Local Privilege Escalation": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50591"}}
{"text": "MacOS 320.whatis Script - Privilege Escalation", "spans": {"SYSTEM: MacOS 320.whatis Script": [[0, 23]], "VULNERABILITY: Privilege Escalation": [[26, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48464"}}
{"text": "macOS LaunchDaemon iOS 17.2 - Privilege Escalation", "spans": {"SYSTEM: macOS LaunchDaemon iOS 17.2": [[0, 27]], "VULNERABILITY: Privilege Escalation": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52316"}}
{"text": "Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution", "spans": {"SYSTEM: Source Engine CS:GO BuildID: 4937372": [[0, 36]], "VULNERABILITY: Arbitrary Code Execution": [[39, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48387"}}
{"text": "VMWare Fusion - Local Privilege Escalation", "spans": {"SYSTEM: VMWare Fusion": [[0, 13]], "VULNERABILITY: Local Privilege Escalation": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48232"}}
{"text": "VMware Fusion - USB Arbitrator Setuid Privilege Escalation (Metasploit)", "spans": {"SYSTEM: VMware Fusion": [[0, 13]], "VULNERABILITY: Privilege Escalation": [[38, 58]], "TOOL: Metasploit": [[60, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48337"}}
{"text": "VMware Fusion 11.5.2 - Privilege Escalation", "spans": {"SYSTEM: VMware Fusion 11.5.2": [[0, 20]], "VULNERABILITY: Privilege Escalation": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48235"}}
{"text": "RoyalTSX 6.0.1 - RTSZ File Handling Heap Memory Corruption PoC", "spans": {"SYSTEM: RoyalTSX 6.0.1": [[0, 14]], "VULNERABILITY: Memory Corruption": [[41, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51764"}}
{"text": "Atlassian Jira Server Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Atlassian Jira Server Data Center 8.16.0": [[0, 40]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[43, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50068"}}
{"text": "Apache Tomcat 10.1 - Denial Of Service", "spans": {"SYSTEM: Apache Tomcat 10.1": [[0, 18]], "VULNERABILITY: Denial Of Service": [[21, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51262"}}
{"text": "BIND - 'TSIG' Denial of Service", "spans": {"SYSTEM: BIND": [[0, 4]], "VULNERABILITY: Denial of Service": [[14, 31]]}, "info": {"source": "exploitdb", "exploit_id": "48521"}}
{"text": "Elasticsearch - StackOverflow DoS", "spans": {"SYSTEM: Elasticsearch": [[0, 13]], "VULNERABILITY: StackOverflow DoS": [[16, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51787"}}
{"text": "glFTPd 2.11a - Remote Denial of Service", "spans": {"SYSTEM: glFTPd 2.11a": [[0, 12]], "VULNERABILITY: Denial of Service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49773"}}
{"text": "Hasura GraphQL 1.3.3 - Denial of Service", "spans": {"SYSTEM: Hasura GraphQL 1.3.3": [[0, 20]], "VULNERABILITY: Denial of Service": [[23, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49789"}}
{"text": "iOS/macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()", "spans": {"SYSTEM: iOS/macOS": [[0, 9]]}, "info": {"source": "exploitdb", "exploit_id": "48035"}}
{"text": "jQuery UI 1.12.1 - Denial of Service (DoS)", "spans": {"SYSTEM: jQuery UI 1.12.1": [[0, 16]], "VULNERABILITY: Denial of Service (DoS)": [[19, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49489"}}
{"text": "KeePass 2.44 - Denial of Service (PoC)", "spans": {"SYSTEM: KeePass 2.44": [[0, 12]], "VULNERABILITY: Denial of Service (PoC)": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "47952"}}
{"text": "macOS/iOS ImageIO - Heap Corruption when Processing Malformed TIFF Image", "spans": {"SYSTEM: macOS/iOS ImageIO": [[0, 17]], "VULNERABILITY: Heap Corruption when Processing Malformed TIFF Image": [[20, 72]]}, "info": {"source": "exploitdb", "exploit_id": "47970"}}
{"text": "Nxlog Community Edition 2.10.2150 - DoS (Poc)", "spans": {"SYSTEM: Nxlog Community Edition 2.10.2150": [[0, 33]], "VULNERABILITY: DoS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49283"}}
{"text": "OpenPLC WebServer 3 - Denial of Service", "spans": {"SYSTEM: OpenPLC WebServer 3": [[0, 19]], "VULNERABILITY: Denial of Service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51746"}}
{"text": "ProFTPD 1.3.7a - Remote Denial of Service", "spans": {"SYSTEM: ProFTPD 1.3.7a": [[0, 14]], "VULNERABILITY: Denial of Service": [[24, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49697"}}
{"text": "Pure-FTPd 1.0.48 - Remote Denial of Service", "spans": {"SYSTEM: Pure-FTPd 1.0.48": [[0, 16]], "VULNERABILITY: Denial of Service": [[26, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49105"}}
{"text": "Tautulli 2.1.9 - Denial of Service (Metasploit)", "spans": {"SYSTEM: Tautulli 2.1.9": [[0, 14]], "VULNERABILITY: Denial of Service": [[17, 34]], "TOOL: Metasploit": [[36, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47929"}}
{"text": "Wyrestorm Apollo VX20  < 1.3.58 - Incorrect Access Control 'DoS'", "spans": {"SYSTEM: Wyrestorm Apollo VX20  < 1.3.58": [[0, 31]], "VULNERABILITY: Incorrect Access Control 'DoS'": [[34, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51815"}}
{"text": "Xlight FTP 1.1 - Denial Of Service (DOS)", "spans": {"SYSTEM: Xlight FTP 1.1": [[0, 14]], "VULNERABILITY: Denial Of Service": [[17, 34]]}, "info": {"source": "exploitdb", "exploit_id": "52382"}}
{"text": "ABB Cylon Aspect 3.07.02 (userManagement.php) - Weak Password Policy", "spans": {"SYSTEM: ABB Cylon Aspect 3.07.02 (userManagement.php)": [[0, 45]], "VULNERABILITY: Weak Password Policy": [[48, 68]]}, "info": {"source": "exploitdb", "exploit_id": "52221"}}
{"text": "ABB Cylon Aspect 3.08.02 (bbmdUpdate.php) - Remote Code Execution", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (bbmdUpdate.php)": [[0, 41]], "VULNERABILITY: Remote Code Execution": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "52217"}}
{"text": "ABB Cylon Aspect 3.08.02 (licenseServerUpdate.php) - Stored Cross-Site Scripting", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (licenseServerUpdate.php)": [[0, 50]], "VULNERABILITY: Stored Cross-Site Scripting": [[53, 80]]}, "info": {"source": "exploitdb", "exploit_id": "52214"}}
{"text": "ABB Cylon Aspect 3.08.02 (licenseUpload.php) - Stored Cross-Site Scripting", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (licenseUpload.php)": [[0, 44]], "VULNERABILITY: Stored Cross-Site Scripting": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52215"}}
{"text": "ABB Cylon Aspect 3.08.02 (uploadDb.php) - Remote Code Execution", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (uploadDb.php)": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52216"}}
{"text": "ABB Cylon Aspect 3.08.02 - Cookie User Password Disclosure", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02": [[0, 24]], "VULNERABILITY: Password Disclosure": [[39, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52224"}}
{"text": "ABB Cylon Aspect 3.08.02 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02": [[0, 24]], "VULNERABILITY: CSRF": [[55, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52231"}}
{"text": "ABB Cylon Aspect 3.08.02 - PHP Session Fixation", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02": [[0, 24]], "VULNERABILITY: PHP Session Fixation": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52182"}}
{"text": "ABB Cylon Aspect 3.08.03 (CookieDB) - SQL Injection", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.03 (CookieDB)": [[0, 35]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52220"}}
{"text": "ABB Cylon FLXeon 9.3.4 - Cross-Site Request Forgery", "spans": {"SYSTEM: ABB Cylon FLXeon 9.3.4": [[0, 22]], "VULNERABILITY: Cross-Site Request Forgery": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52180"}}
{"text": "ABB Cylon FLXeon 9.3.4 - Default Credentials", "spans": {"SYSTEM: ABB Cylon FLXeon 9.3.4": [[0, 22]], "VULNERABILITY: Default Credentials": [[25, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52179"}}
{"text": "ABB Cylon FLXeon 9.3.4 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: ABB Cylon FLXeon 9.3.4": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52188"}}
{"text": "ABB Cylon FLXeon 9.3.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: ABB Cylon FLXeon 9.3.4": [[0, 22]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "52186"}}
{"text": "ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure", "spans": {"SYSTEM: ABB Cylon FLXeon 9.3.4": [[0, 22]], "VULNERABILITY: Information Disclosure": [[37, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52178"}}
{"text": "ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning", "spans": {"SYSTEM: ABB Cylon FLXeon 9.3.4": [[0, 22]], "VULNERABILITY: WebSocket Command Spawning": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52184"}}
{"text": "Cosy+ firmware 21.2s7 - Command Injection", "spans": {"SYSTEM: Cosy+ firmware 21.2s7": [[0, 21]], "VULNERABILITY: Command Injection": [[24, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52160"}}
{"text": "D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)", "spans": {"SYSTEM: D-Link DIR-825 Rev.B 2.10": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[34, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52469"}}
{"text": "Netman 204 - Remote command without authentication", "spans": {"SYSTEM: Netman 204": [[0, 10]], "VULNERABILITY: Remote command without authentication": [[13, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52183"}}
{"text": "TOTOLINK N300RB 8.54 - Command Execution", "spans": {"SYSTEM: TOTOLINK N300RB 8.54": [[0, 20]], "VULNERABILITY: Command Execution": [[23, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52363"}}
{"text": "ZTE ZXHN H168N 3.1 - Remote Code Execution (RCE) via authentication bypass", "spans": {"SYSTEM: ZTE ZXHN H168N 3.1": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52191"}}
{"text": "7-Zip 24.00 - Directory Traversal", "spans": {"SYSTEM: 7-Zip 24.00": [[0, 11]], "VULNERABILITY: Directory Traversal": [[14, 33]]}, "info": {"source": "exploitdb", "exploit_id": "52501"}}
{"text": "A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc", "spans": {"SYSTEM: A-PDF All to MP3 Converter 2.0.0": [[0, 32]], "VULNERABILITY: DEP Bypass via HeapCreate + HeapAlloc": [[35, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51849"}}
{"text": "ABB Cylon Aspect Studio 3.08.03 - Binary Planting", "spans": {"SYSTEM: ABB Cylon Aspect Studio 3.08.03": [[0, 31]], "VULNERABILITY: Binary Planting": [[34, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52306"}}
{"text": "Blink1Control2 2.2.7 - Weak Password Encryption", "spans": {"SYSTEM: Blink1Control2 2.2.7": [[0, 20]], "VULNERABILITY: Weak Password Encryption": [[23, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51014"}}
{"text": "Chromium 83 - Full CSP Bypass", "spans": {"SYSTEM: Chromium 83": [[0, 11]], "VULNERABILITY: Full CSP Bypass": [[14, 29]]}, "info": {"source": "exploitdb", "exploit_id": "49195"}}
{"text": "Codigo Markdown Editor v1.0.1 (Electron) - Remote Code Execution", "spans": {"SYSTEM: Codigo Markdown Editor v1.0.1 (Electron)": [[0, 40]], "VULNERABILITY: Remote Code Execution": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51432"}}
{"text": "Counter Strike: GO - '.bsp' Memory Control (PoC)", "spans": {"SYSTEM: Counter Strike: GO": [[0, 18]], "VULNERABILITY: Memory Control": [[28, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48187"}}
{"text": "Daikin Security Gateway  14 - Remote Password Reset", "spans": {"SYSTEM: Daikin Security Gateway  14": [[0, 27]], "VULNERABILITY: Remote Password Reset": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52278"}}
{"text": "Docker Desktop 4.44.3 - Unauthenticated  API Exposure", "spans": {"SYSTEM: Docker Desktop 4.44.3": [[0, 21]], "VULNERABILITY: Unauthenticated  API Exposure": [[24, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52472"}}
{"text": "Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution", "spans": {"SYSTEM: Gin Markdown Editor v0.7.4 (Electron)": [[0, 37]], "VULNERABILITY: Arbitrary Code Execution": [[40, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51469"}}
{"text": "ImageMagick 7.1.0-49 - Arbitrary File Read", "spans": {"SYSTEM: ImageMagick 7.1.0-49": [[0, 20]], "VULNERABILITY: Arbitrary File Read": [[23, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51261"}}
{"text": "is-localhost-ip 2.0.0 - SSRF", "spans": {"SYSTEM: is-localhost-ip 2.0.0": [[0, 21]], "VULNERABILITY: SSRF": [[24, 28]]}, "info": {"source": "exploitdb", "exploit_id": "52496"}}
{"text": "Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping", "spans": {"SYSTEM: Keeper Security desktop 16.10.2 & Browser Extension 16.5.4": [[0, 58]], "VULNERABILITY: Password Dumping": [[61, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51623"}}
{"text": "Lucee Scheduled Job v1.0 -  Command Execution", "spans": {"SYSTEM: Lucee Scheduled Job v1.0": [[0, 24]], "VULNERABILITY: Command Execution": [[28, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51333"}}
{"text": "Mbed TLS 3.6.4 - Use-After-Free", "spans": {"SYSTEM: Mbed TLS 3.6.4": [[0, 14]], "VULNERABILITY: Use-After-Free": [[17, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52427"}}
{"text": "Metasploit Framework 6.0.11 - msfvenom APK template command injection", "spans": {"SYSTEM: Metasploit Framework 6.0.11": [[0, 27]], "VULNERABILITY: msfvenom APK template command injection": [[30, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49491"}}
{"text": "Microsoft Defender for Endpoint (MDE) - Elevation of Privilege", "spans": {"SYSTEM: Microsoft Defender for Endpoint (MDE)": [[0, 37]], "VULNERABILITY: Elevation of Privilege": [[40, 62]]}, "info": {"source": "exploitdb", "exploit_id": "52355"}}
{"text": "Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing", "spans": {"SYSTEM: Microsoft Edge (Chromium-based) Webview2 1.0.1661.34": [[0, 52]], "VULNERABILITY: Spoofing": [[55, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51359"}}
{"text": "Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure", "spans": {"SYSTEM: Microsoft Edge 114.0.1823.67 (64-bit)": [[0, 37]], "VULNERABILITY: Information Disclosure": [[40, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51571"}}
{"text": "Microsoft VSCode Python Extension - Code Execution", "spans": {"SYSTEM: Microsoft VSCode Python Extension": [[0, 33]], "VULNERABILITY: Code Execution": [[36, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48231"}}
{"text": "NetBT e-Fatura - Privilege Escalation", "spans": {"SYSTEM: NetBT e-Fatura": [[0, 14]], "VULNERABILITY: Privilege Escalation": [[17, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52509"}}
{"text": "ollama 0.6.4 - Server Side Request Forgery (SSRF)", "spans": {"SYSTEM: ollama 0.6.4": [[0, 12]], "VULNERABILITY: Server Side Request Forgery": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52116"}}
{"text": "Parrot and DJI variants Drone OSes - Kernel Panic Exploit", "spans": {"SYSTEM: Parrot and DJI variants Drone OSes": [[0, 34]], "VULNERABILITY: Kernel Panic Exploit": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52329"}}
{"text": "PrusaSlicer 2.6.1 - Arbitrary code execution", "spans": {"SYSTEM: PrusaSlicer 2.6.1": [[0, 17]], "VULNERABILITY: Arbitrary code execution": [[20, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51983"}}
{"text": "qBittorrent 5.0.1 - MITM RCE", "spans": {"SYSTEM: qBittorrent 5.0.1": [[0, 17]], "VULNERABILITY: RCE": [[25, 28]]}, "info": {"source": "exploitdb", "exploit_id": "52190"}}
{"text": "RDPGuard 9.9.9 - Privilege Escalation", "spans": {"SYSTEM: RDPGuard 9.9.9": [[0, 14]], "VULNERABILITY: Privilege Escalation": [[17, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52289"}}
{"text": "SAP Lumira 1.31 - Stored Cross-Site Scripting", "spans": {"SYSTEM: SAP Lumira 1.31": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49108"}}
{"text": "sleuthkit 4.11.1 - Command Injection", "spans": {"SYSTEM: sleuthkit 4.11.1": [[0, 16]], "VULNERABILITY: Command Injection": [[19, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51225"}}
{"text": "SmartFoxServer 2X 2.17.0 - Credentials Disclosure", "spans": {"SYSTEM: SmartFoxServer 2X 2.17.0": [[0, 24]], "VULNERABILITY: Credentials Disclosure": [[27, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49527"}}
{"text": "SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution", "spans": {"SYSTEM: SmartFoxServer 2X 2.17.0": [[0, 24]], "VULNERABILITY: Remote Code Execution": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49526"}}
{"text": "Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)", "spans": {"SYSTEM: Sudo 1.9.5p1": [[0, 12]], "VULNERABILITY: Privilege Escalation": [[59, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49521"}}
{"text": "Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)", "spans": {"SYSTEM: Sudo 1.9.5p1": [[0, 12]], "VULNERABILITY: Privilege Escalation": [[59, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49522"}}
{"text": "Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption", "spans": {"SYSTEM: Tibco ObfuscationEngine 5.11": [[0, 28]], "VULNERABILITY: Fixed Key Password Decryption": [[31, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49221"}}
{"text": "TightVNC 2.8.83 - Control Pipe Manipulation", "spans": {"SYSTEM: TightVNC 2.8.83": [[0, 15]], "VULNERABILITY: Control Pipe Manipulation": [[18, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52322"}}
{"text": "TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow", "spans": {"SYSTEM: TP-Link VN020 F3v(T) TT_V6.2.1021)": [[0, 34]], "VULNERABILITY: Buffer Overflow": [[48, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52292"}}
{"text": "vm2 - sandbox escape", "spans": {"SYSTEM: vm2": [[0, 3]], "VULNERABILITY: sandbox escape": [[6, 20]]}, "info": {"source": "exploitdb", "exploit_id": "51898"}}
{"text": "Yank Note v3.52.1 (Electron) - Arbitrary Code Execution", "spans": {"SYSTEM: Yank Note v3.52.1 (Electron)": [[0, 28]], "VULNERABILITY: Arbitrary Code Execution": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51470"}}
{"text": "zlog 1.2.15 - Buffer Overflow", "spans": {"SYSTEM: zlog 1.2.15": [[0, 11]], "VULNERABILITY: Buffer Overflow": [[14, 29]]}, "info": {"source": "exploitdb", "exploit_id": "50504"}}
{"text": "ZTE ZXV10 H201L - RCE via authentication bypass", "spans": {"SYSTEM: ZTE ZXV10 H201L": [[0, 15]], "VULNERABILITY: RCE": [[18, 21]]}, "info": {"source": "exploitdb", "exploit_id": "52279"}}
{"text": "Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation", "spans": {"SYSTEM: Zyxel USG FLEX H series uOS 1.31": [[0, 32]], "VULNERABILITY: Privilege Escalation": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52293"}}
{"text": "ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.03": [[0, 24]], "VULNERABILITY: Privilege Escalation": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52305"}}
{"text": "ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.04 DeploySource": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "52317"}}
{"text": "Aerospike Database 5.1.0.3 - OS Command Execution", "spans": {"SYSTEM: Aerospike Database 5.1.0.3": [[0, 26]], "VULNERABILITY: OS Command Execution": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49067"}}
{"text": "Akka HTTP 10.1.14 - Denial of Service", "spans": {"SYSTEM: Akka HTTP 10.1.14": [[0, 17]], "VULNERABILITY: Denial of Service": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50892"}}
{"text": "Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Angular-Base64-Upload Library 0.1.20": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "52121"}}
{"text": "Apache ActiveMQ 6.1.6 - Denial of Service (DOS)", "spans": {"SYSTEM: Apache ActiveMQ 6.1.6": [[0, 21]], "VULNERABILITY: Denial of Service": [[24, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52288"}}
{"text": "Apache APISIX 2.12.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Apache APISIX 2.12.1": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50829"}}
{"text": "Apache Shiro 1.2.4 - Cookie RememberME Deserial RCE (Metasploit)", "spans": {"SYSTEM: Apache Shiro 1.2.4": [[0, 18]], "VULNERABILITY: RCE": [[48, 51]], "TOOL: Metasploit": [[53, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48410"}}
{"text": "Apache Solr - Remote Code Execution via Velocity Template (Metasploit)", "spans": {"SYSTEM: Apache Solr": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]], "TOOL: Metasploit": [[59, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48338"}}
{"text": "Apache Struts 2.5.20 - Double OGNL evaluation", "spans": {"SYSTEM: Apache Struts 2.5.20": [[0, 20]], "VULNERABILITY: Double OGNL evaluation": [[23, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49068"}}
{"text": "Apache Tomcat 10.1.39 - Denial of Service (DoS)", "spans": {"SYSTEM: Apache Tomcat 10.1.39": [[0, 21]], "VULNERABILITY: Denial of Service (DoS)": [[24, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52318"}}
{"text": "Asterisk AMI - Partial File Content & Path Disclosure (Authenticated)", "spans": {"SYSTEM: Asterisk AMI": [[0, 12]], "VULNERABILITY: Partial File Content & Path Disclosure": [[15, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51927"}}
{"text": "Automic Agent 24.3.0 HF4 - Privilege Escalation", "spans": {"SYSTEM: Automic Agent 24.3.0 HF4": [[0, 24]], "VULNERABILITY: Privilege Escalation": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52309"}}
{"text": "Azure Apache Ambari 2302250400 - Spoofing", "spans": {"SYSTEM: Azure Apache Ambari 2302250400": [[0, 30]], "VULNERABILITY: Spoofing": [[33, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51546"}}
{"text": "Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials", "spans": {"SYSTEM: Belkin F9K1009 F9K1010 2.00.04/2.00.09": [[0, 38]], "VULNERABILITY: Hard Coded Credentials": [[41, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52407"}}
{"text": "Broadcom Wi-Fi Devices - 'KR00K Information Disclosure", "spans": {"SYSTEM: Broadcom Wi-Fi Devices": [[0, 22]], "VULNERABILITY: Information Disclosure": [[32, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48233"}}
{"text": "Cisco ISE 3.0 - Authorization Bypass", "spans": {"SYSTEM: Cisco ISE 3.0": [[0, 13]], "VULNERABILITY: Authorization Bypass": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52397"}}
{"text": "Cisco ISE 3.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Cisco ISE 3.0": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52396"}}
{"text": "Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure", "spans": {"SYSTEM: Citrix NetScaler ADC/Gateway 14.1": [[0, 33]], "VULNERABILITY: Memory Disclosure": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52401"}}
{"text": "ClipBucket 5.5.0 - Arbitrary File Upload", "spans": {"SYSTEM: ClipBucket 5.5.0": [[0, 16]], "VULNERABILITY: Arbitrary File Upload": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52435"}}
{"text": "ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)", "spans": {"SYSTEM: ClipBucket 5.5.2 Build #90": [[0, 26]], "VULNERABILITY: Server-Side Request Forgery (SSRF)": [[29, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52434"}}
{"text": "ConnectWise Control 19.2.24707 - Username Enumeration", "spans": {"SYSTEM: ConnectWise Control 19.2.24707": [[0, 30]], "VULNERABILITY: Username Enumeration": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50618"}}
{"text": "CrushFTP 11.3.1 - Authentication Bypass", "spans": {"SYSTEM: CrushFTP 11.3.1": [[0, 15]], "VULNERABILITY: Authentication Bypass": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52295"}}
{"text": "CrushFTP < 11.1.0 - Directory Traversal", "spans": {"SYSTEM: CrushFTP < 11.1.0": [[0, 17]], "VULNERABILITY: Directory Traversal": [[20, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52012"}}
{"text": "CyberArk PSMP 10.9.1 - Policy Restriction Bypass", "spans": {"SYSTEM: CyberArk PSMP 10.9.1": [[0, 20]], "VULNERABILITY: Policy Restriction Bypass": [[23, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48239"}}
{"text": "Docker based datastores for IBM Instana 241-2 243-0 - No Authentication", "spans": {"SYSTEM: Docker based datastores for IBM Instana 241-2 243-0": [[0, 51]], "VULNERABILITY: No Authentication": [[54, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51314"}}
{"text": "Erlang Cookie - Remote Code Execution", "spans": {"SYSTEM: Erlang Cookie": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49418"}}
{"text": "Executables Created with perl2exe < V30.10C - Arbitrary Code Execution", "spans": {"SYSTEM: Executables Created with perl2exe < V30.10C": [[0, 43]], "VULNERABILITY: Arbitrary Code Execution": [[46, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51825"}}
{"text": "EyesOfNetwork - AutoDiscovery Target Command Execution (Metasploit)", "spans": {"SYSTEM: EyesOfNetwork": [[0, 13]], "VULNERABILITY: AutoDiscovery Target Command Execution": [[16, 54]], "TOOL: Metasploit": [[56, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48169"}}
{"text": "F5 BIG-IP 16.0.x - Remote Code Execution (RCE)", "spans": {"SYSTEM: F5 BIG-IP 16.0.x": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50932"}}
{"text": "Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution", "spans": {"SYSTEM: Firefox ESR 115.11": [[0, 18]], "VULNERABILITY: PDF.js Arbitrary JavaScript execution": [[21, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52273"}}
{"text": "Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)", "spans": {"SYSTEM: Flexense HTTP Server 10.6.24": [[0, 28]], "VULNERABILITY: Buffer Overflow": [[31, 46]], "TOOL: Metasploit": [[54, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51493"}}
{"text": "FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse", "spans": {"SYSTEM: FortiOS SSL-VPN 7.4.4": [[0, 21]], "VULNERABILITY: Insufficient Session Expiration & Cookie Reuse": [[24, 70]]}, "info": {"source": "exploitdb", "exploit_id": "52336"}}
{"text": "Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass", "spans": {"SYSTEM: Fortra GoAnywhere MFT 7.4.1": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52308"}}
{"text": "Freefloat FTP Server 1.0 - Remote Buffer Overflow", "spans": {"SYSTEM: Freefloat FTP Server 1.0": [[0, 24]], "VULNERABILITY: Remote Buffer Overflow": [[27, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52323"}}
{"text": "GestioIP 3.5.7 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: GestioIP 3.5.7": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52200"}}
{"text": "GestioIP 3.5.7 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: GestioIP 3.5.7": [[0, 14]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[17, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52203"}}
{"text": "GestioIP 3.5.7 - Reflected Cross-Site Scripting (Reflected XSS)", "spans": {"SYSTEM: GestioIP 3.5.7": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting": [[17, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52202"}}
{"text": "GestioIP 3.5.7 - Remote Command Execution (RCE)", "spans": {"SYSTEM: GestioIP 3.5.7": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52204"}}
{"text": "GestioIP 3.5.7 - Stored Cross-Site Scripting (Stored XSS)", "spans": {"SYSTEM: GestioIP 3.5.7": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52201"}}
{"text": "gogs 0.13.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: gogs 0.13.0": [[0, 11]], "VULNERABILITY: Remote Code Execution (RCE)": [[14, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52348"}}
{"text": "Google Chrome 67_ 68 and 69 - Object.create Type Confusion (Metasploit)", "spans": {"SYSTEM: Google Chrome 67_ 68 and 69": [[0, 27]], "VULNERABILITY: Type Confusion": [[44, 58]], "TOOL: Metasploit": [[60, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48184"}}
{"text": "Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)", "spans": {"SYSTEM: Google Chrome 72 and 73": [[0, 23]], "VULNERABILITY: Out-of-Bounds Write": [[36, 55]], "TOOL: Metasploit": [[57, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48183"}}
{"text": "Google Chrome 78.0.3904.70 - Remote Code Execution", "spans": {"SYSTEM: Google Chrome 78.0.3904.70": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50917"}}
{"text": "Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)", "spans": {"SYSTEM: Google Chrome 80": [[0, 16]], "VULNERABILITY: Type Confusion": [[40, 54]], "TOOL: Metasploit": [[56, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48186"}}
{"text": "Google Chrome 81.0.4044 V8 - Remote Code Execution", "spans": {"SYSTEM: Google Chrome 81.0.4044 V8": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49746"}}
{"text": "Google Chrome 86.0.4240 V8 - Remote Code Execution", "spans": {"SYSTEM: Google Chrome 86.0.4240 V8": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49745"}}
{"text": "Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow", "spans": {"SYSTEM: Grandstream GSD3710 1.0.11.13": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52303"}}
{"text": "Grandstream GSD3710 1.0.11.13 - Stack Overflow", "spans": {"SYSTEM: Grandstream GSD3710 1.0.11.13": [[0, 29]], "VULNERABILITY: Stack Overflow": [[32, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52313"}}
{"text": "Hashicorp Consul v1.0 - Remote Command Execution (RCE)", "spans": {"SYSTEM: Hashicorp Consul v1.0": [[0, 21]], "VULNERABILITY: Remote Command Execution": [[24, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51117"}}
{"text": "HFS Http File Server 2.3m Build 300 - Buffer Overflow (PoC)", "spans": {"SYSTEM: HFS Http File Server 2.3m Build 300": [[0, 35]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48569"}}
{"text": "HP LinuxKI 6.01 - Remote Command Injection", "spans": {"SYSTEM: HP LinuxKI 6.01": [[0, 15]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48483"}}
{"text": "HTMLDOC 1.9.13 - Stack Buffer Overflow", "spans": {"SYSTEM: HTMLDOC 1.9.13": [[0, 14]], "VULNERABILITY: Buffer Overflow": [[23, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52425"}}
{"text": "HTTP/2 2.0 - Denial Of Service (DOS)", "spans": {"SYSTEM: HTTP/2 2.0": [[0, 10]], "VULNERABILITY: Denial Of Service": [[13, 30]]}, "info": {"source": "exploitdb", "exploit_id": "52426"}}
{"text": "IBM Aspera Faspex 4.4.1 - YAML deserialization (RCE)", "spans": {"SYSTEM: IBM Aspera Faspex 4.4.1": [[0, 23]], "VULNERABILITY: RCE": [[48, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51316"}}
{"text": "IBM TM1 / Planning Analytics - Unauthenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: IBM TM1 / Planning Analytics": [[0, 28]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[31, 68]], "TOOL: Metasploit": [[70, 80]]}, "info": {"source": "exploitdb", "exploit_id": "48273"}}
{"text": "InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation", "spans": {"SYSTEM: InfluxDB OSS 2.7.11": [[0, 19]], "VULNERABILITY: Privilege Escalation": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52142"}}
{"text": "Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Ingress-NGINX 4.11.0": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52338"}}
{"text": "Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE", "spans": {"SYSTEM: Ingress-NGINX Admission Controller v1.11.1": [[0, 42]], "VULNERABILITY: RCE": [[61, 64]]}, "info": {"source": "exploitdb", "exploit_id": "52475"}}
{"text": "Invision Community 5.0.6 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Invision Community 5.0.6": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[27, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52294"}}
{"text": "Ivanti Connect Secure 22.7R2.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Ivanti Connect Secure 22.7R2.5": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52213"}}
{"text": "Ivanti Endpoint Manager 4.6 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Ivanti Endpoint Manager 4.6": [[0, 27]], "VULNERABILITY: Remote Code Execution (RCE)": [[30, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50833"}}
{"text": "Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass", "spans": {"SYSTEM: Ivanti Endpoint Manager Mobile 12.5.0.0": [[0, 39]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52421"}}
{"text": "K7 Ultimate Security K7RKScan.sys 17.0.2019 - Denial Of Service (DoS)", "spans": {"SYSTEM: K7 Ultimate Security K7RKScan.sys 17.0.2019": [[0, 43]], "VULNERABILITY: Denial Of Service": [[46, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52158"}}
{"text": "Ksix Zigbee Devices - Playback Protection Bypass (PoC)", "spans": {"SYSTEM: Ksix Zigbee Devices": [[0, 19]], "VULNERABILITY: Playback Protection Bypass": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49169"}}
{"text": "Langflow 1.3.0 -  Remote Code Execution (RCE)", "spans": {"SYSTEM: Langflow 1.3.0": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52262"}}
{"text": "ManageEngine Desktop Central - Java Deserialization (Metasploit)", "spans": {"SYSTEM: ManageEngine Desktop Central": [[0, 28]], "VULNERABILITY: Java Deserialization": [[31, 51]], "TOOL: Metasploit": [[53, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48224"}}
{"text": "McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information", "spans": {"SYSTEM: McAfee Agent 5.7.6": [[0, 18]], "VULNERABILITY: Insecure Storage of Sensitive Information": [[21, 62]]}, "info": {"source": "exploitdb", "exploit_id": "52345"}}
{"text": "Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 32-bit - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 32-bit": [[0, 62]], "VULNERABILITY: Remote Code Execution (RCE)": [[65, 92]]}, "info": {"source": "exploitdb", "exploit_id": "51555"}}
{"text": "Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit": [[0, 62]], "VULNERABILITY: Remote Code Execution (RCE)": [[65, 92]]}, "info": {"source": "exploitdb", "exploit_id": "51552"}}
{"text": "Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit": [[0, 68]], "VULNERABILITY: Remote Code Execution (RCE)": [[71, 98]]}, "info": {"source": "exploitdb", "exploit_id": "51328"}}
{"text": "Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.", "spans": {"SYSTEM: Microsoft Office 365 Version 18.2305.1222.0": [[0, 43]], "VULNERABILITY: RCE": [[71, 74]]}, "info": {"source": "exploitdb", "exploit_id": "51609"}}
{"text": "Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing", "spans": {"SYSTEM: Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit": [[0, 62]], "VULNERABILITY: Spoofing": [[65, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51538"}}
{"text": "Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution", "spans": {"SYSTEM: Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit": [[0, 80]], "VULNERABILITY: Remote Code Execution": [[83, 104]]}, "info": {"source": "exploitdb", "exploit_id": "51574"}}
{"text": "Microsoft Word 16.72.23040900 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Word 16.72.23040900": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51376"}}
{"text": "MikroTik RouterOS 7.19.1 - Reflected XSS", "spans": {"SYSTEM: MikroTik RouterOS 7.19.1": [[0, 24]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52366"}}
{"text": "Nginx 1.20.0 - Denial of Service (DOS)", "spans": {"SYSTEM: Nginx 1.20.0": [[0, 12]], "VULNERABILITY: Denial of Service": [[15, 32]]}, "info": {"source": "exploitdb", "exploit_id": "50973"}}
{"text": "nostromo 1.9.6 - Remote Code Execution", "spans": {"SYSTEM: nostromo 1.9.6": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "47837"}}
{"text": "Opmon 9.11 - Cross-site Scripting", "spans": {"SYSTEM: Opmon 9.11": [[0, 10]], "VULNERABILITY: Cross-site Scripting": [[13, 33]]}, "info": {"source": "exploitdb", "exploit_id": "50857"}}
{"text": "PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: PAN-OS 10.0": [[0, 11]], "VULNERABILITY: Remote Code Execution (RCE)": [[14, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51005"}}
{"text": "PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: PostgreSQL 9.3-11.7": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50847"}}
{"text": "PostgreSQL 9.6.1 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: PostgreSQL 9.6.1": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51247"}}
{"text": "PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)", "spans": {"SYSTEM: PX4 Military UAV Autopilot 1.12.3": [[0, 33]], "VULNERABILITY: Denial of Service (DoS)": [[36, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52339"}}
{"text": "python jsonpickle 2.0.0 - Remote Code Execution", "spans": {"SYSTEM: python jsonpickle 2.0.0": [[0, 23]], "VULNERABILITY: Remote Code Execution": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49585"}}
{"text": "Qmail SMTP 1.03 - Bash Environment Variable Injection", "spans": {"SYSTEM: Qmail SMTP 1.03": [[0, 15]], "VULNERABILITY: Bash Environment Variable Injection": [[18, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48651"}}
{"text": "Saltstack 3000.1 - Remote Code Execution", "spans": {"SYSTEM: Saltstack 3000.1": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48421"}}
{"text": "SAP BusinessObjects Intelligence 4.3 - XML External Entity (XXE)", "spans": {"SYSTEM: SAP BusinessObjects Intelligence 4.3": [[0, 36]], "VULNERABILITY: XXE": [[60, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50900"}}
{"text": "SAP NetWeaver - 7.53 - HTTP Request Smuggling", "spans": {"SYSTEM: SAP NetWeaver": [[0, 13]], "VULNERABILITY: 7.53 - HTTP Request Smuggling": [[16, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52109"}}
{"text": "ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)", "spans": {"SYSTEM: ScriptCase 9.12.006 (23)": [[0, 24]], "VULNERABILITY: Remote Command Execution": [[27, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52353"}}
{"text": "SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal", "spans": {"SYSTEM: SolarWinds Serv-U 15.4.2 HF1": [[0, 28]], "VULNERABILITY: Directory Traversal": [[31, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52311"}}
{"text": "Sony XAV-AX5500 1.13 - Firmware Update Validation Remote Code Execution (RCE)", "spans": {"SYSTEM: Sony XAV-AX5500 1.13": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[50, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52143"}}
{"text": "SOS JobScheduler 1.13.3 - Stored Password Decryption", "spans": {"SYSTEM: SOS JobScheduler 1.13.3": [[0, 23]], "VULNERABILITY: Stored Password Decryption": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48587"}}
{"text": "Sourcegraph Gitserver 3.36.3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Sourcegraph Gitserver 3.36.3": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50964"}}
{"text": "Swagger UI 1.0.3 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Swagger UI 1.0.3": [[0, 16]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52392"}}
{"text": "Tdarr 2.00.15 - Command Injection", "spans": {"SYSTEM: Tdarr 2.00.15": [[0, 13]], "VULNERABILITY: Command Injection": [[16, 33]]}, "info": {"source": "exploitdb", "exploit_id": "50822"}}
{"text": "Teleport v10.1.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Teleport v10.1.1": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51019"}}
{"text": "Tenda AC20 16.03.08.12 - Command Injection", "spans": {"SYSTEM: Tenda AC20 16.03.08.12": [[0, 22]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52418"}}
{"text": "Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow", "spans": {"SYSTEM: Tenda FH451 1.0.0.9 Router": [[0, 26]], "VULNERABILITY: Buffer Overflow": [[41, 56]]}, "info": {"source": "exploitdb", "exploit_id": "52374"}}
{"text": "Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 - Command Injection", "spans": {"SYSTEM: Tigo Energy Cloud Connect Advanced (CCA) 4.0.1": [[0, 46]], "VULNERABILITY: Command Injection": [[49, 66]]}, "info": {"source": "exploitdb", "exploit_id": "52404"}}
{"text": "TP-Link VN020 F3v(T) TT_V6.2.1021 - Buffer Overflow Memory Corruption", "spans": {"SYSTEM: TP-Link VN020 F3v(T) TT_V6.2.1021": [[0, 33]], "VULNERABILITY: Buffer Overflow": [[36, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52249"}}
{"text": "TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)", "spans": {"SYSTEM: TP-Link VN020 F3v(T) TT_V6.2.1021": [[0, 33]], "VULNERABILITY: Denial Of Service": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52250"}}
{"text": "Vite 6.2.2 - Arbitrary File Read", "spans": {"SYSTEM: Vite 6.2.2": [[0, 10]], "VULNERABILITY: Arbitrary File Read": [[13, 32]]}, "info": {"source": "exploitdb", "exploit_id": "52111"}}
{"text": "VMware Cloud Director 10.5 - Bypass identity verification", "spans": {"SYSTEM: VMware Cloud Director 10.5": [[0, 26]], "VULNERABILITY: Bypass identity verification": [[29, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51882"}}
{"text": "vsftpd 3.0.3 - Remote Denial of Service", "spans": {"SYSTEM: vsftpd 3.0.3": [[0, 12]], "VULNERABILITY: Denial of Service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49719"}}
{"text": "WebLogic Server - Deserialization RCE - BadAttributeValueExpException (Metasploit)", "spans": {"SYSTEM: WebLogic Server": [[0, 15]], "VULNERABILITY: RCE": [[34, 37]], "TOOL: Metasploit": [[71, 81]]}, "info": {"source": "exploitdb", "exploit_id": "48508"}}
{"text": "Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution  (RCE)", "spans": {"SYSTEM: Wing FTP Server 7.4.3": [[0, 21]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[24, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52347"}}
{"text": "Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration", "spans": {"SYSTEM: Wyrestorm Apollo VX20 < 1.3.58": [[0, 30]], "VULNERABILITY: Account Enumeration": [[33, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51814"}}
{"text": "Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'", "spans": {"SYSTEM: Wyrestorm Apollo VX20 < 1.3.58": [[0, 30]], "VULNERABILITY: Incorrect Access Control 'Credentials Disclosure'": [[33, 82]]}, "info": {"source": "exploitdb", "exploit_id": "51816"}}
{"text": "X-Skipper-Proxy v0.13.237 - Server Side Request Forgery (SSRF)", "spans": {"SYSTEM: X-Skipper-Proxy v0.13.237": [[0, 25]], "VULNERABILITY: Server Side Request Forgery": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51111"}}
{"text": "ABB Cylon Aspect 3.07.02 - File Disclosure", "spans": {"SYSTEM: ABB Cylon Aspect 3.07.02": [[0, 24]], "VULNERABILITY: File Disclosure": [[27, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52115"}}
{"text": "ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.01": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[27, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52107"}}
{"text": "ABB Cylon Aspect 3.08.03 (MapServicesHandler) - Authenticated Reflected XSS", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.03 (MapServicesHandler)": [[0, 45]], "VULNERABILITY: XSS": [[72, 75]]}, "info": {"source": "exploitdb", "exploit_id": "52222"}}
{"text": "ABB Cylon Aspect 3.08.03 - Hard-coded Secrets", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.03": [[0, 24]], "VULNERABILITY: Hard-coded Secrets": [[27, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52223"}}
{"text": "Academy-LMS 4.3 - Stored XSS", "spans": {"SYSTEM: Academy-LMS 4.3": [[0, 15]], "VULNERABILITY: XSS": [[25, 28]]}, "info": {"source": "exploitdb", "exploit_id": "49298"}}
{"text": "Accela Civic Platform 21.1 - 'contactSeqNumber' Insecure Direct Object References (IDOR)", "spans": {"SYSTEM: Accela Civic Platform 21.1": [[0, 26]], "VULNERABILITY: Insecure Direct Object Reference": [[48, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49991"}}
{"text": "Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting (XSS)", "spans": {"SYSTEM: Accela Civic Platform 21.1": [[0, 26]], "VULNERABILITY: XSS": [[66, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49980"}}
{"text": "Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting (XSS)", "spans": {"SYSTEM: Accela Civic Platform 21.1": [[0, 26]], "VULNERABILITY: XSS": [[64, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49990"}}
{"text": "Acronis Cyber Backup 12.5 Build 16341 - Unauthenticated SSRF", "spans": {"SYSTEM: Acronis Cyber Backup 12.5 Build 16341": [[0, 37]], "VULNERABILITY: SSRF": [[56, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49113"}}
{"text": "Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Active eCommerce CMS 6.5.0": [[0, 26]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[29, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51221"}}
{"text": "Adapt Authoring Tool 0.11.3 - Remote Command Execution (RCE)", "spans": {"SYSTEM: Adapt Authoring Tool 0.11.3": [[0, 27]], "VULNERABILITY: Remote Command Execution": [[30, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52208"}}
{"text": "Adobe ColdFusion 2023.6 - Remote File Read", "spans": {"SYSTEM: Adobe ColdFusion 2023.6": [[0, 23]], "VULNERABILITY: Remote File Read": [[26, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52387"}}
{"text": "Adobe ColdFusion versions 2018_15 (and earlier) and 2021_5 and earlier - Arbitrary File Read", "spans": {"SYSTEM: Adobe ColdFusion versions 2018_15 (and earlier) and 2021_5 and earlier": [[0, 70]], "VULNERABILITY: Arbitrary File Read": [[73, 92]]}, "info": {"source": "exploitdb", "exploit_id": "51875"}}
{"text": "Adobe Connect 10 - Username Disclosure", "spans": {"SYSTEM: Adobe Connect 10": [[0, 16]], "VULNERABILITY: Username Disclosure": [[19, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49550"}}
{"text": "Adobe Connect 11.4.5 - Local File Disclosure", "spans": {"SYSTEM: Adobe Connect 11.4.5": [[0, 20]], "VULNERABILITY: Local File Disclosure": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51327"}}
{"text": "Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)", "spans": {"SYSTEM: Altova MobileTogether Server 7.3": [[0, 32]], "VULNERABILITY: XML External Entity Injection": [[35, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50191"}}
{"text": "Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting", "spans": {"SYSTEM: Anchor CMS 0.12.7": [[0, 17]], "VULNERABILITY: Stored Cross-Site Scripting": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49403"}}
{"text": "Anchor CMS 0.12.7 - CSRF (Delete user)", "spans": {"SYSTEM: Anchor CMS 0.12.7": [[0, 17]], "VULNERABILITY: CSRF": [[20, 24]]}, "info": {"source": "exploitdb", "exploit_id": "49451"}}
{"text": "Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: Angular-Base64-Upload Library 0.1.21": [[0, 36]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[39, 76]]}, "info": {"source": "exploitdb", "exploit_id": "52253"}}
{"text": "Anote 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Anote 1.0": [[0, 9]], "VULNERABILITY: Persistent Cross-Site Scripting": [[12, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49836"}}
{"text": "Antminer Monitor 0.5.0 - Authentication Bypass", "spans": {"SYSTEM: Antminer Monitor 0.5.0": [[0, 22]], "VULNERABILITY: Authentication Bypass": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50267"}}
{"text": "Apache 2.4.x - Buffer Overflow", "spans": {"SYSTEM: Apache 2.4.x": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[15, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51193"}}
{"text": "Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution", "spans": {"SYSTEM: Apache Airflow 1.10.10": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49927"}}
{"text": "Apache Commons Text  1.10.0 - Remote Code Execution", "spans": {"SYSTEM: Apache Commons Text  1.10.0": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52261"}}
{"text": "Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution (RCE)", "spans": {"SYSTEM: Apache HTTP Server 2.4.49": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[45, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50383"}}
{"text": "Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution (RCE)", "spans": {"SYSTEM: Apache HTTP Server 2.4.50": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[45, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50406"}}
{"text": "Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (2)", "spans": {"SYSTEM: Apache HTTP Server 2.4.50": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50446"}}
{"text": "Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (3)", "spans": {"SYSTEM: Apache HTTP Server 2.4.50": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50512"}}
{"text": "Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service", "spans": {"SYSTEM: Apache OpenMeetings 5.0.0": [[0, 25]], "VULNERABILITY: Denial of Service": [[39, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49094"}}
{"text": "Apache Superset 1.1.0 - Time-Based Account Enumeration", "spans": {"SYSTEM: Apache Superset 1.1.0": [[0, 21]], "VULNERABILITY: Time-Based Account Enumeration": [[24, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50072"}}
{"text": "Apache Superset 2.0.0 - Authentication Bypass", "spans": {"SYSTEM: Apache Superset 2.0.0": [[0, 21]], "VULNERABILITY: Authentication Bypass": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51447"}}
{"text": "Apache Tomcat - AJP 'Ghostcat File Read/Inclusion", "spans": {"SYSTEM: Apache Tomcat": [[0, 13]], "VULNERABILITY: AJP 'Ghostcat File Read/Inclusion": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48143"}}
{"text": "Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion (Metasploit)", "spans": {"SYSTEM: Apache Tomcat": [[0, 13]], "VULNERABILITY: AJP 'Ghostcat' File Read/Inclusion": [[16, 50]], "TOOL: Metasploit": [[52, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49039"}}
{"text": "Apache Tomcat 11.0.3 - Remote Code Execution", "spans": {"SYSTEM: Apache Tomcat 11.0.3": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52134"}}
{"text": "Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Apache Tomcat 9.0.0.M1": [[0, 22]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50119"}}
{"text": "Apache Tomcat 9.0.0.M1 - Open Redirect", "spans": {"SYSTEM: Apache Tomcat 9.0.0.M1": [[0, 22]], "VULNERABILITY: Open Redirect": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50118"}}
{"text": "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork", "spans": {"SYSTEM: Artworks Gallery 1.0": [[0, 20]], "VULNERABILITY: Arbitrary File Upload": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49166"}}
{"text": "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile", "spans": {"SYSTEM: Artworks Gallery 1.0": [[0, 20]], "VULNERABILITY: Arbitrary File Upload": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49167"}}
{"text": "ASP.net  8.0.10 - Bypass", "spans": {"SYSTEM: ASP.net  8.0.10": [[0, 15]], "VULNERABILITY: Bypass": [[18, 24]]}, "info": {"source": "exploitdb", "exploit_id": "52492"}}
{"text": "atjiu pybbs 6.0.0 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: atjiu pybbs 6.0.0": [[0, 17]], "VULNERABILITY: Cross Site Scripting": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52400"}}
{"text": "Atlassian Confluence < 8.5.3 - Remote Code Execution", "spans": {"SYSTEM: Atlassian Confluence < 8.5.3": [[0, 28]], "VULNERABILITY: Remote Code Execution": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51904"}}
{"text": "Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)", "spans": {"SYSTEM: Atlassian Confluence Data Center and Server": [[0, 43]], "VULNERABILITY: Authentication Bypass": [[46, 67]], "TOOL: Metasploit": [[69, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51829"}}
{"text": "Atlassian Confluence Widget Connector Macro - SSTI", "spans": {"SYSTEM: Atlassian Confluence Widget Connector Macro": [[0, 43]], "VULNERABILITY: SSTI": [[46, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49465"}}
{"text": "Atlassian JIRA 8.11.1 - User Enumeration", "spans": {"SYSTEM: Atlassian JIRA 8.11.1": [[0, 21]], "VULNERABILITY: User Enumeration": [[24, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49633"}}
{"text": "Atlassian Jira 8.15.0 - Information Disclosure (Username Enumeration)", "spans": {"SYSTEM: Atlassian Jira 8.15.0": [[0, 21]], "VULNERABILITY: Information Disclosure": [[24, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49924"}}
{"text": "Atlassian Jira Server Data Center 8.16.0 - Arbitrary File Read", "spans": {"SYSTEM: Atlassian Jira Server Data Center 8.16.0": [[0, 40]], "VULNERABILITY: Arbitrary File Read": [[43, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50380"}}
{"text": "Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS", "spans": {"SYSTEM: Atlassian Jira Service Desk 4.9.1": [[0, 33]], "VULNERABILITY: XSS": [[64, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49748"}}
{"text": "Avantune Genialcloud ProJ 10 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Avantune Genialcloud ProJ 10": [[0, 28]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50955"}}
{"text": "Avaya IP Office 11 - Password Disclosure", "spans": {"SYSTEM: Avaya IP Office 11": [[0, 18]], "VULNERABILITY: Password Disclosure": [[21, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48581"}}
{"text": "Axigen < 10.3.3.47_ 10.2.3.12 - Reflected XSS", "spans": {"SYSTEM: Axigen < 10.3.3.47_ 10.2.3.12": [[0, 29]], "VULNERABILITY: XSS": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51722"}}
{"text": "B-swiss 3 Digital Signage System 3.6.5 -  Database Disclosure", "spans": {"SYSTEM: B-swiss 3 Digital Signage System 3.6.5": [[0, 38]], "VULNERABILITY: Database Disclosure": [[42, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48834"}}
{"text": "B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin)", "spans": {"SYSTEM: B-swiss 3 Digital Signage System 3.6.5": [[0, 38]], "VULNERABILITY: Cross-Site Request Forgery": [[41, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48833"}}
{"text": "B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution", "spans": {"SYSTEM: B-swiss 3 Digital Signage System 3.6.5": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48824"}}
{"text": "Bagisto 1.3.3 - Client-Side Template Injection", "spans": {"SYSTEM: Bagisto 1.3.3": [[0, 13]], "VULNERABILITY: Client-Side Template Injection": [[16, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50548"}}
{"text": "Baixar GLPI Project 9.4.6 - SQLi", "spans": {"SYSTEM: Baixar GLPI Project 9.4.6": [[0, 25]], "VULNERABILITY: SQLi": [[28, 32]]}, "info": {"source": "exploitdb", "exploit_id": "50823"}}
{"text": "Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting", "spans": {"SYSTEM: Bakeshop Online Ordering System 1.0": [[0, 35]], "VULNERABILITY: Persistent Cross-site scripting": [[46, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49161"}}
{"text": "BeyondTrust Remote Support 6.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)", "spans": {"SYSTEM: BeyondTrust Remote Support 6.0": [[0, 30]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[33, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50632"}}
{"text": "BigAnt Office Messenger 5.6.06 - SQL Injection", "spans": {"SYSTEM: BigAnt Office Messenger 5.6.06": [[0, 30]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52412"}}
{"text": "BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery", "spans": {"SYSTEM: BigBlueButton 2.2.25": [[0, 20]], "VULNERABILITY: Server-Side Request Forgery": [[53, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49070"}}
{"text": "Bio Star 2.8.2 - Local File Inclusion", "spans": {"SYSTEM: Bio Star 2.8.2": [[0, 14]], "VULNERABILITY: Local File Inclusion": [[17, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48708"}}
{"text": "Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure", "spans": {"SYSTEM: Birth Chart Compatibility WordPress Plugin 2.0": [[0, 46]], "VULNERABILITY: Full Path Disclosure": [[49, 69]]}, "info": {"source": "exploitdb", "exploit_id": "52419"}}
{"text": "Blitar Tourism 1.0 - Authentication Bypass SQLi", "spans": {"SYSTEM: Blitar Tourism 1.0": [[0, 18]], "VULNERABILITY: Authentication Bypass": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49759"}}
{"text": "Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation", "spans": {"SYSTEM: Blood Bank & Donor Management System 2.4": [[0, 40]], "VULNERABILITY: CSRF": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52256"}}
{"text": "Bludit 3.9.2 - Directory Traversal", "spans": {"SYSTEM: Bludit 3.9.2": [[0, 12]], "VULNERABILITY: Directory Traversal": [[15, 34]]}, "info": {"source": "exploitdb", "exploit_id": "48701"}}
{"text": "Bookwyrm v0.4.3 - Authentication Bypass", "spans": {"SYSTEM: Bookwyrm v0.4.3": [[0, 15]], "VULNERABILITY: Authentication Bypass": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51013"}}
{"text": "Boss Mini v1.4.0 - Local File Inclusion (LFI)", "spans": {"SYSTEM: Boss Mini v1.4.0": [[0, 16]], "VULNERABILITY: Local File Inclusion": [[19, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52482"}}
{"text": "Broken Access Control - on NodeBB v3.6.7", "spans": {"SYSTEM: Broken Access Control": [[0, 21]], "VULNERABILITY: on NodeBB v3.6.7": [[24, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51930"}}
{"text": "BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation", "spans": {"SYSTEM: BSA Radar 1.6.7234.24750": [[0, 24]], "VULNERABILITY: Privilege Escalation": [[41, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48649"}}
{"text": "BSA Radar 1.6.7234.24750 - Local File Inclusion", "spans": {"SYSTEM: BSA Radar 1.6.7234.24750": [[0, 24]], "VULNERABILITY: Local File Inclusion": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48666"}}
{"text": "BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: BSA Radar 1.6.7234.24750": [[0, 24]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48619"}}
{"text": "BTCPay Server v1.7.4 - HTML Injection", "spans": {"SYSTEM: BTCPay Server v1.7.4": [[0, 20]], "VULNERABILITY: HTML Injection": [[23, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51254"}}
{"text": "Cabot 0.11.12 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Cabot 0.11.12": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48791"}}
{"text": "Cacti 1.2.8 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Cacti 1.2.8": [[0, 11]], "VULNERABILITY: Authenticated Remote Code Execution": [[14, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48144"}}
{"text": "Cacti 1.2.8 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Cacti 1.2.8": [[0, 11]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[14, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48145"}}
{"text": "Calibre-web 0.6.21 - Stored XSS", "spans": {"SYSTEM: Calibre-web 0.6.21": [[0, 18]], "VULNERABILITY: XSS": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52067"}}
{"text": "Campcodes Online Hospital Management System 1.0 - SQL Injection", "spans": {"SYSTEM: Campcodes Online Hospital Management System 1.0": [[0, 47]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52312"}}
{"text": "Casdoor 1.13.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Casdoor 1.13.0": [[0, 14]], "VULNERABILITY: SQL Injection": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "50792"}}
{"text": "Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Casdoor 2.55.0": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52432"}}
{"text": "Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Casdoor 2.95.0": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52439"}}
{"text": "Cayin Content Management Server 11.0 - Remote Command Injection (root)", "spans": {"SYSTEM: Cayin Content Management Server 11.0": [[0, 36]], "VULNERABILITY: Command Injection": [[46, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48553"}}
{"text": "Cayin Digital Signage System xPost 2.5 - Remote Command Injection", "spans": {"SYSTEM: Cayin Digital Signage System xPost 2.5": [[0, 38]], "VULNERABILITY: Command Injection": [[48, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48558"}}
{"text": "Cayin Signage Media Player 3.0 - Remote Command Injection (root)", "spans": {"SYSTEM: Cayin Signage Media Player 3.0": [[0, 30]], "VULNERABILITY: Command Injection": [[40, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48557"}}
{"text": "Cerberus FTP Web Service 11 - 'svg' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Cerberus FTP Web Service 11": [[0, 27]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[36, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49981"}}
{"text": "Chained Quiz  1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie", "spans": {"SYSTEM: Chained Quiz  1.3.5": [[0, 19]], "VULNERABILITY: Insecure Direct Object Reference": [[38, 70]]}, "info": {"source": "exploitdb", "exploit_id": "52464"}}
{"text": "changedetection < 0.45.20 - Remote Code Execution (RCE)", "spans": {"SYSTEM: changedetection < 0.45.20": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52027"}}
{"text": "Chevereto 3.17.1 - Cross Site Scripting (Stored)", "spans": {"SYSTEM: Chevereto 3.17.1": [[0, 16]], "VULNERABILITY: Cross Site Scripting": [[19, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49859"}}
{"text": "ChurchCRM 4.2.0 - CSV/Formula Injection", "spans": {"SYSTEM: ChurchCRM 4.2.0": [[0, 15]], "VULNERABILITY: CSV/Formula Injection": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49171"}}
{"text": "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)", "spans": {"SYSTEM: ChurchCRM 4.2.1": [[0, 15]], "VULNERABILITY: Cross Site Scripting": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49172"}}
{"text": "ChurchRota 2.6.4 - RCE (Authenticated)", "spans": {"SYSTEM: ChurchRota 2.6.4": [[0, 16]], "VULNERABILITY: RCE": [[19, 22]]}, "info": {"source": "exploitdb", "exploit_id": "49443"}}
{"text": "Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration", "spans": {"SYSTEM: Cibele Thinfinity VirtualUI 2.5.41.0": [[0, 36]], "VULNERABILITY: User Enumeration": [[39, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50601"}}
{"text": "Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover", "spans": {"SYSTEM: Cisco Smart Software Manager On-Prem 8-202206": [[0, 45]], "VULNERABILITY: Account Takeover": [[48, 64]]}, "info": {"source": "exploitdb", "exploit_id": "52155"}}
{"text": "Citadel WebCit < 926 - Session Hijacking Exploit", "spans": {"SYSTEM: Citadel WebCit < 926": [[0, 20]], "VULNERABILITY: Session Hijacking Exploit": [[23, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48975"}}
{"text": "Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal", "spans": {"SYSTEM: Citrix Application Delivery Controller (ADC) and Gateway 13.0": [[0, 61]], "VULNERABILITY: Path Traversal": [[64, 78]]}, "info": {"source": "exploitdb", "exploit_id": "47930"}}
{"text": "Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution", "spans": {"SYSTEM: Citrix Application Delivery Controller and Citrix Gateway": [[0, 57]], "VULNERABILITY: Remote Code Execution": [[60, 81]]}, "info": {"source": "exploitdb", "exploit_id": "47902"}}
{"text": "Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC)", "spans": {"SYSTEM: Citrix Application Delivery Controller and Citrix Gateway": [[0, 57]], "VULNERABILITY: Remote Code Execution": [[60, 81]]}, "info": {"source": "exploitdb", "exploit_id": "47901"}}
{"text": "Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Citrix Application Delivery Controller and Gateway 10.5": [[0, 55]], "VULNERABILITY: Remote Code Execution": [[58, 79]], "TOOL: Metasploit": [[81, 91]]}, "info": {"source": "exploitdb", "exploit_id": "47913"}}
{"text": "Click2Magic 1.1.5 - Stored Cross-Site Scripting", "spans": {"SYSTEM: Click2Magic 1.1.5": [[0, 17]], "VULNERABILITY: Stored Cross-Site Scripting": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49347"}}
{"text": "Cloudron 6.2 - 'returnTo ' Cross Site Scripting (Reflected)", "spans": {"SYSTEM: Cloudron 6.2": [[0, 12]], "VULNERABILITY: Cross Site Scripting": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50317"}}
{"text": "CMDBuild 3.3.2 - 'Multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: CMDBuild 3.3.2": [[0, 14]], "VULNERABILITY: Cross Site Scripting": [[28, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50527"}}
{"text": "CMU CERT/CC VINCE 2.0.6 - Stored XSS", "spans": {"SYSTEM: CMU CERT/CC VINCE 2.0.6": [[0, 23]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52181"}}
{"text": "Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection", "spans": {"SYSTEM: Cockpit CMS 0.11.1": [[0, 18]], "VULNERABILITY: SQL Injection": [[63, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50185"}}
{"text": "Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)", "spans": {"SYSTEM: Cockpit Version 234": [[0, 19]], "VULNERABILITY: Server-Side Request Forgery": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49397"}}
{"text": "Codiad 2.8.4 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Codiad 2.8.4": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49705"}}
{"text": "Codiad 2.8.4 - Remote Code Execution (Authenticated) (2)", "spans": {"SYSTEM: Codiad 2.8.4": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49902"}}
{"text": "Codiad 2.8.4 - Remote Code Execution (Authenticated) (3)", "spans": {"SYSTEM: Codiad 2.8.4": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49907"}}
{"text": "Codiad 2.8.4 - Remote Code Execution (Authenticated) (4)", "spans": {"SYSTEM: Codiad 2.8.4": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50474"}}
{"text": "Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution", "spans": {"SYSTEM: Comodo Unified Threat Management Web Console 2.7.0": [[0, 50]], "VULNERABILITY: Remote Code Execution": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48825"}}
{"text": "compop.ca 3.5.3 - Arbitrary code Execution", "spans": {"SYSTEM: compop.ca 3.5.3": [[0, 15]], "VULNERABILITY: Arbitrary code Execution": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52257"}}
{"text": "Concrete CMS 9.4.3 - Stored XSS", "spans": {"SYSTEM: Concrete CMS 9.4.3": [[0, 18]], "VULNERABILITY: XSS": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52428"}}
{"text": "Copyparty 1.18.6 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Copyparty 1.18.6": [[0, 16]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[19, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52390"}}
{"text": "CourseMS 2.1 - 'name' Stored XSS", "spans": {"SYSTEM: CourseMS 2.1": [[0, 12]], "VULNERABILITY: XSS": [[29, 32]]}, "info": {"source": "exploitdb", "exploit_id": "49731"}}
{"text": "Covenant v0.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Covenant v0.5": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51141"}}
{"text": "craftercms 4.x.x - CORS", "spans": {"SYSTEM: craftercms 4.x.x": [[0, 16]], "VULNERABILITY: CORS": [[19, 23]]}, "info": {"source": "exploitdb", "exploit_id": "51313"}}
{"text": "Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass", "spans": {"SYSTEM: Crystal Shard http-protection 0.2.0": [[0, 35]], "VULNERABILITY: IP Spoofing Bypass": [[38, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48533"}}
{"text": "CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: CyberPanel 2.1": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50230"}}
{"text": "CyberPanel 2.3.6 - Remote Code Execution (RCE)", "spans": {"SYSTEM: CyberPanel 2.3.6": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52172"}}
{"text": "Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Cyclos 4.14.7": [[0, 13]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50909"}}
{"text": "Cyclos 4.14.7 - DOM Based Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Cyclos 4.14.7": [[0, 13]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50908"}}
{"text": "D-Link DIR-650IN - Authenticated Command Injection", "spans": {"SYSTEM: D-Link DIR-650IN": [[0, 16]], "VULNERABILITY: Command Injection": [[33, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52508"}}
{"text": "Discourse 3.1.1 - Unauthenticated Chat Message Access", "spans": {"SYSTEM: Discourse 3.1.1": [[0, 15]], "VULNERABILITY: Unauthenticated Chat Message Access": [[18, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52375"}}
{"text": "Discourse 3.2.x - Anonymous Cache Poisoning", "spans": {"SYSTEM: Discourse 3.2.x": [[0, 15]], "VULNERABILITY: Anonymous Cache Poisoning": [[18, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52358"}}
{"text": "Django 5.1.13 - SQL Injection", "spans": {"SYSTEM: Django 5.1.13": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52456"}}
{"text": "DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: DMA Radius Manager 4.4.0": [[0, 24]], "VULNERABILITY: CSRF": [[55, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49752"}}
{"text": "Docsify.js 4.11.4 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: Docsify.js 4.11.4": [[0, 17]], "VULNERABILITY: Cross-Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48681"}}
{"text": "DotCMS 20.11 - Stored Cross-Site Scripting", "spans": {"SYSTEM: DotCMS 20.11": [[0, 12]], "VULNERABILITY: Stored Cross-Site Scripting": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49168"}}
{"text": "dotCMS 25.07.02-1 - Authenticated Blind SQL Injection", "spans": {"SYSTEM: dotCMS 25.07.02-1": [[0, 17]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52431"}}
{"text": "Dreamer CMS v4.0.0 - SQL Injection", "spans": {"SYSTEM: Dreamer CMS v4.0.0": [[0, 18]], "VULNERABILITY: SQL Injection": [[21, 34]]}, "info": {"source": "exploitdb", "exploit_id": "51134"}}
{"text": "DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: DzzOffice 2.02.1": [[0, 16]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[30, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49799"}}
{"text": "Easy File Sharing Web Server v7.2 - Buffer Overflow", "spans": {"SYSTEM: Easy File Sharing Web Server v7.2": [[0, 33]], "VULNERABILITY: Buffer Overflow": [[36, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52484"}}
{"text": "Easywall 0.3.1 - Authenticated Remote Command Execution", "spans": {"SYSTEM: Easywall 0.3.1": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51856"}}
{"text": "EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass", "spans": {"SYSTEM: EgavilanMedia Address Book 1.0 Exploit": [[0, 38]], "VULNERABILITY: SQLi": [[41, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49182"}}
{"text": "EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF", "spans": {"SYSTEM: EgavilanMedia User Registration & Login System with Admin Panel 1.0": [[0, 67]], "VULNERABILITY: CSRF": [[70, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49151"}}
{"text": "EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: EgavilanMedia User Registration & Login System with Admin Panel 1.0": [[0, 67]], "VULNERABILITY: Persistent Cross-Site Scripting": [[70, 101]]}, "info": {"source": "exploitdb", "exploit_id": "49367"}}
{"text": "EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting", "spans": {"SYSTEM: EgavilanMedia User Registration & Login System with Admin Panel 1.0": [[0, 67]], "VULNERABILITY: Stored Cross Site Scripting": [[70, 97]]}, "info": {"source": "exploitdb", "exploit_id": "49153"}}
{"text": "Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal", "spans": {"SYSTEM: Eibiz i-Media Server Digital Signage 3.8.0": [[0, 42]], "VULNERABILITY: Directory Traversal": [[45, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48766"}}
{"text": "ElasticSearch 7.13.3 - Memory disclosure", "spans": {"SYSTEM: ElasticSearch 7.13.3": [[0, 20]], "VULNERABILITY: Memory disclosure": [[23, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50149"}}
{"text": "Elasticsearch ECE 7.13.3 - Anonymous Database Dump", "spans": {"SYSTEM: Elasticsearch ECE 7.13.3": [[0, 24]], "VULNERABILITY: Anonymous Database Dump": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50152"}}
{"text": "ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection", "spans": {"SYSTEM: ELEX WooCommerce WordPress Plugin 1.4.3": [[0, 39]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52430"}}
{"text": "Employee Record Management System 1.1 - Login Bypass SQL Injection", "spans": {"SYSTEM: Employee Record Management System 1.1": [[0, 37]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49165"}}
{"text": "Ericom Access Server x64 9.2.0 - Server-Side Request Forgery", "spans": {"SYSTEM: Ericom Access Server x64 9.2.0": [[0, 30]], "VULNERABILITY: Server-Side Request Forgery": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48765"}}
{"text": "Ericsson Network Location MPS GMPC21 - Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Ericsson Network Location MPS GMPC21": [[0, 36]], "VULNERABILITY: Privilege Escalation": [[39, 59]], "TOOL: Metasploit": [[61, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50469"}}
{"text": "Ericsson Network Location MPS GMPC21 - Remote Code Execution (RCE) (Metasploit)", "spans": {"SYSTEM: Ericsson Network Location MPS GMPC21": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]], "TOOL: Metasploit": [[68, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50468"}}
{"text": "ERPNext 12.14.0 - SQL Injection (Authenticated)", "spans": {"SYSTEM: ERPNext 12.14.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "49464"}}
{"text": "esm-dev 136 - Path Traversal", "spans": {"SYSTEM: esm-dev 136": [[0, 11]], "VULNERABILITY: Path Traversal": [[14, 28]]}, "info": {"source": "exploitdb", "exploit_id": "52461"}}
{"text": "EspoCRM 5.8.5 - Privilege Escalation", "spans": {"SYSTEM: EspoCRM 5.8.5": [[0, 13]], "VULNERABILITY: Privilege Escalation": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48376"}}
{"text": "Ethercreative Logs 3.0.3 - Path Traversal", "spans": {"SYSTEM: Ethercreative Logs 3.0.3": [[0, 24]], "VULNERABILITY: Path Traversal": [[27, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52241"}}
{"text": "Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Exclusive Addons for Elementor 2.6.9": [[0, 36]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[39, 72]]}, "info": {"source": "exploitdb", "exploit_id": "52126"}}
{"text": "Expense Management System - 'description' Stored Cross Site Scripting", "spans": {"SYSTEM: Expense Management System": [[0, 25]], "VULNERABILITY: Stored Cross Site Scripting": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49146"}}
{"text": "ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow", "spans": {"SYSTEM: ExpressVPN VPN Router 1.0": [[0, 25]], "VULNERABILITY: Integer Overflow": [[49, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49760"}}
{"text": "EyesOfNetwork 5.3 - File Upload Remote Code Execution", "spans": {"SYSTEM: EyesOfNetwork 5.3": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49432"}}
{"text": "EyesOfNetwork 5.3 - LFI", "spans": {"SYSTEM: EyesOfNetwork 5.3": [[0, 17]], "VULNERABILITY: LFI": [[20, 23]]}, "info": {"source": "exploitdb", "exploit_id": "49404"}}
{"text": "EyesOfNetwork 5.3 - RCE & PrivEsc", "spans": {"SYSTEM: EyesOfNetwork 5.3": [[0, 17]], "VULNERABILITY: RCE": [[20, 23]]}, "info": {"source": "exploitdb", "exploit_id": "49402"}}
{"text": "FIBARO System Home Center 5.021 - Remote File Include", "spans": {"SYSTEM: FIBARO System Home Center 5.021": [[0, 31]], "VULNERABILITY: Remote File Include": [[34, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48240"}}
{"text": "FileBrowser 2.17.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)", "spans": {"SYSTEM: FileBrowser 2.17.2": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[58, 85]]}, "info": {"source": "exploitdb", "exploit_id": "50717"}}
{"text": "FileMage Gateway 1.10.9 - Local File Inclusion", "spans": {"SYSTEM: FileMage Gateway 1.10.9": [[0, 23]], "VULNERABILITY: Local File Inclusion": [[26, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51708"}}
{"text": "FileRun 2019.05.21 -  Reflected Cross-Site Scripting", "spans": {"SYSTEM: FileRun 2019.05.21": [[0, 18]], "VULNERABILITY: Reflected Cross-Site Scripting": [[22, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48607"}}
{"text": "FLEX 1085 Web 1.6.0 - HTML Injection", "spans": {"SYSTEM: FLEX 1085 Web 1.6.0": [[0, 19]], "VULNERABILITY: HTML Injection": [[22, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50544"}}
{"text": "Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS", "spans": {"SYSTEM: Flexmonster Pivot Table & Charts 2.7.17": [[0, 39]], "VULNERABILITY: XSS": [[66, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49305"}}
{"text": "Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS", "spans": {"SYSTEM: Flexmonster Pivot Table & Charts 2.7.17": [[0, 39]], "VULNERABILITY: XSS": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49302"}}
{"text": "Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS", "spans": {"SYSTEM: Flexmonster Pivot Table & Charts 2.7.17": [[0, 39]], "VULNERABILITY: XSS": [[62, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49303"}}
{"text": "Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS", "spans": {"SYSTEM: Flexmonster Pivot Table & Charts 2.7.17": [[0, 39]], "VULNERABILITY: XSS": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49304"}}
{"text": "Flowise 3.0.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Flowise 3.0.4": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52440"}}
{"text": "Fluig 1.7.0 - Path Traversal", "spans": {"SYSTEM: Fluig 1.7.0": [[0, 11]], "VULNERABILITY: Path Traversal": [[14, 28]]}, "info": {"source": "exploitdb", "exploit_id": "49622"}}
{"text": "Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: Forcepoint WebSecurity 8.5": [[0, 26]], "VULNERABILITY: Cross-Site Scripting": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48029"}}
{"text": "FormaLMS 2.4.4 - Authentication Bypass", "spans": {"SYSTEM: FormaLMS 2.4.4": [[0, 14]], "VULNERABILITY: Authentication Bypass": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50513"}}
{"text": "FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)", "spans": {"SYSTEM: FortiLogger 4.4.2.2": [[0, 19]], "VULNERABILITY: Arbitrary File Upload": [[38, 59]], "TOOL: Metasploit": [[61, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49600"}}
{"text": "Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Fortinet Fortimail 7.0.1": [[0, 24]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[27, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50759"}}
{"text": "Fortinet FortiWeb v8.0.1 - Auth Bypass", "spans": {"SYSTEM: Fortinet FortiWeb v8.0.1": [[0, 24]], "VULNERABILITY: Auth Bypass": [[27, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52495"}}
{"text": "FortiOS_ FortiProxy_ FortiSwitchManager v7.2.1 - Authentication Bypass", "spans": {"SYSTEM: FortiOS_ FortiProxy_ FortiSwitchManager v7.2.1": [[0, 46]], "VULNERABILITY: Authentication Bypass": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51092"}}
{"text": "FortiWeb  8.0.2 - Remote Code Execution", "spans": {"SYSTEM: FortiWeb  8.0.2": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52502"}}
{"text": "FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution", "spans": {"SYSTEM: FortiWeb Fabric Connector 7.6.x": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "52473"}}
{"text": "FoxCMS 1.2.5 - Remote Code Execution  (RCE)", "spans": {"SYSTEM: FoxCMS 1.2.5": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52267"}}
{"text": "FreeBSD rtsold 15.x - Remote Code Execution via DNSSL", "spans": {"SYSTEM: FreeBSD rtsold 15.x": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52463"}}
{"text": "Freeter 1.2.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Freeter 1.2.1": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49833"}}
{"text": "FuguHub 8.1 - Remote Code Execution", "spans": {"SYSTEM: FuguHub 8.1": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51550"}}
{"text": "FusionInvoice 2023-1.0 - Stored XSS (Cross-Site Scripting)", "spans": {"SYSTEM: FusionInvoice 2023-1.0": [[0, 22]], "VULNERABILITY: Cross-Site Scripting": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51480"}}
{"text": "Gandia Integra Total 4.4.2236.1 - SQL Injection", "spans": {"SYSTEM: Gandia Integra Total 4.4.2236.1": [[0, 31]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52388"}}
{"text": "Garage Management System 1.0 (categoriesName) - Stored XSS", "spans": {"SYSTEM: Garage Management System 1.0 (categoriesName)": [[0, 45]], "VULNERABILITY: XSS": [[55, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52238"}}
{"text": "Geonetwork 4.2.0 - XML External Entity (XXE)", "spans": {"SYSTEM: Geonetwork 4.2.0": [[0, 16]], "VULNERABILITY: XXE": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50982"}}
{"text": "GeoVision GV-ASManager 6.1.0.0  - Information Disclosure", "spans": {"SYSTEM: GeoVision GV-ASManager 6.1.0.0": [[0, 30]], "VULNERABILITY: Information Disclosure": [[34, 56]]}, "info": {"source": "exploitdb", "exploit_id": "52144"}}
{"text": "GeoVision GV-ASManager 6.1.0.0 - Broken Access Control", "spans": {"SYSTEM: GeoVision GV-ASManager 6.1.0.0": [[0, 30]], "VULNERABILITY: Broken Access Control": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52189"}}
{"text": "GeoVision GV-ASManager 6.1.1.0 - CSRF", "spans": {"SYSTEM: GeoVision GV-ASManager 6.1.1.0": [[0, 30]], "VULNERABILITY: CSRF": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52187"}}
{"text": "GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated)", "spans": {"SYSTEM: GFI Mail Archiver 15.1": [[0, 22]], "VULNERABILITY: Arbitrary File Upload": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50181"}}
{"text": "Ghost CMS 5.42.1 - Path Traversal", "spans": {"SYSTEM: Ghost CMS 5.42.1": [[0, 16]], "VULNERABILITY: Path Traversal": [[19, 33]]}, "info": {"source": "exploitdb", "exploit_id": "52408"}}
{"text": "Ghost CMS 5.59.1 - Arbitrary File Read", "spans": {"SYSTEM: Ghost CMS 5.59.1": [[0, 16]], "VULNERABILITY: Arbitrary File Read": [[19, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52409"}}
{"text": "Gitea 1.12.5 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Gitea 1.12.5": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49571"}}
{"text": "Gitea 1.16.6 - Remote Code Execution (RCE) (Metasploit)", "spans": {"SYSTEM: Gitea 1.16.6": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]], "TOOL: Metasploit": [[44, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51009"}}
{"text": "Gitea 1.22.0 - Stored XSS", "spans": {"SYSTEM: Gitea 1.22.0": [[0, 12]], "VULNERABILITY: XSS": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "52077"}}
{"text": "Gitea 1.24.0 - HTML Injection", "spans": {"SYSTEM: Gitea 1.24.0": [[0, 12]], "VULNERABILITY: HTML Injection": [[15, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52087"}}
{"text": "Gitea 1.7.5 - Remote Code Execution", "spans": {"SYSTEM: Gitea 1.7.5": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49383"}}
{"text": "GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities", "spans": {"SYSTEM: GoAhead Web Server 2.5": [[0, 22]], "VULNERABILITY: Multiple HTML Injection Vulnerabilities": [[43, 82]]}, "info": {"source": "exploitdb", "exploit_id": "51762"}}
{"text": "Google Invisible RECAPTCHA 3 - Spoof Bypass", "spans": {"SYSTEM: Google Invisible RECAPTCHA 3": [[0, 28]], "VULNERABILITY: Spoof Bypass": [[31, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48027"}}
{"text": "Grafana 11.6.0 - SSRF", "spans": {"SYSTEM: Grafana 11.6.0": [[0, 14]], "VULNERABILITY: SSRF": [[17, 21]]}, "info": {"source": "exploitdb", "exploit_id": "52491"}}
{"text": "Grafana 8.3.0 - Directory Traversal and Arbitrary File Read", "spans": {"SYSTEM: Grafana 8.3.0": [[0, 13]], "VULNERABILITY: Directory Traversal": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50581"}}
{"text": "Grocery crud 1.6.4 - 'order_by' SQL Injection", "spans": {"SYSTEM: Grocery crud 1.6.4": [[0, 18]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49985"}}
{"text": "Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control", "spans": {"SYSTEM: Gurock Testrail 7.2.0.3014": [[0, 26]], "VULNERABILITY: Improper Access Control": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50320"}}
{"text": "Hasura GraphQL 1.3.3 - Local File Read", "spans": {"SYSTEM: Hasura GraphQL 1.3.3": [[0, 20]], "VULNERABILITY: Local File Read": [[23, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49790"}}
{"text": "Hasura GraphQL 1.3.3 - Remote Code Execution", "spans": {"SYSTEM: Hasura GraphQL 1.3.3": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49802"}}
{"text": "Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF)", "spans": {"SYSTEM: Hasura GraphQL 1.3.3": [[0, 20]], "VULNERABILITY: SSRF": [[53, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49791"}}
{"text": "Hasura GraphQL 2.2.0 - Information Disclosure", "spans": {"SYSTEM: Hasura GraphQL 2.2.0": [[0, 20]], "VULNERABILITY: Information Disclosure": [[23, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50803"}}
{"text": "Horde Groupware Webmail 5.2.22 - Stored XSS", "spans": {"SYSTEM: Horde Groupware Webmail 5.2.22": [[0, 30]], "VULNERABILITY: XSS": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49769"}}
{"text": "HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities", "spans": {"SYSTEM: HPE Edgeline Infrastructure Manager 1.0": [[0, 39]], "VULNERABILITY: Multiple Remote Vulnerabilities": [[42, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49361"}}
{"text": "htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: htmly 2.8.0": [[0, 11]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[28, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49772"}}
{"text": "Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation", "spans": {"SYSTEM: Hunk Companion Plugin 1.9.0": [[0, 27]], "VULNERABILITY: Unauthenticated Plugin Installation": [[30, 65]]}, "info": {"source": "exploitdb", "exploit_id": "52259"}}
{"text": "i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw", "spans": {"SYSTEM: i3 International Annexxus Cameras Ax-n 5.2.0": [[0, 44]], "VULNERABILITY: Application Logic Flaw": [[47, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50473"}}
{"text": "IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow", "spans": {"SYSTEM: IBM Security Verify Access 10.0.0": [[0, 33]], "VULNERABILITY: Open Redirect": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52123"}}
{"text": "IBMi Navigator 7.5 -  HTTP Security Token Bypass", "spans": {"SYSTEM: IBMi Navigator 7.5": [[0, 18]], "VULNERABILITY: HTTP Security Token Bypass": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52210"}}
{"text": "IBMi Navigator 7.5 - Server Side Request Forgery (SSRF)", "spans": {"SYSTEM: IBMi Navigator 7.5": [[0, 18]], "VULNERABILITY: Server Side Request Forgery": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52212"}}
{"text": "iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: iboss Secure Web Gateway": [[0, 24]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[27, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52009"}}
{"text": "ILIAS Learning Management System 4.3 - SSRF", "spans": {"SYSTEM: ILIAS Learning Management System 4.3": [[0, 36]], "VULNERABILITY: SSRF": [[39, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49148"}}
{"text": "ImportExportTools NG 10.0.4 - HTML Injection", "spans": {"SYSTEM: ImportExportTools NG 10.0.4": [[0, 27]], "VULNERABILITY: HTML Injection": [[30, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50496"}}
{"text": "In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection", "spans": {"SYSTEM: In4Suit ERP 3.2.74.1370": [[0, 23]], "VULNERABILITY: SQL injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49884"}}
{"text": "IncomCMS 2.0 - Insecure File Upload", "spans": {"SYSTEM: IncomCMS 2.0": [[0, 12]], "VULNERABILITY: File Upload": [[24, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49351"}}
{"text": "INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution", "spans": {"SYSTEM: INNEO Startup TOOLS 2018 M040 13.0.70.3804": [[0, 42]], "VULNERABILITY: Remote Code Execution": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48693"}}
{"text": "Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Intelight X-1L Traffic controller Maxtime 1.9.6": [[0, 47]], "VULNERABILITY: Remote Code Execution (RCE)": [[50, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52151"}}
{"text": "Invision Community 4.5.4 - 'Field Name' Stored Cross-Site Scripting", "spans": {"SYSTEM: Invision Community 4.5.4": [[0, 24]], "VULNERABILITY: Stored Cross-Site Scripting": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49188"}}
{"text": "Invision Community 4.7.20 - (calendar/view.php) SQL Injection", "spans": {"SYSTEM: Invision Community 4.7.20": [[0, 25]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52383"}}
{"text": "IPeakCMS 3.5 - Boolean-based blind SQLi", "spans": {"SYSTEM: IPeakCMS 3.5": [[0, 12]], "VULNERABILITY: SQLi": [[35, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49372"}}
{"text": "Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)", "spans": {"SYSTEM: Isshue Shopping Cart 3.5": [[0, 24]], "VULNERABILITY: Cross Site Scripting": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50490"}}
{"text": "Ivanti vADC 9.9 - Authentication Bypass", "spans": {"SYSTEM: Ivanti vADC 9.9": [[0, 15]], "VULNERABILITY: Authentication Bypass": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52062"}}
{"text": "Jasmin Ransomware - Arbitrary File Download (Authenticated)", "spans": {"SYSTEM: Jasmin Ransomware": [[0, 17]], "VULNERABILITY: Arbitrary File Download": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52140"}}
{"text": "Jenzabar 9.2.2 - 'query' Reflected XSS.", "spans": {"SYSTEM: Jenzabar 9.2.2": [[0, 14]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49529"}}
{"text": "JetBrains TeamCity 2023.11.4 - Authentication Bypass", "spans": {"SYSTEM: JetBrains TeamCity 2023.11.4": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "52411"}}
{"text": "Joplin 1.0.245 - Arbitrary Code Execution (PoC)", "spans": {"SYSTEM: Joplin 1.0.245": [[0, 14]], "VULNERABILITY: Arbitrary Code Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48837"}}
{"text": "Joplin 1.2.6 - 'link' Cross Site Scripting", "spans": {"SYSTEM: Joplin 1.2.6": [[0, 12]], "VULNERABILITY: Cross Site Scripting": [[22, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49024"}}
{"text": "Joplin Desktop 1.0.184 - Cross-Site Scripting", "spans": {"SYSTEM: Joplin Desktop 1.0.184": [[0, 22]], "VULNERABILITY: Cross-Site Scripting": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48147"}}
{"text": "jQuery 1.0.3 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: jQuery 1.0.3": [[0, 12]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[15, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49767"}}
{"text": "jQuery 1.2 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: jQuery 1.2": [[0, 10]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[13, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49766"}}
{"text": "jQuery 3.3.1 - Prototype Pollution & XSS Exploit", "spans": {"SYSTEM: jQuery 3.3.1": [[0, 12]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52141"}}
{"text": "Jumbo Website Manager  - Remote Code Execution", "spans": {"SYSTEM: Jumbo Website Manager": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52504"}}
{"text": "Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Kentico Xperience 13.0.178": [[0, 26]], "VULNERABILITY: Cross Site Scripting": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52290"}}
{"text": "KONGA 0.14.9 - Privilege Escalation", "spans": {"SYSTEM: KONGA 0.14.9": [[0, 12]], "VULNERABILITY: Privilege Escalation": [[15, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50521"}}
{"text": "KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: KubeSphere 3.4.0": [[0, 16]], "VULNERABILITY: Insecure Direct Object Reference": [[19, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52097"}}
{"text": "Kubio AI Page Builder 2.5.1 - Local File Inclusion (LFI)", "spans": {"SYSTEM: Kubio AI Page Builder 2.5.1": [[0, 27]], "VULNERABILITY: Local File Inclusion": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52125"}}
{"text": "Langflow 1.2.x - Remote Code Execution (RCE)", "spans": {"SYSTEM: Langflow 1.2.x": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52364"}}
{"text": "Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection (XXE)", "spans": {"SYSTEM: Lantronix Provisioning Manager 7.10.3": [[0, 37]], "VULNERABILITY: XML External Entity Injection": [[40, 69]]}, "info": {"source": "exploitdb", "exploit_id": "52417"}}
{"text": "Latrix 0.6.0 - 'txtaccesscode' SQL Injection", "spans": {"SYSTEM: Latrix 0.6.0": [[0, 12]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49733"}}
{"text": "LibreNMS 1.46 - 'search' SQL Injection", "spans": {"SYSTEM: LibreNMS 1.46": [[0, 13]], "VULNERABILITY: SQL Injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48453"}}
{"text": "LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection", "spans": {"SYSTEM: LibreNMS 1.46": [[0, 13]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49246"}}
{"text": "LifeRay 7.2.1 GA2 - Stored XSS", "spans": {"SYSTEM: LifeRay 7.2.1 GA2": [[0, 17]], "VULNERABILITY: XSS": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "49091"}}
{"text": "LightCMS 1.3.4 - 'exclusive' Stored XSS", "spans": {"SYSTEM: LightCMS 1.3.4": [[0, 14]], "VULNERABILITY: XSS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49598"}}
{"text": "Liman 0.7 - Cross-Site Request Forgery (Change Password)", "spans": {"SYSTEM: Liman 0.7": [[0, 9]], "VULNERABILITY: Cross-Site Request Forgery": [[12, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48869"}}
{"text": "Lingdang CRM 8.6.4.7 - SQL Injection", "spans": {"SYSTEM: Lingdang CRM 8.6.4.7": [[0, 20]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52420"}}
{"text": "Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Local Service Search Engine Management System 1.0": [[0, 49]], "VULNERABILITY: Authentication Bypass": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49163"}}
{"text": "Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Logitech Media Server 8.2.0": [[0, 27]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[38, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50413"}}
{"text": "LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: LogonTracer 1.2.0": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49918"}}
{"text": "LPAR2RRD 8.04 - Remote Code Execution (RCE)", "spans": {"SYSTEM: LPAR2RRD 8.04": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52391"}}
{"text": "Lucee 5.4.2.17 - Authenticated Reflected XSS", "spans": {"SYSTEM: Lucee 5.4.2.17": [[0, 14]], "VULNERABILITY: XSS": [[41, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51668"}}
{"text": "M/Monit 3.7.4 - Password Disclosure", "spans": {"SYSTEM: M/Monit 3.7.4": [[0, 13]], "VULNERABILITY: Password Disclosure": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49081"}}
{"text": "M/Monit 3.7.4 - Privilege Escalation", "spans": {"SYSTEM: M/Monit 3.7.4": [[0, 13]], "VULNERABILITY: Privilege Escalation": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49080"}}
{"text": "Magento ver. 2.4.6 - XSLT Server Side Injection", "spans": {"SYSTEM: Magento ver. 2.4.6": [[0, 18]], "VULNERABILITY: XSLT Server Side Injection": [[21, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51847"}}
{"text": "MagnusSolution magnusbilling 7.3.0 - Command Injection", "spans": {"SYSTEM: MagnusSolution magnusbilling 7.3.0": [[0, 34]], "VULNERABILITY: Command Injection": [[37, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52170"}}
{"text": "mailcow 2025-01a - Host Header Password Reset Poisoning", "spans": {"SYSTEM: mailcow 2025-01a": [[0, 16]], "VULNERABILITY: Host Header Password Reset Poisoning": [[19, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52485"}}
{"text": "Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Mailhog 1.0.1": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50971"}}
{"text": "ManageEngin AMP 4.3.0 - File-path-traversal", "spans": {"SYSTEM: ManageEngin AMP 4.3.0": [[0, 21]], "VULNERABILITY: File-path-traversal": [[24, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51222"}}
{"text": "ManageEngine ADSelfService Plus 6.1 - CSV Injection", "spans": {"SYSTEM: ManageEngine ADSelfService Plus 6.1": [[0, 35]], "VULNERABILITY: CSV Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49885"}}
{"text": "MaNGOSWebV4  4.0.6 - Reflected XSS", "spans": {"SYSTEM: MaNGOSWebV4  4.0.6": [[0, 18]], "VULNERABILITY: XSS": [[31, 34]]}, "info": {"source": "exploitdb", "exploit_id": "52457"}}
{"text": "Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Markdown Explorer 0.1.1": [[0, 23]], "VULNERABILITY: Persistent Cross-Site Scripting": [[26, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49826"}}
{"text": "Markdownify 1.2.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Markdownify 1.2.0": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49835"}}
{"text": "Markright 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Markright 1.0": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49834"}}
{"text": "Marky 0.0.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Marky 0.0.1": [[0, 11]], "VULNERABILITY: Persistent Cross-Site Scripting": [[14, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49831"}}
{"text": "Mezzanine CMS 6.1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Mezzanine CMS 6.1.0": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52385"}}
{"text": "Microsoft SharePoint Enterprise Server 2016 - Spoofing", "spans": {"SYSTEM: Microsoft SharePoint Enterprise Server 2016": [[0, 43]], "VULNERABILITY: Spoofing": [[46, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51543"}}
{"text": "Mida eFramework 2.9.0 - Remote Code Execution", "spans": {"SYSTEM: Mida eFramework 2.9.0": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48768"}}
{"text": "MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)", "spans": {"SYSTEM: MiniWeb HTTP Server 0.8.19": [[0, 26]], "VULNERABILITY: Buffer Overflow": [[29, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49247"}}
{"text": "Moeditor 0.2.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Moeditor 0.2.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49830"}}
{"text": "mojoPortal forums 2.7.0.0 - 'Title' Persistent Cross-Site Scripting", "spans": {"SYSTEM: mojoPortal forums 2.7.0.0": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49184"}}
{"text": "Monica 2.19.1 - 'last_name' Stored XSS", "spans": {"SYSTEM: Monica 2.19.1": [[0, 13]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49582"}}
{"text": "Moodle 4.4.0 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Moodle 4.4.0": [[0, 12]], "VULNERABILITY: Authenticated Remote Code Execution": [[15, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52350"}}
{"text": "motionEye 0.43.1b4 - RCE", "spans": {"SYSTEM: motionEye 0.43.1b4": [[0, 18]], "VULNERABILITY: RCE": [[21, 24]]}, "info": {"source": "exploitdb", "exploit_id": "52481"}}
{"text": "MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)", "spans": {"SYSTEM: MotoCMS Version 3.4.3": [[0, 21]], "VULNERABILITY: SSTI": [[56, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51499"}}
{"text": "Mumara Classic 2.93 - 'license' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Mumara Classic 2.93": [[0, 19]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50518"}}
{"text": "myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: myfactory FMS 7.1-911": [[0, 21]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[35, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50428"}}
{"text": "Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Nagios Log Server 2.1.6": [[0, 23]], "VULNERABILITY: Persistent Cross-Site Scripting": [[26, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48772"}}
{"text": "Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Nagios Log Server 2.1.7": [[0, 23]], "VULNERABILITY: Persistent Cross-Site Scripting": [[26, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49082"}}
{"text": "Nagios Log Server 2024R1.3.1 - API Key Exposure", "spans": {"SYSTEM: Nagios Log Server 2024R1.3.1": [[0, 28]], "VULNERABILITY: API Key Exposure": [[31, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52177"}}
{"text": "Nagios Log Server 2024R1.3.1 - Stored XSS", "spans": {"SYSTEM: Nagios Log Server 2024R1.3.1": [[0, 28]], "VULNERABILITY: XSS": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52117"}}
{"text": "Nagios Xi 5.6.6 - Authenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: Nagios Xi 5.6.6": [[0, 15]], "VULNERABILITY: Authenticated Remote Code Execution": [[18, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52138"}}
{"text": "Nagios XI Version 2024R1.01 - SQL Injection", "spans": {"SYSTEM: Nagios XI Version 2024R1.01": [[0, 27]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51925"}}
{"text": "Netsia SEBA+ 0.16.1 - Add Root User (Metasploit)", "spans": {"SYSTEM: Netsia SEBA+ 0.16.1": [[0, 19]], "VULNERABILITY: Add Root User": [[22, 35]], "TOOL: Metasploit": [[37, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49435"}}
{"text": "Newgen Correspondence Management System (corms) eGov 12.0 - IDOR", "spans": {"SYSTEM: Newgen Correspondence Management System (corms) eGov 12.0": [[0, 57]], "VULNERABILITY: IDOR": [[60, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49378"}}
{"text": "NewsLister - Authenticated Persistent Cross-Site Scripting", "spans": {"SYSTEM: NewsLister": [[0, 10]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49160"}}
{"text": "Next.js Middleware 15.2.2 -  Authorization Bypass", "spans": {"SYSTEM: Next.js Middleware 15.2.2": [[0, 25]], "VULNERABILITY: Authorization Bypass": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52124"}}
{"text": "NodeBB Forum 1.12.2-1.14.2 - Account Takeover", "spans": {"SYSTEM: NodeBB Forum 1.12.2-1.14.2": [[0, 26]], "VULNERABILITY: Account Takeover": [[29, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48875"}}
{"text": "NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write", "spans": {"SYSTEM: NodeBB Plugin Emoji 3.2.1": [[0, 25]], "VULNERABILITY: Arbitrary File Write": [[28, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49813"}}
{"text": "NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection", "spans": {"SYSTEM: NOKIA VitalSuite SPM 2020": [[0, 25]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48528"}}
{"text": "nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting", "spans": {"SYSTEM: nopCommerce Store 4.30": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49093"}}
{"text": "NoteMark < 0.13.0 - Stored XSS", "spans": {"SYSTEM: NoteMark < 0.13.0": [[0, 17]], "VULNERABILITY: XSS": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "52078"}}
{"text": "OCS Inventory NG 2.7 - Remote Code Execution", "spans": {"SYSTEM: OCS Inventory NG 2.7": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48634"}}
{"text": "OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: OctoBot WebInterface 0.4.3": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50979"}}
{"text": "OctoPrint 1.11.2 - File Upload", "spans": {"SYSTEM: OctoPrint 1.11.2": [[0, 16]], "VULNERABILITY: File Upload": [[19, 30]]}, "info": {"source": "exploitdb", "exploit_id": "52476"}}
{"text": "Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection", "spans": {"SYSTEM: Odine Solutions GateKeeper 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50381"}}
{"text": "Odoo 12.0 - Local File Inclusion", "spans": {"SYSTEM: Odoo 12.0": [[0, 9]], "VULNERABILITY: Local File Inclusion": [[12, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48609"}}
{"text": "Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting", "spans": {"SYSTEM: Online News Portal System 1.0": [[0, 29]], "VULNERABILITY: Stored Cross Site Scripting": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49162"}}
{"text": "Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Online Voting System Project in PHP": [[0, 35]], "VULNERABILITY: Persistent Cross-Site Scripting": [[49, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49159"}}
{"text": "Open Game Panel - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Open Game Panel": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50373"}}
{"text": "OpenCTI 3.3.1 - Directory Traversal", "spans": {"SYSTEM: OpenCTI 3.3.1": [[0, 13]], "VULNERABILITY: Directory Traversal": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48595"}}
{"text": "OpenEDX platform Ironwood 2.5 - Remote Code Execution", "spans": {"SYSTEM: OpenEDX platform Ironwood 2.5": [[0, 29]], "VULNERABILITY: Remote Code Execution": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48500"}}
{"text": "Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting", "spans": {"SYSTEM: Openlitespeed 1.7.9": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting": [[30, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49727"}}
{"text": "Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1)", "spans": {"SYSTEM: Openlitespeed Web Server 1.7.8": [[0, 30]], "VULNERABILITY: Command Injection": [[33, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49483"}}
{"text": "Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)", "spans": {"SYSTEM: Openlitespeed WebServer 1.7.8": [[0, 29]], "VULNERABILITY: Command Injection": [[32, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49556"}}
{"text": "openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting", "spans": {"SYSTEM: openMAINT openMAINT 2.1-3.3-b": [[0, 29]], "VULNERABILITY: Persistent Cross-Site Scripting": [[43, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49649"}}
{"text": "OpenPanel 0.3.4 - Directory Traversal", "spans": {"SYSTEM: OpenPanel 0.3.4": [[0, 15]], "VULNERABILITY: Directory Traversal": [[18, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52195"}}
{"text": "OpenPanel 0.3.4 - Incorrect Access Control", "spans": {"SYSTEM: OpenPanel 0.3.4": [[0, 15]], "VULNERABILITY: Incorrect Access Control": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52196"}}
{"text": "OpenPanel 0.3.4 - OS Command Injection", "spans": {"SYSTEM: OpenPanel 0.3.4": [[0, 15]], "VULNERABILITY: Command Injection": [[21, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52197"}}
{"text": "OpenPanel Copy and View functions in the File Manager 0.3.4 - Directory Traversal", "spans": {"SYSTEM: OpenPanel Copy and View functions in the File Manager 0.3.4": [[0, 59]], "VULNERABILITY: Directory Traversal": [[62, 81]]}, "info": {"source": "exploitdb", "exploit_id": "52198"}}
{"text": "OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting", "spans": {"SYSTEM: OpenText Content Server 20.3": [[0, 28]], "VULNERABILITY: Stored Cross-Site Scripting": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49578"}}
{"text": "OPSWAT Metadefender Core - Privilege Escalation", "spans": {"SYSTEM: OPSWAT Metadefender Core": [[0, 24]], "VULNERABILITY: Privilege Escalation": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51113"}}
{"text": "Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS", "spans": {"SYSTEM: Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715": [[0, 63]], "VULNERABILITY: XSS": [[73, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49444"}}
{"text": "Oracle Fatwire 6.3 - Multiple Vulnerabilities", "spans": {"SYSTEM: Oracle Fatwire 6.3": [[0, 18]], "VULNERABILITY: Multiple Vulnerabilities": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50167"}}
{"text": "orangescrum 1.8.0 - 'Multiple' Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: orangescrum 1.8.0": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50554"}}
{"text": "orangescrum 1.8.0 - 'Multiple' SQL Injection (Authenticated)", "spans": {"SYSTEM: orangescrum 1.8.0": [[0, 17]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50553"}}
{"text": "orangescrum 1.8.0 - Privilege escalation (Authenticated)", "spans": {"SYSTEM: orangescrum 1.8.0": [[0, 17]], "VULNERABILITY: Privilege escalation": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50551"}}
{"text": "OSGi v3.7.2 (and below) Console - RCE", "spans": {"SYSTEM: OSGi v3.7.2 (and below) Console": [[0, 31]], "VULNERABILITY: RCE": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51879"}}
{"text": "OSGi v3.8-3.18 Console - RCE", "spans": {"SYSTEM: OSGi v3.8-3.18 Console": [[0, 22]], "VULNERABILITY: RCE": [[25, 28]]}, "info": {"source": "exploitdb", "exploit_id": "51878"}}
{"text": "Ozeki SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)", "spans": {"SYSTEM: Ozeki SMS Gateway 10.3.208": [[0, 26]], "VULNERABILITY: Arbitrary File Read": [[29, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51646"}}
{"text": "Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Palo Alto Cortex XSOAR 6.5.0": [[0, 28]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[31, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51343"}}
{"text": "Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover", "spans": {"SYSTEM: Palo Alto Networks Expedition 1.2.90.1": [[0, 38]], "VULNERABILITY: Admin Account Takeover": [[41, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52129"}}
{"text": "PaperCut NG/MG 22.0.4 - Authentication Bypass", "spans": {"SYSTEM: PaperCut NG/MG 22.0.4": [[0, 21]], "VULNERABILITY: Authentication Bypass": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51391"}}
{"text": "PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: PaperCut NG/MG 22.0.4": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51452"}}
{"text": "Payara Micro Community 5.2021.6 - Directory Traversal", "spans": {"SYSTEM: Payara Micro Community 5.2021.6": [[0, 31]], "VULNERABILITY: Directory Traversal": [[34, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50371"}}
{"text": "Pega Platform 8.1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Pega Platform 8.1.0": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51099"}}
{"text": "perfexcrm 1.10 - 'State' Stored Cross-site scripting (XSS)", "spans": {"SYSTEM: perfexcrm 1.10": [[0, 14]], "VULNERABILITY: XSS": [[54, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50097"}}
{"text": "perfSONAR v4.4.5 - Partial Blind CSRF", "spans": {"SYSTEM: perfSONAR v4.4.5": [[0, 16]], "VULNERABILITY: CSRF": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51186"}}
{"text": "PESCMS TEAM 2.3.2 - Multiple Reflected XSS", "spans": {"SYSTEM: PESCMS TEAM 2.3.2": [[0, 17]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49072"}}
{"text": "phpMyFAQ  3.1.7 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: phpMyFAQ  3.1.7": [[0, 15]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[18, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52445"}}
{"text": "phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)", "spans": {"SYSTEM: phpPgAdmin 7.13.0": [[0, 17]], "VULNERABILITY: COPY FROM PROGRAM Command Execution": [[20, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49736"}}
{"text": "Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection", "spans": {"SYSTEM: Phpscript-sgh 0.1.0": [[0, 19]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49192"}}
{"text": "Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE", "spans": {"SYSTEM: Pie Register WordPress Plugin 3.7.1.4": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52370"}}
{"text": "Pimcore 11.4.2 - Stored cross site scripting", "spans": {"SYSTEM: Pimcore 11.4.2": [[0, 14]], "VULNERABILITY: Stored cross site scripting": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52194"}}
{"text": "Pimcore customer-data-framework 4.2.0 -  SQL injection", "spans": {"SYSTEM: Pimcore customer-data-framework 4.2.0": [[0, 37]], "VULNERABILITY: SQL injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52193"}}
{"text": "Piranha CMS 12.0 - Stored XSS in Text Block", "spans": {"SYSTEM: Piranha CMS 12.0": [[0, 16]], "VULNERABILITY: XSS": [[26, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52471"}}
{"text": "PivotX 3.0.0 RC3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: PivotX 3.0.0 RC3": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52361"}}
{"text": "Pixelimity 1.0 - 'password' Cross-Site Request Forgery", "spans": {"SYSTEM: Pixelimity 1.0": [[0, 14]], "VULNERABILITY: Cross-Site Request Forgery": [[28, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49519"}}
{"text": "Plane 0.23.1 - Server side request forgery (SSRF)", "spans": {"SYSTEM: Plane 0.23.1": [[0, 12]], "VULNERABILITY: SSRF": [[44, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52211"}}
{"text": "Plastic SCM 10.0.16.5622 - WebAdmin Server Access", "spans": {"SYSTEM: Plastic SCM 10.0.16.5622": [[0, 24]], "VULNERABILITY: WebAdmin Server Access": [[27, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50426"}}
{"text": "Plone CMS 5.2.3 - 'Title' Stored XSS", "spans": {"SYSTEM: Plone CMS 5.2.3": [[0, 15]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49668"}}
{"text": "Postbird 0.8.4 - Javascript Injection", "spans": {"SYSTEM: Postbird 0.8.4": [[0, 14]], "VULNERABILITY: Javascript Injection": [[17, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49910"}}
{"text": "ProcessMaker 3.5.4 - Local File inclusion", "spans": {"SYSTEM: ProcessMaker 3.5.4": [[0, 18]], "VULNERABILITY: Local File inclusion": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50229"}}
{"text": "ProConf 6.0 -  Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: ProConf 6.0": [[0, 11]], "VULNERABILITY: Insecure Direct Object Reference": [[15, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52236"}}
{"text": "Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass", "spans": {"SYSTEM: Progress Telerik Report Server 2024 Q1 (10.0.24.305)": [[0, 52]], "VULNERABILITY: Authentication Bypass": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "52103"}}
{"text": "projectworlds Online Admission System 1.0 - SQL Injection", "spans": {"SYSTEM: projectworlds Online Admission System 1.0": [[0, 41]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52398"}}
{"text": "Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)", "spans": {"SYSTEM: Provide Server v.14.4 XSS": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51264"}}
{"text": "Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Pterodactyl Panel 1.11.11": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52341"}}
{"text": "qdPM < 9.1 - Remote Code Execution", "spans": {"SYSTEM: qdPM < 9.1": [[0, 10]], "VULNERABILITY: Remote Code Execution": [[13, 34]]}, "info": {"source": "exploitdb", "exploit_id": "48146"}}
{"text": "React Server 19.2.0 - Remote Code Execution", "spans": {"SYSTEM: React Server 19.2.0": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52506"}}
{"text": "Real Web Pentesting Tutorial Step by Step - [Persian]", "spans": {"SYSTEM: Real Web Pentesting Tutorial Step by Step": [[0, 41]], "VULNERABILITY: [Persian]": [[44, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48108"}}
{"text": "reNgine 2.2.0 - Command Injection (Authenticated)", "spans": {"SYSTEM: reNgine 2.2.0": [[0, 13]], "VULNERABILITY: Command Injection": [[16, 33]]}, "info": {"source": "exploitdb", "exploit_id": "52081"}}
{"text": "RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)", "spans": {"SYSTEM: RiteCMS 3.0.0": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[26, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52413"}}
{"text": "RiteCMS 3.1.0 - Authenticated Remote Code Execution", "spans": {"SYSTEM: RiteCMS 3.1.0": [[0, 13]], "VULNERABILITY: Authenticated Remote Code Execution": [[16, 51]]}, "info": {"source": "exploitdb", "exploit_id": "52488"}}
{"text": "RomM  4.4.0 -  XSS_CSRF Chain", "spans": {"SYSTEM: RomM  4.4.0": [[0, 11]], "VULNERABILITY: CSRF": [[19, 23]]}, "info": {"source": "exploitdb", "exploit_id": "52505"}}
{"text": "Roundcube 1.6.10 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Roundcube 1.6.10": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52324"}}
{"text": "Royal Elementor Addons and Templates 1.3.78 - Unauthenticated Arbitrary File Upload", "spans": {"SYSTEM: Royal Elementor Addons and Templates 1.3.78": [[0, 43]], "VULNERABILITY: Arbitrary File Upload": [[62, 83]]}, "info": {"source": "exploitdb", "exploit_id": "52127"}}
{"text": "RPi-Jukebox-RFID 2.8.0 - Remote Command Execution", "spans": {"SYSTEM: RPi-Jukebox-RFID 2.8.0": [[0, 22]], "VULNERABILITY: Remote Command Execution": [[25, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52468"}}
{"text": "RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: RPi-Jukebox-RFID 2.8.0": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[25, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52470"}}
{"text": "RSA IG&L Aveksa 7.1.1 - Remote Code Execution", "spans": {"SYSTEM: RSA IG&L Aveksa 7.1.1": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48639"}}
{"text": "Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS", "spans": {"SYSTEM: Rumble Mail Server 0.51.3135": [[0, 28]], "VULNERABILITY: XSS": [[56, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49254"}}
{"text": "Rumble Mail Server 0.51.3135 - 'servername' Stored XSS", "spans": {"SYSTEM: Rumble Mail Server 0.51.3135": [[0, 28]], "VULNERABILITY: XSS": [[51, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49253"}}
{"text": "Rumble Mail Server 0.51.3135 - 'username' Stored XSS", "spans": {"SYSTEM: Rumble Mail Server 0.51.3135": [[0, 28]], "VULNERABILITY: XSS": [[49, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49255"}}
{"text": "RWS WorldServer 11.7.3 - Session Token Enumeration", "spans": {"SYSTEM: RWS WorldServer 11.7.3": [[0, 22]], "VULNERABILITY: Session Token Enumeration": [[25, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51619"}}
{"text": "Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: Schlix CMS 2.2.6-6": [[0, 18]], "VULNERABILITY: Persistent Cross-Site Scripting": [[29, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49837"}}
{"text": "Schlix CMS 2.2.6-6 - Arbitary File Upload (Authenticated)", "spans": {"SYSTEM: Schlix CMS 2.2.6-6": [[0, 18]], "VULNERABILITY: File Upload": [[30, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49897"}}
{"text": "Schlix CMS 2.2.6-6 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Schlix CMS 2.2.6-6": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49838"}}
{"text": "SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated)", "spans": {"SYSTEM: SCM Manager 1.60": [[0, 16]], "VULNERABILITY: Cross-Site Scripting": [[19, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51488"}}
{"text": "Scratch Desktop 3.17 - Remote Code Execution", "spans": {"SYSTEM: Scratch Desktop 3.17": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50079"}}
{"text": "Seacms 11.1 - 'checkuser' Stored XSS", "spans": {"SYSTEM: Seacms 11.1": [[0, 11]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49251"}}
{"text": "Seacms 11.1 - 'file' Local File Inclusion", "spans": {"SYSTEM: Seacms 11.1": [[0, 11]], "VULNERABILITY: Local File Inclusion": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49250"}}
{"text": "Seacms 11.1 - 'ip and weburl' Remote Command Execution", "spans": {"SYSTEM: Seacms 11.1": [[0, 11]], "VULNERABILITY: Remote Command Execution": [[30, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49249"}}
{"text": "Secure Web Gateway 10.2.11 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Secure Web Gateway 10.2.11": [[0, 26]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[29, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51237"}}
{"text": "Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution", "spans": {"SYSTEM: Selea CarPlateServer (CPS) 4.0.1.6": [[0, 34]], "VULNERABILITY: Remote Program Execution": [[37, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49452"}}
{"text": "ServiceNow - Username Enumeration", "spans": {"SYSTEM: ServiceNow": [[0, 10]], "VULNERABILITY: Username Enumeration": [[13, 33]]}, "info": {"source": "exploitdb", "exploit_id": "50741"}}
{"text": "ServiceNow Multiple Versions - Input Validation & Template Injection", "spans": {"SYSTEM: ServiceNow Multiple Versions": [[0, 28]], "VULNERABILITY: Input Validation & Template Injection": [[31, 68]]}, "info": {"source": "exploitdb", "exploit_id": "52410"}}
{"text": "Servisnet Tessa - Add sysAdmin User (Unauthenticated) (Metasploit)", "spans": {"SYSTEM: Servisnet Tessa": [[0, 15]], "VULNERABILITY: Add sysAdmin User": [[18, 35]], "TOOL: Metasploit": [[55, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50714"}}
{"text": "Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit)", "spans": {"SYSTEM: Servisnet Tessa": [[0, 15]], "VULNERABILITY: MQTT Credentials Dump": [[18, 39]], "TOOL: Metasploit": [[59, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50713"}}
{"text": "Servisnet Tessa - Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Servisnet Tessa": [[0, 15]], "VULNERABILITY: Privilege Escalation": [[18, 38]], "TOOL: Metasploit": [[40, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50712"}}
{"text": "Setelsa Conacwin 3.7.1.2 - Local File Inclusion", "spans": {"SYSTEM: Setelsa Conacwin 3.7.1.2": [[0, 24]], "VULNERABILITY: Local File Inclusion": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49133"}}
{"text": "Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Shoplazza 1.1": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51150"}}
{"text": "Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)", "spans": {"SYSTEM: Sickbeard 0.1": [[0, 13]], "VULNERABILITY: Cross-Site Request Forgery": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48712"}}
{"text": "Siklu EtherHaul Series EH-8010 - Arbitrary File Upload", "spans": {"SYSTEM: Siklu EtherHaul Series EH-8010": [[0, 30]], "VULNERABILITY: Arbitrary File Upload": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52467"}}
{"text": "Siklu EtherHaul Series EH-8010 - Remote Command Execution", "spans": {"SYSTEM: Siklu EtherHaul Series EH-8010": [[0, 30]], "VULNERABILITY: Remote Command Execution": [[33, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52466"}}
{"text": "SilverStripe 5.3.8  - Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: SilverStripe 5.3.8": [[0, 18]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52199"}}
{"text": "Simple File List WordPress Plugin 4.2.2 - File Upload to RCE", "spans": {"SYSTEM: Simple File List WordPress Plugin 4.2.2": [[0, 39]], "VULNERABILITY: RCE": [[57, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52371"}}
{"text": "Simple Traffic Offense System 1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Simple Traffic Offense System 1.0": [[0, 33]], "VULNERABILITY: Stored Cross Site Scripting": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50073"}}
{"text": "SISQUALWFM 7.1.319.103 - Host Header Injection", "spans": {"SYSTEM: SISQUALWFM 7.1.319.103": [[0, 22]], "VULNERABILITY: Host Header Injection": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51796"}}
{"text": "Sitecore 10.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Sitecore 10.4": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52344"}}
{"text": "Sitefinity 15.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Sitefinity 15.0": [[0, 15]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[18, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52035"}}
{"text": "Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI", "spans": {"SYSTEM: Skyvern 0.1.85": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52335"}}
{"text": "SmartAgent 3.1.0 - Privilege Escalation", "spans": {"SYSTEM: SmartAgent 3.1.0": [[0, 16]], "VULNERABILITY: Privilege Escalation": [[19, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49415"}}
{"text": "SmarterMail 16 - Arbitrary File Upload", "spans": {"SYSTEM: SmarterMail 16": [[0, 14]], "VULNERABILITY: Arbitrary File Upload": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48580"}}
{"text": "SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS", "spans": {"SYSTEM: SmartFoxServer 2X 2.17.0": [[0, 24]], "VULNERABILITY: XSS": [[54, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49528"}}
{"text": "SnipCommand 0.1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: SnipCommand 0.1.0": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49829"}}
{"text": "SnipeIT 6.2.1 - Stored Cross Site Scripting", "spans": {"SYSTEM: SnipeIT 6.2.1": [[0, 13]], "VULNERABILITY: Stored Cross Site Scripting": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51883"}}
{"text": "Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Social Warfare WordPress Plugin 3.5.2": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "52346"}}
{"text": "Socket.io-file 2.0.31 - Arbitrary File Upload", "spans": {"SYSTEM: Socket.io-file 2.0.31": [[0, 21]], "VULNERABILITY: Arbitrary File Upload": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48713"}}
{"text": "Solar-Log 500 2.8.2 - Incorrect Access Control", "spans": {"SYSTEM: Solar-Log 500 2.8.2": [[0, 19]], "VULNERABILITY: Incorrect Access Control": [[22, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49986"}}
{"text": "Solar-Log 500 2.8.2 - Unprotected Storage of Credentials", "spans": {"SYSTEM: Solar-Log 500 2.8.2": [[0, 19]], "VULNERABILITY: Unprotected Storage of Credentials": [[22, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49987"}}
{"text": "SolarWinds Platform 2024.1 SR1 - Race Condition", "spans": {"SYSTEM: SolarWinds Platform 2024.1 SR1": [[0, 30]], "VULNERABILITY: Race Condition": [[33, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52055"}}
{"text": "Sonatype Nexus Repository 3.53.0-01 - Path Traversal", "spans": {"SYSTEM: Sonatype Nexus Repository 3.53.0-01": [[0, 35]], "VULNERABILITY: Path Traversal": [[38, 52]]}, "info": {"source": "exploitdb", "exploit_id": "52101"}}
{"text": "Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure", "spans": {"SYSTEM: Sonlogger 4.2.3.3": [[0, 17]], "VULNERABILITY: Information Disclosure": [[50, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49650"}}
{"text": "SonLogger 4.2.3.3 - Unauthenticated Arbitrary File Upload (Metasploit)", "spans": {"SYSTEM: SonLogger 4.2.3.3": [[0, 17]], "VULNERABILITY: Arbitrary File Upload": [[36, 57]], "TOOL: Metasploit": [[59, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49651"}}
{"text": "Soosyze CMS 2.0 - Brute Force Login", "spans": {"SYSTEM: Soosyze CMS 2.0": [[0, 15]], "VULNERABILITY: Brute Force Login": [[18, 35]]}, "info": {"source": "exploitdb", "exploit_id": "52416"}}
{"text": "Sophos VPN Web Panel 2020 - Denial of Service (Poc)", "spans": {"SYSTEM: Sophos VPN Web Panel 2020": [[0, 25]], "VULNERABILITY: Denial of Service": [[28, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48683"}}
{"text": "SpamTitan 7.07 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: SpamTitan 7.07": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48817"}}
{"text": "Splunk 9.0.4 - Information Disclosure", "spans": {"SYSTEM: Splunk 9.0.4": [[0, 12]], "VULNERABILITY: Information Disclosure": [[15, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51792"}}
{"text": "Splunk 9.0.5 - admin account take over", "spans": {"SYSTEM: Splunk 9.0.5": [[0, 12]], "VULNERABILITY: admin account take over": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51747"}}
{"text": "Spotweb 1.4.9 - 'search' SQL Injection", "spans": {"SYSTEM: Spotweb 1.4.9": [[0, 13]], "VULNERABILITY: SQL Injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49297"}}
{"text": "Spotweb 1.4.9 - DOM Based Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Spotweb 1.4.9": [[0, 13]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49891"}}
{"text": "SQL Monitor 12.1.31.893 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: SQL Monitor 12.1.31.893": [[0, 23]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51218"}}
{"text": "Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover", "spans": {"SYSTEM: Stacks Mobile App Builder 5.2.3": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52357"}}
{"text": "StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload", "spans": {"SYSTEM: StoryChief Wordpress Plugin 1.0.42": [[0, 34]], "VULNERABILITY: Arbitrary File Upload": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52422"}}
{"text": "Strapi 3.0.0-beta - Set Password (Unauthenticated)", "spans": {"SYSTEM: Strapi 3.0.0-beta": [[0, 17]], "VULNERABILITY: Set Password": [[20, 32]]}, "info": {"source": "exploitdb", "exploit_id": "50237"}}
{"text": "Strapi 3.0.0-beta.17.7 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Strapi 3.0.0-beta.17.7": [[0, 22]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50238"}}
{"text": "Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Strapi CMS 3.0.0-beta.17.4": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50239"}}
{"text": "Student Result Management System 1.0 - Authentication Bypass SQL Injection", "spans": {"SYSTEM: Student Result Management System 1.0": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49152"}}
{"text": "StudyMD 0.3.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: StudyMD 0.3.2": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49832"}}
{"text": "SugarCRM 14.0.0 - SSRF/Code Injection", "spans": {"SYSTEM: SugarCRM 14.0.0": [[0, 15]], "VULNERABILITY: Code Injection": [[23, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52365"}}
{"text": "Summar Employee Portal  3.98.0 - Authenticated SQL Injection", "spans": {"SYSTEM: Summar Employee Portal  3.98.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52462"}}
{"text": "Suprema BioStar 2 v2.8.16 - SQL Injection", "spans": {"SYSTEM: Suprema BioStar 2 v2.8.16": [[0, 25]], "VULNERABILITY: SQL Injection": [[28, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51340"}}
{"text": "SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration", "spans": {"SYSTEM: SureMDM On-premise < 6.31": [[0, 25]], "VULNERABILITY: CAPTCHA Bypass User Enumeration": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51804"}}
{"text": "SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation", "spans": {"SYSTEM: SureTriggers OttoKit Plugin 1.0.82": [[0, 34]], "VULNERABILITY: Privilege Escalation": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52286"}}
{"text": "Survey Sparrow Enterprise Survey Software 2022 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Survey Sparrow Enterprise Survey Software 2022": [[0, 46]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50937"}}
{"text": "Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Symantec Messaging Gateway 10.7.4": [[0, 33]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[36, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51342"}}
{"text": "Sysax MultiServer 6.90 - Reflected Cross Site Scripting", "spans": {"SYSTEM: Sysax MultiServer 6.90": [[0, 22]], "VULNERABILITY: Cross Site Scripting": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48582"}}
{"text": "T-Soft E-Commerce 4 - 'UrunAdi' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: T-Soft E-Commerce 4": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[32, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50938"}}
{"text": "T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: T-Soft E-Commerce 4": [[0, 19]], "VULNERABILITY: CSRF": [[77, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50302"}}
{"text": "T-Soft E-Commerce 4 - SQLi (Authenticated)", "spans": {"SYSTEM: T-Soft E-Commerce 4": [[0, 19]], "VULNERABILITY: SQLi": [[22, 26]]}, "info": {"source": "exploitdb", "exploit_id": "50939"}}
{"text": "Tagstoo 2.0.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Tagstoo 2.0.1": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49828"}}
{"text": "Tea LaTex 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Tea LaTex 1.0": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48805"}}
{"text": "Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Teedy 1.11": [[0, 10]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[34, 67]]}, "info": {"source": "exploitdb", "exploit_id": "52228"}}
{"text": "Tendenci 12.3.1 - CSV/ Formula Injection", "spans": {"SYSTEM: Tendenci 12.3.1": [[0, 15]], "VULNERABILITY: CSV/ Formula Injection": [[18, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49145"}}
{"text": "Testa Online Test Management System 3.4.7 - 'q' SQL Injection", "spans": {"SYSTEM: Testa Online Test Management System 3.4.7": [[0, 41]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49194"}}
{"text": "TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution", "spans": {"SYSTEM: TestBox CFML Test Framework 4.1.0": [[0, 33]], "VULNERABILITY: Remote Code Execution": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49077"}}
{"text": "TestBox CFML Test Framework 4.1.0 - Directory Traversal", "spans": {"SYSTEM: TestBox CFML Test Framework 4.1.0": [[0, 33]], "VULNERABILITY: Directory Traversal": [[36, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49078"}}
{"text": "Thinfinity VirtualUI  2.5.26.2 - Information Disclosure", "spans": {"SYSTEM: Thinfinity VirtualUI  2.5.26.2": [[0, 30]], "VULNERABILITY: Information Disclosure": [[33, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50771"}}
{"text": "Thinfinity VirtualUI 2.5.41.0  - IFRAME Injection", "spans": {"SYSTEM: Thinfinity VirtualUI 2.5.41.0": [[0, 29]], "VULNERABILITY: IFRAME Injection": [[33, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50770"}}
{"text": "ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ThingsBoard 3.3.1 'description'": [[0, 31]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[34, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51004"}}
{"text": "ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ThingsBoard 3.3.1 'name'": [[0, 24]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[27, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51003"}}
{"text": "Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Tileserver-gl 3.0.0": [[0, 19]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[28, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49771"}}
{"text": "Touchbase.io 1.10 - Stored Cross Site Scripting", "spans": {"SYSTEM: Touchbase.io 1.10": [[0, 17]], "VULNERABILITY: Stored Cross Site Scripting": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49040"}}
{"text": "Tourism Management System 2.0 - Arbitrary Shell Upload", "spans": {"SYSTEM: Tourism Management System 2.0": [[0, 29]], "VULNERABILITY: Arbitrary Shell Upload": [[32, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52433"}}
{"text": "Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901": [[0, 69]], "VULNERABILITY: Remote Code Execution": [[72, 93]], "TOOL: Metasploit": [[95, 105]]}, "info": {"source": "exploitdb", "exploit_id": "48667"}}
{"text": "UJCMS 9.6.3 - User Enumeration via IDOR", "spans": {"SYSTEM: UJCMS 9.6.3": [[0, 11]], "VULNERABILITY: IDOR": [[35, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52264"}}
{"text": "Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation", "spans": {"SYSTEM: Ultimate Member WordPress Plugin 2.6.6": [[0, 38]], "VULNERABILITY: Privilege Escalation": [[41, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52393"}}
{"text": "UNA CMS 14.0.0-RC - PHP Object Injection", "spans": {"SYSTEM: UNA CMS 14.0.0-RC": [[0, 17]], "VULNERABILITY: PHP Object Injection": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52139"}}
{"text": "Under Construction Page with CPanel 1.0 - SQL injection", "spans": {"SYSTEM: Under Construction Page with CPanel 1.0": [[0, 39]], "VULNERABILITY: SQL injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49150"}}
{"text": "Usermin 2.100 - Username Enumeration", "spans": {"SYSTEM: Usermin 2.100": [[0, 13]], "VULNERABILITY: Username Enumeration": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52254"}}
{"text": "Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Vesta Control Panel 0.9.8-26": [[0, 28]], "VULNERABILITY: Authenticated Remote Code Execution": [[31, 66]], "TOOL: Metasploit": [[68, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48294"}}
{"text": "VestaCP 0.9.8 - 'v_interface' Add IP Stored XSS", "spans": {"SYSTEM: VestaCP 0.9.8": [[0, 13]], "VULNERABILITY: XSS": [[44, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49662"}}
{"text": "VestaCP 0.9.8 - 'v_sftp_licence' Command Injection", "spans": {"SYSTEM: VestaCP 0.9.8": [[0, 13]], "VULNERABILITY: Command Injection": [[33, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49674"}}
{"text": "VestaCP 0.9.8 - File Upload CSRF", "spans": {"SYSTEM: VestaCP 0.9.8": [[0, 13]], "VULNERABILITY: CSRF": [[28, 32]]}, "info": {"source": "exploitdb", "exploit_id": "49659"}}
{"text": "VestaCP 0.9.8-26 - 'backup' Information Disclosure", "spans": {"SYSTEM: VestaCP 0.9.8-26": [[0, 16]], "VULNERABILITY: Information Disclosure": [[28, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49220"}}
{"text": "VestaCP 0.9.8-26 - 'LoginAs' Insufficient Session Validation", "spans": {"SYSTEM: VestaCP 0.9.8-26": [[0, 16]], "VULNERABILITY: Insufficient Session Validation": [[29, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49219"}}
{"text": "Vianeos OctoPUS 5 - 'login_user' SQLi", "spans": {"SYSTEM: Vianeos OctoPUS 5": [[0, 17]], "VULNERABILITY: SQLi": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50078"}}
{"text": "Virtual Reception v1.0 - Web Server Directory Traversal", "spans": {"SYSTEM: Virtual Reception v1.0": [[0, 22]], "VULNERABILITY: Directory Traversal": [[36, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51142"}}
{"text": "Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)", "spans": {"SYSTEM: Visual Tools DVR VX16 4.2.28.0": [[0, 30]], "VULNERABILITY: Command Injection": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50098"}}
{"text": "VMware vCenter Server 6.7 - Authentication Bypass", "spans": {"SYSTEM: VMware vCenter Server 6.7": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48535"}}
{"text": "VMware vCenter Server 7.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: VMware vCenter Server 7.0": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50056"}}
{"text": "VMware vCenter Server 7.0 - Unauthenticated File Upload", "spans": {"SYSTEM: VMware vCenter Server 7.0": [[0, 25]], "VULNERABILITY: File Upload": [[44, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49602"}}
{"text": "VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: VMware vSphere Client 8.0.3.0": [[0, 29]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[32, 68]]}, "info": {"source": "exploitdb", "exploit_id": "52406"}}
{"text": "VTENEXT 19 CE - Remote Code Execution", "spans": {"SYSTEM: VTENEXT 19 CE": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48804"}}
{"text": "Watcharr 1.43.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Watcharr 1.43.0": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52130"}}
{"text": "WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: WBCE CMS 1.6.3": [[0, 14]], "VULNERABILITY: Authenticated Remote Code Execution": [[17, 52]]}, "info": {"source": "exploitdb", "exploit_id": "52132"}}
{"text": "WBCE CMS 1.6.4 - Remote Code Execution", "spans": {"SYSTEM: WBCE CMS 1.6.4": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52489"}}
{"text": "WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WebCTRL OEM 6.5": [[0, 15]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[27, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50463"}}
{"text": "WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass", "spans": {"SYSTEM: WebDamn User Registration & Login System with User Panel": [[0, 56]], "VULNERABILITY: SQLi": [[59, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49170"}}
{"text": "WebFileSys 2.31.0 - Directory Path Traversal", "spans": {"SYSTEM: WebFileSys 2.31.0": [[0, 17]], "VULNERABILITY: Path Traversal": [[30, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52185"}}
{"text": "WebPort 1.19.1 - Reflected Cross-Site Scripting", "spans": {"SYSTEM: WebPort 1.19.1": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting": [[17, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48611"}}
{"text": "Webrun 3.6.0.42 - 'P_0' SQL Injection", "spans": {"SYSTEM: Webrun 3.6.0.42": [[0, 15]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50542"}}
{"text": "WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WhatsApp Desktop 0.3.9308": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48295"}}
{"text": "WhatsUp Gold 2022 (22.1.0 Build 39) - XSS", "spans": {"SYSTEM: WhatsUp Gold 2022 (22.1.0 Build 39)": [[0, 35]], "VULNERABILITY: XSS": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51781"}}
{"text": "WhatsUpGold 21.0.3 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WhatsUpGold 21.0.3": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[21, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50366"}}
{"text": "White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)", "spans": {"SYSTEM: White Star Software Protop 4.4.2-2024-11-27": [[0, 43]], "VULNERABILITY: Local File Inclusion": [[46, 66]]}, "info": {"source": "exploitdb", "exploit_id": "52367"}}
{"text": "Wing FTP Server 6.2.5 - Privilege Escalation", "spans": {"SYSTEM: Wing FTP Server 6.2.5": [[0, 21]], "VULNERABILITY: Privilege Escalation": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48154"}}
{"text": "Wondercms 4.3.2 - XSS to RCE", "spans": {"SYSTEM: Wondercms 4.3.2": [[0, 15]], "VULNERABILITY: XSS": [[18, 21]]}, "info": {"source": "exploitdb", "exploit_id": "51805"}}
{"text": "WooCommerce Customers Manager 29.4 - Post-Authenticated SQL Injection", "spans": {"SYSTEM: WooCommerce Customers Manager 29.4": [[0, 34]], "VULNERABILITY: SQL Injection": [[56, 69]]}, "info": {"source": "exploitdb", "exploit_id": "52248"}}
{"text": "WordPress  Madara - Local File Inclusion", "spans": {"SYSTEM: WordPress  Madara": [[0, 17]], "VULNERABILITY: Local File Inclusion": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52487"}}
{"text": "WordPress Backup Migration 1.3.7 - Remote Command Execution", "spans": {"SYSTEM: WordPress Backup Migration 1.3.7": [[0, 32]], "VULNERABILITY: Remote Command Execution": [[35, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52486"}}
{"text": "WordPress Depicter Plugin 3.6.1 - SQL Injection", "spans": {"SYSTEM: WordPress Depicter Plugin 3.6.1": [[0, 31]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52285"}}
{"text": "WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing", "spans": {"SYSTEM: WordPress Digits Plugin 8.4.6.1": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52307"}}
{"text": "WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation", "spans": {"SYSTEM: WordPress Frontend Login and Registration Blocks Plugin 1.0.7": [[0, 61]], "VULNERABILITY: Privilege Escalation": [[64, 84]]}, "info": {"source": "exploitdb", "exploit_id": "52291"}}
{"text": "WordPress Plugin  5.2.0 - Broken Access Control", "spans": {"SYSTEM: WordPress Plugin  5.2.0": [[0, 23]], "VULNERABILITY: Broken Access Control": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52511"}}
{"text": "Wordpress Plugin Canto 1.3.0 - Blind SSRF (Unauthenticated)", "spans": {"SYSTEM: Wordpress Plugin Canto 1.3.0": [[0, 28]], "VULNERABILITY: SSRF": [[37, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49189"}}
{"text": "WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Colorbox Lightbox v1.1.1": [[0, 41]], "VULNERABILITY: Persistent Cross-Site Scripting": [[44, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48919"}}
{"text": "WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download", "spans": {"SYSTEM: WordPress Plugin Total Upkeep 1.14.9": [[0, 36]], "VULNERABILITY: Database and Files Backup Download": [[39, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49252"}}
{"text": "WordPress Quiz Maker 6.7.0.56 - SQL Injection", "spans": {"SYSTEM: WordPress Quiz Maker 6.7.0.56": [[0, 29]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52465"}}
{"text": "WordPress User Registration & Membership Plugin 4.1.1 - Unauthenticated Privilege Escalation", "spans": {"SYSTEM: WordPress User Registration & Membership Plugin 4.1.1": [[0, 53]], "VULNERABILITY: Privilege Escalation": [[72, 92]]}, "info": {"source": "exploitdb", "exploit_id": "52137"}}
{"text": "WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass", "spans": {"SYSTEM: WordPress User Registration & Membership Plugin 4.1.2": [[0, 53]], "VULNERABILITY: Authentication Bypass": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52302"}}
{"text": "WP Publications WordPress Plugin 1.2 - Stored XSS", "spans": {"SYSTEM: WP Publications WordPress Plugin 1.2": [[0, 36]], "VULNERABILITY: XSS": [[46, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52368"}}
{"text": "WPanel 4.3.1 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WPanel 4.3.1": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50255"}}
{"text": "Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Wyomind Help Desk 1.3.6": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50113"}}
{"text": "Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection", "spans": {"SYSTEM: Xinet Elegant 6 Asset Lib Web UI 6.1.655": [[0, 40]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "52192"}}
{"text": "Xmind 2020 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Xmind 2020": [[0, 10]], "VULNERABILITY: Persistent Cross-Site Scripting": [[13, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49827"}}
{"text": "xuucms 3 - 'keywords' SQL Injection", "spans": {"SYSTEM: xuucms 3": [[0, 8]], "VULNERABILITY: SQL Injection": [[22, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49073"}}
{"text": "XWiki 14 - SQL Injection via getdeleteddocuments.vm", "spans": {"SYSTEM: XWiki 14": [[0, 8]], "VULNERABILITY: SQL Injection": [[11, 24]]}, "info": {"source": "exploitdb", "exploit_id": "52384"}}
{"text": "Xwiki CMS 12.10.2 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Xwiki CMS 12.10.2": [[0, 17]], "VULNERABILITY: Cross Site Scripting": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49437"}}
{"text": "XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)", "spans": {"SYSTEM: XWiki Platform 15.10.10": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[48, 75]], "TOOL: Metasploit": [[26, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52429"}}
{"text": "XWiki Platform 15.10.10 - Remote Code Execution", "spans": {"SYSTEM: XWiki Platform 15.10.10": [[0, 23]], "VULNERABILITY: Remote Code Execution": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52136"}}
{"text": "YesWiki 4.5.1 - Unauthenticated Path Traversal", "spans": {"SYSTEM: YesWiki 4.5.1": [[0, 13]], "VULNERABILITY: Path Traversal": [[32, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52135"}}
{"text": "YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: YOURLS 1.8.2": [[0, 12]], "VULNERABILITY: CSRF": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52446"}}
{"text": "ZesleCP 3.1.9 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: ZesleCP 3.1.9": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50233"}}
{"text": "Zhiyuan OA - arbitrary file upload leading", "spans": {"SYSTEM: Zhiyuan OA": [[0, 10]], "VULNERABILITY: arbitrary file upload leading": [[13, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52490"}}
{"text": "Zohocorp ManageEngine ADManager Plus 7210 - Elevation of Privilege", "spans": {"SYSTEM: Zohocorp ManageEngine ADManager Plus 7210": [[0, 41]], "VULNERABILITY: Elevation of Privilege": [[44, 66]]}, "info": {"source": "exploitdb", "exploit_id": "52148"}}
{"text": "Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Zyxel ZyWALL 2 Plus Internet Security Appliance": [[0, 47]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[50, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50797"}}
{"text": "unzip-stream 0.3.1 - Arbitrary File Write", "spans": {"SYSTEM: unzip-stream 0.3.1": [[0, 18]], "VULNERABILITY: Arbitrary File Write": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52276"}}
{"text": "NodeJS 24.x - Path Traversal", "spans": {"SYSTEM: NodeJS 24.x": [[0, 11]], "VULNERABILITY: Path Traversal": [[14, 28]]}, "info": {"source": "exploitdb", "exploit_id": "52369"}}
{"text": "Node.JS - 'node-serialize' Remote Code Execution (2)", "spans": {"SYSTEM: Node.JS": [[0, 7]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49552"}}
{"text": "Node.JS - 'node-serialize' Remote Code Execution (3)", "spans": {"SYSTEM: Node.JS": [[0, 7]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50036"}}
{"text": "Numbas < v7.3 - Remote Code Execution", "spans": {"SYSTEM: Numbas < v7.3": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51867"}}
{"text": "Strapi CMS 3.0.0-beta.17.4 - Set Password (Unauthenticated) (Metasploit)", "spans": {"SYSTEM: Strapi CMS 3.0.0-beta.17.4": [[0, 26]], "VULNERABILITY: Set Password": [[29, 41]], "TOOL: Metasploit": [[61, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50716"}}
{"text": "OpenSMTPD 6.4.0 < 6.6.1 - Local Privilege Escalation + Remote Code Execution", "spans": {"SYSTEM: OpenSMTPD 6.4.0 < 6.6.1": [[0, 23]], "VULNERABILITY: Remote Code Execution": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48051"}}
{"text": "OpenSMTPD < 6.6.3p1 - Local Privilege Escalation + Remote Code Execution", "spans": {"SYSTEM: OpenSMTPD < 6.6.3p1": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48140"}}
{"text": "OTRS 6.0.1 - Remote Command Execution (2)", "spans": {"SYSTEM: OTRS 6.0.1": [[0, 10]], "VULNERABILITY: Remote Command Execution": [[13, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49794"}}
{"text": "Thruk Monitoring Web Interface 3.06 - Path Traversal", "spans": {"SYSTEM: Thruk Monitoring Web Interface 3.06": [[0, 35]], "VULNERABILITY: Path Traversal": [[38, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51509"}}
{"text": "Webmin Usermin 2.100 - Username Enumeration", "spans": {"SYSTEM: Webmin Usermin 2.100": [[0, 20]], "VULNERABILITY: Username Enumeration": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52114"}}
{"text": "ImageMagick 7.1.0-49 - DoS", "spans": {"SYSTEM: ImageMagick 7.1.0-49": [[0, 20]], "VULNERABILITY: DoS": [[23, 26]]}, "info": {"source": "exploitdb", "exploit_id": "51256"}}
{"text": "WordPress Plugin WPGraphQL 1.3.5 - Denial of Service", "spans": {"SYSTEM: WordPress Plugin WPGraphQL 1.3.5": [[0, 32]], "VULNERABILITY: Denial of Service": [[35, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49807"}}
{"text": "ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (deployStart.php)": [[0, 42]], "VULNERABILITY: Unauthenticated Command Execution": [[45, 78]]}, "info": {"source": "exploitdb", "exploit_id": "52251"}}
{"text": "ABB Cylon Aspect 3.08.02 (escDevicesUpdate.php) - Denial of Service (DOS)", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (escDevicesUpdate.php)": [[0, 47]], "VULNERABILITY: Denial of Service": [[50, 67]]}, "info": {"source": "exploitdb", "exploit_id": "52218"}}
{"text": "ABB Cylon Aspect 3.08.02 (ethernetUpdate.php)  - Authenticated Path Traversal", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (ethernetUpdate.php)": [[0, 45]], "VULNERABILITY: Path Traversal": [[63, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52252"}}
{"text": "ABB Cylon Aspect 3.08.02 (webServerUpdate.php) - Input Validation Config Poisoning", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.02 (webServerUpdate.php)": [[0, 46]], "VULNERABILITY: Input Validation Config Poisoning": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "52219"}}
{"text": "ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php)  - File Write DoS", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php)": [[0, 57]], "VULNERABILITY: File Write DoS": [[61, 75]]}, "info": {"source": "exploitdb", "exploit_id": "52234"}}
{"text": "ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS", "spans": {"SYSTEM: ABB Cylon Aspect 4.00.00 (factorySaved.php)": [[0, 43]], "VULNERABILITY: XSS": [[62, 65]]}, "info": {"source": "exploitdb", "exploit_id": "52233"}}
{"text": "ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution", "spans": {"SYSTEM: ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php)": [[0, 50]], "VULNERABILITY: Remote Code Execution": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52232"}}
{"text": "PHP 7.0 < 7.4 (Unix) - 'debug_backtrace' disable_functions Bypass", "spans": {"SYSTEM: PHP 7.0 < 7.4 (Unix)": [[0, 20]], "VULNERABILITY: disable_functions Bypass": [[41, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48072"}}
{"text": "AC Repair and Services System v1.0 - Multiple SQL Injection", "spans": {"SYSTEM: AC Repair and Services System v1.0": [[0, 34]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51844"}}
{"text": "Blood Bank & Donor Management System using v2.2 - Stored XSS", "spans": {"SYSTEM: Blood Bank & Donor Management System using v2.2": [[0, 47]], "VULNERABILITY: XSS": [[57, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51750"}}
{"text": "code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: code-projects Online Exam Mastering System 1.0": [[0, 46]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[49, 85]]}, "info": {"source": "exploitdb", "exploit_id": "52272"}}
{"text": "Enrollment System v1.0 - SQL Injection", "spans": {"SYSTEM: Enrollment System v1.0": [[0, 22]], "VULNERABILITY: SQL Injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51845"}}
{"text": "Equipment Rental Script-1.0 - SQLi", "spans": {"SYSTEM: Equipment Rental Script-1.0": [[0, 27]], "VULNERABILITY: SQLi": [[30, 34]]}, "info": {"source": "exploitdb", "exploit_id": "51749"}}
{"text": "FAQ Management System v1.0 - 'faq' SQL Injection", "spans": {"SYSTEM: FAQ Management System v1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51813"}}
{"text": "Flashcard Quiz App v1.0 - 'card' SQL Injection", "spans": {"SYSTEM: Flashcard Quiz App v1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51812"}}
{"text": "Petrol Pump Management Software v.1.0 - SQL Injection", "spans": {"SYSTEM: Petrol Pump Management Software v.1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51838"}}
{"text": "Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file", "spans": {"SYSTEM: Petrol Pump Management Software v.1.0": [[0, 37]], "VULNERABILITY: Stored Cross Site Scripting": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51837"}}
{"text": "Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting", "spans": {"SYSTEM: Petrol Pump Management Software v1.0": [[0, 36]], "VULNERABILITY: Stored Cross Site Scripting": [[49, 76]]}, "info": {"source": "exploitdb", "exploit_id": "51836"}}
{"text": "Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload", "spans": {"SYSTEM: Petrol Pump Management Software v1.0": [[0, 36]], "VULNERABILITY: Remote Code Execution": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51839"}}
{"text": "PHP-FPM - Underflow Remote Code Execution (Metasploit)", "spans": {"SYSTEM: PHP-FPM": [[0, 7]], "VULNERABILITY: Remote Code Execution": [[20, 41]], "TOOL: Metasploit": [[43, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48182"}}
{"text": "PHPMyAdmin 3.0 - Bruteforce Login Bypass", "spans": {"SYSTEM: PHPMyAdmin 3.0": [[0, 14]], "VULNERABILITY: Bruteforce Login Bypass": [[17, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52414"}}
{"text": "PHPStudy - Backdoor Remote Code execution (Metasploit)", "spans": {"SYSTEM: PHPStudy": [[0, 8]], "VULNERABILITY: Backdoor Remote Code execution": [[11, 41]], "TOOL: Metasploit": [[43, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48192"}}
{"text": "Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit)", "spans": {"SYSTEM: Pi-Hole": [[0, 7]], "VULNERABILITY: heisenbergCompensator Blocklist OS Command Execution": [[10, 62]], "TOOL: Metasploit": [[64, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48491"}}
{"text": "PlaySMS - index.php Unauthenticated Template Injection Code Execution (Metasploit)", "spans": {"SYSTEM: PlaySMS": [[0, 7]], "VULNERABILITY: index.php Unauthenticated Template Injection Code Execution": [[10, 69]], "TOOL: Metasploit": [[71, 81]]}, "info": {"source": "exploitdb", "exploit_id": "48335"}}
{"text": "Real Estate Management System v1.0 - Remote Code Execution via File Upload", "spans": {"SYSTEM: Real Estate Management System v1.0": [[0, 34]], "VULNERABILITY: Remote Code Execution": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51840"}}
{"text": "Simple Inventory Management System v1.0 - 'email' SQL Injection", "spans": {"SYSTEM: Simple Inventory Management System v1.0": [[0, 39]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51808"}}
{"text": "Simple Student Attendance System v1.0 -  'classid' Time Based Blind & Union Based SQL Injection", "spans": {"SYSTEM: Simple Student Attendance System v1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[82, 95]]}, "info": {"source": "exploitdb", "exploit_id": "51842"}}
{"text": "Simple Student Attendance System v1.0 - Time Based Blind SQL Injection", "spans": {"SYSTEM: Simple Student Attendance System v1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51841"}}
{"text": "WonderCMS 3.4.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: WonderCMS 3.4.2": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52271"}}
{"text": "'customhs_js_content' - 'customhs_js_content' Cross-Site Request Forgery", "spans": {"SYSTEM: 'customhs_js_content'": [[0, 21], [24, 45]], "VULNERABILITY: Cross-Site Request Forgery": [[46, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49712"}}
{"text": "101 News 1.0 - Multiple-SQLi", "spans": {"SYSTEM: 101 News 1.0": [[0, 12]], "VULNERABILITY: SQLi": [[24, 28]]}, "info": {"source": "exploitdb", "exploit_id": "51759"}}
{"text": "4images 1.8 - 'limitnumber' SQL Injection (Authenticated)", "spans": {"SYSTEM: 4images 1.8": [[0, 11]], "VULNERABILITY: SQL Injection": [[28, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50193"}}
{"text": "4Images 1.8 - 'redirect' Reflected XSS", "spans": {"SYSTEM: 4Images 1.8": [[0, 11]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49945"}}
{"text": "4images 1.9 - Remote Command Execution (RCE)", "spans": {"SYSTEM: 4images 1.9": [[0, 11]], "VULNERABILITY: Remote Command Execution": [[14, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51147"}}
{"text": "4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting", "spans": {"SYSTEM: 4images v1.7.11": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting": [[34, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49339"}}
{"text": "60CycleCMS - 'news.php' SQL Injection", "spans": {"SYSTEM: 60CycleCMS": [[0, 10]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48177"}}
{"text": "Abantecart v1.3.2 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Abantecart v1.3.2": [[0, 17]], "VULNERABILITY: Authenticated Remote Code Execution": [[20, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51058"}}
{"text": "ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials", "spans": {"SYSTEM: ABB Cylon Aspect 3.07.01": [[0, 24]], "VULNERABILITY: Hard-coded Default Credentials": [[27, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52112"}}
{"text": "ABB Cylon Aspect 3.08.01 - Arbitrary File Delete", "spans": {"SYSTEM: ABB Cylon Aspect 3.08.01": [[0, 24]], "VULNERABILITY: Arbitrary File Delete": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52108"}}
{"text": "Academy LMS 6.0 - Reflected XSS", "spans": {"SYSTEM: Academy LMS 6.0": [[0, 15]], "VULNERABILITY: XSS": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51654"}}
{"text": "Academy LMS 6.1 - Arbitrary File Upload", "spans": {"SYSTEM: Academy LMS 6.1": [[0, 15]], "VULNERABILITY: Arbitrary File Upload": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51702"}}
{"text": "Academy LMS 6.2 - SQL Injection", "spans": {"SYSTEM: Academy LMS 6.2": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51758"}}
{"text": "Accounting Journal Management System 1.0 - 'id' SQLi (Authenticated)", "spans": {"SYSTEM: Accounting Journal Management System 1.0": [[0, 40]], "VULNERABILITY: SQLi": [[48, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50736"}}
{"text": "Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities", "spans": {"SYSTEM: Active Super Shop CMS v2.5": [[0, 26]], "VULNERABILITY: HTML Injection Vulnerabilities": [[29, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51613"}}
{"text": "addressbook 9.0.0.1 - 'id' SQL Injection", "spans": {"SYSTEM: addressbook 9.0.0.1": [[0, 19]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48416"}}
{"text": "Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting", "spans": {"SYSTEM: Adiscon LogAnalyzer v.4.1.13": [[0, 28]], "VULNERABILITY: Cross Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51643"}}
{"text": "Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password)", "spans": {"SYSTEM: Adive Framework 2.0.8": [[0, 21]], "VULNERABILITY: Cross-Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47966"}}
{"text": "Adive Framework 2.0.8 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Adive Framework 2.0.8": [[0, 21]], "VULNERABILITY: Persistent Cross-Site Scripting": [[24, 55]]}, "info": {"source": "exploitdb", "exploit_id": "47946"}}
{"text": "Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure", "spans": {"SYSTEM: Adlisting Classified Ads 2.14.0": [[0, 31]], "VULNERABILITY: Information Disclosure": [[50, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51667"}}
{"text": "Admidio v4.2.10 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Admidio v4.2.10": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51590"}}
{"text": "admidio v4.2.5 - CSV Injection", "spans": {"SYSTEM: admidio v4.2.5": [[0, 14]], "VULNERABILITY: CSV Injection": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51402"}}
{"text": "AdminLTE PiHole 5.18 - Broken Access Control", "spans": {"SYSTEM: AdminLTE PiHole 5.18": [[0, 20]], "VULNERABILITY: Broken Access Control": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51705"}}
{"text": "Advanced Comment System 1.0 - 'ACS_path' Path Traversal", "spans": {"SYSTEM: Advanced Comment System 1.0": [[0, 27]], "VULNERABILITY: Path Traversal": [[41, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49343"}}
{"text": "Advanced Guestbook 2.4.4 - 'Smilies' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Advanced Guestbook 2.4.4": [[0, 24]], "VULNERABILITY: Persistent Cross-Site Scripting": [[37, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49875"}}
{"text": "Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Advanced Page Visit Counter 1.0": [[0, 31]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[41, 74]]}, "info": {"source": "exploitdb", "exploit_id": "51785"}}
{"text": "Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Advanced Webhost Billing System 3.7.0": [[0, 37]], "VULNERABILITY: CSRF": [[68, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49369"}}
{"text": "AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.", "spans": {"SYSTEM: AEGON LIFE v1.0 Life Insurance Management System": [[0, 48]], "VULNERABILITY: SQL injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "52046"}}
{"text": "AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)", "spans": {"SYSTEM: AEGON LIFE v1.0 Life Insurance Management System": [[0, 48]], "VULNERABILITY: XSS": [[80, 83]]}, "info": {"source": "exploitdb", "exploit_id": "52042"}}
{"text": "Aero CMS v0.0.1 - PHP Code Injection (auth)", "spans": {"SYSTEM: Aero CMS v0.0.1": [[0, 15]], "VULNERABILITY: Code Injection": [[22, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51085"}}
{"text": "Aero CMS v0.0.1 - SQL Injection (no auth)", "spans": {"SYSTEM: Aero CMS v0.0.1": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51083"}}
{"text": "Aero CMS v0.0.1 - SQLi", "spans": {"SYSTEM: Aero CMS v0.0.1": [[0, 15]], "VULNERABILITY: SQLi": [[18, 22]]}, "info": {"source": "exploitdb", "exploit_id": "51022"}}
{"text": "Affiliate Me Version 5.0.1 - SQL Injection", "spans": {"SYSTEM: Affiliate Me Version 5.0.1": [[0, 26]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51468"}}
{"text": "Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: Affiliate Pro 1.7": [[0, 17]], "VULNERABILITY: Cross Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50678"}}
{"text": "Agilebio Lab Collector Electronic Lab Notebook  v4.234 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Agilebio Lab Collector Electronic Lab Notebook  v4.234": [[0, 54]], "VULNERABILITY: Remote Code Execution (RCE)": [[57, 84]]}, "info": {"source": "exploitdb", "exploit_id": "51307"}}
{"text": "Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection", "spans": {"SYSTEM: Aimeos Laravel ecommerce platform 2021.10 LTS": [[0, 45]], "VULNERABILITY: SQL injection": [[55, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50538"}}
{"text": "Air Cargo Management System v1.0 - SQLi", "spans": {"SYSTEM: Air Cargo Management System v1.0": [[0, 32]], "VULNERABILITY: SQLi": [[35, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50779"}}
{"text": "Akaunting 3.1.8 - Server-Side Template Injection (SSTI)", "spans": {"SYSTEM: Akaunting 3.1.8": [[0, 15]], "VULNERABILITY: SSTI": [[50, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52030"}}
{"text": "Akaunting < 3.1.3 - RCE", "spans": {"SYSTEM: Akaunting < 3.1.3": [[0, 17]], "VULNERABILITY: RCE": [[20, 23]]}, "info": {"source": "exploitdb", "exploit_id": "51870"}}
{"text": "Alfresco 5.2.4 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Alfresco 5.2.4": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48162"}}
{"text": "Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)", "spans": {"SYSTEM: Alphaware E-Commerce System 1.0": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49652"}}
{"text": "AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: AlphaWeb XE": [[0, 11]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50297"}}
{"text": "Alumni Management System 1.0 - _Course Form_ Stored XSS", "spans": {"SYSTEM: Alumni Management System 1.0": [[0, 28]], "VULNERABILITY: XSS": [[52, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49286"}}
{"text": "Alumni Management System 1.0 - _Last Name field in Registration page_ Stored XSS", "spans": {"SYSTEM: Alumni Management System 1.0": [[0, 28]], "VULNERABILITY: XSS": [[77, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49433"}}
{"text": "Alumni Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Alumni Management System 1.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49287"}}
{"text": "Alumni Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Alumni Management System 1.0": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48883"}}
{"text": "Alumni Management System 1.0 - Unrestricted File Upload To RCE", "spans": {"SYSTEM: Alumni Management System 1.0": [[0, 28]], "VULNERABILITY: RCE": [[59, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49285"}}
{"text": "AmazCart CMS 3.4 - Cross-Site-Scripting (XSS)", "spans": {"SYSTEM: AmazCart CMS 3.4": [[0, 16]], "VULNERABILITY: XSS": [[41, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51219"}}
{"text": "AMSS++ 4.7 - Backdoor Admin Account", "spans": {"SYSTEM: AMSS++ 4.7": [[0, 10]], "VULNERABILITY: Backdoor Admin Account": [[13, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48114"}}
{"text": "AMSS++ v 4.31 - 'id' SQL Injection", "spans": {"SYSTEM: AMSS++ v 4.31": [[0, 13]], "VULNERABILITY: SQL Injection": [[21, 34]]}, "info": {"source": "exploitdb", "exploit_id": "48109"}}
{"text": "Anchor CMS 0.12.7 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: Anchor CMS 0.12.7": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48832"}}
{"text": "Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Anchor CMS 0.12.7": [[0, 17]], "VULNERABILITY: Stored Cross Site Scripting": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52327"}}
{"text": "Anuko Time Tracker - SQLi (Authenticated)", "spans": {"SYSTEM: Anuko Time Tracker": [[0, 18]], "VULNERABILITY: SQLi": [[21, 25]]}, "info": {"source": "exploitdb", "exploit_id": "50915"}}
{"text": "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality", "spans": {"SYSTEM: Anuko Time Tracker 1.19.23.5311": [[0, 31]], "VULNERABILITY: No rate Limit on Password Reset functionality": [[34, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49173"}}
{"text": "Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover", "spans": {"SYSTEM: Anuko Time Tracker 1.19.23.5311": [[0, 31]], "VULNERABILITY: Password Reset leading to Account Takeover": [[34, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49174"}}
{"text": "Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection", "spans": {"SYSTEM: Anuko Time Tracker 1.19.23.5325": [[0, 31]], "VULNERABILITY: CSV/Formula Injection": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49027"}}
{"text": "Apache mod_proxy_cluster 1.2.6 - Stored XSS", "spans": {"SYSTEM: Apache mod_proxy_cluster 1.2.6": [[0, 30]], "VULNERABILITY: XSS": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52010"}}
{"text": "Apartment Visitor Management System (AVMS) 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Apartment Visitor Management System (AVMS) 1.0": [[0, 46]], "VULNERABILITY: SQL Injection": [[60, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50288"}}
{"text": "Apartment Visitors Management System 1.0 - 'email' SQL Injection", "spans": {"SYSTEM: Apartment Visitors Management System 1.0": [[0, 40]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49448"}}
{"text": "Apartment Visitors Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Apartment Visitors Management System 1.0": [[0, 40]], "VULNERABILITY: Authentication Bypass": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49335"}}
{"text": "appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: appRain CMF 4.0.5": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52041"}}
{"text": "AquilaCMS 1.409.20 - Remote Command Execution (RCE)", "spans": {"SYSTEM: AquilaCMS 1.409.20": [[0, 18]], "VULNERABILITY: Remote Command Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52164"}}
{"text": "Art Gallery Management System Project in PHP v 1.0 - SQL injection", "spans": {"SYSTEM: Art Gallery Management System Project in PHP v 1.0": [[0, 50]], "VULNERABILITY: SQL injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51272"}}
{"text": "Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Art Gallery Management System Project v1.0": [[0, 42]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[45, 81]]}, "info": {"source": "exploitdb", "exploit_id": "51214"}}
{"text": "Art Gallery Management System Project v1.0 - SQL Injection (cid) Unauthenticated", "spans": {"SYSTEM: Art Gallery Management System Project v1.0": [[0, 42]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51215"}}
{"text": "Art Gallery Management System Project v1.0 - SQL Injection (editid) authenticated", "spans": {"SYSTEM: Art Gallery Management System Project v1.0": [[0, 42]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51216"}}
{"text": "Artica Proxy 4.50 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Artica Proxy 4.50": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52146"}}
{"text": "Artworks Gallery Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Artworks Gallery Management System 1.0": [[0, 38]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49319"}}
{"text": "Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Arunna 1.0.0": [[0, 12]], "VULNERABILITY: CSRF": [[54, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50608"}}
{"text": "Atom CMS 2.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Atom CMS 2.0": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50840"}}
{"text": "Atom CMS v2.0 - SQL Injection (no auth)", "spans": {"SYSTEM: Atom CMS v2.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51086"}}
{"text": "atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE", "spans": {"SYSTEM: atrocore 1.5.25 User interaction - Unauthenticated File upload": [[0, 62]], "VULNERABILITY: RCE": [[65, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51271"}}
{"text": "Attendance and Payroll System v1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Attendance and Payroll System v1.0": [[0, 34]], "VULNERABILITY: Remote Code Execution (RCE)": [[37, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50801"}}
{"text": "Attendance and Payroll System v1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Attendance and Payroll System v1.0": [[0, 34]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50802"}}
{"text": "ATutor 2.2.4 - 'id' SQL Injection", "spans": {"SYSTEM: ATutor 2.2.4": [[0, 12]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "48117"}}
{"text": "Aures Booking & POS Terminal - Local Privilege Escalation", "spans": {"SYSTEM: Aures Booking & POS Terminal": [[0, 28]], "VULNERABILITY: Local Privilege Escalation": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51617"}}
{"text": "Auto Dealer Management System 1.0 - Broken Access Control Exploit", "spans": {"SYSTEM: Auto Dealer Management System 1.0": [[0, 33]], "VULNERABILITY: Broken Access Control Exploit": [[36, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51281"}}
{"text": "Auto Dealer Management System v1.0 - SQL Injection", "spans": {"SYSTEM: Auto Dealer Management System v1.0": [[0, 34]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51282"}}
{"text": "Auto Dealer Management System v1.0 - SQL Injection in sell_vehicle.php", "spans": {"SYSTEM: Auto Dealer Management System v1.0": [[0, 34]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51283"}}
{"text": "Auto Dealer Management System v1.0 - SQL Injection on manage_user.php", "spans": {"SYSTEM: Auto Dealer Management System v1.0": [[0, 34]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51284"}}
{"text": "Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Automad 2.0.0-alpha.4": [[0, 21]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[24, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52056"}}
{"text": "Automatic-Systems SOC FL9600 FastLine - Directory Transversal", "spans": {"SYSTEM: Automatic-Systems SOC FL9600 FastLine": [[0, 37]], "VULNERABILITY: Directory Transversal": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51823"}}
{"text": "Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin", "spans": {"SYSTEM: Automatic-Systems SOC FL9600 FastLine": [[0, 37]], "VULNERABILITY: The device contains hardcoded login and password for super admin": [[40, 104]]}, "info": {"source": "exploitdb", "exploit_id": "51824"}}
{"text": "Availability Booking Calendar v1.0 - Multiple Cross-site scripting (XSS)", "spans": {"SYSTEM: Availability Booking Calendar v1.0": [[0, 34]], "VULNERABILITY: XSS": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51626"}}
{"text": "Axigen < 10.5.7 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Axigen < 10.5.7": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51963"}}
{"text": "Azon Dominator Affiliate Marketing Script - SQL Injection", "spans": {"SYSTEM: Azon Dominator Affiliate Marketing Script": [[0, 41]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52059"}}
{"text": "b2evolution 6.11.6 - 'plugin name' Stored XSS", "spans": {"SYSTEM: b2evolution 6.11.6": [[0, 18]], "VULNERABILITY: XSS": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49551"}}
{"text": "b2evolution 6.11.6 - 'redirect_to' Open Redirect", "spans": {"SYSTEM: b2evolution 6.11.6": [[0, 18]], "VULNERABILITY: Open Redirect": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49554"}}
{"text": "b2evolution 6.11.6 - 'tab3' Reflected XSS", "spans": {"SYSTEM: b2evolution 6.11.6": [[0, 18]], "VULNERABILITY: XSS": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49555"}}
{"text": "b2evolution 7-2-2 - 'cf_name' SQL Injection", "spans": {"SYSTEM: b2evolution 7-2-2": [[0, 17]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49840"}}
{"text": "b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: b2evolution 7.2.2": [[0, 17]], "VULNERABILITY: CSRF": [[71, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50081"}}
{"text": "Baby Care System 1.0 - 'Post title' Stored XSS", "spans": {"SYSTEM: Baby Care System 1.0": [[0, 20]], "VULNERABILITY: XSS": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49358"}}
{"text": "Baby Care System 1.0 - 'roleid' SQL Injection", "spans": {"SYSTEM: Baby Care System 1.0": [[0, 20]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49331"}}
{"text": "Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Backdrop CMS 1.20.0": [[0, 19]], "VULNERABILITY: CSRF": [[61, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50323"}}
{"text": "Backdrop CMS 1.23.0 - Stored XSS", "spans": {"SYSTEM: Backdrop CMS 1.23.0": [[0, 19]], "VULNERABILITY: XSS": [[29, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51905"}}
{"text": "Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)", "spans": {"SYSTEM: Backdrop CMS 1.27.1": [[0, 19]], "VULNERABILITY: Remote Command Execution": [[36, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52021"}}
{"text": "Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Backdrop Cms v1.25.1": [[0, 20]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[23, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51597"}}
{"text": "Backup and Staging by WP Time Capsule 1.22.21 - Unauthenticated Arbitrary File Upload", "spans": {"SYSTEM: Backup and Staging by WP Time Capsule 1.22.21": [[0, 45]], "VULNERABILITY: Arbitrary File Upload": [[64, 85]]}, "info": {"source": "exploitdb", "exploit_id": "52131"}}
{"text": "Balbooa Joomla Forms Builder 2.0.6 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Balbooa Joomla Forms Builder 2.0.6": [[0, 34]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50447"}}
{"text": "Bang Resto v1.0 - 'Multiple' SQL Injection", "spans": {"SYSTEM: Bang Resto v1.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51378"}}
{"text": "Bang Resto v1.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Bang Resto v1.0": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[18, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51377"}}
{"text": "Bangresto 1.0 - SQL Injection", "spans": {"SYSTEM: Bangresto 1.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51175"}}
{"text": "Bank Locker Management System - SQL Injection", "spans": {"SYSTEM: Bank Locker Management System": [[0, 29]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51751"}}
{"text": "Barangay Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Barangay Management System 1.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48660"}}
{"text": "Barcodes generator 1.0 - 'name' Stored Cross Site Scripting", "spans": {"SYSTEM: Barcodes generator 1.0": [[0, 22]], "VULNERABILITY: Stored Cross Site Scripting": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49227"}}
{"text": "Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Barebones CMS v2.0.2": [[0, 20]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[23, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51502"}}
{"text": "Basic Shopping Cart 1.0 - Authentication Bypass", "spans": {"SYSTEM: Basic Shopping Cart 1.0": [[0, 23]], "VULNERABILITY: Authentication Bypass": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49741"}}
{"text": "Batflat CMS 1.3.6 - 'multiple' Stored XSS", "spans": {"SYSTEM: Batflat CMS 1.3.6": [[0, 17]], "VULNERABILITY: XSS": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49583"}}
{"text": "Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Batflat CMS 1.3.6": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49573"}}
{"text": "Beauty Parlour Management System 1.0 - 'sername' SQL Injection", "spans": {"SYSTEM: Beauty Parlour Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[49, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49580"}}
{"text": "Beauty Parlour Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Beauty Parlour Management System 1.0": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48605"}}
{"text": "Beauty Salon Management System v1.0 - SQLi", "spans": {"SYSTEM: Beauty Salon Management System v1.0": [[0, 35]], "VULNERABILITY: SQLi": [[38, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51568"}}
{"text": "Beauty-salon v1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Beauty-salon v1.0": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51098"}}
{"text": "Beehive Forum - Account Takeover", "spans": {"SYSTEM: Beehive Forum": [[0, 13]], "VULNERABILITY: Account Takeover": [[16, 32]]}, "info": {"source": "exploitdb", "exploit_id": "50923"}}
{"text": "berliCRM 1.0.24 - 'src_record' SQL Injection", "spans": {"SYSTEM: berliCRM 1.0.24": [[0, 15]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48872"}}
{"text": "Best pos Management System v1.0 - Remote Code Execution (RCE) on File Upload", "spans": {"SYSTEM: Best pos Management System v1.0": [[0, 31]], "VULNERABILITY: Remote Code Execution (RCE)": [[34, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51280"}}
{"text": "Best pos Management System v1.0 - SQL Injection", "spans": {"SYSTEM: Best pos Management System v1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51279"}}
{"text": "Best POS Management System v1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Best POS Management System v1.0": [[0, 31]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[34, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51462"}}
{"text": "Best Student Result Management System v1.0 - Multiple SQLi", "spans": {"SYSTEM: Best Student Result Management System v1.0": [[0, 42]], "VULNERABILITY: SQLi": [[54, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51972"}}
{"text": "Best Support System 3.0.4 - 'ticket_body' Persistent XSS (Authenticated)", "spans": {"SYSTEM: Best Support System 3.0.4": [[0, 25]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49122"}}
{"text": "bgERP v22.31 (Orlovets) - Cookie Session vulnerability & Cross-Site Scripting (XSS)", "spans": {"SYSTEM: bgERP v22.31 (Orlovets)": [[0, 23]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[57, 83]]}, "info": {"source": "exploitdb", "exploit_id": "51245"}}
{"text": "BigTree CMS 4.4.10 - Remote Code Execution", "spans": {"SYSTEM: BigTree CMS 4.4.10": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48831"}}
{"text": "Billing Management System 2.0 - 'email' SQL injection Auth Bypass", "spans": {"SYSTEM: Billing Management System 2.0": [[0, 29]], "VULNERABILITY: SQL injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49570"}}
{"text": "Billing Management System 2.0 - Union based SQL injection (Authenticated)", "spans": {"SYSTEM: Billing Management System 2.0": [[0, 29]], "VULNERABILITY: SQL injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49874"}}
{"text": "Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Billing System Project 1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50102"}}
{"text": "Bitrix24 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Bitrix24": [[0, 8]], "VULNERABILITY: Remote Code Execution (RCE)": [[11, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50898"}}
{"text": "BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting (XSS)", "spans": {"SYSTEM: BlackCat CMS 1.3.6": [[0, 18]], "VULNERABILITY: Cross Site Scripting": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49565"}}
{"text": "BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: BlackCat CMS 1.3.6": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[32, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49779"}}
{"text": "BlackCat CMS 1.3.6 - Cross-Site Request Forgery", "spans": {"SYSTEM: BlackCat CMS 1.3.6": [[0, 18]], "VULNERABILITY: Cross-Site Request Forgery": [[21, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48820"}}
{"text": "Blackcat Cms v1.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Blackcat Cms v1.4": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51605"}}
{"text": "Blackcat Cms v1.4 - Stored XSS", "spans": {"SYSTEM: Blackcat Cms v1.4": [[0, 17]], "VULNERABILITY: XSS": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51604"}}
{"text": "Blood Bank 1.0 - 'bid' SQLi", "spans": {"SYSTEM: Blood Bank 1.0": [[0, 14]], "VULNERABILITY: SQLi": [[23, 27]]}, "info": {"source": "exploitdb", "exploit_id": "51912"}}
{"text": "Blood Bank System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Blood Bank System 1.0": [[0, 21]], "VULNERABILITY: Authentication Bypass": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50362"}}
{"text": "Blood Bank v1.0 - Multiple SQL Injection", "spans": {"SYSTEM: Blood Bank v1.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51833"}}
{"text": "Blood Bank v1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Blood Bank v1.0": [[0, 15]], "VULNERABILITY: Stored Cross Site Scripting": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51955"}}
{"text": "Blood Donor Management System v1.0 - Stored XSS", "spans": {"SYSTEM: Blood Donor Management System v1.0": [[0, 34]], "VULNERABILITY: XSS": [[44, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51697"}}
{"text": "BloodX 1.0 - Authentication Bypass", "spans": {"SYSTEM: BloodX 1.0": [[0, 10]], "VULNERABILITY: Authentication Bypass": [[13, 34]]}, "info": {"source": "exploitdb", "exploit_id": "47842"}}
{"text": "BloodX CMS 1.0 - Authentication Bypass", "spans": {"SYSTEM: BloodX CMS 1.0": [[0, 14]], "VULNERABILITY: Authentication Bypass": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48786"}}
{"text": "BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting", "spans": {"SYSTEM: BloofoxCMS 0.5.2.1": [[0, 18]], "VULNERABILITY: Stored Cross Site Scripting": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49492"}}
{"text": "bloofoxCMS 0.5.2.1 - CSRF (Add user)", "spans": {"SYSTEM: bloofoxCMS 0.5.2.1": [[0, 18]], "VULNERABILITY: CSRF": [[21, 25]]}, "info": {"source": "exploitdb", "exploit_id": "49507"}}
{"text": "Bludit  3.9.2 - Authentication Bruteforce Mitigation Bypass", "spans": {"SYSTEM: Bludit  3.9.2": [[0, 13]], "VULNERABILITY: Authentication Bruteforce Mitigation Bypass": [[16, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48746"}}
{"text": "Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Bludit 3-14-1 Plugin 'UploadPlugin'": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51160"}}
{"text": "Bludit 3.13.1 - 'username' Cross Site Scripting (XSS)", "spans": {"SYSTEM: Bludit 3.13.1": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50529"}}
{"text": "Bludit 3.9.12 - Directory Traversal", "spans": {"SYSTEM: Bludit 3.9.12": [[0, 13]], "VULNERABILITY: Directory Traversal": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48568"}}
{"text": "Bludit 3.9.2 - Auth Bruteforce Bypass", "spans": {"SYSTEM: Bludit 3.9.2": [[0, 12]], "VULNERABILITY: Auth Bruteforce Bypass": [[15, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48942"}}
{"text": "Bludit 3.9.2 - Authentication Bruteforce Bypass (Metasploit)", "spans": {"SYSTEM: Bludit 3.9.2": [[0, 12]], "VULNERABILITY: Authentication Bruteforce Bypass": [[15, 47]], "TOOL: Metasploit": [[49, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49037"}}
{"text": "Bludit 4.0.0-rc-2 - Account takeover", "spans": {"SYSTEM: Bludit 4.0.0-rc-2": [[0, 17]], "VULNERABILITY: Account takeover": [[20, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51360"}}
{"text": "Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)", "spans": {"SYSTEM: Bludit < 3.13.1 Backup Plugin": [[0, 29]], "VULNERABILITY: Arbitrary File Download": [[32, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51541"}}
{"text": "Bludit CMS v3.14.1 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Bludit CMS v3.14.1": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[21, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51476"}}
{"text": "Boelter Blue System Management 1.3 - SQL Injection", "spans": {"SYSTEM: Boelter Blue System Management 1.3": [[0, 34]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52052"}}
{"text": "BoidCMS v2.0.0 - authenticated file upload vulnerability", "spans": {"SYSTEM: BoidCMS v2.0.0": [[0, 14]], "VULNERABILITY: authenticated file upload vulnerability": [[17, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51741"}}
{"text": "Bolt CMS 3.7.0 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Bolt CMS 3.7.0": [[0, 14]], "VULNERABILITY: Authenticated Remote Code Execution": [[17, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48296"}}
{"text": "BoltWire 6.03 - Local File Inclusion", "spans": {"SYSTEM: BoltWire 6.03": [[0, 13]], "VULNERABILITY: Local File Inclusion": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48411"}}
{"text": "Book Store Management System 1.0.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Book Store Management System 1.0.0": [[0, 34]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[37, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51123"}}
{"text": "Booked Scheduler 2.7.5 - Remote Command Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Booked Scheduler 2.7.5": [[0, 22]], "VULNERABILITY: Remote Command Execution": [[25, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50594"}}
{"text": "Booked Scheduler 2.7.7 - Authenticated Directory Traversal", "spans": {"SYSTEM: Booked Scheduler 2.7.7": [[0, 22]], "VULNERABILITY: Directory Traversal": [[39, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48428"}}
{"text": "Boom CMS v8.0.7 - Cross Site Scripting", "spans": {"SYSTEM: Boom CMS v8.0.7": [[0, 15]], "VULNERABILITY: Cross Site Scripting": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51612"}}
{"text": "Boonex Dolphin 7.4.2 - 'width' Stored XSS", "spans": {"SYSTEM: Boonex Dolphin 7.4.2": [[0, 20]], "VULNERABILITY: XSS": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49670"}}
{"text": "Boss Mini 1.4.0 - local file inclusion", "spans": {"SYSTEM: Boss Mini 1.4.0": [[0, 15]], "VULNERABILITY: local file inclusion": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51848"}}
{"text": "BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: BoxBilling<=4.22.1.5": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51108"}}
{"text": "BrainyCP V1.0 - Remote Code Execution", "spans": {"SYSTEM: BrainyCP V1.0": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51357"}}
{"text": "Budget and Expense Tracker System 1.0 -  Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Budget and Expense Tracker System 1.0": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[41, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50308"}}
{"text": "Budget and Expense Tracker System 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Budget and Expense Tracker System 1.0": [[0, 37]], "VULNERABILITY: Arbitrary File Upload": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50326"}}
{"text": "Budget and Expense Tracker System 1.0 - Authenticated Bypass", "spans": {"SYSTEM: Budget and Expense Tracker System 1.0": [[0, 37]], "VULNERABILITY: Authenticated Bypass": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50307"}}
{"text": "Budget Management System 1.0 - 'Budget title' Stored XSS", "spans": {"SYSTEM: Budget Management System 1.0": [[0, 28]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49723"}}
{"text": "BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: BuildaGate5library v5": [[0, 21]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[24, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51581"}}
{"text": "Bus Pass Management System 1.0  - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Bus Pass Management System 1.0": [[0, 30]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[34, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51242"}}
{"text": "Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Bus Pass Management System 1.0": [[0, 30]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[45, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50272"}}
{"text": "Bus Pass Management System 1.0 - 'Search' SQL injection", "spans": {"SYSTEM: Bus Pass Management System 1.0": [[0, 30]], "VULNERABILITY: SQL injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50543"}}
{"text": "Bus Pass Management System 1.0 - 'viewid' Insecure direct object references (IDOR)", "spans": {"SYSTEM: Bus Pass Management System 1.0": [[0, 30]], "VULNERABILITY: IDOR": [[77, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50263"}}
{"text": "Bus Pass Management System 1.0 - 'viewid' SQL Injection", "spans": {"SYSTEM: Bus Pass Management System 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50235"}}
{"text": "Bus Pass Management System 1.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Bus Pass Management System 1.0": [[0, 30]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51054"}}
{"text": "Bus Reservation System 1.1 - Multiple-SQLi", "spans": {"SYSTEM: Bus Reservation System 1.1": [[0, 26]], "VULNERABILITY: SQLi": [[38, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51712"}}
{"text": "Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Business Live Chat Software 1.0": [[0, 31]], "VULNERABILITY: Cross-Site Request Forgery": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48141"}}
{"text": "BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection", "spans": {"SYSTEM: BWL Advanced FAQ Manager 2.0.3": [[0, 30]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52024"}}
{"text": "Cab Management System 1.0 - 'id' SQLi (Authenticated)", "spans": {"SYSTEM: Cab Management System 1.0": [[0, 25]], "VULNERABILITY: SQLi": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50767"}}
{"text": "Cab Management System 1.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Cab Management System 1.0": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50769"}}
{"text": "Cacti 1.2.12 - 'filter' SQL Injection", "spans": {"SYSTEM: Cacti 1.2.12": [[0, 12]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49810"}}
{"text": "Cacti 1.2.24 - Authenticated command injection when using SNMP options", "spans": {"SYSTEM: Cacti 1.2.24": [[0, 12]], "VULNERABILITY: Authenticated command injection when using SNMP options": [[15, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51740"}}
{"text": "Cacti 1.2.26 -  Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Cacti 1.2.26": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52225"}}
{"text": "Cacti 1.2.8 - Remote Code Execution", "spans": {"SYSTEM: Cacti 1.2.8": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48128"}}
{"text": "Cacti v1.2.22 - Remote Command Execution (RCE)", "spans": {"SYSTEM: Cacti v1.2.22": [[0, 13]], "VULNERABILITY: Remote Command Execution": [[16, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51166"}}
{"text": "Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Cacti v1.2.8": [[0, 12]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[15, 52]], "TOOL: Metasploit": [[54, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48159"}}
{"text": "Calendar Event Multi View  1.4.07 - Unauthenticated Arbitrary Event Creation to Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Calendar Event Multi View  1.4.07": [[0, 33]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[80, 106]]}, "info": {"source": "exploitdb", "exploit_id": "51241"}}
{"text": "Campcodes Online Matrimonial Website System v3.3 - Code Execution via malicious SVG file upload", "spans": {"SYSTEM: Campcodes Online Matrimonial Website System v3.3": [[0, 48]], "VULNERABILITY: Code Execution via malicious SVG file upload": [[51, 95]]}, "info": {"source": "exploitdb", "exploit_id": "51656"}}
{"text": "CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: CandidATS 2.1.0": [[0, 15]], "VULNERABILITY: Cross-Site Request Forgery": [[18, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48113"}}
{"text": "Canteen-Management v1.0 - SQL Injection", "spans": {"SYSTEM: Canteen-Management v1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51063"}}
{"text": "Canteen-Management v1.0 - XSS-Reflected", "spans": {"SYSTEM: Canteen-Management v1.0": [[0, 23]], "VULNERABILITY: XSS": [[26, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51062"}}
{"text": "Car Park Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Car Park Management System 1.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48435"}}
{"text": "Car Rental Management System 1.0 - 'car_id' Sql Injection", "spans": {"SYSTEM: Car Rental Management System 1.0": [[0, 32]], "VULNERABILITY: Sql Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49056"}}
{"text": "Car Rental Management System 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Car Rental Management System 1.0": [[0, 32]], "VULNERABILITY: Arbitrary File Upload": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48931"}}
{"text": "Car Rental Management System 1.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Car Rental Management System 1.0": [[0, 32]], "VULNERABILITY: Remote Code Execution": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49055"}}
{"text": "Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload", "spans": {"SYSTEM: Car Rental Management System 1.0": [[0, 32]], "VULNERABILITY: SQL injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49025"}}
{"text": "Car Rental Management System 1.0 - SQL Injection / Local File include", "spans": {"SYSTEM: Car Rental Management System 1.0": [[0, 32]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49177"}}
{"text": "Car Rental Project 1.0 - Remote Code Execution", "spans": {"SYSTEM: Car Rental Project 1.0": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52243"}}
{"text": "Car Rental Project 2.0 - Arbitrary File Upload to Remote Code Execution", "spans": {"SYSTEM: Car Rental Project 2.0": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49520"}}
{"text": "Car Rental Script 1.8 - Stored Cross-site scripting (XSS)", "spans": {"SYSTEM: Car Rental Script 1.8": [[0, 21]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51567"}}
{"text": "Carbon Forum 5.9.0 - Stored XSS", "spans": {"SYSTEM: Carbon Forum 5.9.0": [[0, 18]], "VULNERABILITY: XSS": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52043"}}
{"text": "Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection", "spans": {"SYSTEM: Care2x Integrated Hospital Info System 2.7": [[0, 42]], "VULNERABILITY: SQL Injection": [[56, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50165"}}
{"text": "Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' Stored XSS", "spans": {"SYSTEM: Care2x Open Source Hospital Information Management 2.7 Alpha": [[0, 60]], "VULNERABILITY: XSS": [[81, 84]]}, "info": {"source": "exploitdb", "exploit_id": "50197"}}
{"text": "CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS", "spans": {"SYSTEM: CASAP Automated Enrollment System 1.0": [[0, 37]], "VULNERABILITY: XSS": [[60, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49469"}}
{"text": "CASAP Automated Enrollment System 1.0 - 'route' Stored XSS", "spans": {"SYSTEM: CASAP Automated Enrollment System 1.0": [[0, 37]], "VULNERABILITY: XSS": [[55, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49470"}}
{"text": "CASAP Automated Enrollment System 1.0 - Authentication Bypass", "spans": {"SYSTEM: CASAP Automated Enrollment System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49463"}}
{"text": "CE Phoenix v1.0.8.20 - Remote Code Execution", "spans": {"SYSTEM: CE Phoenix v1.0.8.20": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51957"}}
{"text": "CE Phoenix Version 1.0.8.20 - Stored XSS", "spans": {"SYSTEM: CE Phoenix Version 1.0.8.20": [[0, 27]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52015"}}
{"text": "Cemetry Mapping and Information System 1.0 - 'user_email' Sql Injection (Authentication Bypass)", "spans": {"SYSTEM: Cemetry Mapping and Information System 1.0": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[73, 94]]}, "info": {"source": "exploitdb", "exploit_id": "49475"}}
{"text": "Cemetry Mapping and Information System 1.0 - Multiple SQL Injections", "spans": {"SYSTEM: Cemetry Mapping and Information System 1.0": [[0, 42]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49413"}}
{"text": "Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting", "spans": {"SYSTEM: Cemetry Mapping and Information System 1.0": [[0, 42]], "VULNERABILITY: Stored Cross-Site Scripting": [[54, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49405"}}
{"text": "Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution", "spans": {"SYSTEM: Centreo 19.10.8": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48256"}}
{"text": "Centreon 19.04 - Authenticated Remote Code Execution (Metasploit)", "spans": {"SYSTEM: Centreon 19.04": [[0, 14]], "VULNERABILITY: Authenticated Remote Code Execution": [[17, 52]], "TOOL: Metasploit": [[54, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47948"}}
{"text": "Centreon 19.10.5 - 'centreontrapd' Remote Command Execution", "spans": {"SYSTEM: Centreon 19.10.5": [[0, 16]], "VULNERABILITY: Remote Command Execution": [[35, 59]]}, "info": {"source": "exploitdb", "exploit_id": "47978"}}
{"text": "Centreon 19.10.5 - 'id' SQL Injection", "spans": {"SYSTEM: Centreon 19.10.5": [[0, 16]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48345"}}
{"text": "Centreon 19.10.5 - 'Pollers' Remote Command Execution", "spans": {"SYSTEM: Centreon 19.10.5": [[0, 16]], "VULNERABILITY: Remote Command Execution": [[29, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47977"}}
{"text": "Centreon 19.10.5 - 'Pollers' Remote Command Execution (Metasploit)", "spans": {"SYSTEM: Centreon 19.10.5": [[0, 16]], "VULNERABILITY: Remote Command Execution": [[29, 53]], "TOOL: Metasploit": [[55, 65]]}, "info": {"source": "exploitdb", "exploit_id": "47994"}}
{"text": "Centreon 19.10.5 - Database Credentials Disclosure", "spans": {"SYSTEM: Centreon 19.10.5": [[0, 16]], "VULNERABILITY: Database Credentials Disclosure": [[19, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47968"}}
{"text": "Centreon 19.10.5 - Remote Command Execution", "spans": {"SYSTEM: Centreon 19.10.5": [[0, 16]], "VULNERABILITY: Remote Command Execution": [[19, 43]]}, "info": {"source": "exploitdb", "exploit_id": "47969"}}
{"text": "Centron 19.04 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Centron 19.04": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52156"}}
{"text": "Chamilo LMS 1.11.14 - Account Takeover", "spans": {"SYSTEM: Chamilo LMS 1.11.14": [[0, 19]], "VULNERABILITY: Account Takeover": [[22, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50694"}}
{"text": "Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Chamilo LMS 1.11.14": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49867"}}
{"text": "Chamilo LMS 1.11.24 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Chamilo LMS 1.11.24": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52083"}}
{"text": "Charity Management System CMS 1.0 - Multiple Vulnerabilities", "spans": {"SYSTEM: Charity Management System CMS 1.0": [[0, 33]], "VULNERABILITY: Multiple Vulnerabilities": [[36, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50217"}}
{"text": "ChemInv 1.0 - Authenticated Persistent Cross-Site Scripting", "spans": {"SYSTEM: ChemInv 1.0": [[0, 11]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48401"}}
{"text": "Chevereto 3.13.4 Core - Remote Code Execution", "spans": {"SYSTEM: Chevereto 3.13.4 Core": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "47903"}}
{"text": "Chikitsa Patient Management System 2.0.2 - 'backup' Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Chikitsa Patient Management System 2.0.2": [[0, 40]], "VULNERABILITY: Remote Code Execution (RCE)": [[52, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50572"}}
{"text": "Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Chikitsa Patient Management System 2.0.2": [[0, 40]], "VULNERABILITY: Remote Code Execution (RCE)": [[52, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50571"}}
{"text": "ChiKoi v1.0 - SQL Injection", "spans": {"SYSTEM: ChiKoi v1.0": [[0, 11]], "VULNERABILITY: SQL Injection": [[14, 27]]}, "info": {"source": "exploitdb", "exploit_id": "51202"}}
{"text": "Chitor-CMS v1.1.2 - Pre-Auth SQL Injection", "spans": {"SYSTEM: Chitor-CMS v1.1.2": [[0, 17]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51383"}}
{"text": "Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Church Management System 1.0": [[0, 28]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[42, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50091"}}
{"text": "Church Management System 1.0 - 'password' SQL Injection (Authentication Bypass)", "spans": {"SYSTEM: Church Management System 1.0": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50092"}}
{"text": "Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Church Management System 1.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50303"}}
{"text": "Church Management System 1.0 - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: Church Management System 1.0": [[0, 28]], "VULNERABILITY: Arbitrary File Upload": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50090"}}
{"text": "Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Church Management System 1.0": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50306"}}
{"text": "Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE", "spans": {"SYSTEM: Church Management System 1.0": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50116"}}
{"text": "ChurchCRM 4.4.5 - SQLi", "spans": {"SYSTEM: ChurchCRM 4.4.5": [[0, 15]], "VULNERABILITY: SQLi": [[18, 22]]}, "info": {"source": "exploitdb", "exploit_id": "50965"}}
{"text": "ChurchCRM 4.5.1 - Authenticated SQL Injection", "spans": {"SYSTEM: ChurchCRM 4.5.1": [[0, 15]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51319"}}
{"text": "ChurchCRM 5.9.1 - SQL Injection", "spans": {"SYSTEM: ChurchCRM 5.9.1": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52152"}}
{"text": "ChurchCRM v4.5.3-121fcc1 - SQL Injection", "spans": {"SYSTEM: ChurchCRM v4.5.3-121fcc1": [[0, 24]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51296"}}
{"text": "ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)", "spans": {"SYSTEM: ChurchCRM v4.5.4": [[0, 16]], "VULNERABILITY: XSS": [[29, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51477"}}
{"text": "Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Chyrp 2.5.2": [[0, 11]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[14, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52013"}}
{"text": "CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)", "spans": {"SYSTEM: CiviCRM 5.59.alpha1": [[0, 19]], "VULNERABILITY: Cross-Site Scripting": [[34, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51478"}}
{"text": "CKEditor 3 - Server-Side Request Forgery (SSRF)", "spans": {"SYSTEM: CKEditor 3": [[0, 10]], "VULNERABILITY: Server-Side Request Forgery (SSRF)": [[13, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50021"}}
{"text": "CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: CKEditor 5 35.4.0": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51260"}}
{"text": "Clansphere CMS 2011.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Clansphere CMS 2011.4": [[0, 21]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[24, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51070"}}
{"text": "Class Scheduling System 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Class Scheduling System 1.0": [[0, 27]], "VULNERABILITY: XSS": [[46, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49323"}}
{"text": "Clcknshop 1.0.0 - SQL Injection", "spans": {"SYSTEM: Clcknshop 1.0.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51729"}}
{"text": "ClicShopping v3.402 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ClicShopping v3.402": [[0, 19]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51135"}}
{"text": "Client Details System 1.0 - SQL Injection", "spans": {"SYSTEM: Client Details System 1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[28, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51880"}}
{"text": "Client Management System 1.0 - 'searchdata' SQL injection", "spans": {"SYSTEM: Client Management System 1.0": [[0, 28]], "VULNERABILITY: SQL injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48956"}}
{"text": "Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)", "spans": {"SYSTEM: Client Management System 1.1": [[0, 28]], "VULNERABILITY: XSS": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50177"}}
{"text": "Client Management System 1.1 - 'username' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Client Management System 1.1": [[0, 28]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[42, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50007"}}
{"text": "Clinic Management System 1.0 - Authenticated Arbitrary File Upload", "spans": {"SYSTEM: Clinic Management System 1.0": [[0, 28]], "VULNERABILITY: Arbitrary File Upload": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48547"}}
{"text": "Clinic Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Clinic Management System 1.0": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48538"}}
{"text": "Clinic Management System 1.0 - SQL injection to Remote Code Execution", "spans": {"SYSTEM: Clinic Management System 1.0": [[0, 28]], "VULNERABILITY: Remote Code Execution": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50439"}}
{"text": "Clinic Management System 1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Clinic Management System 1.0": [[0, 28]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[31, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48544"}}
{"text": "Clinic Queuing System 1.0 - RCE", "spans": {"SYSTEM: Clinic Queuing System 1.0": [[0, 25]], "VULNERABILITY: RCE": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52008"}}
{"text": "Clinic's Patient Management System 1.0 - Unauthenticated RCE", "spans": {"SYSTEM: Clinic's Patient Management System 1.0": [[0, 38]], "VULNERABILITY: RCE": [[57, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51779"}}
{"text": "CloudClassroom PHP Project 1.0 - SQL Injection", "spans": {"SYSTEM: CloudClassroom PHP Project 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52314"}}
{"text": "Cmaps v8.0 - SQL injection", "spans": {"SYSTEM: Cmaps v8.0": [[0, 10]], "VULNERABILITY: SQL injection": [[13, 26]]}, "info": {"source": "exploitdb", "exploit_id": "51422"}}
{"text": "CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection", "spans": {"SYSTEM: CMS Made Simple 2.1.6": [[0, 21]], "VULNERABILITY: Server-Side Template Injection": [[48, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48944"}}
{"text": "CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: CMS Made Simple 2.2.14": [[0, 22]], "VULNERABILITY: Arbitrary File Upload": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48779"}}
{"text": "CMS Made Simple 2.2.14 - Authenticated Arbitrary File Upload", "spans": {"SYSTEM: CMS Made Simple 2.2.14": [[0, 22]], "VULNERABILITY: Arbitrary File Upload": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48742"}}
{"text": "CMS Made Simple 2.2.14 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: CMS Made Simple 2.2.14": [[0, 22]], "VULNERABILITY: Persistent Cross-Site Scripting": [[25, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48851"}}
{"text": "CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: CMS Made Simple 2.2.15": [[0, 22]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49793"}}
{"text": "CMS Made Simple 2.2.15 - RCE (Authenticated)", "spans": {"SYSTEM: CMS Made Simple 2.2.15": [[0, 22]], "VULNERABILITY: RCE": [[25, 28]]}, "info": {"source": "exploitdb", "exploit_id": "49345"}}
{"text": "CMS Made Simple 2.2.15 - Stored Cross-Site Scripting via SVG File Upload (Authenticated)", "spans": {"SYSTEM: CMS Made Simple 2.2.15": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting via SVG File Upload (Authenticated)": [[25, 88]]}, "info": {"source": "exploitdb", "exploit_id": "49199"}}
{"text": "CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: CMSimple 5.15": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52040"}}
{"text": "CMSimple 5.2 - 'External' Stored XSS", "spans": {"SYSTEM: CMSimple 5.2": [[0, 12]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "49751"}}
{"text": "CMSimple 5.4 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: CMSimple 5.4": [[0, 12]], "VULNERABILITY: Cross Site Scripting": [[15, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50612"}}
{"text": "CMSimple 5.4 - Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)", "spans": {"SYSTEM: CMSimple 5.4": [[0, 12]], "VULNERABILITY: RCE": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50547"}}
{"text": "Cmsimple 5.4 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Cmsimple 5.4": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50356"}}
{"text": "CMSimple_XH 1.7.4 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: CMSimple_XH 1.7.4": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50367"}}
{"text": "CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)", "spans": {"SYSTEM: CmsMadeSimple v2.2.17": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51600"}}
{"text": "CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)", "spans": {"SYSTEM: CmsMadeSimple v2.2.17": [[0, 21]], "VULNERABILITY: SSTI": [[78, 82]]}, "info": {"source": "exploitdb", "exploit_id": "51599"}}
{"text": "CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: CmsMadeSimple v2.2.17": [[0, 21]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[24, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51601"}}
{"text": "CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password)", "spans": {"SYSTEM: CMSUno 1.6": [[0, 10]], "VULNERABILITY: Cross-Site Request Forgery": [[13, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48679"}}
{"text": "CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)", "spans": {"SYSTEM: CMSUno 1.6.2": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48996"}}
{"text": "CMSUno 1.6.2 - 'user' Remote Code Execution (Authenticated)", "spans": {"SYSTEM: CMSUno 1.6.2": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49031"}}
{"text": "CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: CMSuno 1.7": [[0, 10]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[19, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50179"}}
{"text": "Coastercms 5.8.18 - Stored XSS", "spans": {"SYSTEM: Coastercms 5.8.18": [[0, 17]], "VULNERABILITY: XSS": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "49181"}}
{"text": "Cockpit CMS 0.6.1 - Remote Code Execution", "spans": {"SYSTEM: Cockpit CMS 0.6.1": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49390"}}
{"text": "CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: CodeAstro Online Railway Reservation System 1.0": [[0, 47]], "VULNERABILITY: Cross Site Scripting": [[50, 70]]}, "info": {"source": "exploitdb", "exploit_id": "52159"}}
{"text": "CodeCanyon RISE CRM 3.7.0 - SQL Injection", "spans": {"SYSTEM: CodeCanyon RISE CRM 3.7.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[28, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52100"}}
{"text": "Codoforum 4.8.3 - 'input_txt' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Codoforum 4.8.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[30, 61]]}, "info": {"source": "exploitdb", "exploit_id": "47886"}}
{"text": "Codoforum 4.8.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Codoforum 4.8.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47876"}}
{"text": "CodoForum v5.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: CodoForum v5.1": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50978"}}
{"text": "Collabtive 3.1 - 'address' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Collabtive 3.1": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49468"}}
{"text": "College Management System 1.0 - 'course_code' SQL Injection (Authenticated)", "spans": {"SYSTEM: College Management System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50933"}}
{"text": "College-Management-System-Php 1.0 - Authentication Bypass", "spans": {"SYSTEM: College-Management-System-Php 1.0": [[0, 33]], "VULNERABILITY: Authentication Bypass": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48593"}}
{"text": "Color Prediction Game v1.0 - SQL Injection", "spans": {"SYSTEM: Color Prediction Game v1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51689"}}
{"text": "Comment System 1.0 - 'multiple' Stored Cross-Site Scripting", "spans": {"SYSTEM: Comment System 1.0": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49575"}}
{"text": "comments-like-dislike < 1.2.0 - Authenticated (Subscriber+) Plugin Setting Reset", "spans": {"SYSTEM: comments-like-dislike < 1.2.0": [[0, 29]], "VULNERABILITY: Authenticated (Subscriber+) Plugin Setting Reset": [[32, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51809"}}
{"text": "Company Visitor Management System (CVMS) 1.0 - Authentication Bypass", "spans": {"SYSTEM: Company Visitor Management System (CVMS) 1.0": [[0, 44]], "VULNERABILITY: Authentication Bypass": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48884"}}
{"text": "Company's Recruitment Management System 1.0 -  'description' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Company's Recruitment Management System 1.0": [[0, 43]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[61, 94]]}, "info": {"source": "exploitdb", "exploit_id": "50424"}}
{"text": "Company's Recruitment Management System 1.0 - 'Add New user' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Company's Recruitment Management System 1.0": [[0, 43]], "VULNERABILITY: CSRF": [[89, 93]]}, "info": {"source": "exploitdb", "exploit_id": "50425"}}
{"text": "Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Company's Recruitment Management System 1.0": [[0, 43]], "VULNERABILITY: SQL Injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50404"}}
{"text": "Company's Recruitment Management System 1.0. - 'title' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Company's Recruitment Management System 1.0.": [[0, 44]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[55, 88]]}, "info": {"source": "exploitdb", "exploit_id": "50421"}}
{"text": "Companymaps v8.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Companymaps v8.0": [[0, 16]], "VULNERABILITY: Stored Cross Site Scripting": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51417"}}
{"text": "Complaint Management System 1.0 - 'cid' SQL Injection", "spans": {"SYSTEM: Complaint Management System 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48758"}}
{"text": "Complaint Management System 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Complaint Management System 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48468"}}
{"text": "Complaint Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Complaint Management System 1.0": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48452"}}
{"text": "Complaint Management System 4.0 - 'cid' SQL injection", "spans": {"SYSTEM: Complaint Management System 4.0": [[0, 31]], "VULNERABILITY: SQL injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47847"}}
{"text": "Complaint Management System 4.0 - Remote Code Execution", "spans": {"SYSTEM: Complaint Management System 4.0": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "47884"}}
{"text": "Complaint Management System 4.2 - Authentication Bypass", "spans": {"SYSTEM: Complaint Management System 4.2": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48371"}}
{"text": "Complaint Management System 4.2 - Cross-Site Request Forgery (Delete User)", "spans": {"SYSTEM: Complaint Management System 4.2": [[0, 31]], "VULNERABILITY: Cross-Site Request Forgery": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48372"}}
{"text": "Complaint Management System 4.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Complaint Management System 4.2": [[0, 31]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48370"}}
{"text": "Complaints Report Management System 1.0 - 'username' SQL Injection / Remote Code Execution", "spans": {"SYSTEM: Complaints Report Management System 1.0": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[69, 90]]}, "info": {"source": "exploitdb", "exploit_id": "48985"}}
{"text": "Composr 10.0.36 - Remote Code Execution", "spans": {"SYSTEM: Composr 10.0.36": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49753"}}
{"text": "Composr CMS 10.0.30 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Composr CMS 10.0.30": [[0, 19]], "VULNERABILITY: Persistent Cross-Site Scripting": [[22, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48496"}}
{"text": "Composr CMS 10.0.34 - 'banners' Persistent Cross Site Scripting", "spans": {"SYSTEM: Composr CMS 10.0.34": [[0, 19]], "VULNERABILITY: Cross Site Scripting": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49190"}}
{"text": "Composr CMS 10.0.36 - Cross Site Scripting", "spans": {"SYSTEM: Composr CMS 10.0.36": [[0, 19]], "VULNERABILITY: Cross Site Scripting": [[22, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49749"}}
{"text": "Composr-CMS Version <=10.0.39 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Composr-CMS Version <=10.0.39": [[0, 29]], "VULNERABILITY: Authenticated Remote Code Execution": [[32, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51060"}}
{"text": "Computer Laboratory Management System v1.0 - Multiple-SQLi", "spans": {"SYSTEM: Computer Laboratory Management System v1.0": [[0, 42]], "VULNERABILITY: SQLi": [[54, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51965"}}
{"text": "Concrete5 8.5.4 - 'name' Stored XSS", "spans": {"SYSTEM: Concrete5 8.5.4": [[0, 15]], "VULNERABILITY: XSS": [[32, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49721"}}
{"text": "Concrete5 CME v9.1.3 - Xpath injection", "spans": {"SYSTEM: Concrete5 CME v9.1.3": [[0, 20]], "VULNERABILITY: Xpath injection": [[23, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51144"}}
{"text": "Contao 4.13.2 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Contao 4.13.2": [[0, 13]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50945"}}
{"text": "Content Management System 1.0 - 'email' SQL Injection", "spans": {"SYSTEM: Content Management System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49272"}}
{"text": "Content Management System 1.0 - 'First Name' Stored XSS", "spans": {"SYSTEM: Content Management System 1.0": [[0, 29]], "VULNERABILITY: XSS": [[52, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49271"}}
{"text": "Content Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Content Management System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49273"}}
{"text": "Control Web Panel 7 (CWP7) v0.9.8.1147 -  Remote Code Execution (RCE)", "spans": {"SYSTEM: Control Web Panel 7 (CWP7) v0.9.8.1147": [[0, 38]], "VULNERABILITY: Remote Code Execution (RCE)": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51250"}}
{"text": "Coppermine Gallery 1.6.25 - RCE", "spans": {"SYSTEM: Coppermine Gallery 1.6.25": [[0, 25]], "VULNERABILITY: RCE": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51738"}}
{"text": "Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting", "spans": {"SYSTEM: Cotonti Siena 0.9.19": [[0, 20]], "VULNERABILITY: Stored Cross-Site Scripting": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50016"}}
{"text": "CouchCMS 2.2.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: CouchCMS 2.2.1": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49636"}}
{"text": "CouchCMS 2.2.1 - Server-Side Request Forgery", "spans": {"SYSTEM: CouchCMS 2.2.1": [[0, 14]], "VULNERABILITY: Server-Side Request Forgery": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49675"}}
{"text": "Courier Management System 1.0 - 'First Name' Stored XSS", "spans": {"SYSTEM: Courier Management System 1.0": [[0, 29]], "VULNERABILITY: XSS": [[52, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49241"}}
{"text": "Courier Management System 1.0 - 'MULTIPART street ((custom) ' SQL Injection", "spans": {"SYSTEM: Courier Management System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[62, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49242"}}
{"text": "Courier Management System 1.0 - 'ref_no' SQL Injection", "spans": {"SYSTEM: Courier Management System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49243"}}
{"text": "Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Covid-19 Contact Tracing System 1.0": [[0, 35]], "VULNERABILITY: Remote Code Execution": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49604"}}
{"text": "COVID19 Testing Management System 1.0 - 'Admin name' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: COVID19 Testing Management System 1.0": [[0, 37]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[53, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49887"}}
{"text": "COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections", "spans": {"SYSTEM: COVID19 Testing Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50215"}}
{"text": "COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection", "spans": {"SYSTEM: COVID19 Testing Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50190"}}
{"text": "COVID19 Testing Management System 1.0 - 'State' Stored Cross-Site-Scripting (XSS)", "spans": {"SYSTEM: COVID19 Testing Management System 1.0": [[0, 37]], "VULNERABILITY: XSS": [[77, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49993"}}
{"text": "COVID19 Testing Management System 1.0 - SQL Injection (Auth Bypass)", "spans": {"SYSTEM: COVID19 Testing Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49886"}}
{"text": "Craft CMS 4.4.14 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Craft CMS 4.4.14": [[0, 16]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[19, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51918"}}
{"text": "CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution", "spans": {"SYSTEM: CraftCMS 3 vCard Plugin 1.0.0": [[0, 29]], "VULNERABILITY: Remote Code Execution": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48492"}}
{"text": "Credit Lite 1.5.4 - SQL Injection", "spans": {"SYSTEM: Credit Lite 1.5.4": [[0, 17]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51701"}}
{"text": "Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticated)", "spans": {"SYSTEM: Crime records Management System 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[49, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50213"}}
{"text": "Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Croogo 3.0.2": [[0, 12]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50603"}}
{"text": "Croogo 3.0.2 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Croogo 3.0.2": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50570"}}
{"text": "Croogo 3.0.2 - Unrestricted File Upload", "spans": {"SYSTEM: Croogo 3.0.2": [[0, 12]], "VULNERABILITY: Unrestricted File Upload": [[15, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50602"}}
{"text": "CRUD Operation 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: CRUD Operation 1.0": [[0, 18]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49393"}}
{"text": "Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated)", "spans": {"SYSTEM: Crypto Currency Tracker (CCT) 9.5": [[0, 33]], "VULNERABILITY: Admin Account Creation": [[36, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51688"}}
{"text": "CS-Cart 1.3.3 - 'classes_dir' LFI", "spans": {"SYSTEM: CS-Cart 1.3.3": [[0, 13]], "VULNERABILITY: LFI": [[30, 33]]}, "info": {"source": "exploitdb", "exploit_id": "48890"}}
{"text": "CS-Cart 1.3.3 - authenticated RCE", "spans": {"SYSTEM: CS-Cart 1.3.3": [[0, 13]], "VULNERABILITY: RCE": [[30, 33]]}, "info": {"source": "exploitdb", "exploit_id": "48891"}}
{"text": "CSE Bookstore 1.0 - 'quantity' Persistent Cross-site Scripting", "spans": {"SYSTEM: CSE Bookstore 1.0": [[0, 17]], "VULNERABILITY: Persistent Cross-site Scripting": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48973"}}
{"text": "CSE Bookstore 1.0 - Authentication Bypass", "spans": {"SYSTEM: CSE Bookstore 1.0": [[0, 17]], "VULNERABILITY: Authentication Bypass": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48960"}}
{"text": "CSE Bookstore 1.0 - Multiple SQL Injection", "spans": {"SYSTEM: CSE Bookstore 1.0": [[0, 17]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49314"}}
{"text": "CSZ CMS 1.2.7 - 'title' HTML Injection", "spans": {"SYSTEM: CSZ CMS 1.2.7": [[0, 13]], "VULNERABILITY: HTML Injection": [[24, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48357"}}
{"text": "CSZ CMS 1.2.7 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: CSZ CMS 1.2.7": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48354"}}
{"text": "CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion", "spans": {"SYSTEM: CSZ CMS 1.2.9": [[0, 13]], "VULNERABILITY: Arbitrary File Deletion": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50148"}}
{"text": "CSZ CMS 1.2.9 - 'Multiple' Blind SQLi(Authenticated)", "spans": {"SYSTEM: CSZ CMS 1.2.9": [[0, 13]], "VULNERABILITY: SQLi": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50846"}}
{"text": "CSZ CMS 1.2.9 - Multiple Cross-Site Scripting", "spans": {"SYSTEM: CSZ CMS 1.2.9": [[0, 13]], "VULNERABILITY: Cross-Site Scripting": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49364"}}
{"text": "CSZ CMS 1.3.0 - 'Multiple' Blind SQLi", "spans": {"SYSTEM: CSZ CMS 1.3.0": [[0, 13]], "VULNERABILITY: SQLi": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50899"}}
{"text": "CSZ CMS 1.3.0 - Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' )", "spans": {"SYSTEM: CSZ CMS 1.3.0": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51703"}}
{"text": "CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')", "spans": {"SYSTEM: CSZ CMS 1.3.0": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51704"}}
{"text": "CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution", "spans": {"SYSTEM: CSZ CMS Version 1.3.0": [[0, 21]], "VULNERABILITY: Remote Command Execution": [[38, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51863"}}
{"text": "CSZCMS v1.3.0 - SQL Injection (Authenticated)", "spans": {"SYSTEM: CSZCMS v1.3.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51916"}}
{"text": "Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)", "spans": {"SYSTEM: Cups Easy 1.0": [[0, 13]], "VULNERABILITY: Cross Site Request Forgery": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "47973"}}
{"text": "Curfew e-Pass Management System 1.0 - FromDate SQL Injection", "spans": {"SYSTEM: Curfew e-Pass Management System 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51778"}}
{"text": "Curfew e-Pass Management System 1.0 - Stored XSS", "spans": {"SYSTEM: Curfew e-Pass Management System 1.0": [[0, 35]], "VULNERABILITY: XSS": [[45, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49391"}}
{"text": "Customer Relationship Management (CRM) System 1.0 - 'Category' Persistent Cross site Scripting", "spans": {"SYSTEM: Customer Relationship Management (CRM) System 1.0": [[0, 49]], "VULNERABILITY: Persistent Cross site Scripting": [[63, 94]]}, "info": {"source": "exploitdb", "exploit_id": "49868"}}
{"text": "Customer Relationship Management System (CRM) 1.0 - Remote Code Execution", "spans": {"SYSTEM: Customer Relationship Management System (CRM) 1.0": [[0, 49]], "VULNERABILITY: Remote Code Execution": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50046"}}
{"text": "Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass", "spans": {"SYSTEM: Customer Relationship Management System (CRM) 1.0": [[0, 49]], "VULNERABILITY: Authentication Bypass": [[66, 87]]}, "info": {"source": "exploitdb", "exploit_id": "50158"}}
{"text": "Customer Support System 1.0  - 'description' Stored XSS in The Admin Panel", "spans": {"SYSTEM: Customer Support System 1.0": [[0, 27]], "VULNERABILITY: XSS": [[52, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49028"}}
{"text": "Customer Support System 1.0 - _First Name_ & _Last Name_ Stored XSS", "spans": {"SYSTEM: Customer Support System 1.0": [[0, 27]], "VULNERABILITY: XSS": [[64, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49275"}}
{"text": "Customer Support System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Customer Support System 1.0": [[0, 27]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49276"}}
{"text": "Customer Support System 1.0 - 'username' Authentication Bypass", "spans": {"SYSTEM: Customer Support System 1.0": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49030"}}
{"text": "Customer Support System 1.0 - Cross-Site Request Forgery", "spans": {"SYSTEM: Customer Support System 1.0": [[0, 27]], "VULNERABILITY: Cross-Site Request Forgery": [[30, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49029"}}
{"text": "Customer Support System 1.0 - Stored XSS", "spans": {"SYSTEM: Customer Support System 1.0": [[0, 27]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52057"}}
{"text": "CuteEditor for PHP 6.6 - Directory Traversal", "spans": {"SYSTEM: CuteEditor for PHP 6.6": [[0, 22]], "VULNERABILITY: Directory Traversal": [[25, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50994"}}
{"text": "CuteNews 2.1.2 - Arbitrary File Deletion", "spans": {"SYSTEM: CuteNews 2.1.2": [[0, 14]], "VULNERABILITY: Arbitrary File Deletion": [[17, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48447"}}
{"text": "CuteNews 2.1.2 - Authenticated Arbitrary File Upload", "spans": {"SYSTEM: CuteNews 2.1.2": [[0, 14]], "VULNERABILITY: Arbitrary File Upload": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48458"}}
{"text": "CuteNews 2.1.2 - Remote Code Execution", "spans": {"SYSTEM: CuteNews 2.1.2": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48800"}}
{"text": "CVE-2023-50071 - Multiple SQL Injection", "spans": {"SYSTEM: CVE-2023-50071": [[0, 14]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51862"}}
{"text": "Cyber Cafe Management System  Project (CCMS) 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Cyber Cafe Management System  Project (CCMS) 1.0": [[0, 48]], "VULNERABILITY: Persistent Cross-Site Scripting": [[51, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49204"}}
{"text": "Cyber Cafe Management System Project (CCMS) 1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Cyber Cafe Management System Project (CCMS) 1.0": [[0, 47]], "VULNERABILITY: Authentication Bypass": [[64, 85]]}, "info": {"source": "exploitdb", "exploit_id": "50355"}}
{"text": "Daily Expense Manager 1.0 - 'term' SQLi", "spans": {"SYSTEM: Daily Expense Manager 1.0": [[0, 25]], "VULNERABILITY: SQLi": [[35, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51973"}}
{"text": "Daily Expenses Management System 1.0 - 'item' SQL Injection", "spans": {"SYSTEM: Daily Expenses Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48737"}}
{"text": "Daily Expenses Management System 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Daily Expenses Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48730"}}
{"text": "Daily Habit Tracker 1.0 - Broken Access Control", "spans": {"SYSTEM: Daily Habit Tracker 1.0": [[0, 23]], "VULNERABILITY: Broken Access Control": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51954"}}
{"text": "Daily Habit Tracker 1.0 - SQL Injection", "spans": {"SYSTEM: Daily Habit Tracker 1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51953"}}
{"text": "Daily Habit Tracker 1.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Daily Habit Tracker 1.0": [[0, 23]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51952"}}
{"text": "Daily Tracker System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Daily Tracker System 1.0": [[0, 24]], "VULNERABILITY: Authentication Bypass": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48787"}}
{"text": "Dairy Farm Shop Management System 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Dairy Farm Shop Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47846"}}
{"text": "Dairy Farm Shop Management System 1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Dairy Farm Shop Management System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50365"}}
{"text": "DataCube3 v1.0 - Unrestricted file upload 'RCE'", "spans": {"SYSTEM: DataCube3 v1.0": [[0, 14]], "VULNERABILITY: RCE": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51868"}}
{"text": "dawa-pharma 1.0-2022 - Multiple-SQLi", "spans": {"SYSTEM: dawa-pharma 1.0-2022": [[0, 20]], "VULNERABILITY: SQLi": [[32, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51818"}}
{"text": "DedeCMS 7.5 SP2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: DedeCMS 7.5 SP2": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48326"}}
{"text": "DedeCMS v.5.8 - _keyword_ Cross-Site Scripting", "spans": {"SYSTEM: DedeCMS v.5.8": [[0, 13]], "VULNERABILITY: Cross-Site Scripting": [[26, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48974"}}
{"text": "Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection (Authenticated)", "spans": {"SYSTEM: Dental Clinic Appointment Reservation System 1.0": [[0, 48]], "VULNERABILITY: SQL Injection": [[70, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49861"}}
{"text": "Dental Clinic Appointment Reservation System 1.0 - 'Firstname' Persistent Cross Site Scripting (Authenticated)", "spans": {"SYSTEM: Dental Clinic Appointment Reservation System 1.0": [[0, 48]], "VULNERABILITY: Cross Site Scripting": [[74, 94]]}, "info": {"source": "exploitdb", "exploit_id": "49870"}}
{"text": "Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)", "spans": {"SYSTEM: Dental Clinic Appointment Reservation System 1.0": [[0, 48]], "VULNERABILITY: Authentication Bypass": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49860"}}
{"text": "Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Dental Clinic Appointment Reservation System 1.0": [[0, 48]], "VULNERABILITY: Cross Site Request Forgery": [[51, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49871"}}
{"text": "Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Device Manager Express 7.8.20002.47752": [[0, 38]], "VULNERABILITY: Remote Code Execution (RCE)": [[41, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51145"}}
{"text": "Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Diafan CMS 6.0": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[17, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51529"}}
{"text": "Digi AnywhereUSB 14 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: Digi AnywhereUSB 14": [[0, 19]], "VULNERABILITY: Cross-Site Scripting": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47914"}}
{"text": "Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass)", "spans": {"SYSTEM: Digital Crime Report Management System 1.0": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[60, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49761"}}
{"text": "Directory Management System 1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Directory Management System 1.0": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50370"}}
{"text": "Django 3.0 - Cross-Site Request Forgery Token Bypass", "spans": {"SYSTEM: Django 3.0": [[0, 10]], "VULNERABILITY: Cross-Site Request Forgery": [[13, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48303"}}
{"text": "Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)", "spans": {"SYSTEM: Doctors Patients Management System 1.0": [[0, 38]], "VULNERABILITY: Authentication Bypass": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50074"}}
{"text": "Dolibarr 11.0.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Dolibarr 11.0.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48504"}}
{"text": "Dolibarr 12.0.3 - SQLi to RCE", "spans": {"SYSTEM: Dolibarr 12.0.3": [[0, 15]], "VULNERABILITY: SQLi": [[18, 22]]}, "info": {"source": "exploitdb", "exploit_id": "49240"}}
{"text": "Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)", "spans": {"SYSTEM: Dolibarr ERP 11.0.4": [[0, 19]], "VULNERABILITY: RCE": [[69, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49711"}}
{"text": "Dolibarr ERP 14.0.1 - Privilege Escalation", "spans": {"SYSTEM: Dolibarr ERP 14.0.1": [[0, 19]], "VULNERABILITY: Privilege Escalation": [[22, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50248"}}
{"text": "Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Dolibarr ERP-CRM 12.0.3": [[0, 23]], "VULNERABILITY: Remote Code Execution": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49269"}}
{"text": "Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege Escalation", "spans": {"SYSTEM: Dolibarr ERP-CRM 14.0.2": [[0, 23]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50432"}}
{"text": "Dolibarr Version 17.0.1 - Stored XSS", "spans": {"SYSTEM: Dolibarr Version 17.0.1": [[0, 23]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51683"}}
{"text": "Dompdf 1.2.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Dompdf 1.2.1": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51270"}}
{"text": "Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities", "spans": {"SYSTEM: Dooblou WiFi File Explorer 1.13.3": [[0, 33]], "VULNERABILITY: Multiple Vulnerabilities": [[36, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51615"}}
{"text": "dotclear 2.25.3 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: dotclear 2.25.3": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51353"}}
{"text": "Dotclear 2.29 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Dotclear 2.29": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52037"}}
{"text": "Drupal 10.1.2 - web-cache-poisoning-External-service-interaction", "spans": {"SYSTEM: Drupal 10.1.2": [[0, 13]], "VULNERABILITY: web-cache-poisoning-External-service-interaction": [[16, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51723"}}
{"text": "Drupal 11.x-dev - Full Path Disclosure", "spans": {"SYSTEM: Drupal 11.x-dev": [[0, 15]], "VULNERABILITY: Full Path Disclosure": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52266"}}
{"text": "Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Drupal avatar_uploader v7.x-1.0-beta8": [[0, 37]], "VULNERABILITY: Cross Site Scripting": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50841"}}
{"text": "Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation", "spans": {"SYSTEM: Drupal Module MiniorangeSAML 8.x-2.22": [[0, 37]], "VULNERABILITY: Privilege escalation": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50361"}}
{"text": "DynPG 4.9.1 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: DynPG 4.9.1": [[0, 11]], "VULNERABILITY: Persistent Cross-Site Scripting": [[14, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48865"}}
{"text": "E-Commerce System 1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: E-Commerce System 1.0": [[0, 21]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[24, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48471"}}
{"text": "E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: E-INSUARANCE v1.0": [[0, 17]], "VULNERABILITY: Stored Cross Site Scripting": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51944"}}
{"text": "e-learning Php Script 0.1.0 - 'search' SQL Injection", "spans": {"SYSTEM: e-learning Php Script 0.1.0": [[0, 27]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48629"}}
{"text": "E-Learning System 1.0 - Authentication Bypass", "spans": {"SYSTEM: E-Learning System 1.0": [[0, 21]], "VULNERABILITY: Authentication Bypass": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49434"}}
{"text": "e107 CMS 2.3.0 - CSRF", "spans": {"SYSTEM: e107 CMS 2.3.0": [[0, 14]], "VULNERABILITY: CSRF": [[17, 21]]}, "info": {"source": "exploitdb", "exploit_id": "49614"}}
{"text": "e107 CMS 2.3.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: e107 CMS 2.3.0": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50315"}}
{"text": "e107 CMS v3.2.1 - Multiple Vulnerabilities", "spans": {"SYSTEM: e107 CMS v3.2.1": [[0, 15]], "VULNERABILITY: Multiple Vulnerabilities": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50910"}}
{"text": "e107 v2.3.2 - Reflected XSS", "spans": {"SYSTEM: e107 v2.3.2": [[0, 11]], "VULNERABILITY: XSS": [[24, 27]]}, "info": {"source": "exploitdb", "exploit_id": "51449"}}
{"text": "Easy Appointments 1.4.2 - Information Disclosure", "spans": {"SYSTEM: Easy Appointments 1.4.2": [[0, 23]], "VULNERABILITY: Information Disclosure": [[26, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50871"}}
{"text": "Easy2Pilot 7 - Cross-Site Request Forgery (Add User)", "spans": {"SYSTEM: Easy2Pilot 7": [[0, 12]], "VULNERABILITY: Cross-Site Request Forgery": [[15, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48099"}}
{"text": "EasyPHP Webserver 14.1 - Multiple Vulnerabilities (RCE and Path Traversal)", "spans": {"SYSTEM: EasyPHP Webserver 14.1": [[0, 22]], "VULNERABILITY: Path Traversal": [[59, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51430"}}
{"text": "ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: ECK Hotel 1.0": [[0, 13]], "VULNERABILITY: Cross-Site Request Forgery": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48258"}}
{"text": "Ecommerce Systempay 1.0 - Production KEY Brute Force", "spans": {"SYSTEM: Ecommerce Systempay 1.0": [[0, 23]], "VULNERABILITY: Production KEY Brute Force": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48017"}}
{"text": "Ecommerse v1.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Ecommerse v1.0": [[0, 14]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[17, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51140"}}
{"text": "ECSIMAGING PACS 6.21.5 - Remote code execution", "spans": {"SYSTEM: ECSIMAGING PACS 6.21.5": [[0, 22]], "VULNERABILITY: Remote code execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49388"}}
{"text": "ECSIMAGING PACS 6.21.5 - SQL injection", "spans": {"SYSTEM: ECSIMAGING PACS 6.21.5": [[0, 22]], "VULNERABILITY: SQL injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49392"}}
{"text": "EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection", "spans": {"SYSTEM: EgavilanMedia PHPCRUD 1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49878"}}
{"text": "EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting", "spans": {"SYSTEM: EgavilanMedia PHPCRUD 1.0": [[0, 25]], "VULNERABILITY: Stored Cross Site Scripting": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49484"}}
{"text": "EgavilanMedia User Registration & Login System with Admin Panel Exploit - SQLi Auth Bypass", "spans": {"SYSTEM: EgavilanMedia User Registration & Login System with Admin Panel Exploit": [[0, 71]], "VULNERABILITY: SQLi": [[74, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49058"}}
{"text": "eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution", "spans": {"SYSTEM: eGroupWare 1.14": [[0, 15]], "VULNERABILITY: Remote Command Execution": [[37, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48720"}}
{"text": "Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS", "spans": {"SYSTEM: Elaine's Realtime CRM Automation 6.18.17": [[0, 40]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "52106"}}
{"text": "elaniin CMS - Authentication Bypass", "spans": {"SYSTEM: elaniin CMS": [[0, 11]], "VULNERABILITY: Authentication Bypass": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48705"}}
{"text": "elaniin CMS 1.0 - Authentication Bypass", "spans": {"SYSTEM: elaniin CMS 1.0": [[0, 15]], "VULNERABILITY: Authentication Bypass": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "47858"}}
{"text": "Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure", "spans": {"SYSTEM: Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0": [[0, 53]], "VULNERABILITY: Device Config Disclosure": [[56, 80]]}, "info": {"source": "exploitdb", "exploit_id": "52005"}}
{"text": "eLection 2.0 - 'id' SQL Injection", "spans": {"SYSTEM: eLection 2.0": [[0, 12]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "48122"}}
{"text": "Elementor Website Builder < 3.12.2 - Admin+ SQLi", "spans": {"SYSTEM: Elementor Website Builder < 3.12.2": [[0, 34]], "VULNERABILITY: SQLi": [[44, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51956"}}
{"text": "elFinder Web file manager Version - 2.1.53 Remote Command Execution", "spans": {"SYSTEM: elFinder Web file manager Version": [[0, 33]], "VULNERABILITY: Remote Command Execution": [[43, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51864"}}
{"text": "ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting", "spans": {"SYSTEM: ElkarBackup 1.3.3": [[0, 17]], "VULNERABILITY: and 'Policy[Description]' Stored Cross-site Scripting": [[35, 88]]}, "info": {"source": "exploitdb", "exploit_id": "49121"}}
{"text": "ElkarBackup 1.3.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: ElkarBackup 1.3.3": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48756"}}
{"text": "ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: ElkArte Forum 1.1.9": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52026"}}
{"text": "Emagic Data Center Management Suite v6.0 - OS Command Injection", "spans": {"SYSTEM: Emagic Data Center Management Suite v6.0": [[0, 40]], "VULNERABILITY: Command Injection": [[46, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51673"}}
{"text": "Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Employee and Visitor Gate Pass Logging System 1.0": [[0, 49]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[59, 92]]}, "info": {"source": "exploitdb", "exploit_id": "50507"}}
{"text": "Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Employee Daily Task Management System 1.0": [[0, 41]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[51, 84]]}, "info": {"source": "exploitdb", "exploit_id": "50506"}}
{"text": "Employee Management System 1.0 - 'admin_id' SQLi", "spans": {"SYSTEM: Employee Management System 1.0": [[0, 30]], "VULNERABILITY: SQLi": [[44, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51911"}}
{"text": "Employee Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Employee Management System 1.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48882"}}
{"text": "Employee Management System 1.0 - Cross Site Scripting (Stored)", "spans": {"SYSTEM: Employee Management System 1.0": [[0, 30]], "VULNERABILITY: Cross Site Scripting": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48881"}}
{"text": "Employee Management System 1.0 - _txtfullname_ and _txtphone_ SQL Injection", "spans": {"SYSTEM: Employee Management System 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[62, 75]]}, "info": {"source": "exploitdb", "exploit_id": "51950"}}
{"text": "Employee Management System 1.0 - _txtusername_ and _txtpassword_ SQL Injection (Admin Login)", "spans": {"SYSTEM: Employee Management System 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[65, 78]]}, "info": {"source": "exploitdb", "exploit_id": "51951"}}
{"text": "Employee Management System v1 - 'email' SQL Injection", "spans": {"SYSTEM: Employee Management System v1": [[0, 29]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51803"}}
{"text": "Employee Performance Evaluation System 1.0 - 'Task and Description' Persistent Cross Site Scripting", "spans": {"SYSTEM: Employee Performance Evaluation System 1.0": [[0, 42]], "VULNERABILITY: Cross Site Scripting": [[79, 99]]}, "info": {"source": "exploitdb", "exploit_id": "49215"}}
{"text": "Employee Performance Evaluation System v1.0 - File Inclusion and RCE", "spans": {"SYSTEM: Employee Performance Evaluation System v1.0": [[0, 43]], "VULNERABILITY: File Inclusion": [[46, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51049"}}
{"text": "Employee Record Management System 1.2 - 'empid' SQL injection (Unauthenticated)", "spans": {"SYSTEM: Employee Record Management System 1.2": [[0, 37]], "VULNERABILITY: SQL injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50467"}}
{"text": "Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Employee Record Management System 1.2": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[40, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50112"}}
{"text": "Employee Record System 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Employee Record System 1.0": [[0, 26]], "VULNERABILITY: XSS": [[45, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49280"}}
{"text": "Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution", "spans": {"SYSTEM: Employee Record System 1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49389"}}
{"text": "Employee Task Management System v1.0 - Broken Authentication", "spans": {"SYSTEM: Employee Task Management System v1.0": [[0, 36]], "VULNERABILITY: Broken Authentication": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51285"}}
{"text": "Employee Task Management System v1.0 - SQL Injection on (task-details.php?task_id=?)", "spans": {"SYSTEM: Employee Task Management System v1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51286"}}
{"text": "Employee Task Management System v1.0 - SQL Injection on edit-task.php", "spans": {"SYSTEM: Employee Task Management System v1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51287"}}
{"text": "Employees Daily Task Management System 1.0 - 'multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: Employees Daily Task Management System 1.0": [[0, 42]], "VULNERABILITY: Cross Site Scripting": [[56, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50583"}}
{"text": "Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass", "spans": {"SYSTEM: Employees Daily Task Management System 1.0": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50582"}}
{"text": "Engineers Online Portal 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Engineers Online Portal 1.0": [[0, 27]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50453"}}
{"text": "Engineers Online Portal 1.0 - 'multiple' Authentication Bypass", "spans": {"SYSTEM: Engineers Online Portal 1.0": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50452"}}
{"text": "Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Engineers Online Portal 1.0": [[0, 27]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[41, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50451"}}
{"text": "Engineers Online Portal 1.0 - File Upload Remote Code Execution (RCE)", "spans": {"SYSTEM: Engineers Online Portal 1.0": [[0, 27]], "VULNERABILITY: Remote Code Execution (RCE)": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50444"}}
{"text": "Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)", "spans": {"SYSTEM: Enrollment System Project v1.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51501"}}
{"text": "Equipment Inventory System 1.0 - 'multiple' Stored XSS", "spans": {"SYSTEM: Equipment Inventory System 1.0": [[0, 30]], "VULNERABILITY: XSS": [[51, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49722"}}
{"text": "ERPGo SaaS 3.9 - CSV Injection", "spans": {"SYSTEM: ERPGo SaaS 3.9": [[0, 14]], "VULNERABILITY: CSV Injection": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51220"}}
{"text": "Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Eve-ng 5.0.1-13": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[18, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51153"}}
{"text": "Event Registration System with QR Code 1.0 - Authentication Bypass", "spans": {"SYSTEM: Event Registration System with QR Code 1.0": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50159"}}
{"text": "Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Evolution CMS 3.1.6": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50296"}}
{"text": "Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Exagate Sysguard 6001": [[0, 21]], "VULNERABILITY: Cross-Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48234"}}
{"text": "Exam Form Submission System 1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Exam Form Submission System 1.0": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50360"}}
{"text": "Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated)", "spans": {"SYSTEM: Exam Hall Management System 1.0": [[0, 31]], "VULNERABILITY: Unrestricted File Upload": [[34, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50103"}}
{"text": "Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthenticated)", "spans": {"SYSTEM: Exam Hall Management System 1.0": [[0, 31]], "VULNERABILITY: Unrestricted File Upload + RCE": [[34, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50111"}}
{"text": "Exam Reviewer Management System 1.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Exam Reviewer Management System 1.0": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50726"}}
{"text": "Exam Reviewer Management System 1.0 - ‘id’ SQL Injection", "spans": {"SYSTEM: Exam Reviewer Management System 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50725"}}
{"text": "Expense Tracker 1.0 - 'Expense Name' Stored Cross-Site Scripting", "spans": {"SYSTEM: Expense Tracker 1.0": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting": [[37, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49373"}}
{"text": "Explore CMS 1.0 - SQL Injection", "spans": {"SYSTEM: Explore CMS 1.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "50920"}}
{"text": "Exponent CMS 2.6 - Multiple Vulnerabilities", "spans": {"SYSTEM: Exponent CMS 2.6": [[0, 16]], "VULNERABILITY: Multiple Vulnerabilities": [[19, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50611"}}
{"text": "Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Extensive VC Addons for WPBakery page builder 1.9.0": [[0, 51]], "VULNERABILITY: Remote Code Execution (RCE)": [[54, 81]]}, "info": {"source": "exploitdb", "exploit_id": "52085"}}
{"text": "eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)", "spans": {"SYSTEM: eXtplorer<= 2.1.14": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[45, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51067"}}
{"text": "EyesOfNetwork 5.3 - Remote Code Execution", "spans": {"SYSTEM: EyesOfNetwork 5.3": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48025"}}
{"text": "EyouCMS 1.4.6 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: EyouCMS 1.4.6": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48530"}}
{"text": "Faculty Evaluation System 1.0 - Stored XSS", "spans": {"SYSTEM: Faculty Evaluation System 1.0": [[0, 29]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49320"}}
{"text": "Faculty Evaluation System 1.0 - Unauthenticated File Upload", "spans": {"SYSTEM: Faculty Evaluation System 1.0": [[0, 29]], "VULNERABILITY: File Upload": [[48, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51495"}}
{"text": "Faculty Evaluation System v1.0 - SQL Injection", "spans": {"SYSTEM: Faculty Evaluation System v1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51573"}}
{"text": "Fast PHP Chat 1.3 - 'my_item_search' SQL Injection", "spans": {"SYSTEM: Fast PHP Chat 1.3": [[0, 17]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49777"}}
{"text": "Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting", "spans": {"SYSTEM: Faulty Evaluation System 1.0": [[0, 28]], "VULNERABILITY: Stored Cross-Site Scripting": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49569"}}
{"text": "Feehi CMS 2.1.1 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Feehi CMS 2.1.1": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51018"}}
{"text": "Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Feehi CMS 2.1.1": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[18, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51002"}}
{"text": "Feng Office 3.11.1.2 - SQL Injection", "spans": {"SYSTEM: Feng Office 3.11.1.2": [[0, 20]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52154"}}
{"text": "FHEM 6.0 - Local File Inclusion", "spans": {"SYSTEM: FHEM 6.0": [[0, 8]], "VULNERABILITY: Local File Inclusion": [[11, 31]]}, "info": {"source": "exploitdb", "exploit_id": "48621"}}
{"text": "File Management System 1.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: File Management System 1.1": [[0, 26]], "VULNERABILITY: Persistent Cross-Site Scripting": [[29, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48635"}}
{"text": "File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: File Manager Advanced Shortcode 2.3.2": [[0, 37]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[40, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51505"}}
{"text": "File Thingie 2.5.7 - Remote Code Execution (RCE)", "spans": {"SYSTEM: File Thingie 2.5.7": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51436"}}
{"text": "FileCloud 21.2 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: FileCloud 21.2": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50774"}}
{"text": "Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Filerun 2021.03.26": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50313"}}
{"text": "Fishing Reservation System 7.5 - 'uid' SQL Injection", "spans": {"SYSTEM: Fishing Reservation System 7.5": [[0, 30]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48417"}}
{"text": "Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Flatboard 3.2": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52054"}}
{"text": "flatCore 1.5 - Cross Site Request Forgery (CSRF)", "spans": {"SYSTEM: flatCore 1.5": [[0, 12]], "VULNERABILITY: CSRF": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52166"}}
{"text": "flatCore 1.5.5 - Arbitrary File Upload", "spans": {"SYSTEM: flatCore 1.5.5": [[0, 14]], "VULNERABILITY: Arbitrary File Upload": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52165"}}
{"text": "FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: FlatCore CMS 2.0.7": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50262"}}
{"text": "FlatCore CMS 2.1.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: FlatCore CMS 2.1.1": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[21, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51068"}}
{"text": "flatnux 2021-03.25 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: flatnux 2021-03.25": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51295"}}
{"text": "Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Flatpress Add Blog 1.0.3": [[0, 24]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48826"}}
{"text": "FlatPress v1.3 - Remote Command Execution", "spans": {"SYSTEM: FlatPress v1.3": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51997"}}
{"text": "FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)", "spans": {"SYSTEM: FlexNet Publisher 11.12.1": [[0, 25]], "VULNERABILITY: Cross-Site Request Forgery": [[28, 54]]}, "info": {"source": "exploitdb", "exploit_id": "47986"}}
{"text": "FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: FluxBB 1.5.11": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52090"}}
{"text": "FoF Pretty Mail 1.1.2 - Local File Inclusion (LFI)", "spans": {"SYSTEM: FoF Pretty Mail 1.1.2": [[0, 21]], "VULNERABILITY: Local File Inclusion": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51947"}}
{"text": "FoF Pretty Mail 1.1.2 - Server Side Template Injection (SSTI)", "spans": {"SYSTEM: FoF Pretty Mail 1.1.2": [[0, 21]], "VULNERABILITY: SSTI": [[56, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51948"}}
{"text": "FOGProject 1.5.9 - File Upload RCE (Authenticated)", "spans": {"SYSTEM: FOGProject 1.5.9": [[0, 16]], "VULNERABILITY: RCE": [[31, 34]]}, "info": {"source": "exploitdb", "exploit_id": "49811"}}
{"text": "Fork CMS 5.8.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Fork CMS 5.8.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48348"}}
{"text": "Forma LMS 2.3 - 'First & Last Name' Stored Cross-Site Scripting", "spans": {"SYSTEM: Forma LMS 2.3": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49197"}}
{"text": "forma.lms 5.6.40 - Cross-Site Request Forgery (Change Admin Email)", "spans": {"SYSTEM: forma.lms 5.6.40": [[0, 16]], "VULNERABILITY: Cross-Site Request Forgery": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48494"}}
{"text": "forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: forma.lms The E-Learning Suite 2.3.0.2": [[0, 38]], "VULNERABILITY: Persistent Cross-Site Scripting": [[41, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48478"}}
{"text": "Free School Management Software 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Free School Management Software 1.0": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50586"}}
{"text": "Free School Management Software 1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Free School Management Software 1.0": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50587"}}
{"text": "FreePBX 16 -  Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: FreePBX 16": [[0, 10]], "VULNERABILITY: Remote Code Execution (RCE)": [[14, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52031"}}
{"text": "Froxlor 0.10.29.1 - SQL Injection (Authenticated)", "spans": {"SYSTEM: Froxlor 0.10.29.1": [[0, 17]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "50502"}}
{"text": "Froxlor 2.0.3 Stable - Remote Code Execution (RCE)", "spans": {"SYSTEM: Froxlor 2.0.3 Stable": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51263"}}
{"text": "Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Froxlor Froxlor Server Management Panel 0.10.16": [[0, 47]], "VULNERABILITY: Persistent Cross-Site Scripting": [[50, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49063"}}
{"text": "FUDForum 3.1.0 - 'author' Reflected XSS", "spans": {"SYSTEM: FUDForum 3.1.0": [[0, 14]], "VULNERABILITY: XSS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49943"}}
{"text": "FUDForum 3.1.0 - 'srch' Reflected XSS", "spans": {"SYSTEM: FUDForum 3.1.0": [[0, 14]], "VULNERABILITY: XSS": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49942"}}
{"text": "Fuel CMS 1.4.1 - Remote Code Execution (2)", "spans": {"SYSTEM: Fuel CMS 1.4.1": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49487"}}
{"text": "Fuel CMS 1.4.1 - Remote Code Execution (3)", "spans": {"SYSTEM: Fuel CMS 1.4.1": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50477"}}
{"text": "Fuel CMS 1.4.13 - 'col' Blind SQL Injection (Authenticated)", "spans": {"SYSTEM: Fuel CMS 1.4.13": [[0, 15]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50523"}}
{"text": "Fuel CMS 1.4.7 - 'col' SQL Injection (Authenticated)", "spans": {"SYSTEM: Fuel CMS 1.4.7": [[0, 14]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48741"}}
{"text": "Fuel CMS 1.4.8 - 'fuel_replace_id' SQL Injection (Authenticated)", "spans": {"SYSTEM: Fuel CMS 1.4.8": [[0, 14]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48778"}}
{"text": "Fuel CMS 1.5.0 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Fuel CMS 1.5.0": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50884"}}
{"text": "Fundraising Script 1.0 - SQLi", "spans": {"SYSTEM: Fundraising Script 1.0": [[0, 22]], "VULNERABILITY: SQLi": [[25, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51753"}}
{"text": "FusionPBX 4.5.29 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: FusionPBX 4.5.29": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50505"}}
{"text": "Gadget Works Online Ordering System 1.0 - 'Category' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Gadget Works Online Ordering System 1.0": [[0, 39]], "VULNERABILITY: Persistent Cross-Site Scripting": [[53, 84]]}, "info": {"source": "exploitdb", "exploit_id": "49904"}}
{"text": "Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Garbage Collection Management System 1.0": [[0, 40]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50085"}}
{"text": "Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload", "spans": {"SYSTEM: Garbage Collection Management System 1.0": [[0, 40]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50123"}}
{"text": "GDidees CMS 3.9.1 - Local File Disclosure", "spans": {"SYSTEM: GDidees CMS 3.9.1": [[0, 17]], "VULNERABILITY: Local File Disclosure": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51381"}}
{"text": "GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: GetSimple CMS 3.3.16": [[0, 20]], "VULNERABILITY: Persistent Cross-Site Scripting": [[23, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49726"}}
{"text": "GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: GetSimple CMS 3.3.16": [[0, 20]], "VULNERABILITY: Persistent Cross-Site Scripting": [[23, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48850"}}
{"text": "GetSimple CMS 3.3.4 - Information Disclosure", "spans": {"SYSTEM: GetSimple CMS 3.3.4": [[0, 19]], "VULNERABILITY: Information Disclosure": [[22, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49928"}}
{"text": "GetSimple CMS Custom JS 0.1 - Cross-Site Request Forgery", "spans": {"SYSTEM: GetSimple CMS Custom JS 0.1": [[0, 27]], "VULNERABILITY: Cross-Site Request Forgery": [[30, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49816"}}
{"text": "GetSimple CMS My SMTP Contact Plugin 1.1.1 - Cross-Site Request Forgery", "spans": {"SYSTEM: GetSimple CMS My SMTP Contact Plugin 1.1.1": [[0, 42]], "VULNERABILITY: Cross-Site Request Forgery": [[45, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49774"}}
{"text": "GetSimple CMS My SMTP Contact Plugin 1.1.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: GetSimple CMS My SMTP Contact Plugin 1.1.2": [[0, 42]], "VULNERABILITY: Persistent Cross-Site Scripting": [[45, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49798"}}
{"text": "GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: GetSimple CMS Plugin Multi User 1.8.2": [[0, 37]], "VULNERABILITY: Cross-Site Request Forgery": [[40, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48745"}}
{"text": "GetSimple CMS v3.3.16 - Remote Code Execution (RCE)", "spans": {"SYSTEM: GetSimple CMS v3.3.16": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51475"}}
{"text": "GetSimpleCMS 3.3.16 - Remote Code Execution (RCE)", "spans": {"SYSTEM: GetSimpleCMS 3.3.16": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52168"}}
{"text": "Gibbon LMS < v26.0.00 - Authenticated RCE", "spans": {"SYSTEM: Gibbon LMS < v26.0.00": [[0, 21]], "VULNERABILITY: RCE": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51903"}}
{"text": "Gibbon LMS v26.0.00 - SSTI vulnerability", "spans": {"SYSTEM: Gibbon LMS v26.0.00": [[0, 19]], "VULNERABILITY: SSTI": [[22, 26]]}, "info": {"source": "exploitdb", "exploit_id": "51962"}}
{"text": "Gila CMS 1.10.9 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Gila CMS 1.10.9": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51569"}}
{"text": "Gila CMS 1.11.8 - 'query' SQL Injection", "spans": {"SYSTEM: Gila CMS 1.11.8": [[0, 15]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48590"}}
{"text": "Gila CMS 2.0.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Gila CMS 2.0.0": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49412"}}
{"text": "Global - Multi School Management System Express v1.0- SQL Injection", "spans": {"SYSTEM: Global": [[0, 6]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51690"}}
{"text": "GLPI  Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: GLPI  Cartography Plugin v6.0.0": [[0, 31]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[34, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51234"}}
{"text": "GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin", "spans": {"SYSTEM: GLPI 4.0.2": [[0, 10]], "VULNERABILITY: Local File Inclusion": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51229"}}
{"text": "GLPI 9.4.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: GLPI 9.4.5": [[0, 10]], "VULNERABILITY: Remote Code Execution (RCE)": [[13, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49992"}}
{"text": "GLPI 9.5.3 - 'fromtype' Unsafe Reflection", "spans": {"SYSTEM: GLPI 9.5.3": [[0, 10]], "VULNERABILITY: Unsafe Reflection": [[24, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49628"}}
{"text": "GLPI 9.5.7 - Username Enumeration", "spans": {"SYSTEM: GLPI 9.5.7": [[0, 10]], "VULNERABILITY: Username Enumeration": [[13, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51418"}}
{"text": "GLPI Activity  v3.1.0 - Authenticated Local File Inclusion on Activity plugin", "spans": {"SYSTEM: GLPI Activity  v3.1.0": [[0, 21]], "VULNERABILITY: Local File Inclusion": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51232"}}
{"text": "GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion", "spans": {"SYSTEM: GLPI Glpiinventory v1.0.1": [[0, 25]], "VULNERABILITY: Local File Inclusion": [[44, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51230"}}
{"text": "GLPI GZIP(Py3) 9.4.5 - RCE", "spans": {"SYSTEM: GLPI GZIP(Py3) 9.4.5": [[0, 20]], "VULNERABILITY: RCE": [[23, 26]]}, "info": {"source": "exploitdb", "exploit_id": "51726"}}
{"text": "GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration)", "spans": {"SYSTEM: GLPI v10.0.2": [[0, 12]], "VULNERABILITY: SQL Injection": [[15, 28]]}, "info": {"source": "exploitdb", "exploit_id": "51233"}}
{"text": "Gnuboard5 5.3.2.8 - SQL Injection", "spans": {"SYSTEM: Gnuboard5 5.3.2.8": [[0, 17]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "52167"}}
{"text": "GOautodial 4.0 - Authenticated Shell Upload", "spans": {"SYSTEM: GOautodial 4.0": [[0, 14]], "VULNERABILITY: Authenticated Shell Upload": [[17, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48923"}}
{"text": "GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: GOautodial 4.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48690"}}
{"text": "Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Grav CMS 1.6.30 Admin Plugin 1.9.18": [[0, 35]], "VULNERABILITY: Persistent Cross-Site Scripting": [[51, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49264"}}
{"text": "Grav CMS 1.7.10 - Server-Side Template Injection (SSTI) (Authenticated)", "spans": {"SYSTEM: Grav CMS 1.7.10": [[0, 15]], "VULNERABILITY: SSTI": [[50, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49961"}}
{"text": "Grav CMS 1.7.48 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Grav CMS 1.7.48": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52402"}}
{"text": "GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)", "spans": {"SYSTEM: GravCMS 1.10.7": [[0, 14]], "VULNERABILITY: Arbitrary YAML Write/Update": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49973"}}
{"text": "GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)", "spans": {"SYSTEM: GravCMS 1.10.7": [[0, 14]], "VULNERABILITY: Arbitrary File Write": [[33, 53]], "TOOL: Metasploit": [[55, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49788"}}
{"text": "grocy 2.7.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: grocy 2.7.1": [[0, 11]], "VULNERABILITY: Persistent Cross-Site Scripting": [[14, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48792"}}
{"text": "Grocy <=4.0.2 - CSRF", "spans": {"SYSTEM: Grocy <=4.0.2": [[0, 13]], "VULNERABILITY: CSRF": [[16, 20]]}, "info": {"source": "exploitdb", "exploit_id": "51760"}}
{"text": "Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: Grokability Snipe-IT 8.0.4": [[0, 26]], "VULNERABILITY: Insecure Direct Object Reference": [[29, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52282"}}
{"text": "Groomify v1.0 - SQL Injection", "spans": {"SYSTEM: Groomify v1.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51526"}}
{"text": "GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection", "spans": {"SYSTEM: GUnet OpenEclass 1.7.3 E-learning platform": [[0, 42]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48163"}}
{"text": "GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection", "spans": {"SYSTEM: GUnet OpenEclass E-learning platform 1.7.3": [[0, 42]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48106"}}
{"text": "GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload", "spans": {"SYSTEM: GUnet OpenEclass E-learning platform 3.15": [[0, 41]], "VULNERABILITY: Unrestricted File Upload": [[60, 84]]}, "info": {"source": "exploitdb", "exploit_id": "51975"}}
{"text": "GuppY CMS v6.00.10 - Remote Code Execution", "spans": {"SYSTEM: GuppY CMS v6.00.10": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51052"}}
{"text": "Gym Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Gym Management System 1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48936"}}
{"text": "Gym Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Gym Management System 1.0": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48940"}}
{"text": "Gym Management System 1.0 - Stored Cross Site Scripting", "spans": {"SYSTEM: Gym Management System 1.0": [[0, 25]], "VULNERABILITY: Stored Cross Site Scripting": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48941"}}
{"text": "Gym Management System 1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Gym Management System 1.0": [[0, 25]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[28, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48506"}}
{"text": "GYM MS - GYM Management System - Cross Site Scripting (Stored)", "spans": {"SYSTEM: GYM MS - GYM Management System": [[0, 30]], "VULNERABILITY: Cross Site Scripting": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51777"}}
{"text": "GZ Forum Script 1.8 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: GZ Forum Script 1.8": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[22, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51559"}}
{"text": "Helmet Store Showroom v1.0 - SQL Injection", "spans": {"SYSTEM: Helmet Store Showroom v1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51132"}}
{"text": "Helpdeskz v2.0.2 - Stored XSS", "spans": {"SYSTEM: Helpdeskz v2.0.2": [[0, 16]], "VULNERABILITY: XSS": [[26, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52068"}}
{"text": "Hestia Control Panel 1.3.2 - Arbitrary File Write", "spans": {"SYSTEM: Hestia Control Panel 1.3.2": [[0, 26]], "VULNERABILITY: Arbitrary File Write": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49667"}}
{"text": "Hide My WP < 6.2.9 - Unauthenticated SQLi", "spans": {"SYSTEM: Hide My WP < 6.2.9": [[0, 18]], "VULNERABILITY: SQLi": [[37, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51871"}}
{"text": "hits script 1.0 - 'item_name' SQL Injection", "spans": {"SYSTEM: hits script 1.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48399"}}
{"text": "Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection", "spans": {"SYSTEM: Home Owners Collection Management System 1.0": [[0, 44]], "VULNERABILITY: SQL Injection": [[58, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50732"}}
{"text": "Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)", "spans": {"SYSTEM: Home Owners Collection Management System 1.0": [[0, 44]], "VULNERABILITY: Account Takeover": [[47, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50730"}}
{"text": "Home Owners Collection Management System 1.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Home Owners Collection Management System 1.0": [[0, 44]], "VULNERABILITY: Remote Code Execution (RCE)": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50731"}}
{"text": "Horde Groupware Webmail Edition 5.2.22 - PHAR Loading", "spans": {"SYSTEM: Horde Groupware Webmail Edition 5.2.22": [[0, 38]], "VULNERABILITY: PHAR Loading": [[41, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48210"}}
{"text": "Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion", "spans": {"SYSTEM: Horde Groupware Webmail Edition 5.2.22": [[0, 38]], "VULNERABILITY: File Inclusion": [[45, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48209"}}
{"text": "Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution", "spans": {"SYSTEM: Horde Groupware Webmail Edition 5.2.22": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48215"}}
{"text": "Hospital Management Startup 1.0 - 'Multiple' SQLi", "spans": {"SYSTEM: Hospital Management Startup 1.0": [[0, 31]], "VULNERABILITY: SQLi": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50729"}}
{"text": "Hospital Management System 4.0 - 'multiple' SQL Injection", "spans": {"SYSTEM: Hospital Management System 4.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50718"}}
{"text": "Hospital Management System 4.0 - 'searchdata' SQL Injection", "spans": {"SYSTEM: Hospital Management System 4.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "47840"}}
{"text": "Hospital Management System 4.0 - Authentication Bypass", "spans": {"SYSTEM: Hospital Management System 4.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "47836"}}
{"text": "Hospital Management System 4.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Hospital Management System 4.0": [[0, 30]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47841"}}
{"text": "Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Hospital Management System v1.0": [[0, 31]], "VULNERABILITY: Stored Cross Site Scripting": [[34, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51945"}}
{"text": "Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Hospitals Patient Records Management System 1.0": [[0, 47]], "VULNERABILITY: Stored Cross Site Scripting": [[60, 87]]}, "info": {"source": "exploitdb", "exploit_id": "50658"}}
{"text": "Hospitals Patient Records Management System 1.0 - 'id' SQL Injection (Authenticated)", "spans": {"SYSTEM: Hospitals Patient Records Management System 1.0": [[0, 47]], "VULNERABILITY: SQL Injection": [[55, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50630"}}
{"text": "Hospitals Patient Records Management System 1.0 - 'room_list' Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Hospitals Patient Records Management System 1.0": [[0, 47]], "VULNERABILITY: Stored Cross Site Scripting": [[62, 89]]}, "info": {"source": "exploitdb", "exploit_id": "50657"}}
{"text": "Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Hospitals Patient Records Management System 1.0": [[0, 47]], "VULNERABILITY: Stored Cross Site Scripting": [[63, 90]]}, "info": {"source": "exploitdb", "exploit_id": "50656"}}
{"text": "Hospitals Patient Records Management System 1.0 - Account TakeOver", "spans": {"SYSTEM: Hospitals Patient Records Management System 1.0": [[0, 47]], "VULNERABILITY: Account TakeOver": [[50, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50631"}}
{"text": "Hostel Management System 2.0 - 'id' SQL Injection", "spans": {"SYSTEM: Hostel Management System 2.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47854"}}
{"text": "Hostel Management System 2.0 - 'id' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Hostel Management System 2.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48542"}}
{"text": "Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)", "spans": {"SYSTEM: Hostel Management System 2.1": [[0, 28]], "VULNERABILITY: Cross Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48905"}}
{"text": "Hostel Management System 2.1 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Hostel Management System 2.1": [[0, 28]], "VULNERABILITY: Cross Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50628"}}
{"text": "Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS", "spans": {"SYSTEM: Hotel And Lodge Management System 1.0": [[0, 37]], "VULNERABILITY: XSS": [[66, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49700"}}
{"text": "Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Hotel and Lodge Management System 1.0": [[0, 37]], "VULNERABILITY: Remote Code Execution": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49625"}}
{"text": "Hotel Druid 3.0.3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Hotel Druid 3.0.3": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50754"}}
{"text": "Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)", "spans": {"SYSTEM: Hotel Management System 1.0": [[0, 27]], "VULNERABILITY: Remote Code Execution (RCE)": [[79, 106]]}, "info": {"source": "exploitdb", "exploit_id": "50173"}}
{"text": "Hotel Management System 1.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Hotel Management System 1.0": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48888"}}
{"text": "Hotel Reservation System 1.0 - SQLi (Unauthenticated)", "spans": {"SYSTEM: Hotel Reservation System 1.0": [[0, 28]], "VULNERABILITY: SQLi": [[31, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50715"}}
{"text": "House Rental 1.0 - 'keywords' SQL Injection", "spans": {"SYSTEM: House Rental 1.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49117"}}
{"text": "HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: HRSALE 1.1.8": [[0, 12]], "VULNERABILITY: Cross-Site Request Forgery": [[15, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48205"}}
{"text": "Hrsale 2.0.0 - Local File Inclusion", "spans": {"SYSTEM: Hrsale 2.0.0": [[0, 12]], "VULNERABILITY: Local File Inclusion": [[15, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48920"}}
{"text": "htmlLawed 1.2.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: htmlLawed 1.2.5": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52023"}}
{"text": "HTMLy Version v2.9.6 - Stored XSS", "spans": {"SYSTEM: HTMLy Version v2.9.6": [[0, 20]], "VULNERABILITY: XSS": [[30, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51979"}}
{"text": "Human Resource Information System  0.1  - 'First Name' Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: Human Resource Information System  0.1": [[0, 38]], "VULNERABILITY: Persistent Cross-Site Scripting": [[55, 86]]}, "info": {"source": "exploitdb", "exploit_id": "49854"}}
{"text": "Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Human Resource Information System 0.1": [[0, 37]], "VULNERABILITY: Remote Code Execution": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49847"}}
{"text": "Human Resource Management System 1.0 - 'employeeid' SQL Injection", "spans": {"SYSTEM: Human Resource Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[52, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51877"}}
{"text": "Human Resource Management System 1.0 - SQL Injection (unauthenticated)", "spans": {"SYSTEM: Human Resource Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51125"}}
{"text": "Human Resource Management System v1.0 - Multiple SQLi", "spans": {"SYSTEM: Human Resource Management System v1.0": [[0, 37]], "VULNERABILITY: SQLi": [[49, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51971"}}
{"text": "Human Resources Management System v1.0 - Multiple SQLi", "spans": {"SYSTEM: Human Resources Management System v1.0": [[0, 38]], "VULNERABILITY: SQLi": [[50, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51047"}}
{"text": "Hyip Rio 2.1 - Arbitrary File Upload", "spans": {"SYSTEM: Hyip Rio 2.1": [[0, 12]], "VULNERABILITY: Arbitrary File Upload": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51698"}}
{"text": "i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion", "spans": {"SYSTEM: i-doit Open Source CMDB 1.14.1": [[0, 30]], "VULNERABILITY: Arbitrary File Deletion": [[33, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48427"}}
{"text": "i-Panel Administration System 2.0 - Reflected Cross-site Scripting (XSS)", "spans": {"SYSTEM: i-Panel Administration System 2.0": [[0, 33]], "VULNERABILITY: XSS": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50418"}}
{"text": "iBooking v1.0.8 - Arbitrary File Upload", "spans": {"SYSTEM: iBooking v1.0.8": [[0, 15]], "VULNERABILITY: Arbitrary File Upload": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51119"}}
{"text": "Ice HRM 26.2.0 - Cross-Site Request Forgery (Add User)", "spans": {"SYSTEM: Ice HRM 26.2.0": [[0, 14]], "VULNERABILITY: Cross-Site Request Forgery": [[17, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48082"}}
{"text": "ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: ICE Hrm 29.0.0.OS": [[0, 17]], "VULNERABILITY: CSRF": [[67, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50031"}}
{"text": "ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ICE Hrm 29.0.0.OS": [[0, 17]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[33, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50032"}}
{"text": "ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion", "spans": {"SYSTEM: ICEHRM 31.0.0.0S": [[0, 16]], "VULNERABILITY: CSRF": [[47, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50855"}}
{"text": "ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Takeover", "spans": {"SYSTEM: ICEHRM 31.0.0.0S": [[0, 16]], "VULNERABILITY: CSRF": [[47, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50831"}}
{"text": "IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: IceWarp WebMail 11.4.4.1": [[0, 24]], "VULNERABILITY: Cross-Site Scripting": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "47988"}}
{"text": "Icinga Web 2.10 - Arbitrary File Disclosure", "spans": {"SYSTEM: Icinga Web 2.10": [[0, 15]], "VULNERABILITY: Arbitrary File Disclosure": [[18, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51329"}}
{"text": "Icinga Web 2.10 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Icinga Web 2.10": [[0, 15]], "VULNERABILITY: Authenticated Remote Code Execution": [[18, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51586"}}
{"text": "IFSC Code Finder Project 1.0 - SQL injection (Unauthenticated)", "spans": {"SYSTEM: IFSC Code Finder Project 1.0": [[0, 28]], "VULNERABILITY: SQL injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50391"}}
{"text": "iMLog < 1.307 - Persistent Cross Site Scripting (XSS)", "spans": {"SYSTEM: iMLog < 1.307": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52025"}}
{"text": "ImpressCMS 1.4.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: ImpressCMS 1.4.2": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50839"}}
{"text": "ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: ImpressCMS 1.4.2": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50298"}}
{"text": "ImpressCMS v1.4.3 - Authenticated SQL Injection", "spans": {"SYSTEM: ImpressCMS v1.4.3": [[0, 17]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51056"}}
{"text": "ImpressCMS v1.4.4 - Unrestricted File Upload", "spans": {"SYSTEM: ImpressCMS v1.4.4": [[0, 17]], "VULNERABILITY: Unrestricted File Upload": [[20, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50890"}}
{"text": "Infor Storefront B2B 1.0 - 'usr_name' SQL Injection", "spans": {"SYSTEM: Infor Storefront B2B 1.0": [[0, 24]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48674"}}
{"text": "InoERP 0.7.2 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: InoERP 0.7.2": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48946"}}
{"text": "Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Insurance Management System PHP and MySQL 1.0": [[0, 45]], "VULNERABILITY: XSS": [[64, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51920"}}
{"text": "Intern Record System v1.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Intern Record System v1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[28, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51274"}}
{"text": "Internship Portal Management System 1.0 - Remote Code Execution(Unauthenticated)", "spans": {"SYSTEM: Internship Portal Management System 1.0": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49823"}}
{"text": "Interview Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Interview Management System 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49279"}}
{"text": "Interview Management System 1.0 - Stored XSS in Add New Question", "spans": {"SYSTEM: Interview Management System 1.0": [[0, 31]], "VULNERABILITY: XSS": [[41, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49278"}}
{"text": "Inventio Lite 4 - SQL Injection", "spans": {"SYSTEM: Inventio Lite 4": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "52263"}}
{"text": "Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Invoice System 1.0": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[32, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50121"}}
{"text": "itech TrainSmart r1044 - SQL injection", "spans": {"SYSTEM: itech TrainSmart r1044": [[0, 22]], "VULNERABILITY: SQL injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51253"}}
{"text": "Jasmin Ransomware - SQL Injection Login Bypass", "spans": {"SYSTEM: Jasmin Ransomware": [[0, 17]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "52091"}}
{"text": "Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls", "spans": {"SYSTEM: Jedox 2020.2.5": [[0, 14]], "VULNERABILITY: Disclosure of Database Credentials via Improper Access Controls": [[17, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51428"}}
{"text": "Jedox 2020.2.5 - Remote Code Execution via Configurable Storage Path", "spans": {"SYSTEM: Jedox 2020.2.5": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51426"}}
{"text": "Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts", "spans": {"SYSTEM: Jedox 2020.2.5": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51427"}}
{"text": "Jedox 2020.2.5 - Stored Cross-Site Scripting in Log-Module", "spans": {"SYSTEM: Jedox 2020.2.5": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51425"}}
{"text": "Jedox 2022.4.2 - Code Execution via RPC Interfaces", "spans": {"SYSTEM: Jedox 2022.4.2": [[0, 14]], "VULNERABILITY: Code Execution via RPC Interfaces": [[17, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51423"}}
{"text": "Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks", "spans": {"SYSTEM: Jedox 2022.4.2": [[0, 14]], "VULNERABILITY: Disclosure of Database Credentials via Connection Checks": [[17, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51429"}}
{"text": "Jedox 2022.4.2 - Remote Code Execution via Directory Traversal", "spans": {"SYSTEM: Jedox 2022.4.2": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51424"}}
{"text": "Jetpack 11.4 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Jetpack 11.4": [[0, 12]], "VULNERABILITY: Cross Site Scripting": [[15, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51104"}}
{"text": "JFrog Artifactory < 7.25.4 - Blind SQL Injection", "spans": {"SYSTEM: JFrog Artifactory < 7.25.4": [[0, 26]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51806"}}
{"text": "jizhi CMS 1.6.7 - Arbitrary File Download", "spans": {"SYSTEM: jizhi CMS 1.6.7": [[0, 15]], "VULNERABILITY: Arbitrary File Download": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48361"}}
{"text": "JLex GuestBook 1.6.4 - Reflected XSS", "spans": {"SYSTEM: JLex GuestBook 1.6.4": [[0, 20]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51647"}}
{"text": "Job Portal 1.0 - File Upload Restriction Bypass", "spans": {"SYSTEM: Job Portal 1.0": [[0, 14]], "VULNERABILITY: File Upload": [[17, 28]]}, "info": {"source": "exploitdb", "exploit_id": "51440"}}
{"text": "Job Portal 1.0 - Remote Code Execution", "spans": {"SYSTEM: Job Portal 1.0": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "47881"}}
{"text": "Jobpilot v2.61 - SQL Injection", "spans": {"SYSTEM: Jobpilot v2.61": [[0, 14]], "VULNERABILITY: SQL Injection": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51527"}}
{"text": "Joomla HikaShop 4.7.4 - Reflected XSS", "spans": {"SYSTEM: Joomla HikaShop 4.7.4": [[0, 21]], "VULNERABILITY: XSS": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51629"}}
{"text": "Joomla iProperty Real Estate 4.1.1 - Reflected XSS", "spans": {"SYSTEM: Joomla iProperty Real Estate 4.1.1": [[0, 34]], "VULNERABILITY: XSS": [[47, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51640"}}
{"text": "Joomla JCK Editor 6.4.4 - 'parent' SQL Injection (2)", "spans": {"SYSTEM: Joomla JCK Editor 6.4.4": [[0, 23]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49627"}}
{"text": "Joomla JLex Review 6.0.1 - Reflected XSS", "spans": {"SYSTEM: Joomla JLex Review 6.0.1": [[0, 24]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51645"}}
{"text": "Joomla JS Jobs plugin 1.4.2 - SQL injection", "spans": {"SYSTEM: Joomla JS Jobs plugin 1.4.2": [[0, 27]], "VULNERABILITY: SQL injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52373"}}
{"text": "Joomla Plugin SexyPolling 2.1.7 - SQLi", "spans": {"SYSTEM: Joomla Plugin SexyPolling 2.1.7": [[0, 31]], "VULNERABILITY: SQLi": [[34, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50927"}}
{"text": "Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 - Multiple Vulnerabilities", "spans": {"SYSTEM: Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3": [[0, 56]], "VULNERABILITY: Multiple Vulnerabilities": [[59, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49064"}}
{"text": "Joomla Solidres 2.13.3 - Reflected XSS", "spans": {"SYSTEM: Joomla Solidres 2.13.3": [[0, 22]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51638"}}
{"text": "Joomla VirtueMart Shopping Cart 4.0.12 - Reflected XSS", "spans": {"SYSTEM: Joomla VirtueMart Shopping Cart 4.0.12": [[0, 38]], "VULNERABILITY: XSS": [[51, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51631"}}
{"text": "Joomla! 3.9.0 < 3.9.7 - CSV Injection", "spans": {"SYSTEM: Joomla! 3.9.0 < 3.9.7": [[0, 21]], "VULNERABILITY: CSV Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48198"}}
{"text": "Joomla! Component ACYMAILING 3.9.0 - Unauthenticated Arbitrary File Upload", "spans": {"SYSTEM: Joomla! Component ACYMAILING 3.9.0": [[0, 34]], "VULNERABILITY: Arbitrary File Upload": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48230"}}
{"text": "Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection", "spans": {"SYSTEM: Joomla! Component com_newsfeeds 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48202"}}
{"text": "Joomla! Component GMapFP 3.30 - Arbitrary File Upload", "spans": {"SYSTEM: Joomla! Component GMapFP 3.30": [[0, 29]], "VULNERABILITY: Arbitrary File Upload": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48248"}}
{"text": "Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload", "spans": {"SYSTEM: Joomla! Component GMapFP 3.5": [[0, 28]], "VULNERABILITY: Arbitrary File Upload": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49129"}}
{"text": "Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)", "spans": {"SYSTEM: Joomla! com_booking component 2.4.9": [[0, 35]], "VULNERABILITY: Information Leak": [[38, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51595"}}
{"text": "Joomla! com_fabrik 3.9.11 - Directory Traversal", "spans": {"SYSTEM: Joomla! com_fabrik 3.9.11": [[0, 25]], "VULNERABILITY: Directory Traversal": [[28, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48263"}}
{"text": "Joomla! com_hdwplayer 4.2 - 'search.php' SQL Injection", "spans": {"SYSTEM: Joomla! com_hdwplayer 4.2": [[0, 25]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48242"}}
{"text": "Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection", "spans": {"SYSTEM: Joomla! J2 JOBS 1.3.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48648"}}
{"text": "Joomla! J2 Store 3.3.11 - 'filter_order_Dir' Authenticated SQL Injection", "spans": {"SYSTEM: Joomla! J2 Store 3.3.11": [[0, 23]], "VULNERABILITY: SQL Injection": [[59, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48572"}}
{"text": "Joomla! paGO Commerce 2.5.9.0 - SQL Injection (Authenticated)", "spans": {"SYSTEM: Joomla! paGO Commerce 2.5.9.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48811"}}
{"text": "Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion (Authenticated)", "spans": {"SYSTEM: Joomla! Plugin XCloner Backup 3.5.3": [[0, 35]], "VULNERABILITY: Local File Inclusion": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48518"}}
{"text": "Joomla! v4.2.8 - Unauthenticated information disclosure", "spans": {"SYSTEM: Joomla! v4.2.8": [[0, 14]], "VULNERABILITY: Unauthenticated information disclosure": [[17, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51334"}}
{"text": "Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure", "spans": {"SYSTEM: Jorani v1.0.3-(c)2014-2023": [[0, 26]], "VULNERABILITY: Information Disclosure": [[45, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51715"}}
{"text": "Judging Management System v1.0 - Authentication Bypass", "spans": {"SYSTEM: Judging Management System v1.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51165"}}
{"text": "Judging Management System v1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Judging Management System v1.0": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51164"}}
{"text": "Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)", "spans": {"SYSTEM: Juniper-SRX-Firewalls&EX-switches": [[0, 33]], "VULNERABILITY: RCE": [[45, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51776"}}
{"text": "JUX Real Estate 3.4.0 - SQL Injection", "spans": {"SYSTEM: JUX Real Estate 3.4.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52089"}}
{"text": "Karakuzu ERP Management Web 5.7.0 - 'k_adi_duz' SQL Injection", "spans": {"SYSTEM: Karakuzu ERP Management Web 5.7.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "47844"}}
{"text": "Kentico CMS 9.0-12.0.49 - Persistent Cross Site Scripting", "spans": {"SYSTEM: Kentico CMS 9.0-12.0.49": [[0, 23]], "VULNERABILITY: Cross Site Scripting": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48864"}}
{"text": "Kimai 1.14 - CSV Injection", "spans": {"SYSTEM: Kimai 1.14": [[0, 10]], "VULNERABILITY: CSV Injection": [[13, 26]]}, "info": {"source": "exploitdb", "exploit_id": "49805"}}
{"text": "Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking", "spans": {"SYSTEM: Kimai-1.30.10": [[0, 13]], "VULNERABILITY: SameSite Cookie-Vulnerability session hijacking": [[16, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51278"}}
{"text": "Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Kirby CMS 3.5.3.1": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[27, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49808"}}
{"text": "KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection", "spans": {"SYSTEM: KiviCare Clinic & Patient Management System (EHR) 3.6.4": [[0, 55]], "VULNERABILITY: SQL Injection": [[74, 87]]}, "info": {"source": "exploitdb", "exploit_id": "52265"}}
{"text": "kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition", "spans": {"SYSTEM: kk Star Ratings < 5.4.6": [[0, 23]], "VULNERABILITY: Rating Tampering via Race Condition": [[26, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51859"}}
{"text": "KLiK Social Media Website 1.0 - 'Multiple' SQLi", "spans": {"SYSTEM: KLiK Social Media Website 1.0": [[0, 29]], "VULNERABILITY: SQLi": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50851"}}
{"text": "Klog Server 2.4.1 - Command Injection (Authenticated)", "spans": {"SYSTEM: Klog Server 2.4.1": [[0, 17]], "VULNERABILITY: Command Injection": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49511"}}
{"text": "Klog Server 2.4.1 - Command Injection (Unauthenticated)", "spans": {"SYSTEM: Klog Server 2.4.1": [[0, 17]], "VULNERABILITY: Command Injection": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49366"}}
{"text": "Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit)", "spans": {"SYSTEM: Klog Server 2.4.1": [[0, 17]], "VULNERABILITY: Command Injection": [[36, 53]], "TOOL: Metasploit": [[55, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49474"}}
{"text": "Kmaleon 1.1.0.205 - 'tipocomb' SQL Injection (Authenticated)", "spans": {"SYSTEM: Kmaleon 1.1.0.205": [[0, 17]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50499"}}
{"text": "KodExplorer 4.49 - CSRF to Arbitrary File Upload", "spans": {"SYSTEM: KodExplorer 4.49": [[0, 16]], "VULNERABILITY: Arbitrary File Upload": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51388"}}
{"text": "KodExplorer 4.52 - Open Redirect", "spans": {"SYSTEM: KodExplorer 4.52": [[0, 16]], "VULNERABILITY: Open Redirect": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "52245"}}
{"text": "KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution (RCE)", "spans": {"SYSTEM: KodExplorer v4.51.03 - Pwned-Admin File-Inclusion": [[0, 49]], "VULNERABILITY: Remote Code Execution (RCE)": [[52, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51419"}}
{"text": "Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: Koken CMS 0.22.24": [[0, 17]], "VULNERABILITY: Arbitrary File Upload": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48706"}}
{"text": "Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Kuicms PHP EE 2.0": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48526"}}
{"text": "Landa Driving School Management System 2.0.1 - Arbitrary File Upload", "spans": {"SYSTEM: Landa Driving School Management System 2.0.1": [[0, 44]], "VULNERABILITY: Arbitrary File Upload": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50681"}}
{"text": "Laravel 8.4.2 debug mode - Remote code execution", "spans": {"SYSTEM: Laravel 8.4.2 debug mode": [[0, 24]], "VULNERABILITY: Remote code execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49424"}}
{"text": "Laravel Administrator 4 - Unrestricted File Upload (Authenticated)", "spans": {"SYSTEM: Laravel Administrator 4": [[0, 23]], "VULNERABILITY: Unrestricted File Upload": [[26, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49112"}}
{"text": "Laravel Framework 11 - Credential Leakage", "spans": {"SYSTEM: Laravel Framework 11": [[0, 20]], "VULNERABILITY: Credential Leakage": [[23, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52000"}}
{"text": "Laravel Nova 3.7.0 - 'range' DoS", "spans": {"SYSTEM: Laravel Nova 3.7.0": [[0, 18]], "VULNERABILITY: DoS": [[29, 32]]}, "info": {"source": "exploitdb", "exploit_id": "49198"}}
{"text": "Laravel Pulse 1.3.1 - Arbitrary Code Injection", "spans": {"SYSTEM: Laravel Pulse 1.3.1": [[0, 19]], "VULNERABILITY: Code Injection": [[32, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52319"}}
{"text": "Laundry Booking Management System 1.0 - 'Multiple' SQL Injection", "spans": {"SYSTEM: Laundry Booking Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50219"}}
{"text": "Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Laundry Booking Management System 1.0": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[51, 84]]}, "info": {"source": "exploitdb", "exploit_id": "50220"}}
{"text": "Laundry Booking Management System 1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Laundry Booking Management System 1.0": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50556"}}
{"text": "Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal", "spans": {"SYSTEM: Lavalite v9.0.0": [[0, 15]], "VULNERABILITY: XSRF-TOKEN cookie File path traversal": [[18, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51050"}}
{"text": "LayerBB 1.1.4 - 'search_query' SQL Injection", "spans": {"SYSTEM: LayerBB 1.1.4": [[0, 13]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49593"}}
{"text": "LDAP Tool Box Self Service Password v1.5.2 -  Account takeover", "spans": {"SYSTEM: LDAP Tool Box Self Service Password v1.5.2": [[0, 42]], "VULNERABILITY: Account takeover": [[46, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51275"}}
{"text": "LeadPro CRM v1.0 - SQL Injection", "spans": {"SYSTEM: LeadPro CRM v1.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51471"}}
{"text": "Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Leafpub 1.1.9": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52014"}}
{"text": "LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection", "spans": {"SYSTEM: LearnPress WordPress LMS Plugin 4.2.7": [[0, 37]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52171"}}
{"text": "LEPTON CMS 4.7.0 - 'URL' Persistent Cross-Site Scripting", "spans": {"SYSTEM: LEPTON CMS 4.7.0": [[0, 16]], "VULNERABILITY: Persistent Cross-Site Scripting": [[25, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49137"}}
{"text": "LeptonCMS 4.5.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: LeptonCMS 4.5.0": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48250"}}
{"text": "LeptonCMS 7.0.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: LeptonCMS 7.0.0": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51949"}}
{"text": "Library CMS Powerful Book Management System 2.2.0 - Session Fixation", "spans": {"SYSTEM: Library CMS Powerful Book Management System 2.2.0": [[0, 49]], "VULNERABILITY: Session Fixation": [[52, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48374"}}
{"text": "Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Library Management System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[49, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50300"}}
{"text": "Library Management System 2.0 - Auth Bypass SQL Injection", "spans": {"SYSTEM: Library Management System 2.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49230"}}
{"text": "Library Management System 3.0 - _Add Category_ Stored XSS", "spans": {"SYSTEM: Library Management System 3.0": [[0, 29]], "VULNERABILITY: XSS": [[54, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49315"}}
{"text": "Library System 1.0 - 'category' SQL Injection", "spans": {"SYSTEM: Library System 1.0": [[0, 18]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49471"}}
{"text": "Library System 1.0 - 'student_id' SQL injection (Authenticated)", "spans": {"SYSTEM: Library System 1.0": [[0, 18]], "VULNERABILITY: SQL injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50334"}}
{"text": "Library System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Library System 1.0": [[0, 18]], "VULNERABILITY: Authentication Bypass": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49462"}}
{"text": "Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Library System in PHP 1.0": [[0, 25]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[45, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50625"}}
{"text": "LibreHealth 2.0.0 - Authenticated Remote Code Execution", "spans": {"SYSTEM: LibreHealth 2.0.0": [[0, 17]], "VULNERABILITY: Authenticated Remote Code Execution": [[20, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48702"}}
{"text": "Life Insurance Management System 1.0 - 'client_id' SQL Injection", "spans": {"SYSTEM: Life Insurance Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49439"}}
{"text": "Life Insurance Management System 1.0 - File Upload RCE (Authenticated)", "spans": {"SYSTEM: Life Insurance Management System 1.0": [[0, 36]], "VULNERABILITY: RCE": [[51, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49440"}}
{"text": "Life Insurance Management System 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Life Insurance Management System 1.0": [[0, 36]], "VULNERABILITY: XSS": [[55, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49395"}}
{"text": "Lightweight facebook-styled blog 1.3 - Remote Code Execution (RCE) (Authenticated) (Metasploit)", "spans": {"SYSTEM: Lightweight facebook-styled blog 1.3": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]], "TOOL: Metasploit": [[84, 94]]}, "info": {"source": "exploitdb", "exploit_id": "50064"}}
{"text": "Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Lilac-Reloaded for Nagios 2.0.8": [[0, 31]], "VULNERABILITY: Remote Code Execution (RCE)": [[34, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51374"}}
{"text": "LimeSurvey 4.1.11 - 'File Manager' Path Traversal", "spans": {"SYSTEM: LimeSurvey 4.1.11": [[0, 17]], "VULNERABILITY: Path Traversal": [[35, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48297"}}
{"text": "LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting", "spans": {"SYSTEM: LimeSurvey 4.1.11": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[39, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48523"}}
{"text": "LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting", "spans": {"SYSTEM: LimeSurvey 4.1.11": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48289"}}
{"text": "LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting", "spans": {"SYSTEM: LimeSurvey 4.3.10": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48762"}}
{"text": "LimeSurvey 5.2.4 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: LimeSurvey 5.2.4": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50573"}}
{"text": "LimeSurvey Community 5.3.32 - Stored XSS", "spans": {"SYSTEM: LimeSurvey Community 5.3.32": [[0, 27]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51926"}}
{"text": "Limo Booking Software v1.0 - CORS", "spans": {"SYSTEM: Limo Booking Software v1.0": [[0, 26]], "VULNERABILITY: CORS": [[29, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51744"}}
{"text": "Litespeed Cache 6.5.0.1 - Authentication Bypass", "spans": {"SYSTEM: Litespeed Cache 6.5.0.1": [[0, 23]], "VULNERABILITY: Authentication Bypass": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52099"}}
{"text": "Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation", "spans": {"SYSTEM: Litespeed Cache WordPress Plugin 6.3.0.1": [[0, 40]], "VULNERABILITY: Privilege Escalation": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "52328"}}
{"text": "LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)", "spans": {"SYSTEM: LiteSpeed Web Server Enterprise 5.4.11": [[0, 38]], "VULNERABILITY: Command Injection": [[41, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49523"}}
{"text": "LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field", "spans": {"SYSTEM: LiveHelperChat 4.61": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52381"}}
{"text": "LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field", "spans": {"SYSTEM: LiveHelperChat 4.61": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52378"}}
{"text": "LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname", "spans": {"SYSTEM: LiveHelperChat 4.61": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52377"}}
{"text": "LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Personal Canned Messages", "spans": {"SYSTEM: LiveHelperChat 4.61": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52379"}}
{"text": "LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username", "spans": {"SYSTEM: LiveHelperChat 4.61": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52376"}}
{"text": "LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function", "spans": {"SYSTEM: LiveHelperChat 4.61": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52380"}}
{"text": "liveSite Version 2019.1 - Remote Code Execution", "spans": {"SYSTEM: liveSite Version 2019.1": [[0, 23]], "VULNERABILITY: Remote Code Execution": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51936"}}
{"text": "LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS", "spans": {"SYSTEM: LiveZilla Server 8.0.1.0": [[0, 24]], "VULNERABILITY: XSS": [[55, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49669"}}
{"text": "Loaded Commerce 6.6 - Client-Side Template Injection(CSTI)", "spans": {"SYSTEM: Loaded Commerce 6.6": [[0, 19]], "VULNERABILITY: Client-Side Template Injection": [[22, 52]]}, "info": {"source": "exploitdb", "exploit_id": "52084"}}
{"text": "Loan Management System 1.0 - Multiple Cross Site Scripting (Stored)", "spans": {"SYSTEM: Loan Management System 1.0": [[0, 26]], "VULNERABILITY: Cross Site Scripting": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48909"}}
{"text": "Loan Management System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Loan Management System 1.0": [[0, 26]], "VULNERABILITY: Authentication Bypass": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50402"}}
{"text": "Local Services Search Engine Management System (LSSMES) 1.0 - 'name' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Local Services Search Engine Management System (LSSMES) 1.0": [[0, 59]], "VULNERABILITY: Persistent Cross-Site Scripting": [[69, 100]]}, "info": {"source": "exploitdb", "exploit_id": "49609"}}
{"text": "Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)", "spans": {"SYSTEM: Local Services Search Engine Management System (LSSMES) 1.0": [[0, 59]], "VULNERABILITY: SQL injection": [[82, 95]]}, "info": {"source": "exploitdb", "exploit_id": "49610"}}
{"text": "Lodging Reservation Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Lodging Reservation Management System 1.0": [[0, 41]], "VULNERABILITY: Authentication Bypass": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50372"}}
{"text": "Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over", "spans": {"SYSTEM: Lost and Found Information System v1.0": [[0, 38]], "VULNERABILITY: IDOR": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51795"}}
{"text": "Lost and Found Information System v1.0 - SQL Injection", "spans": {"SYSTEM: Lost and Found Information System v1.0": [[0, 38]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51570"}}
{"text": "Lot Reservation Management System - Unauthenticated File Disclosure", "spans": {"SYSTEM: Lot Reservation Management System": [[0, 33]], "VULNERABILITY: Unauthenticated File Disclosure": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51861"}}
{"text": "Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution", "spans": {"SYSTEM: Lot Reservation Management System": [[0, 33]], "VULNERABILITY: Remote Code Execution": [[68, 89]]}, "info": {"source": "exploitdb", "exploit_id": "51860"}}
{"text": "Lot Reservation Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Lot Reservation Management System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48934"}}
{"text": "Lot Reservation Management System 1.0 - Cross-Site Scripting (Stored)", "spans": {"SYSTEM: Lot Reservation Management System 1.0": [[0, 37]], "VULNERABILITY: Cross-Site Scripting": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48935"}}
{"text": "Lotus Core CMS 1.0.1 - Local File Inclusion", "spans": {"SYSTEM: Lotus Core CMS 1.0.1": [[0, 20]], "VULNERABILITY: Local File Inclusion": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "47985"}}
{"text": "m1k1o's Blog v.10 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: m1k1o's Blog v.10": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50943"}}
{"text": "Macs Framework 1.14f CMS - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Macs Framework 1.14f CMS": [[0, 24]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48325"}}
{"text": "Magento eCommerce CE v2.3.5-p2 - Blind SQLi", "spans": {"SYSTEM: Magento eCommerce CE v2.3.5-p2": [[0, 30]], "VULNERABILITY: SQLi": [[39, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50896"}}
{"text": "Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass", "spans": {"SYSTEM: Magento WooCommerce CardGate Payment Gateway 2.0.30": [[0, 51]], "VULNERABILITY: Payment Process Bypass": [[54, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48135"}}
{"text": "Magnolia CMS 6.2.19 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Magnolia CMS 6.2.19": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[22, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50976"}}
{"text": "MagpieRSS 0.72 - 'url' Command Injection", "spans": {"SYSTEM: MagpieRSS 0.72": [[0, 14]], "VULNERABILITY: Command Injection": [[23, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49643"}}
{"text": "Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Maian Support Helpdesk 4.3": [[0, 26]], "VULNERABILITY: Cross-Site Request Forgery": [[29, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48386"}}
{"text": "Maian-Cart 3.8 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Maian-Cart 3.8": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50394"}}
{"text": "Mantis Bug Tracker 2.24.3 - 'access' SQL Injection", "spans": {"SYSTEM: Mantis Bug Tracker 2.24.3": [[0, 25]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49340"}}
{"text": "Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Mantis Bug Tracker 2.3.0": [[0, 24]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48818"}}
{"text": "Mara CMS  7.5 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: Mara CMS  7.5": [[0, 13]], "VULNERABILITY: Cross-Site Scripting": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48777"}}
{"text": "Mara CMS 7.5 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Mara CMS 7.5": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48780"}}
{"text": "Mars Stealer 8.3 - Admin Account Takeover", "spans": {"SYSTEM: Mars Stealer 8.3": [[0, 16]], "VULNERABILITY: Admin Account Takeover": [[19, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51392"}}
{"text": "MedDream PACS Server 6.8.3.751 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: MedDream PACS Server 6.8.3.751": [[0, 30]], "VULNERABILITY: Remote Code Execution": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48853"}}
{"text": "MedDream PACS Server 6.8.3.751 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: MedDream PACS Server 6.8.3.751": [[0, 30]], "VULNERABILITY: Remote Code Execution": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48868"}}
{"text": "Media Library Assistant Wordpress Plugin - RCE and LFI", "spans": {"SYSTEM: Media Library Assistant Wordpress Plugin": [[0, 40]], "VULNERABILITY: RCE": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51737"}}
{"text": "Medical Center Portal Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Medical Center Portal Management System 1.0": [[0, 43]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49274"}}
{"text": "Medical Center Portal Management System 1.0 - 'login' SQL Injection", "spans": {"SYSTEM: Medical Center Portal Management System 1.0": [[0, 43]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49138"}}
{"text": "Medical Center Portal Management System 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Medical Center Portal Management System 1.0": [[0, 43]], "VULNERABILITY: XSS": [[62, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49236"}}
{"text": "Medicine Tracker System v1.0 - Sql Injection", "spans": {"SYSTEM: Medicine Tracker System v1.0": [[0, 28]], "VULNERABILITY: Sql Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51338"}}
{"text": "Member Login Script 3.3 - Client-side desync", "spans": {"SYSTEM: Member Login Script 3.3": [[0, 23]], "VULNERABILITY: Client-side desync": [[26, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51710"}}
{"text": "Men Salon Management System 1.0 - Multiple Vulnerabilities", "spans": {"SYSTEM: Men Salon Management System 1.0": [[0, 31]], "VULNERABILITY: Multiple Vulnerabilities": [[34, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50274"}}
{"text": "Men Salon Management System 1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Men Salon Management System 1.0": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50169"}}
{"text": "meterN v1.2.3 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: meterN v1.2.3": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50596"}}
{"text": "Metform Elementor Contact Form Builder v3.1.2 - Unauthenticated Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Metform Elementor Contact Form Builder v3.1.2": [[0, 45]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[64, 97]]}, "info": {"source": "exploitdb", "exploit_id": "51204"}}
{"text": "Microfinance Management System 1.0 - 'customer_number' SQLi", "spans": {"SYSTEM: Microfinance Management System 1.0": [[0, 34]], "VULNERABILITY: SQLi": [[55, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50891"}}
{"text": "Microweber 1.2.11 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Microweber 1.2.11": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50768"}}
{"text": "Microweber 2.0.15 - Stored XSS", "spans": {"SYSTEM: Microweber 2.0.15": [[0, 17]], "VULNERABILITY: XSS": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "52058"}}
{"text": "Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Microweber CMS 1.1.20": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49856"}}
{"text": "Microweber CMS 1.2.10 - Local File Inclusion (Authenticated) (Metasploit)", "spans": {"SYSTEM: Microweber CMS 1.2.10": [[0, 21]], "VULNERABILITY: Local File Inclusion": [[24, 44]], "TOOL: Metasploit": [[62, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50786"}}
{"text": "Microweber CMS 1.2.15 - Account Takeover", "spans": {"SYSTEM: Microweber CMS 1.2.15": [[0, 21]], "VULNERABILITY: Account Takeover": [[24, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50947"}}
{"text": "MiladWorkShop VIP System 1.0 - 'lang' SQL Injection", "spans": {"SYSTEM: MiladWorkShop VIP System 1.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48218"}}
{"text": "minewebcms 1.15.2 - Cross-site Scripting (XSS)", "spans": {"SYSTEM: minewebcms 1.15.2": [[0, 17]], "VULNERABILITY: XSS": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50853"}}
{"text": "MiniCMS 1.1 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: MiniCMS 1.1": [[0, 11]], "VULNERABILITY: Cross Site Scripting": [[14, 34]]}, "info": {"source": "exploitdb", "exploit_id": "52175"}}
{"text": "MiniCMS 1.10 - 'content box' Stored XSS", "spans": {"SYSTEM: MiniCMS 1.10": [[0, 12]], "VULNERABILITY: XSS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49193"}}
{"text": "MISP 2.4.171 - Stored XSS", "spans": {"SYSTEM: MISP 2.4.171": [[0, 12]], "VULNERABILITY: XSS": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "51780"}}
{"text": "Mobile Shop System v1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Mobile Shop System v1.0": [[0, 23]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48916"}}
{"text": "MobileDetect 2.8.31 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: MobileDetect 2.8.31": [[0, 19]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52454"}}
{"text": "MobileShop master v1.0 - SQL Injection Vuln.", "spans": {"SYSTEM: MobileShop master v1.0": [[0, 22]], "VULNERABILITY: SQL Injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51921"}}
{"text": "MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution", "spans": {"SYSTEM: MODX Revolution v2.8.3-pl": [[0, 25]], "VULNERABILITY: Authenticated Remote Code Execution": [[28, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51059"}}
{"text": "Money Transfer Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Money Transfer Management System 1.0": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50501"}}
{"text": "Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection", "spans": {"SYSTEM: Monitoring System (Dashboard) 1.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49639"}}
{"text": "Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)", "spans": {"SYSTEM: Monitoring System (Dashboard) 1.0": [[0, 33]], "VULNERABILITY: RCE": [[48, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49640"}}
{"text": "Monitorr 1.7.6m - Authorization Bypass", "spans": {"SYSTEM: Monitorr 1.7.6m": [[0, 15]], "VULNERABILITY: Authorization Bypass": [[18, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48981"}}
{"text": "Monitorr 1.7.6m - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Monitorr 1.7.6m": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48980"}}
{"text": "MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)", "spans": {"SYSTEM: MonoCMS Blog 1.0": [[0, 16]], "VULNERABILITY: Arbitrary File Deletion": [[19, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48848"}}
{"text": "Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Monstra 3.0.4": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51519"}}
{"text": "Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload", "spans": {"SYSTEM: Monstra CMS 3.0.4": [[0, 17]], "VULNERABILITY: Arbitrary File Upload": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48479"}}
{"text": "Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Monstra CMS 3.0.4": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49949"}}
{"text": "Monstra CMS 3.0.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Monstra CMS 3.0.4": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52038"}}
{"text": "Montiorr 1.7.6m - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Montiorr 1.7.6m": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49806"}}
{"text": "mooDating 1.2 - Reflected Cross-site scripting (XSS)", "spans": {"SYSTEM: mooDating 1.2": [[0, 13]], "VULNERABILITY: XSS": [[48, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51628"}}
{"text": "Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - _sort_ parameter", "spans": {"SYSTEM: Moodle 3.10.1": [[0, 13]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51984"}}
{"text": "Moodle 3.10.3 - 'label' Persistent Cross Site Scripting", "spans": {"SYSTEM: Moodle 3.10.3": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49714"}}
{"text": "Moodle 3.10.3 - 'url' Persistent Cross Site Scripting", "spans": {"SYSTEM: Moodle 3.10.3": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49797"}}
{"text": "Moodle 3.11.4  - SQL Injection", "spans": {"SYSTEM: Moodle 3.11.4": [[0, 13]], "VULNERABILITY: SQL Injection": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "50700"}}
{"text": "Moodle 3.11.5 - SQLi (Authenticated)", "spans": {"SYSTEM: Moodle 3.11.5": [[0, 13]], "VULNERABILITY: SQLi": [[16, 20]]}, "info": {"source": "exploitdb", "exploit_id": "50825"}}
{"text": "Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Moodle 3.6.1": [[0, 12]], "VULNERABILITY: Persistent Cross-Site Scripting": [[15, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49814"}}
{"text": "Moodle 3.8 - Unrestricted File Upload", "spans": {"SYSTEM: Moodle 3.8": [[0, 10]], "VULNERABILITY: Unrestricted File Upload": [[13, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49114"}}
{"text": "Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Moodle 3.9": [[0, 10]], "VULNERABILITY: Remote Code Execution (RCE)": [[13, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50180"}}
{"text": "Moodle 4.3 - Insecure Direct Object Reference", "spans": {"SYSTEM: Moodle 4.3": [[0, 10]], "VULNERABILITY: Insecure Direct Object Reference": [[13, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51820"}}
{"text": "Moodle LMS 4.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Moodle LMS 4.0": [[0, 14]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[17, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51115"}}
{"text": "mooSocial 3.1.8 - Reflected XSS", "spans": {"SYSTEM: mooSocial 3.1.8": [[0, 15]], "VULNERABILITY: XSS": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51670"}}
{"text": "MotoCMS Version 3.4.3 - SQL Injection", "spans": {"SYSTEM: MotoCMS Version 3.4.3": [[0, 21]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51504"}}
{"text": "MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection", "spans": {"SYSTEM: MOVEit Transfer 11.1.1": [[0, 22]], "VULNERABILITY: SQL Injection": [[49, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48316"}}
{"text": "Movie Rating System 1.0 - Broken Access Control (Admin Account Creation) (Unauthenticated)", "spans": {"SYSTEM: Movie Rating System 1.0": [[0, 23]], "VULNERABILITY: Broken Access Control": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50621"}}
{"text": "Movie Rating System 1.0 - SQLi to RCE (Unauthenticated)", "spans": {"SYSTEM: Movie Rating System 1.0": [[0, 23]], "VULNERABILITY: SQLi": [[26, 30]]}, "info": {"source": "exploitdb", "exploit_id": "50622"}}
{"text": "moziloCMS 2.0 - Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: moziloCMS 2.0": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48781"}}
{"text": "MoziloCMS 3.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: MoziloCMS 3.0": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "52096"}}
{"text": "MPC Sharj 3.11.1 - Arbitrary File Download", "spans": {"SYSTEM: MPC Sharj 3.11.1": [[0, 16]], "VULNERABILITY: Arbitrary File Download": [[19, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48433"}}
{"text": "mPDF 7.0 - Local File Inclusion", "spans": {"SYSTEM: mPDF 7.0": [[0, 8]], "VULNERABILITY: Local File Inclusion": [[11, 31]]}, "info": {"source": "exploitdb", "exploit_id": "50995"}}
{"text": "Mult-e-Cart Ultimate 2.4 - 'id' SQL Injection", "spans": {"SYSTEM: Mult-e-Cart Ultimate 2.4": [[0, 24]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50489"}}
{"text": "Multi Branch School Management System 3.5 - _Create Branch_ Stored XSS", "spans": {"SYSTEM: Multi Branch School Management System 3.5": [[0, 41]], "VULNERABILITY: XSS": [[67, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49316"}}
{"text": "Multi Restaurant Table Reservation System 1.0 - 'table_id' Unauthenticated SQL Injection", "spans": {"SYSTEM: Multi Restaurant Table Reservation System 1.0": [[0, 45]], "VULNERABILITY: SQL Injection": [[75, 88]]}, "info": {"source": "exploitdb", "exploit_id": "48984"}}
{"text": "Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS", "spans": {"SYSTEM: Multi Restaurant Table Reservation System 1.0": [[0, 45]], "VULNERABILITY: XSS": [[68, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49135"}}
{"text": "Multi-Vendor Online Groceries Management System 1.0 - 'id' Blind SQL Injection", "spans": {"SYSTEM: Multi-Vendor Online Groceries Management System 1.0": [[0, 51]], "VULNERABILITY: SQL Injection": [[65, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50739"}}
{"text": "Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution", "spans": {"SYSTEM: Multi-Vendor Online Groceries Management System 1.0": [[0, 51]], "VULNERABILITY: Remote Code Execution": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "51394"}}
{"text": "Music Gallery Site v1.0 - Broken Access Control", "spans": {"SYSTEM: Music Gallery Site v1.0": [[0, 23]], "VULNERABILITY: Broken Access Control": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51289"}}
{"text": "Music Gallery Site v1.0 - SQL Injection on  music_list.php", "spans": {"SYSTEM: Music Gallery Site v1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51288"}}
{"text": "Music Gallery Site v1.0 - SQL Injection on page Master.php", "spans": {"SYSTEM: Music Gallery Site v1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51291"}}
{"text": "Music Gallery Site v1.0 - SQL Injection on page view_music_details.php", "spans": {"SYSTEM: Music Gallery Site v1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51290"}}
{"text": "MyBB 1.8.25 - Chained Remote Command Execution", "spans": {"SYSTEM: MyBB 1.8.25": [[0, 11]], "VULNERABILITY: Remote Command Execution": [[22, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49696"}}
{"text": "MyBB 1.8.25 - Poll Vote Count SQL Injection", "spans": {"SYSTEM: MyBB 1.8.25": [[0, 11]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49699"}}
{"text": "MyBB 1.8.29 - MyBB 1.8.29 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: MyBB 1.8.29 - MyBB 1.8.29": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50924"}}
{"text": "MyBB 1.8.32 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: MyBB 1.8.32": [[0, 11]], "VULNERABILITY: Remote Code Execution (RCE)": [[14, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51213"}}
{"text": "MyBB Delete Account Plugin 1.4 - Cross-Site Scripting", "spans": {"SYSTEM: MyBB Delete Account Plugin 1.4": [[0, 30]], "VULNERABILITY: Cross-Site Scripting": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49500"}}
{"text": "myBB forums 1.8.26 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: myBB forums 1.8.26": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[21, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51136"}}
{"text": "MyBB Hide Thread Content Plugin 1.0 - Information Disclosure", "spans": {"SYSTEM: MyBB Hide Thread Content Plugin 1.0": [[0, 35]], "VULNERABILITY: Information Disclosure": [[38, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49496"}}
{"text": "MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting", "spans": {"SYSTEM: MyBB OUGC Feedback Plugin 1.8.22": [[0, 32]], "VULNERABILITY: Cross-Site Scripting": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49635"}}
{"text": "MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting", "spans": {"SYSTEM: MyBB Thread Redirect Plugin 0.2.1": [[0, 33]], "VULNERABILITY: Cross-Site Scripting": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49505"}}
{"text": "MyBB Timeline Plugin 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: MyBB Timeline Plugin 1.0": [[0, 24]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49467"}}
{"text": "MyBB Trending Widget Plugin 1.2 - Cross-Site Scripting", "spans": {"SYSTEM: MyBB Trending Widget Plugin 1.2": [[0, 31]], "VULNERABILITY: Cross-Site Scripting": [[34, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49504"}}
{"text": "Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution", "spans": {"SYSTEM: Nagios XI 5.6.12": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48640"}}
{"text": "Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Nagios XI 5.7.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[38, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48893"}}
{"text": "Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection", "spans": {"SYSTEM: Nagios XI 5.7.3": [[0, 15]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48894"}}
{"text": "Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)", "spans": {"SYSTEM: Nagios XI 5.7.3": [[0, 15]], "VULNERABILITY: Command Injection": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48959"}}
{"text": "Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection", "spans": {"SYSTEM: Nagios XI 5.7.3": [[0, 15]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48895"}}
{"text": "Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting", "spans": {"SYSTEM: Nagios XI 5.7.5": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49449"}}
{"text": "Nagios XI 5.7.X - Remote Code Execution RCE (Authenticated)", "spans": {"SYSTEM: Nagios XI 5.7.X": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49422"}}
{"text": "NagVis 1.9.33 - Arbitrary File Read", "spans": {"SYSTEM: NagVis 1.9.33": [[0, 13]], "VULNERABILITY: Arbitrary File Read": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "52229"}}
{"text": "NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: NanoCMS v0.4": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50997"}}
{"text": "Navigate CMS 2.8.7 - ''sidx' SQL Injection (Authenticated)", "spans": {"SYSTEM: Navigate CMS 2.8.7": [[0, 18]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48545"}}
{"text": "Navigate CMS 2.8.7 - Authenticated Directory Traversal", "spans": {"SYSTEM: Navigate CMS 2.8.7": [[0, 18]], "VULNERABILITY: Directory Traversal": [[35, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48550"}}
{"text": "Navigate CMS 2.8.7 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Navigate CMS 2.8.7": [[0, 18]], "VULNERABILITY: Cross-Site Request Forgery": [[21, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48548"}}
{"text": "Navigate CMS 2.9.4 - Server-Side Request Forgery (SSRF) (Authenticated)", "spans": {"SYSTEM: Navigate CMS 2.9.4": [[0, 18]], "VULNERABILITY: Server-Side Request Forgery (SSRF)": [[21, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50921"}}
{"text": "Neontext Wordpress Plugin - Stored XSS", "spans": {"SYSTEM: Neontext Wordpress Plugin": [[0, 25]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51858"}}
{"text": "Nettmp NNT 5.1 - SQLi Authentication Bypass", "spans": {"SYSTEM: Nettmp NNT 5.1": [[0, 14]], "VULNERABILITY: Authentication Bypass": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50627"}}
{"text": "News Portal v4.0 - SQL Injection (Unauthorized)", "spans": {"SYSTEM: News Portal v4.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51587"}}
{"text": "NEWS-BUZZ News Management System 1.0 - SQL Injection", "spans": {"SYSTEM: NEWS-BUZZ News Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "52174"}}
{"text": "NEX-Forms WordPress plugin < 7.9.7 - Authenticated SQLi", "spans": {"SYSTEM: NEX-Forms WordPress plugin < 7.9.7": [[0, 34]], "VULNERABILITY: SQLi": [[51, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51042"}}
{"text": "NotrinosERP 0.7 - Authenticated Blind SQL Injection", "spans": {"SYSTEM: NotrinosERP 0.7": [[0, 15]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51318"}}
{"text": "NukeViet VMS 4.4.00 - Cross-Site Request Forgery (Change Admin Password)", "spans": {"SYSTEM: NukeViet VMS 4.4.00": [[0, 19]], "VULNERABILITY: Cross-Site Request Forgery": [[22, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48489"}}
{"text": "Octeth Oempro 4.8 - 'CampaignID' SQL Injection", "spans": {"SYSTEM: Octeth Oempro 4.8": [[0, 17]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47967"}}
{"text": "October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)", "spans": {"SYSTEM: October CMS Build 465": [[0, 21]], "VULNERABILITY: Arbitrary File Read": [[24, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49045"}}
{"text": "October CMS v3.4.4 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: October CMS v3.4.4": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[21, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51630"}}
{"text": "Old Age Home Management System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Old Age Home Management System 1.0": [[0, 34]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50966"}}
{"text": "Online Admission System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Online Admission System 1.0": [[0, 27]], "VULNERABILITY: Remote Code Execution (RCE)": [[30, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50623"}}
{"text": "Online AgroCulture Farm Management System 1.0 - 'pid' SQL Injection", "spans": {"SYSTEM: Online AgroCulture Farm Management System 1.0": [[0, 45]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48440"}}
{"text": "Online AgroCulture Farm Management System 1.0 - 'uname' SQL Injection", "spans": {"SYSTEM: Online AgroCulture Farm Management System 1.0": [[0, 45]], "VULNERABILITY: SQL Injection": [[56, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48444"}}
{"text": "Online Appointment System V1.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Online Appointment System V1.0": [[0, 30]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51337"}}
{"text": "Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)", "spans": {"SYSTEM: Online Art gallery project 1.0": [[0, 30]], "VULNERABILITY: Arbitrary File Upload": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51524"}}
{"text": "Online Birth Certificate System 1.1 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Online Birth Certificate System 1.1": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50089"}}
{"text": "Online Book Store 1.0 - 'bookisbn' SQL Injection", "spans": {"SYSTEM: Online Book Store 1.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "47922"}}
{"text": "Online Book Store 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Online Book Store 1.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48775"}}
{"text": "Online Book Store 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Online Book Store 1.0": [[0, 21]], "VULNERABILITY: Arbitrary File Upload": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "47928"}}
{"text": "Online Book Store 1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Online Book Store 1.0": [[0, 21]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[24, 61]]}, "info": {"source": "exploitdb", "exploit_id": "47887"}}
{"text": "Online Bus Ticket Reservation 1.0 - SQL Injection", "spans": {"SYSTEM: Online Bus Ticket Reservation 1.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49212"}}
{"text": "Online Car Rental System 1.0 - Stored Cross Site Scripting", "spans": {"SYSTEM: Online Car Rental System 1.0": [[0, 28]], "VULNERABILITY: Stored Cross Site Scripting": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49546"}}
{"text": "Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Online Catering Reservation System 1.0": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49603"}}
{"text": "online Chatting System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: online Chatting System 1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48480"}}
{"text": "Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Online Clinic Management System 2.2": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[47, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51439"}}
{"text": "Online Clothing Store 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Online Clothing Store 1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48429"}}
{"text": "Online Clothing Store 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Online Clothing Store 1.0": [[0, 25]], "VULNERABILITY: Arbitrary File Upload": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48438"}}
{"text": "Online Clothing Store 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Online Clothing Store 1.0": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48426"}}
{"text": "Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Online Computer and Laptop Store 1.0": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51358"}}
{"text": "Online Course Registration 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Course Registration 1.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48559"}}
{"text": "Online Course Registration 1.0 - Blind Boolean-Based SQL Injection (Authenticated)", "spans": {"SYSTEM: Online Course Registration 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50440"}}
{"text": "Online Course Registration 1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Online Course Registration 1.0": [[0, 30]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[33, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48704"}}
{"text": "Online Course Registration 2.0 - Authentication Bypass", "spans": {"SYSTEM: Online Course Registration 2.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48385"}}
{"text": "Online Course Registration 2.0 - Remote Code Execution", "spans": {"SYSTEM: Online Course Registration 2.0": [[0, 30]], "VULNERABILITY: Remote Code Execution": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "47843"}}
{"text": "Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection", "spans": {"SYSTEM: Online Covid Vaccination Scheduler System 1.0": [[0, 45]], "VULNERABILITY: SQL Injection": [[76, 89]]}, "info": {"source": "exploitdb", "exploit_id": "50109"}}
{"text": "Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Online Covid Vaccination Scheduler System 1.0": [[0, 45]], "VULNERABILITY: Remote Code Execution": [[73, 94]]}, "info": {"source": "exploitdb", "exploit_id": "50114"}}
{"text": "Online Diagnostic Lab Management System 1.0 - Account Takeover (Unauthenticated)", "spans": {"SYSTEM: Online Diagnostic Lab Management System 1.0": [[0, 43]], "VULNERABILITY: Account Takeover": [[46, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50660"}}
{"text": "Online Diagnostic Lab Management System 1.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Diagnostic Lab Management System 1.0": [[0, 43]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50662"}}
{"text": "Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Online Diagnostic Lab Management System 1.0": [[0, 43]], "VULNERABILITY: Stored Cross Site Scripting": [[46, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50661"}}
{"text": "Online Diagnostic Lab Management System v1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Online Diagnostic Lab Management System v1.0": [[0, 44]], "VULNERABILITY: Remote Code Execution (RCE)": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "51045"}}
{"text": "Online Discussion Forum Site 1.0 - Remote Code Execution", "spans": {"SYSTEM: Online Discussion Forum Site 1.0": [[0, 32]], "VULNERABILITY: Remote Code Execution": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48512"}}
{"text": "Online Discussion Forum Site 1.0 - XSS in Messaging System", "spans": {"SYSTEM: Online Discussion Forum Site 1.0": [[0, 32]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48897"}}
{"text": "Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting", "spans": {"SYSTEM: Online DJ Booking Management System 1.0": [[0, 39]], "VULNERABILITY: Cross-Site Scripting": [[59, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50386"}}
{"text": "Online Doctor Appointment Booking System PHP and Mysql 1.0 - 'q' SQL Injection", "spans": {"SYSTEM: Online Doctor Appointment Booking System PHP and Mysql 1.0": [[0, 58]], "VULNERABILITY: SQL Injection": [[65, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49059"}}
{"text": "Online Doctor Appointment System 1.0 - 'Multiple' Stored XSS", "spans": {"SYSTEM: Online Doctor Appointment System 1.0": [[0, 36]], "VULNERABILITY: XSS": [[57, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49396"}}
{"text": "Online Documents Sharing Platform 1.0 - 'user' SQL Injection", "spans": {"SYSTEM: Online Documents Sharing Platform 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49447"}}
{"text": "Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Online Employees Work From Home Attendance System 1.0": [[0, 53]], "VULNERABILITY: Authentication Bypass": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50400"}}
{"text": "Online Enrollment Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Enrollment Management System 1.0": [[0, 39]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50399"}}
{"text": "Online Enrollment Management System in PHP and PayPal 1.0 - 'U_NAME' Stored Cross-Site Scripting", "spans": {"SYSTEM: Online Enrollment Management System in PHP and PayPal 1.0": [[0, 57]], "VULNERABILITY: Stored Cross-Site Scripting": [[69, 96]]}, "info": {"source": "exploitdb", "exploit_id": "50557"}}
{"text": "Online Event Booking and Reservation System 1.0 - 'reason' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Online Event Booking and Reservation System 1.0": [[0, 47]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[59, 92]]}, "info": {"source": "exploitdb", "exploit_id": "50450"}}
{"text": "Online Exam System With Timer 1.0  - 'email' SQL injection Auth Bypass", "spans": {"SYSTEM: Online Exam System With Timer 1.0": [[0, 33]], "VULNERABILITY: SQL injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49576"}}
{"text": "Online Examination System 1.0 - 'eid' SQL Injection", "spans": {"SYSTEM: Online Examination System 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48476"}}
{"text": "Online Examination System 1.0 - 'name' Stored Cross Site Scripting", "spans": {"SYSTEM: Online Examination System 1.0": [[0, 29]], "VULNERABILITY: Stored Cross Site Scripting": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48969"}}
{"text": "Online Examination System Project 1.0 - Cross-site request forgery (CSRF)", "spans": {"SYSTEM: Online Examination System Project 1.0": [[0, 37]], "VULNERABILITY: CSRF": [[68, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51511"}}
{"text": "Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Eyewear Shop 1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51246"}}
{"text": "Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Online Farm Management System 0.1.0": [[0, 35]], "VULNERABILITY: Persistent Cross-Site Scripting": [[38, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48673"}}
{"text": "Online Fire Reporting System OFRS  - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Online Fire Reporting System OFRS": [[0, 33]], "VULNERABILITY: Authentication Bypass": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51989"}}
{"text": "Online Food Ordering System 1.0 - Remote Code Execution", "spans": {"SYSTEM: Online Food Ordering System 1.0": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48827"}}
{"text": "Online Food Ordering System 2.0 -  Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Online Food Ordering System 2.0": [[0, 31]], "VULNERABILITY: Remote Code Execution (RCE)": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50305"}}
{"text": "Online Grading System 1.0 - 'uname' SQL Injection", "spans": {"SYSTEM: Online Grading System 1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49493"}}
{"text": "Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)", "spans": {"SYSTEM: Online Health Care System 1.0": [[0, 29]], "VULNERABILITY: Cross Site Scripting": [[41, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48945"}}
{"text": "Online Healthcare management system 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Healthcare management system 1.0": [[0, 39]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48482"}}
{"text": "Online Healthcare Patient Record Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Healthcare Patient Record Management System 1.0": [[0, 54]], "VULNERABILITY: Authentication Bypass": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48481"}}
{"text": "Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Hotel Booking In PHP 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51938"}}
{"text": "Online Hotel Reservation System 1.0 - 'description' Stored Cross-site Scripting", "spans": {"SYSTEM: Online Hotel Reservation System 1.0": [[0, 35]], "VULNERABILITY: Stored Cross-site Scripting": [[52, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49428"}}
{"text": "Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection", "spans": {"SYSTEM: Online Hotel Reservation System 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49429"}}
{"text": "Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)", "spans": {"SYSTEM: Online Hotel Reservation System 1.0": [[0, 35]], "VULNERABILITY: XSS": [[71, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50171"}}
{"text": "Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection", "spans": {"SYSTEM: Online Hotel Reservation System 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[58, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49431"}}
{"text": "Online Hotel Reservation System 1.0 - Admin Authentication Bypass", "spans": {"SYSTEM: Online Hotel Reservation System 1.0": [[0, 35]], "VULNERABILITY: Authentication Bypass": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49420"}}
{"text": "Online Hotel Reservation System 1.0 - Cross-site request forgery (CSRF)", "spans": {"SYSTEM: Online Hotel Reservation System 1.0": [[0, 35]], "VULNERABILITY: CSRF": [[66, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49430"}}
{"text": "Online ID Generator 1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Online ID Generator 1.0": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51728"}}
{"text": "Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass", "spans": {"SYSTEM: Online Internship Management System 1.0": [[0, 39]], "VULNERABILITY: SQL injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49564"}}
{"text": "Online Job Portal 1.0 - 'userid' SQL Injection", "spans": {"SYSTEM: Online Job Portal 1.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48976"}}
{"text": "Online Job Portal 1.0 - 'user_email' SQL Injection", "spans": {"SYSTEM: Online Job Portal 1.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48007"}}
{"text": "Online Job Portal 1.0 - Cross Site Request Forgery (Add User)", "spans": {"SYSTEM: Online Job Portal 1.0": [[0, 21]], "VULNERABILITY: Cross Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48016"}}
{"text": "Online Job Portal 1.0 - Cross Site Scripting (Stored)", "spans": {"SYSTEM: Online Job Portal 1.0": [[0, 21]], "VULNERABILITY: Cross Site Scripting": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48898"}}
{"text": "Online Job Portal 1.0 - Remote Code Execution", "spans": {"SYSTEM: Online Job Portal 1.0": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48012"}}
{"text": "Online Learning Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Online Learning Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49326"}}
{"text": "Online Learning Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Learning Management System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49324"}}
{"text": "Online Learning Management System 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Online Learning Management System 1.0": [[0, 37]], "VULNERABILITY: XSS": [[56, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49325"}}
{"text": "Online Learning Management System 1.0 - RCE (Authenticated)", "spans": {"SYSTEM: Online Learning Management System 1.0": [[0, 37]], "VULNERABILITY: RCE": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49365"}}
{"text": "Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass", "spans": {"SYSTEM: Online Learning System 2.0": [[0, 26]], "VULNERABILITY: Authentication Bypass": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50410"}}
{"text": "Online Learning System 2.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Online Learning System 2.0": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50526"}}
{"text": "Online Leave Management System 1.0 - Arbitrary File Upload to Shell (Unauthenticated)", "spans": {"SYSTEM: Online Leave Management System 1.0": [[0, 34]], "VULNERABILITY: Arbitrary File Upload": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50228"}}
{"text": "Online Library Management System 1.0 - 'Search' SQL Injection", "spans": {"SYSTEM: Online Library Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50053"}}
{"text": "Online Library Management System 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Online Library Management System 1.0": [[0, 36]], "VULNERABILITY: Arbitrary File Upload": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48928"}}
{"text": "Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Online Library Management System 1.0": [[0, 36]], "VULNERABILITY: Remote Code Execution": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50054"}}
{"text": "Online Magazine Management System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Online Magazine Management System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50561"}}
{"text": "Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2)", "spans": {"SYSTEM: Online Marriage Registration System (OMRS) 1.0": [[0, 46]], "VULNERABILITY: Remote Code Execution": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49260"}}
{"text": "Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)", "spans": {"SYSTEM: Online Marriage Registration System (OMRS) 1.0": [[0, 46]], "VULNERABILITY: Remote code execution": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49557"}}
{"text": "Online Marriage Registration System 1.0 - 'searchdata' SQL Injection", "spans": {"SYSTEM: Online Marriage Registration System 1.0": [[0, 39]], "VULNERABILITY: SQL Injection": [[55, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49307"}}
{"text": "Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Online Marriage Registration System 1.0": [[0, 39]], "VULNERABILITY: Persistent Cross-Site Scripting": [[42, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48522"}}
{"text": "Online Marriage Registration System 1.0 - Remote Code Execution (1)", "spans": {"SYSTEM: Online Marriage Registration System 1.0": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48552"}}
{"text": "Online Matrimonial Project 1.0 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Online Matrimonial Project 1.0": [[0, 30]], "VULNERABILITY: Authenticated Remote Code Execution": [[33, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49183"}}
{"text": "Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Motorcycle (Bike) Rental System 1.0": [[0, 42]], "VULNERABILITY: SQL Injection": [[62, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50429"}}
{"text": "Online Movie Streaming  1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Movie Streaming  1.0": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49356"}}
{"text": "Online Movie Streaming 1.0 - Admin Authentication Bypass", "spans": {"SYSTEM: Online Movie Streaming 1.0": [[0, 26]], "VULNERABILITY: Authentication Bypass": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49421"}}
{"text": "Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting", "spans": {"SYSTEM: Online News Portal 1.0": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49688"}}
{"text": "Online News Portal 1.0 - 'name' SQL Injection", "spans": {"SYSTEM: Online News Portal 1.0": [[0, 22]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49687"}}
{"text": "Online Nurse Hiring System 1.0 - Time-Based SQL Injection", "spans": {"SYSTEM: Online Nurse Hiring System 1.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51791"}}
{"text": "Online Ordering System 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Online Ordering System 1.0": [[0, 26]], "VULNERABILITY: Arbitrary File Upload": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49615"}}
{"text": "Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Ordering System 1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49618"}}
{"text": "Online Piggery Management System v1.0 - unauthenticated file upload vulnerability", "spans": {"SYSTEM: Online Piggery Management System v1.0": [[0, 37]], "VULNERABILITY: unauthenticated file upload vulnerability": [[40, 81]]}, "info": {"source": "exploitdb", "exploit_id": "51598"}}
{"text": "Online Pizza Ordering System v1.0 - Unauthenticated File Upload", "spans": {"SYSTEM: Online Pizza Ordering System v1.0": [[0, 33]], "VULNERABILITY: File Upload": [[52, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51431"}}
{"text": "Online Polling System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Polling System 1.0": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48671"}}
{"text": "Online Pre-owned/Used Car Showroom Management System 1.0 -  SQLi Authentication Bypass", "spans": {"SYSTEM: Online Pre-owned/Used Car Showroom Management System 1.0": [[0, 56]], "VULNERABILITY: Authentication Bypass": [[65, 86]]}, "info": {"source": "exploitdb", "exploit_id": "50560"}}
{"text": "Online Project Time Management System 1.0 - Multiple Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Online Project Time Management System 1.0": [[0, 41]], "VULNERABILITY: Stored Cross Site Scripting": [[53, 80]]}, "info": {"source": "exploitdb", "exploit_id": "50683"}}
{"text": "Online Project Time Management System 1.0 - SQLi (Authenticated)", "spans": {"SYSTEM: Online Project Time Management System 1.0": [[0, 41]], "VULNERABILITY: SQLi": [[44, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50682"}}
{"text": "Online Railway Reservation System 1.0 - 'id' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Railway Reservation System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50646"}}
{"text": "Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting (XSS) (Unauthenticated)", "spans": {"SYSTEM: Online Railway Reservation System 1.0": [[0, 37]], "VULNERABILITY: Stored Cross Site Scripting": [[51, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50649"}}
{"text": "Online Railway Reservation System 1.0 - Admin Account Creation (Unauthenticated)", "spans": {"SYSTEM: Online Railway Reservation System 1.0": [[0, 37]], "VULNERABILITY: Admin Account Creation": [[40, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50648"}}
{"text": "Online Railway Reservation System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Online Railway Reservation System 1.0": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50647"}}
{"text": "Online Resort Management System 1.0 - SQLi (Authenticated)", "spans": {"SYSTEM: Online Resort Management System 1.0": [[0, 35]], "VULNERABILITY: SQLi": [[38, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50666"}}
{"text": "Online Reviewer System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Online Reviewer System 1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50319"}}
{"text": "Online Scheduling System 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Online Scheduling System 1.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48419"}}
{"text": "Online Scheduling System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Scheduling System 1.0": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48409"}}
{"text": "Online Scheduling System 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Online Scheduling System 1.0": [[0, 28]], "VULNERABILITY: Persistent Cross-Site Scripting": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48403"}}
{"text": "Online Security Guards Hiring System 1.0 - Reflected XSS", "spans": {"SYSTEM: Online Security Guards Hiring System 1.0": [[0, 40]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51494"}}
{"text": "Online Shop Project 1.0 - 'p' SQL Injection", "spans": {"SYSTEM: Online Shop Project 1.0": [[0, 23]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48819"}}
{"text": "Online Shopping Alphaware 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Online Shopping Alphaware 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48771"}}
{"text": "Online Shopping Alphaware 1.0 - Authentication Bypass", "spans": {"SYSTEM: Online Shopping Alphaware 1.0": [[0, 29]], "VULNERABILITY: Authentication Bypass": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48725"}}
{"text": "Online Shopping Alphaware 1.0 - Error Based SQL injection", "spans": {"SYSTEM: Online Shopping Alphaware 1.0": [[0, 29]], "VULNERABILITY: SQL injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49131"}}
{"text": "Online Shopping Cart System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Online Shopping Cart System 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49423"}}
{"text": "Online Shopping Portal 3.1 - 'email' SQL Injection", "spans": {"SYSTEM: Online Shopping Portal 3.1": [[0, 26]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48647"}}
{"text": "Online Shopping Portal 3.1 - Authentication Bypass", "spans": {"SYSTEM: Online Shopping Portal 3.1": [[0, 26]], "VULNERABILITY: Authentication Bypass": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48631"}}
{"text": "Online Shopping Portal 3.1 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Online Shopping Portal 3.1": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50029"}}
{"text": "Online Shopping System Advanced - Sql Injection", "spans": {"SYSTEM: Online Shopping System Advanced": [[0, 31]], "VULNERABILITY: Sql Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51811"}}
{"text": "Online shopping system advanced 1.0 - 'p' SQL Injection", "spans": {"SYSTEM: Online shopping system advanced 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48383"}}
{"text": "Online shopping system advanced 1.0 - Multiple Vulnerabilities", "spans": {"SYSTEM: Online shopping system advanced 1.0": [[0, 35]], "VULNERABILITY: Multiple Vulnerabilities": [[38, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51103"}}
{"text": "Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)", "spans": {"SYSTEM: Online Student Enrollment System 1.0": [[0, 36]], "VULNERABILITY: Cross-Site Request Forgery": [[39, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48616"}}
{"text": "Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload", "spans": {"SYSTEM: Online Student Enrollment System 1.0": [[0, 36]], "VULNERABILITY: Arbitrary File Upload": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48610"}}
{"text": "Online Student's Management System 1.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Online Student's Management System 1.0": [[0, 38]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48896"}}
{"text": "Online Students Management System 1.0 - 'username' SQL Injections", "spans": {"SYSTEM: Online Students Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48870"}}
{"text": "Online Thesis Archiving System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Online Thesis Archiving System 1.0": [[0, 34]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50597"}}
{"text": "Online Thesis Archiving System v1.0 - Multiple-SQLi", "spans": {"SYSTEM: Online Thesis Archiving System v1.0": [[0, 35]], "VULNERABILITY: SQLi": [[47, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51521"}}
{"text": "Online Tours & Travels Management System 1.0 - _id_ SQL Injection", "spans": {"SYSTEM: Online Tours & Travels Management System 1.0": [[0, 44]], "VULNERABILITY: SQL Injection": [[52, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49277"}}
{"text": "Online Traffic Offense Management System 1.0 - 'id' SQL Injection (Authenticated)", "spans": {"SYSTEM: Online Traffic Offense Management System 1.0": [[0, 44]], "VULNERABILITY: SQL Injection": [[52, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50218"}}
{"text": "Online Traffic Offense Management System 1.0 - Multiple RCE (Unauthenticated)", "spans": {"SYSTEM: Online Traffic Offense Management System 1.0": [[0, 44]], "VULNERABILITY: RCE": [[56, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50389"}}
{"text": "Online Traffic Offense Management System 1.0 - Multiple SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Online Traffic Offense Management System 1.0": [[0, 44]], "VULNERABILITY: SQL Injection": [[56, 69]]}, "info": {"source": "exploitdb", "exploit_id": "50387"}}
{"text": "Online Traffic Offense Management System 1.0 - Multiple XSS (Unauthenticated)", "spans": {"SYSTEM: Online Traffic Offense Management System 1.0": [[0, 44]], "VULNERABILITY: XSS": [[56, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50388"}}
{"text": "Online Traffic Offense Management System 1.0 - Privilage escalation (Unauthenticated)", "spans": {"SYSTEM: Online Traffic Offense Management System 1.0": [[0, 44]], "VULNERABILITY: Privilage escalation": [[47, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50392"}}
{"text": "Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Online Traffic Offense Management System 1.0": [[0, 44]], "VULNERABILITY: Remote Code Execution (RCE)": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50221"}}
{"text": "Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection", "spans": {"SYSTEM: Online Veterinary Appointment System 1.0": [[0, 40]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50644"}}
{"text": "Online Voting System 1.0 - Authentication Bypass (SQLi)", "spans": {"SYSTEM: Online Voting System 1.0": [[0, 24]], "VULNERABILITY: Authentication Bypass": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50075"}}
{"text": "Online Voting System 1.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Online Voting System 1.0": [[0, 24]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50076"}}
{"text": "Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execution (RCE)", "spans": {"SYSTEM: Online Voting System 1.0": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[58, 85]]}, "info": {"source": "exploitdb", "exploit_id": "50088"}}
{"text": "Online-Exam-System 2015 - 'feedback' SQL Injection", "spans": {"SYSTEM: Online-Exam-System 2015": [[0, 23]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48560"}}
{"text": "Online-Exam-System 2015 - 'fid' SQL Injection", "spans": {"SYSTEM: Online-Exam-System 2015": [[0, 23]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48529"}}
{"text": "Online-Pizza-Ordering -1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Online-Pizza-Ordering -1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51344"}}
{"text": "Open Source Medicine Ordering System v1.0 - SQLi", "spans": {"SYSTEM: Open Source Medicine Ordering System v1.0": [[0, 41]], "VULNERABILITY: SQLi": [[44, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51974"}}
{"text": "Open Web Analytics 1.7.3 - Remote Code Execution", "spans": {"SYSTEM: Open Web Analytics 1.7.3": [[0, 24]], "VULNERABILITY: Remote Code Execution": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51026"}}
{"text": "Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: Open-AudIT 3.3.0": [[0, 16]], "VULNERABILITY: Cross-Site Scripting": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48516"}}
{"text": "Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Open-AudIT Community 4.2.0": [[0, 26]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[29, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50651"}}
{"text": "Open-AudIT Professional 3.3.1 - Remote Code Execution", "spans": {"SYSTEM: Open-AudIT Professional 3.3.1": [[0, 29]], "VULNERABILITY: Remote Code Execution": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48393"}}
{"text": "OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation", "spans": {"SYSTEM: OpenBMCS 2.4": [[0, 12]], "VULNERABILITY: Privilege Escalation": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50669"}}
{"text": "OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)", "spans": {"SYSTEM: OpenBMCS 2.4": [[0, 12]], "VULNERABILITY: CSRF": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50667"}}
{"text": "OpenBMCS 2.4 - Information Disclosure", "spans": {"SYSTEM: OpenBMCS 2.4": [[0, 12]], "VULNERABILITY: Information Disclosure": [[15, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50671"}}
{"text": "OpenBMCS 2.4 - Server Side Request Forgery (SSRF) (Unauthenticated)", "spans": {"SYSTEM: OpenBMCS 2.4": [[0, 12]], "VULNERABILITY: Server Side Request Forgery": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50670"}}
{"text": "OpenBMCS 2.4 - SQLi (Authenticated)", "spans": {"SYSTEM: OpenBMCS 2.4": [[0, 12]], "VULNERABILITY: SQLi": [[15, 19]]}, "info": {"source": "exploitdb", "exploit_id": "50668"}}
{"text": "Opencart 3 Extension TMD Vendor System - Blind SQL Injection", "spans": {"SYSTEM: Opencart 3 Extension TMD Vendor System": [[0, 38]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50493"}}
{"text": "OpenCart 3.0.3.2 - Stored Cross Site Scripting (Authenticated)", "spans": {"SYSTEM: OpenCart 3.0.3.2": [[0, 16]], "VULNERABILITY: Stored Cross Site Scripting": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48539"}}
{"text": "OpenCart 3.0.3.6 - 'Profile Image' Stored Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: OpenCart 3.0.3.6": [[0, 16]], "VULNERABILITY: Stored Cross-Site Scripting": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49098"}}
{"text": "OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting", "spans": {"SYSTEM: OpenCart 3.0.3.6": [[0, 16]], "VULNERABILITY: Stored Cross-Site Scripting": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49099"}}
{"text": "OpenCart 3.0.3.6 - Cross Site Request Forgery", "spans": {"SYSTEM: OpenCart 3.0.3.6": [[0, 16]], "VULNERABILITY: Cross Site Request Forgery": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49228"}}
{"text": "OpenCart 3.0.3.7 - 'Change Password' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: OpenCart 3.0.3.7": [[0, 16]], "VULNERABILITY: CSRF": [[65, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49970"}}
{"text": "opencart 3.0.3.8 - Sessjion Injection", "spans": {"SYSTEM: opencart 3.0.3.8": [[0, 16]], "VULNERABILITY: Sessjion Injection": [[19, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50555"}}
{"text": "OpenCart 3.0.36 - ATO via Cross Site Request Forgery", "spans": {"SYSTEM: OpenCart 3.0.36": [[0, 15]], "VULNERABILITY: ATO via Cross Site Request Forgery": [[18, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49407"}}
{"text": "OpenCart Core 4.0.2.3 - 'search' SQLi", "spans": {"SYSTEM: OpenCart Core 4.0.2.3": [[0, 21]], "VULNERABILITY: SQLi": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51940"}}
{"text": "OpenCart Theme Journal 3.1.0 - Sensitive Data Exposure", "spans": {"SYSTEM: OpenCart Theme Journal 3.1.0": [[0, 28]], "VULNERABILITY: Sensitive Data Exposure": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49044"}}
{"text": "OpenCart v3.x Newsletter Module - Blind SQLi", "spans": {"SYSTEM: OpenCart v3.x Newsletter Module": [[0, 31]], "VULNERABILITY: SQLi": [[40, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50942"}}
{"text": "OpenCATS 0.9.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: OpenCATS 0.9.4": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50585"}}
{"text": "OpenCats 0.9.4-2 - 'docx ' XML External Entity Injection (XXE)", "spans": {"SYSTEM: OpenCats 0.9.4-2": [[0, 16]], "VULNERABILITY: XML External Entity Injection": [[27, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50316"}}
{"text": "OpenClinic GA 5.247.01 - Information Disclosure", "spans": {"SYSTEM: OpenClinic GA 5.247.01": [[0, 22]], "VULNERABILITY: Information Disclosure": [[25, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51994"}}
{"text": "OpenClinic GA 5.247.01 - Path Traversal (Authenticated)", "spans": {"SYSTEM: OpenClinic GA 5.247.01": [[0, 22]], "VULNERABILITY: Path Traversal": [[25, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51995"}}
{"text": "OpenCMS 17.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: OpenCMS 17.0": [[0, 12]], "VULNERABILITY: Stored Cross Site Scripting": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52209"}}
{"text": "OpenEMR 4.1.0 - 'u' SQL Injection", "spans": {"SYSTEM: OpenEMR 4.1.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "49742"}}
{"text": "OpenEMR 5.0.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: OpenEMR 5.0.0": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49983"}}
{"text": "OpenEMR 5.0.1 - 'controller' Remote Code Execution", "spans": {"SYSTEM: OpenEMR 5.0.1": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48623"}}
{"text": "OpenEMR 5.0.1 - Remote Code Execution (1)", "spans": {"SYSTEM: OpenEMR 5.0.1": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48515"}}
{"text": "OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2)", "spans": {"SYSTEM: OpenEMR 5.0.1": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49486"}}
{"text": "OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)", "spans": {"SYSTEM: OpenEMR 5.0.1.3": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49998"}}
{"text": "OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated) (2)", "spans": {"SYSTEM: OpenEMR 5.0.1.3": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50122"}}
{"text": "OpenEMR 5.0.1.3 - Authentication Bypass", "spans": {"SYSTEM: OpenEMR 5.0.1.3": [[0, 15]], "VULNERABILITY: Authentication Bypass": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50017"}}
{"text": "OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated)", "spans": {"SYSTEM: OpenEMR 5.0.1.7": [[0, 15]], "VULNERABILITY: Path Traversal": [[29, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50037"}}
{"text": "OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated) (2)", "spans": {"SYSTEM: OpenEMR 5.0.1.7": [[0, 15]], "VULNERABILITY: Path Traversal": [[29, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50087"}}
{"text": "OpenEMR 5.0.2.1 - Remote Code Execution", "spans": {"SYSTEM: OpenEMR 5.0.2.1": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49784"}}
{"text": "OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: OpenEMR 6.0.0": [[0, 13]], "VULNERABILITY: Insecure Direct Object Reference": [[25, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50260"}}
{"text": "OpenEMR v7.0.1 - Authentication credentials brute force", "spans": {"SYSTEM: OpenEMR v7.0.1": [[0, 14]], "VULNERABILITY: Authentication credentials brute force": [[17, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51413"}}
{"text": "OpenRepeater 2.1 - OS Command Injection", "spans": {"SYSTEM: OpenRepeater 2.1": [[0, 16]], "VULNERABILITY: Command Injection": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52452"}}
{"text": "OpenSIS 8.0 'modname' - Directory Traversal", "spans": {"SYSTEM: OpenSIS 8.0 'modname'": [[0, 21]], "VULNERABILITY: Directory Traversal": [[24, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50259"}}
{"text": "OpenSIS 8.0 - 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: OpenSIS 8.0": [[0, 11]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[32, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50352"}}
{"text": "openSIS 9.1 - SQLi (Authenticated)", "spans": {"SYSTEM: openSIS 9.1": [[0, 11]], "VULNERABILITY: SQLi": [[14, 18]]}, "info": {"source": "exploitdb", "exploit_id": "52080"}}
{"text": "OpenSIS Community 8.0 - 'cp_id_miss_attn' SQL Injection", "spans": {"SYSTEM: OpenSIS Community 8.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50249"}}
{"text": "openSIS Community Edition 8.0 - SQL Injection", "spans": {"SYSTEM: openSIS Community Edition 8.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52447"}}
{"text": "openSIS Student Information System 8.0 - 'multiple' SQL Injection", "spans": {"SYSTEM: openSIS Student Information System 8.0": [[0, 38]], "VULNERABILITY: SQL Injection": [[52, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50637"}}
{"text": "OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: OpenZ ERP 3.6.60": [[0, 16]], "VULNERABILITY: Persistent Cross-Site Scripting": [[19, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48450"}}
{"text": "Oriol Espinal CMS 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Oriol Espinal CMS 1.0": [[0, 21]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48546"}}
{"text": "osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting", "spans": {"SYSTEM: osCommerce 2.3.4.1": [[0, 18]], "VULNERABILITY: Persistent Cross-Site Scripting": [[29, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49103"}}
{"text": "osCommerce 2.3.4.1 - Remote Code Execution (2)", "spans": {"SYSTEM: osCommerce 2.3.4.1": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50128"}}
{"text": "osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting", "spans": {"SYSTEM: osTicket 1.14.1": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48525"}}
{"text": "osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting", "spans": {"SYSTEM: osTicket 1.14.1": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48524"}}
{"text": "osTicket 1.14.1 - Persistent Authenticated Cross-Site Scripting", "spans": {"SYSTEM: osTicket 1.14.1": [[0, 15]], "VULNERABILITY: Cross-Site Scripting": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48413"}}
{"text": "osTicket 1.14.2 - SSRF", "spans": {"SYSTEM: osTicket 1.14.2": [[0, 15]], "VULNERABILITY: SSRF": [[18, 22]]}, "info": {"source": "exploitdb", "exploit_id": "49441"}}
{"text": "Ovidentia 6 - 'id' SQL injection (Authenticated)", "spans": {"SYSTEM: Ovidentia 6": [[0, 11]], "VULNERABILITY: SQL injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "49707"}}
{"text": "OVOO Movie Portal CMS v3.3.3 - SQL Injection", "spans": {"SYSTEM: OVOO Movie Portal CMS v3.3.3": [[0, 28]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51691"}}
{"text": "OXID eShop 6.3.4 - 'sorting' SQL Injection", "spans": {"SYSTEM: OXID eShop 6.3.4": [[0, 16]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48527"}}
{"text": "PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection", "spans": {"SYSTEM: PackWeb Formap E-learning 1.0": [[0, 29]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48024"}}
{"text": "Paid Memberships Pro  v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection", "spans": {"SYSTEM: Paid Memberships Pro  v2.9.8 (WordPress Plugin)": [[0, 47]], "VULNERABILITY: SQL Injection": [[66, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51235"}}
{"text": "Pandora 7.0NG - Remote Code Execution", "spans": {"SYSTEM: Pandora 7.0NG": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "47898"}}
{"text": "Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection (Authenticated)", "spans": {"SYSTEM: Pandora FMS 7.0 NG 749": [[0, 22]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49046"}}
{"text": "Pandora FMS 7.0 NG 749 - Multiple Persistent Cross-Site Scripting Vulnerabilities", "spans": {"SYSTEM: Pandora FMS 7.0 NG 749": [[0, 22]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49139"}}
{"text": "Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection (Authenticated)", "spans": {"SYSTEM: Pandora FMS 7.0 NG 750": [[0, 22]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49312"}}
{"text": "Pandora FMS 7.0NG - 'net_tools.php' Remote Code Execution", "spans": {"SYSTEM: Pandora FMS 7.0NG": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48280"}}
{"text": "Pandora FMS v7.0NG.742 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Pandora FMS v7.0NG.742": [[0, 22]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50961"}}
{"text": "PANDORAFMS 7.0 - Authenticated Remote Code Execution", "spans": {"SYSTEM: PANDORAFMS 7.0": [[0, 14]], "VULNERABILITY: Authenticated Remote Code Execution": [[17, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48064"}}
{"text": "PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: PandoraFMS 7.0 NG 746": [[0, 21]], "VULNERABILITY: Persistent Cross-Site Scripting": [[24, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48707"}}
{"text": "PandoraFMS 7.0NG.772 - SQL Injection", "spans": {"SYSTEM: PandoraFMS 7.0NG.772": [[0, 20]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52157"}}
{"text": "PandoraFMS NG747 7.0 - 'filename' Persistent Cross-Site Scripting", "spans": {"SYSTEM: PandoraFMS NG747 7.0": [[0, 20]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48700"}}
{"text": "Park Ticketing Management System 1.0  - 'viewid' SQL Injection", "spans": {"SYSTEM: Park Ticketing Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[49, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48662"}}
{"text": "Park Ticketing Management System 1.0  - Authentication Bypass", "spans": {"SYSTEM: Park Ticketing Management System 1.0": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48663"}}
{"text": "Park Ticketing Management System 1.0 - 'viewid' SQL Injection", "spans": {"SYSTEM: Park Ticketing Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49503"}}
{"text": "part-db 0.5.11 - Remote Code Execution (RCE)", "spans": {"SYSTEM: part-db 0.5.11": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50800"}}
{"text": "Patient Appointment Scheduler System 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Patient Appointment Scheduler System 1.0": [[0, 40]], "VULNERABILITY: Persistent Cross-Site Scripting": [[43, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50265"}}
{"text": "Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload", "spans": {"SYSTEM: Patient Appointment Scheduler System 1.0": [[0, 40]], "VULNERABILITY: File Upload": [[59, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50264"}}
{"text": "PaulPrinting CMS - (Search Delivery) Cross Site Scripting", "spans": {"SYSTEM: PaulPrinting CMS": [[0, 16]], "VULNERABILITY: Cross Site Scripting": [[37, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51614"}}
{"text": "PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities", "spans": {"SYSTEM: PaulPrinting CMS": [[0, 16]], "VULNERABILITY: Multiple Cross Site Web Vulnerabilities": [[19, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51618"}}
{"text": "Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Payment Terminal 3.1": [[0, 20]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50495"}}
{"text": "PDW File Browser 1.3 - 'new_filename' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PDW File Browser 1.3": [[0, 20]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[38, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48947"}}
{"text": "PDW File Browser 1.3 - Remote Code Execution", "spans": {"SYSTEM: PDW File Browser 1.3": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48987"}}
{"text": "PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting", "spans": {"SYSTEM: PEEL Shopping 9.3.0": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49553"}}
{"text": "PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting", "spans": {"SYSTEM: PEEL Shopping 9.3.0": [[0, 19]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49574"}}
{"text": "PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection", "spans": {"SYSTEM: PEEL Shopping 9.3.0": [[0, 19]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50142"}}
{"text": "Perch v3.2 - Persistent Cross Site Scripting (XSS)", "spans": {"SYSTEM: Perch v3.2": [[0, 10]], "VULNERABILITY: Cross Site Scripting": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51627"}}
{"text": "Perch v3.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Perch v3.2": [[0, 10]], "VULNERABILITY: Remote Code Execution (RCE)": [[13, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51620"}}
{"text": "Perch v3.2 - Stored XSS", "spans": {"SYSTEM: Perch v3.2": [[0, 10]], "VULNERABILITY: XSS": [[20, 23]]}, "info": {"source": "exploitdb", "exploit_id": "51621"}}
{"text": "Persian VIP Download Script 1.0 - 'active' SQL Injection", "spans": {"SYSTEM: Persian VIP Download Script 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48190"}}
{"text": "Pet Shop Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Pet Shop Management System 1.0": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50353"}}
{"text": "Petrol Pump Management Software v1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Petrol Pump Management Software v1.0": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51943"}}
{"text": "pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)", "spans": {"SYSTEM: pfBlockerNG 2.1.4_26": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51032"}}
{"text": "pfSense 2.4.4-p3 - Cross-Site Request Forgery", "spans": {"SYSTEM: pfSense 2.4.4-p3": [[0, 16]], "VULNERABILITY: Cross-Site Request Forgery": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48714"}}
{"text": "pfSense v2.7.0 - OS Command Injection", "spans": {"SYSTEM: pfSense v2.7.0": [[0, 14]], "VULNERABILITY: Command Injection": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51608"}}
{"text": "Pharmacy Medical Store and Sale Point 1.0  - 'catid' SQL Injection", "spans": {"SYSTEM: Pharmacy Medical Store and Sale Point 1.0": [[0, 41]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48752"}}
{"text": "Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Pharmacy Point of Sale System 1.0": [[0, 33]], "VULNERABILITY: CSRF": [[79, 83]]}, "info": {"source": "exploitdb", "exploit_id": "50409"}}
{"text": "Pharmacy Point of Sale System 1.0 - 'Multiple' SQL Injection (SQLi)", "spans": {"SYSTEM: Pharmacy Point of Sale System 1.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50357"}}
{"text": "Pharmacy Point of Sale System 1.0 - SQLi Authentication BYpass", "spans": {"SYSTEM: Pharmacy Point of Sale System 1.0": [[0, 33]], "VULNERABILITY: SQLi": [[36, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50329"}}
{"text": "Pharmacy Store Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Pharmacy Store Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49149"}}
{"text": "Pharmacy/Medical Store & Sale Point 1.0  - 'email' SQL Injection", "spans": {"SYSTEM: Pharmacy/Medical Store & Sale Point 1.0": [[0, 39]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49132"}}
{"text": "Phone Shop Sales Managements System 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Phone Shop Sales Managements System 1.0": [[0, 39]], "VULNERABILITY: Arbitrary File Upload": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50106"}}
{"text": "Phone Shop Sales Managements System 1.0 - Authentication Bypass (SQLi)", "spans": {"SYSTEM: Phone Shop Sales Managements System 1.0": [[0, 39]], "VULNERABILITY: Authentication Bypass": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50105"}}
{"text": "Phone Shop Sales Managements System 1.0 - Insecure Direct Object Reference (IDOR)", "spans": {"SYSTEM: Phone Shop Sales Managements System 1.0": [[0, 39]], "VULNERABILITY: Insecure Direct Object Reference": [[42, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50050"}}
{"text": "Photo Share Website 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Photo Share Website 1.0": [[0, 23]], "VULNERABILITY: Persistent Cross-Site Scripting": [[26, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48854"}}
{"text": "PhotoShow 3.0 - Remote Code Execution", "spans": {"SYSTEM: PhotoShow 3.0": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51236"}}
{"text": "PHP 7.3.15-3 - 'PHP_SESSION_UPLOAD_PROGRESS' Session Data Injection", "spans": {"SYSTEM: PHP 7.3.15-3": [[0, 12]], "VULNERABILITY: Session Data Injection": [[45, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50156"}}
{"text": "PHP 7.4 FFI - 'disable_functions' Bypass", "spans": {"SYSTEM: PHP 7.4 FFI": [[0, 11]], "VULNERABILITY: Bypass": [[34, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48655"}}
{"text": "PHP 8.1.0-dev - 'User-Agentt' Remote Code Execution", "spans": {"SYSTEM: PHP 8.1.0-dev": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49933"}}
{"text": "PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)", "spans": {"SYSTEM: PHP < 8.3.8": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "52047"}}
{"text": "PHP CGI Module 8.3.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: PHP CGI Module 8.3.4": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52331"}}
{"text": "PHP Laravel 8.70.1 - Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)", "spans": {"SYSTEM: PHP Laravel 8.70.1": [[0, 18]], "VULNERABILITY: Cross Site Scripting": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50525"}}
{"text": "PHP Melody 3.0 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PHP Melody 3.0": [[0, 14]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[28, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50486"}}
{"text": "PHP Melody 3.0 - 'vid' SQL Injection", "spans": {"SYSTEM: PHP Melody 3.0": [[0, 14]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50487"}}
{"text": "PHP Melody 3.0 - Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PHP Melody 3.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50488"}}
{"text": "PHP Restaurants 1.0 - SQLi (Unauthenticated)", "spans": {"SYSTEM: PHP Restaurants 1.0": [[0, 19]], "VULNERABILITY: SQLi": [[22, 26]]}, "info": {"source": "exploitdb", "exploit_id": "50699"}}
{"text": "PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting", "spans": {"SYSTEM: PHP Restaurants 1.0": [[0, 19]], "VULNERABILITY: Cross Site Scripting": [[51, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51398"}}
{"text": "PHP Shopping Cart 4.2 - Multiple-SQLi", "spans": {"SYSTEM: PHP Shopping Cart 4.2": [[0, 21]], "VULNERABILITY: SQLi": [[33, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51754"}}
{"text": "PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: PHP Timeclock 1.04": [[0, 18]], "VULNERABILITY: Cross Site Scripting": [[32, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49853"}}
{"text": "PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection", "spans": {"SYSTEM: PHP Timeclock 1.04": [[0, 18]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49849"}}
{"text": "PHP Unit 4.8.28 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: PHP Unit 4.8.28": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50702"}}
{"text": "php-fusion 9.03.50 - 'ctype' SQL Injection", "spans": {"SYSTEM: php-fusion 9.03.50": [[0, 18]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48487"}}
{"text": "PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload", "spans": {"SYSTEM: PHP-Fusion 9.03.50": [[0, 18]], "VULNERABILITY: Arbitrary File Upload": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48381"}}
{"text": "PHP-Fusion 9.03.50 - 'panels.php' Remote Code Execution", "spans": {"SYSTEM: PHP-Fusion 9.03.50": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48278"}}
{"text": "php-fusion 9.03.50 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: php-fusion 9.03.50": [[0, 18]], "VULNERABILITY: Persistent Cross-Site Scripting": [[21, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48404"}}
{"text": "PHP-Fusion 9.03.60 - PHP Object Injection", "spans": {"SYSTEM: PHP-Fusion 9.03.60": [[0, 18]], "VULNERABILITY: PHP Object Injection": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48630"}}
{"text": "PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message)", "spans": {"SYSTEM: PHP-Fusion CMS 9.03.90": [[0, 22]], "VULNERABILITY: Cross-Site Request Forgery": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49426"}}
{"text": "phpAbook 0.9i - SQL Injection", "spans": {"SYSTEM: phpAbook 0.9i": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "50071"}}
{"text": "phpfm v1.7.9 - Authentication type juggling", "spans": {"SYSTEM: phpfm v1.7.9": [[0, 12]], "VULNERABILITY: Authentication type juggling": [[15, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51594"}}
{"text": "phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit", "spans": {"SYSTEM: phpFox < 4.8.13": [[0, 15]], "VULNERABILITY: (redirect) PHP Object Injection Exploit": [[18, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51799"}}
{"text": "PHPFusion 9.03.50 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: PHPFusion 9.03.50": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48497"}}
{"text": "PHPFusion 9.03.50 - Remote Code Execution", "spans": {"SYSTEM: PHPFusion 9.03.50": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49911"}}
{"text": "PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PHPFusion 9.10.30": [[0, 17]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[20, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51411"}}
{"text": "PHPGurukul Hostel Management System 2.1 - Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)", "spans": {"SYSTEM: PHPGurukul Hostel Management System 2.1": [[0, 39]], "VULNERABILITY: CSRF": [[70, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50461"}}
{"text": "PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS", "spans": {"SYSTEM: PHPGurukul Online Birth Certificate System V 1.2": [[0, 48]], "VULNERABILITY: XSS": [[57, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51061"}}
{"text": "phpIPAM 1.4 - SQL-Injection", "spans": {"SYSTEM: phpIPAM 1.4": [[0, 11]], "VULNERABILITY: SQL-Injection": [[14, 27]]}, "info": {"source": "exploitdb", "exploit_id": "52453"}}
{"text": "PHPIPAM 1.4.4 - SQLi (Authenticated)", "spans": {"SYSTEM: PHPIPAM 1.4.4": [[0, 13]], "VULNERABILITY: SQLi": [[16, 20]]}, "info": {"source": "exploitdb", "exploit_id": "50684"}}
{"text": "phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: phpIPAM 1.4.5": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50963"}}
{"text": "phpIPAM 1.5.1 - SQL Injection", "spans": {"SYSTEM: phpIPAM 1.5.1": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52444"}}
{"text": "phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)", "spans": {"SYSTEM: phpIPAM 1.6": [[0, 11]], "VULNERABILITY: Cross Site Scripting": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52176"}}
{"text": "phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: phpIPAM 1.6": [[0, 11]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[14, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52441"}}
{"text": "phpIPAM 1.6 - Reflected-Cross-Site Scripting (XSS)", "spans": {"SYSTEM: phpIPAM 1.6": [[0, 11]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52442"}}
{"text": "PhpIX 2012 Professional - 'id' SQL Injection", "spans": {"SYSTEM: PhpIX 2012 Professional": [[0, 23]], "VULNERABILITY: SQL Injection": [[31, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48138"}}
{"text": "PHPJabbers Appointment Scheduler 2.3 - Reflected XSS (Cross-Site Scripting)", "spans": {"SYSTEM: PHPJabbers Appointment Scheduler 2.3": [[0, 36]], "VULNERABILITY: Cross-Site Scripting": [[54, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49281"}}
{"text": "PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities", "spans": {"SYSTEM: PHPJabbers Business Directory Script v3.2": [[0, 41]], "VULNERABILITY: Multiple Vulnerabilities": [[44, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51687"}}
{"text": "PHPJabbers Cleaning Business 1.0 - Reflected XSS", "spans": {"SYSTEM: PHPJabbers Cleaning Business 1.0": [[0, 32]], "VULNERABILITY: XSS": [[45, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51651"}}
{"text": "PHPJabbers Night Club Booking 1.0 - Reflected XSS", "spans": {"SYSTEM: PHPJabbers Night Club Booking 1.0": [[0, 33]], "VULNERABILITY: XSS": [[46, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51650"}}
{"text": "PHPJabbers Rental Property Booking 2.0 - Reflected XSS", "spans": {"SYSTEM: PHPJabbers Rental Property Booking 2.0": [[0, 38]], "VULNERABILITY: XSS": [[51, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51653"}}
{"text": "PHPJabbers Service Booking Script 1.0 - Reflected XSS", "spans": {"SYSTEM: PHPJabbers Service Booking Script 1.0": [[0, 37]], "VULNERABILITY: XSS": [[50, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51649"}}
{"text": "PHPJabbers Shuttle Booking Software 1.0 - Reflected XSS", "spans": {"SYSTEM: PHPJabbers Shuttle Booking Software 1.0": [[0, 39]], "VULNERABILITY: XSS": [[52, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51648"}}
{"text": "PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PHPJabbers Simple CMS 5": [[0, 23]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50475"}}
{"text": "PHPJabbers Simple CMS 5.0 - SQL Injection", "spans": {"SYSTEM: PHPJabbers Simple CMS 5.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[28, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51416"}}
{"text": "PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PHPJabbers Simple CMS V5.0": [[0, 26]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[29, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51415"}}
{"text": "PHPJabbers Taxi Booking 2.0 - Reflected XSS", "spans": {"SYSTEM: PHPJabbers Taxi Booking 2.0": [[0, 27]], "VULNERABILITY: XSS": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51652"}}
{"text": "PHPJabbers Vacation Rental Script 4.0 - CSRF", "spans": {"SYSTEM: PHPJabbers Vacation Rental Script 4.0": [[0, 37]], "VULNERABILITY: CSRF": [[40, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51672"}}
{"text": "PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution", "spans": {"SYSTEM: PHPKB Multi-Language 9": [[0, 22]], "VULNERABILITY: Authenticated Remote Code Execution": [[44, 79]]}, "info": {"source": "exploitdb", "exploit_id": "48221"}}
{"text": "PHPKB Multi-Language 9 - Authenticated Directory Traversal", "spans": {"SYSTEM: PHPKB Multi-Language 9": [[0, 22]], "VULNERABILITY: Directory Traversal": [[39, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48220"}}
{"text": "PHPKB Multi-Language 9 - Authenticated Remote Code Execution", "spans": {"SYSTEM: PHPKB Multi-Language 9": [[0, 22]], "VULNERABILITY: Authenticated Remote Code Execution": [[25, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48219"}}
{"text": "phpKF CMS 3.00 Beta y6 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: phpKF CMS 3.00 Beta y6": [[0, 22]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50610"}}
{"text": "phpList 3.5.0 - Authentication Bypass", "spans": {"SYSTEM: phpList 3.5.0": [[0, 13]], "VULNERABILITY: Authentication Bypass": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "47989"}}
{"text": "phpMyAdmin 4.8.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: phpMyAdmin 4.8.1": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50457"}}
{"text": "phpMyAdmin 5.0.0 - SQL Injection", "spans": {"SYSTEM: phpMyAdmin 5.0.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "52451"}}
{"text": "phpMyChat Plus 1.98 - 'pmc_username' SQL Injection", "spans": {"SYSTEM: phpMyChat Plus 1.98": [[0, 19]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48066"}}
{"text": "phpMyFAQ  2.9.8 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: phpMyFAQ  2.9.8": [[0, 15]], "VULNERABILITY: CSRF": [[46, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52458"}}
{"text": "phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)", "spans": {"SYSTEM: phpMyFaq 2.9.8": [[0, 14]], "VULNERABILITY: CSRF": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52455"}}
{"text": "phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)", "spans": {"SYSTEM: phpMyFAQ 2.9.8": [[0, 14]], "VULNERABILITY: CSRF": [[44, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52459"}}
{"text": "phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: phpMyFAQ 3.1.7": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[17, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52226"}}
{"text": "phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames", "spans": {"SYSTEM: phpMyFAQ 3.2.10": [[0, 15]], "VULNERABILITY: Unintended File Download Triggered by Embedded Frames": [[18, 71]]}, "info": {"source": "exploitdb", "exploit_id": "52235"}}
{"text": "phpMyFAQ v3.1.12 - CSV Injection", "spans": {"SYSTEM: phpMyFAQ v3.1.12": [[0, 16]], "VULNERABILITY: CSV Injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51399"}}
{"text": "PHProjekt PhpSimplyGest v1.3. - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PHProjekt PhpSimplyGest v1.3.": [[0, 29]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[32, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50922"}}
{"text": "Phpwcms 1.9.30 - Arbitrary File Upload", "spans": {"SYSTEM: Phpwcms 1.9.30": [[0, 14]], "VULNERABILITY: Arbitrary File Upload": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50363"}}
{"text": "PhreeBooks 5.2.3 ERP - Remote Code Execution (2)", "spans": {"SYSTEM: PhreeBooks 5.2.3 ERP": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49524"}}
{"text": "PhreeBooks ERP 5.2.5 - Remote Command Execution", "spans": {"SYSTEM: PhreeBooks ERP 5.2.5": [[0, 20]], "VULNERABILITY: Remote Command Execution": [[23, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48423"}}
{"text": "pimCore v5.4.18-skeleton  - Sensitive Cookie with Improper SameSite Attribute", "spans": {"SYSTEM: pimCore v5.4.18-skeleton": [[0, 24]], "VULNERABILITY: Sensitive Cookie with Improper SameSite Attribute": [[28, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51201"}}
{"text": "PimpMyLog v1.7.14 - Improper access control", "spans": {"SYSTEM: PimpMyLog v1.7.14": [[0, 17]], "VULNERABILITY: Improper access control": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51593"}}
{"text": "Pinger 1.0 - Remote Code Execution", "spans": {"SYSTEM: Pinger 1.0": [[0, 10]], "VULNERABILITY: Remote Code Execution": [[13, 34]]}, "info": {"source": "exploitdb", "exploit_id": "48323"}}
{"text": "Pisay Online E-Learning System 1.0 - Remote Code Execution", "spans": {"SYSTEM: Pisay Online E-Learning System 1.0": [[0, 34]], "VULNERABILITY: Remote Code Execution": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48439"}}
{"text": "Piwigo 11.3.0 - 'language' SQL", "spans": {"SYSTEM: Piwigo 11.3.0": [[0, 13]], "VULNERABILITY: SQL": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "49818"}}
{"text": "Piwigo 13.6.0 - SQL Injection", "spans": {"SYSTEM: Piwigo 13.6.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52443"}}
{"text": "Piwigo 13.6.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Piwigo 13.6.0": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51386"}}
{"text": "Piwigo 2.10.1 - Cross Site Scripting", "spans": {"SYSTEM: Piwigo 2.10.1": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[16, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48814"}}
{"text": "Piwigo v13.7.0 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Piwigo v13.7.0": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[17, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51572"}}
{"text": "PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution", "spans": {"SYSTEM: PixelStor 5000 K:4.0.1580-20150629": [[0, 34]], "VULNERABILITY: Remote Code Execution": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "47899"}}
{"text": "PKP Open Journals System 3.3 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PKP Open Journals System 3.3": [[0, 28]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50881"}}
{"text": "PlaySMS 1.4.3 - Template Injection / Remote Code Execution", "spans": {"SYSTEM: PlaySMS 1.4.3": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48199"}}
{"text": "Pluck 4.7.7-dev2 -  PHP Code Execution", "spans": {"SYSTEM: Pluck 4.7.7-dev2": [[0, 16]], "VULNERABILITY: PHP Code Execution": [[20, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52460"}}
{"text": "Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Pluck CMS 4.7.13": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49909"}}
{"text": "Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Pluck CMS 4.7.16": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50826"}}
{"text": "Pluck v4.7.18 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Pluck v4.7.18": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51592"}}
{"text": "pluck v4.7.18 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: pluck v4.7.18": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51420"}}
{"text": "PluckCMS 4.7.10 - Unrestricted File Upload", "spans": {"SYSTEM: PluckCMS 4.7.10": [[0, 15]], "VULNERABILITY: Unrestricted File Upload": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52448"}}
{"text": "PMB 5.6 - 'chemin' Local File Disclosure", "spans": {"SYSTEM: PMB 5.6": [[0, 7]], "VULNERABILITY: Local File Disclosure": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49054"}}
{"text": "PMB 5.6 - 'logid' SQL Injection", "spans": {"SYSTEM: PMB 5.6": [[0, 7]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "48356"}}
{"text": "PMB 7.4.6 - SQL Injection", "spans": {"SYSTEM: PMB 7.4.6": [[0, 9]], "VULNERABILITY: SQL Injection": [[12, 25]]}, "info": {"source": "exploitdb", "exploit_id": "51197"}}
{"text": "Podcast Generator 3.1 - 'Long Description' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Podcast Generator 3.1": [[0, 21]], "VULNERABILITY: Persistent Cross-Site Scripting": [[43, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49866"}}
{"text": "PodcastGenerator 3.2.9 - Blind SSRF via XML Injection", "spans": {"SYSTEM: PodcastGenerator 3.2.9": [[0, 22]], "VULNERABILITY: SSRF": [[31, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51565"}}
{"text": "PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: PodcastGenerator 3.2.9": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[34, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51454"}}
{"text": "Point of Sale System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Point of Sale System 1.0": [[0, 24]], "VULNERABILITY: Authentication Bypass": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49284"}}
{"text": "Point of Sale System 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Point of Sale System 1.0": [[0, 24]], "VULNERABILITY: XSS": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49306"}}
{"text": "Point of Sales 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Point of Sales 1.0": [[0, 18]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48933"}}
{"text": "Point of Sales 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: Point of Sales 1.0": [[0, 18]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48937"}}
{"text": "Police Crime Record Management Project 1.0 - Time Based SQLi", "spans": {"SYSTEM: Police Crime Record Management Project 1.0": [[0, 42]], "VULNERABILITY: SQLi": [[56, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50327"}}
{"text": "Police Crime Record Management System 1.0 - 'casedetails' SQL Injection", "spans": {"SYSTEM: Police Crime Record Management System 1.0": [[0, 41]], "VULNERABILITY: SQL Injection": [[58, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50196"}}
{"text": "Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Police Crime Record Management System 1.0": [[0, 41]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[55, 88]]}, "info": {"source": "exploitdb", "exploit_id": "50195"}}
{"text": "POLR URL 2.3.0 - Shortener Admin Takeover", "spans": {"SYSTEM: POLR URL 2.3.0": [[0, 14]], "VULNERABILITY: Shortener Admin Takeover": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51277"}}
{"text": "PopojiCMS 2.0.1 - Remote Command Execution (RCE)", "spans": {"SYSTEM: PopojiCMS 2.0.1": [[0, 15]], "VULNERABILITY: Remote Command Execution": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "52022"}}
{"text": "PopojiCMS Version 2.0.1 - Remote Command Execution", "spans": {"SYSTEM: PopojiCMS Version 2.0.1": [[0, 23]], "VULNERABILITY: Remote Command Execution": [[26, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51982"}}
{"text": "POS Codekop v2.0 - Authenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: POS Codekop v2.0": [[0, 16]], "VULNERABILITY: Authenticated Remote Code Execution": [[19, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51551"}}
{"text": "Poultry Farm Management System v1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Poultry Farm Management System v1.0": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "52053"}}
{"text": "Prestashop 1.7.6.4 - Cross-Site Request Forgery", "spans": {"SYSTEM: Prestashop 1.7.6.4": [[0, 18]], "VULNERABILITY: Cross-Site Request Forgery": [[21, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48347"}}
{"text": "PrestaShop 1.7.6.7 - 'location' Blind Sql Injection", "spans": {"SYSTEM: PrestaShop 1.7.6.7": [[0, 18]], "VULNERABILITY: Blind Sql Injection": [[32, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49755"}}
{"text": "Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection", "spans": {"SYSTEM: Prestashop 1.7.7.0": [[0, 18]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49410"}}
{"text": "Prestashop 8.0.4 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Prestashop 8.0.4": [[0, 16]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51563"}}
{"text": "Prestashop 8.0.4 - CSV injection", "spans": {"SYSTEM: Prestashop 8.0.4": [[0, 16]], "VULNERABILITY: CSV injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51463"}}
{"text": "Prestashop blockwishlist module 2.1.0 - SQLi", "spans": {"SYSTEM: Prestashop blockwishlist module 2.1.0": [[0, 37]], "VULNERABILITY: SQLi": [[40, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51001"}}
{"text": "PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection", "spans": {"SYSTEM: PrestaShop ProductComments 4.2.0": [[0, 32]], "VULNERABILITY: SQL Injection": [[66, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49267"}}
{"text": "PrestaShop Winbiz Payment module - Improper Limitation of a Pathname to a Restricted Directory", "spans": {"SYSTEM: PrestaShop Winbiz Payment module": [[0, 32]], "VULNERABILITY: Improper Limitation of a Pathname to a Restricted Directory": [[35, 94]]}, "info": {"source": "exploitdb", "exploit_id": "51545"}}
{"text": "Printable Staff ID Card Creator System 1.0 - 'email' SQL Injection", "spans": {"SYSTEM: Printable Staff ID Card Creator System 1.0": [[0, 42]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49877"}}
{"text": "Prison Management System - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Prison Management System": [[0, 24]], "VULNERABILITY: Authentication Bypass": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "52017"}}
{"text": "Prizm Content Connect v10.5.1030.8315 - XXE", "spans": {"SYSTEM: Prizm Content Connect v10.5.1030.8315": [[0, 37]], "VULNERABILITY: XXE": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51185"}}
{"text": "Processwire CMS 2.4.0 - 'download' Local File Inclusion", "spans": {"SYSTEM: Processwire CMS 2.4.0": [[0, 21]], "VULNERABILITY: Local File Inclusion": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48986"}}
{"text": "Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Profiling System for Human Resource Management 1.0": [[0, 50]], "VULNERABILITY: Remote Code Execution": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49672"}}
{"text": "Projectsend r1295 - 'name' Stored XSS", "spans": {"SYSTEM: Projectsend r1295": [[0, 17]], "VULNERABILITY: XSS": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50240"}}
{"text": "projectSend r1605 - CSV injection", "spans": {"SYSTEM: projectSend r1605": [[0, 17]], "VULNERABILITY: CSV injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51517"}}
{"text": "projectSend r1605 - Private file download", "spans": {"SYSTEM: projectSend r1605": [[0, 17]], "VULNERABILITY: Private file download": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51400"}}
{"text": "projectSend r1605 - Remote Code Exectution RCE", "spans": {"SYSTEM: projectSend r1605": [[0, 17]], "VULNERABILITY: RCE": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51238"}}
{"text": "projectSend r1605 - Stored XSS", "spans": {"SYSTEM: projectSend r1605": [[0, 17]], "VULNERABILITY: XSS": [[27, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51518"}}
{"text": "ProjeQtOr Project Management 9.1.4 - Remote Code Execution", "spans": {"SYSTEM: ProjeQtOr Project Management 9.1.4": [[0, 34]], "VULNERABILITY: Remote Code Execution": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49919"}}
{"text": "ProjeQtOr Project Management System 10.3.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: ProjeQtOr Project Management System 10.3.2": [[0, 42]], "VULNERABILITY: Remote Code Execution (RCE)": [[45, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51387"}}
{"text": "ProjeQtOr Project Management System v10.4.1 - Multiple XSS", "spans": {"SYSTEM: ProjeQtOr Project Management System v10.4.1": [[0, 43]], "VULNERABILITY: XSS": [[55, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51588"}}
{"text": "Projeqtor v9.3.1 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Projeqtor v9.3.1": [[0, 16]], "VULNERABILITY: Stored Cross Site Scripting": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50641"}}
{"text": "Purchase Order Management System 1.0 - Remote File Upload", "spans": {"SYSTEM: Purchase Order Management System 1.0": [[0, 36]], "VULNERABILITY: File Upload": [[46, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50292"}}
{"text": "Purchase Order Management-1.0 - Local File Inclusion", "spans": {"SYSTEM: Purchase Order Management-1.0": [[0, 29]], "VULNERABILITY: Local File Inclusion": [[32, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51312"}}
{"text": "Purei CMS 1.0 - SQL Injection", "spans": {"SYSTEM: Purei CMS 1.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51929"}}
{"text": "PyroCMS v3.0.1 - Stored XSS", "spans": {"SYSTEM: PyroCMS v3.0.1": [[0, 14]], "VULNERABILITY: XSS": [[24, 27]]}, "info": {"source": "exploitdb", "exploit_id": "52016"}}
{"text": "PZ Frontend Manager WordPress Plugin 1.0.5 - Cross Site Request Forgery (CSRF)", "spans": {"SYSTEM: PZ Frontend Manager WordPress Plugin 1.0.5": [[0, 42]], "VULNERABILITY: CSRF": [[73, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52153"}}
{"text": "qdPM 9.1 - 'cfg[app_app_name]' Persistent Cross-Site Scripting", "spans": {"SYSTEM: qdPM 9.1": [[0, 8]], "VULNERABILITY: Persistent Cross-Site Scripting": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48486"}}
{"text": "qdPM 9.1 - Arbitrary File Upload", "spans": {"SYSTEM: qdPM 9.1": [[0, 8]], "VULNERABILITY: Arbitrary File Upload": [[11, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48460"}}
{"text": "qdPM 9.1 - Remote Code Execution", "spans": {"SYSTEM: qdPM 9.1": [[0, 8]], "VULNERABILITY: Remote Code Execution": [[11, 32]]}, "info": {"source": "exploitdb", "exploit_id": "47954"}}
{"text": "qdPM 9.1 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: qdPM 9.1": [[0, 8]], "VULNERABILITY: Remote Code Execution": [[11, 32]]}, "info": {"source": "exploitdb", "exploit_id": "50175"}}
{"text": "qdPM 9.1 - Remote Code Execution (RCE) (Authenticated) (v2)", "spans": {"SYSTEM: qdPM 9.1": [[0, 8]], "VULNERABILITY: Remote Code Execution (RCE)": [[11, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50944"}}
{"text": "qdPM 9.2 - Cross-site Request Forgery (CSRF)", "spans": {"SYSTEM: qdPM 9.2": [[0, 8]], "VULNERABILITY: CSRF": [[39, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50854"}}
{"text": "qdPM 9.2 - Password Exposure (Unauthenticated)", "spans": {"SYSTEM: qdPM 9.2": [[0, 8]], "VULNERABILITY: Password Exposure": [[11, 28]]}, "info": {"source": "exploitdb", "exploit_id": "50176"}}
{"text": "QNAP QTS and Photo Station 6.0.3 - Remote Command Execution", "spans": {"SYSTEM: QNAP QTS and Photo Station 6.0.3": [[0, 32]], "VULNERABILITY: Remote Command Execution": [[35, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48531"}}
{"text": "Queue Management System 4.0.0 - _Add User_ Stored XSS", "spans": {"SYSTEM: Queue Management System 4.0.0": [[0, 29]], "VULNERABILITY: XSS": [[50, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49296"}}
{"text": "Quick.CMS 6.7 - Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Quick.CMS 6.7": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[53, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50530"}}
{"text": "Quick.CMS 6.7 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Quick.CMS 6.7": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49494"}}
{"text": "Quick.CMS 6.7 - SQL Injection Login Bypass", "spans": {"SYSTEM: Quick.CMS 6.7": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51910"}}
{"text": "QuickBox Pro 2.1.8 - Authenticated Remote Code Execution", "spans": {"SYSTEM: QuickBox Pro 2.1.8": [[0, 18]], "VULNERABILITY: Authenticated Remote Code Execution": [[21, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48536"}}
{"text": "QuickDate 1.3.2 - SQL Injection", "spans": {"SYSTEM: QuickDate 1.3.2": [[0, 15]], "VULNERABILITY: SQL Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "48022"}}
{"text": "Quicklancer v1.0 - SQL Injection", "spans": {"SYSTEM: Quicklancer v1.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[19, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51474"}}
{"text": "Rail Pass Management System 1.0 - Time-Based SQL Injection", "spans": {"SYSTEM: Rail Pass Management System 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51790"}}
{"text": "RaspAP 2.6.6 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: RaspAP 2.6.6": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50224"}}
{"text": "RATES SYSTEM 1.0 - 'Multiple' SQL Injections", "spans": {"SYSTEM: RATES SYSTEM 1.0": [[0, 16]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50192"}}
{"text": "RATES SYSTEM 1.0 - Authentication Bypass", "spans": {"SYSTEM: RATES SYSTEM 1.0": [[0, 16]], "VULNERABILITY: Authentication Bypass": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50199"}}
{"text": "rConfig 3.9 - 'searchColumn' SQL Injection", "spans": {"SYSTEM: rConfig 3.9": [[0, 11]], "VULNERABILITY: SQL Injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48208"}}
{"text": "rConfig 3.9.3 - Authenticated Remote Code Execution", "spans": {"SYSTEM: rConfig 3.9.3": [[0, 13]], "VULNERABILITY: Authenticated Remote Code Execution": [[16, 51]]}, "info": {"source": "exploitdb", "exploit_id": "47982"}}
{"text": "rConfig 3.9.4 - 'search.crud.php' Remote Command Injection", "spans": {"SYSTEM: rConfig 3.9.4": [[0, 13]], "VULNERABILITY: Command Injection": [[41, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48241"}}
{"text": "rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution", "spans": {"SYSTEM: rConfig 3.9.4": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48261"}}
{"text": "rConfig 3.9.5 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: rConfig 3.9.5": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48878"}}
{"text": "rConfig 3.9.6 - 'path' Local File Inclusion (Authenticated)", "spans": {"SYSTEM: rConfig 3.9.6": [[0, 13]], "VULNERABILITY: Local File Inclusion": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49644"}}
{"text": "rconfig 3.9.6 - Arbitrary File Upload", "spans": {"SYSTEM: rconfig 3.9.6": [[0, 13]], "VULNERABILITY: Arbitrary File Upload": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49783"}}
{"text": "rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)", "spans": {"SYSTEM: rConfig 3.9.6": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49665"}}
{"text": "rconfig 3.9.7 - Sql Injection (Authenticated)", "spans": {"SYSTEM: rconfig 3.9.7": [[0, 13]], "VULNERABILITY: Sql Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51163"}}
{"text": "rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution", "spans": {"SYSTEM: rConfig 3.93": [[0, 12]], "VULNERABILITY: Authenticated Remote Code Execution": [[37, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48207"}}
{"text": "Really Simple Security 9.1.1.1 - Authentication Bypass", "spans": {"SYSTEM: Really Simple Security 9.1.1.1": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52207"}}
{"text": "REDCap 11.3.9 - Stored Cross Site Scripting", "spans": {"SYSTEM: REDCap 11.3.9": [[0, 13]], "VULNERABILITY: Stored Cross Site Scripting": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50877"}}
{"text": "Regis Inventory And Monitoring System 1.0 - 'Item List' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Regis Inventory And Monitoring System 1.0": [[0, 41]], "VULNERABILITY: Persistent Cross-Site Scripting": [[56, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49713"}}
{"text": "RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: RemoteClinic 2": [[0, 14]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[28, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49781"}}
{"text": "RemoteClinic 2.0 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: RemoteClinic 2.0": [[0, 16]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[30, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49795"}}
{"text": "Reservit Hotel 2.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Reservit Hotel 2.1": [[0, 18]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[21, 54]]}, "info": {"source": "exploitdb", "exploit_id": "52133"}}
{"text": "Reside Property Management 3.0 - 'profile' SQL Injection", "spans": {"SYSTEM: Reside Property Management 3.0": [[0, 30]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48627"}}
{"text": "ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: ResidenceCMS 2.10.1": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[22, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52150"}}
{"text": "Responsive E-Learning System 1.0 - 'id' Sql Injection", "spans": {"SYSTEM: Responsive E-Learning System 1.0": [[0, 32]], "VULNERABILITY: Sql Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49357"}}
{"text": "Responsive E-Learning System 1.0 - Stored Cross Site Scripting", "spans": {"SYSTEM: Responsive E-Learning System 1.0": [[0, 32]], "VULNERABILITY: Stored Cross Site Scripting": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49376"}}
{"text": "Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE", "spans": {"SYSTEM: Responsive E-Learning System 1.0": [[0, 32]], "VULNERABILITY: RCE": [[63, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49375"}}
{"text": "Responsive FileManager 9.13.4 - 'path' Path Traversal", "spans": {"SYSTEM: Responsive FileManager 9.13.4": [[0, 29]], "VULNERABILITY: Path Traversal": [[39, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49359"}}
{"text": "Responsive FileManager 9.9.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Responsive FileManager 9.9.5": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51251"}}
{"text": "Responsive Online Blog 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Responsive Online Blog 1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48615"}}
{"text": "Responsive Tourism Website 3.1 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Responsive Tourism Website 3.1": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50049"}}
{"text": "Restaurant Management System 1.0  - SQL Injection", "spans": {"SYSTEM: Restaurant Management System 1.0": [[0, 32]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51330"}}
{"text": "Restaurant Reservation System 1.0 - 'date' SQL Injection (Authenticated)", "spans": {"SYSTEM: Restaurant Reservation System 1.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48885"}}
{"text": "Resumes Management and Job Application Website 1.0 - Authentication Bypass", "spans": {"SYSTEM: Resumes Management and Job Application Website 1.0": [[0, 50]], "VULNERABILITY: Authentication Bypass": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49353"}}
{"text": "Resumes Management and Job Application Website 1.0 - RCE (Unauthenticated)", "spans": {"SYSTEM: Resumes Management and Job Application Website 1.0": [[0, 50]], "VULNERABILITY: RCE": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49380"}}
{"text": "Revenue Collection System v1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Revenue Collection System v1.0": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51133"}}
{"text": "revive-adserver v5.4.1 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: revive-adserver v5.4.1": [[0, 22]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51401"}}
{"text": "RiteCMS 2.2.1 - Authenticated Remote Code Execution", "spans": {"SYSTEM: RiteCMS 2.2.1": [[0, 13]], "VULNERABILITY: Authenticated Remote Code Execution": [[16, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48636"}}
{"text": "RiteCMS 2.2.1 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: RiteCMS 2.2.1": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48915"}}
{"text": "RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated)", "spans": {"SYSTEM: RiteCMS 3.1.0": [[0, 13]], "VULNERABILITY: Arbitrary File Deletion": [[16, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50615"}}
{"text": "RiteCMS 3.1.0 - Arbitrary File Overwrite (Authenticated)", "spans": {"SYSTEM: RiteCMS 3.1.0": [[0, 13]], "VULNERABILITY: Arbitrary File Overwrite": [[16, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50614"}}
{"text": "RiteCMS 3.1.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: RiteCMS 3.1.0": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50616"}}
{"text": "Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)", "spans": {"SYSTEM: Rocket LMS 1.1": [[0, 14]], "VULNERABILITY: Cross Site Scripting": [[28, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50677"}}
{"text": "Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)", "spans": {"SYSTEM: Rocket LMS 1.9": [[0, 14]], "VULNERABILITY: Cross Site Scripting": [[28, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52018"}}
{"text": "RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: RockMongo 1.1.7": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[18, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51437"}}
{"text": "RosarioSIS 10.8.4 - CSV Injection", "spans": {"SYSTEM: RosarioSIS 10.8.4": [[0, 17]], "VULNERABILITY: CSV Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51622"}}
{"text": "RosarioSIS 6.7.2 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: RosarioSIS 6.7.2": [[0, 16]], "VULNERABILITY: Cross Site Scripting": [[19, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52450"}}
{"text": "RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: RosarioSIS 6.7.2": [[0, 16]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52449"}}
{"text": "RosarioSIS 7.6 - SQL Injection", "spans": {"SYSTEM: RosarioSIS 7.6": [[0, 14]], "VULNERABILITY: SQL Injection": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "52169"}}
{"text": "Roundcube Webmail 1.2 - File Disclosure", "spans": {"SYSTEM: Roundcube Webmail 1.2": [[0, 21]], "VULNERABILITY: File Disclosure": [[24, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49510"}}
{"text": "Roundcube Webmail 1.6.6 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Roundcube Webmail 1.6.6": [[0, 23]], "VULNERABILITY: Stored Cross Site Scripting": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52173"}}
{"text": "Royal Event Management System 1.0 - 'todate' SQL Injection (Authenticated)", "spans": {"SYSTEM: Royal Event Management System 1.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50934"}}
{"text": "Rukovoditel 2.6.1 - Cross-Site Request Forgery (Change password)", "spans": {"SYSTEM: Rukovoditel 2.6.1": [[0, 17]], "VULNERABILITY: Cross-Site Request Forgery": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49245"}}
{"text": "Rukovoditel 2.6.1 - RCE (1)", "spans": {"SYSTEM: Rukovoditel 2.6.1": [[0, 17]], "VULNERABILITY: RCE": [[20, 23]]}, "info": {"source": "exploitdb", "exploit_id": "49238"}}
{"text": "Rukovoditel 2.7.1 - Remote Code Execution (2) (Authenticated)", "spans": {"SYSTEM: Rukovoditel 2.7.1": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48784"}}
{"text": "rukovoditel 3.2.1 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: rukovoditel 3.2.1": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51121"}}
{"text": "Rukovoditel 3.3.1 - CSV injection", "spans": {"SYSTEM: Rukovoditel 3.3.1": [[0, 17]], "VULNERABILITY: CSV injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51490"}}
{"text": "Rukovoditel 3.3.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Rukovoditel 3.3.1": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51322"}}
{"text": "Rukovoditel 3.4.1 - Multiple Stored XSS", "spans": {"SYSTEM: Rukovoditel 3.4.1": [[0, 17]], "VULNERABILITY: XSS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51548"}}
{"text": "Rukovoditel Project Management CRM 2.5.2 - 'entities_id' SQL Injection", "spans": {"SYSTEM: Rukovoditel Project Management CRM 2.5.2": [[0, 40]], "VULNERABILITY: SQL Injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "47931"}}
{"text": "Rukovoditel Project Management CRM 2.5.2 - 'filters' SQL Injection", "spans": {"SYSTEM: Rukovoditel Project Management CRM 2.5.2": [[0, 40]], "VULNERABILITY: SQL Injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "47934"}}
{"text": "Rukovoditel Project Management CRM 2.5.2 - 'reports_id' SQL Injection", "spans": {"SYSTEM: Rukovoditel Project Management CRM 2.5.2": [[0, 40]], "VULNERABILITY: SQL Injection": [[56, 69]]}, "info": {"source": "exploitdb", "exploit_id": "47926"}}
{"text": "SAFARI Montage 8.5 - Reflected Cross Site Scripting (XSS)", "spans": {"SYSTEM: SAFARI Montage 8.5": [[0, 18]], "VULNERABILITY: Cross Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50626"}}
{"text": "Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS", "spans": {"SYSTEM: Sales and Inventory System for Grocery Store 1.0": [[0, 48]], "VULNERABILITY: XSS": [[67, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49329"}}
{"text": "Sales of Cashier Goods v1.0 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Sales of Cashier Goods v1.0": [[0, 27]], "VULNERABILITY: Cross Site Scripting": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51549"}}
{"text": "Sales Tracker Management System v1.0 - Multiple Vulnerabilities", "spans": {"SYSTEM: Sales Tracker Management System v1.0": [[0, 36]], "VULNERABILITY: Multiple Vulnerabilities": [[39, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51513"}}
{"text": "SalonERP 3.0.1 - 'sql' SQL Injection (Authenticated)", "spans": {"SYSTEM: SalonERP 3.0.1": [[0, 14]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50659"}}
{"text": "sar2html 3.2.1 - 'plot' Remote Code Execution", "spans": {"SYSTEM: sar2html 3.2.1": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49344"}}
{"text": "Savsoft Quiz 5 - 'field_title' Stored Cross-Site Scripting", "spans": {"SYSTEM: Savsoft Quiz 5": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49196"}}
{"text": "Savsoft Quiz 5 - 'Skype ID' Stored XSS", "spans": {"SYSTEM: Savsoft Quiz 5": [[0, 14]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49208"}}
{"text": "Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Savsoft Quiz 5": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[41, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49825"}}
{"text": "Savsoft Quiz 5 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Savsoft Quiz 5": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48658"}}
{"text": "Savsoft Quiz 5 - Stored Cross-Site Scripting", "spans": {"SYSTEM: Savsoft Quiz 5": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48753"}}
{"text": "Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Savsoft Quiz Enterprise Version 5.5": [[0, 35]], "VULNERABILITY: Persistent Cross-Site Scripting": [[38, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48785"}}
{"text": "Savsoft Quiz v6.0 Enterprise - Stored XSS", "spans": {"SYSTEM: Savsoft Quiz v6.0 Enterprise": [[0, 28]], "VULNERABILITY: XSS": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51988"}}
{"text": "School ERP Pro 1.0 - 'es_messagesid' SQL Injection", "spans": {"SYSTEM: School ERP Pro 1.0": [[0, 18]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48390"}}
{"text": "School ERP Pro 1.0 - Arbitrary File Read", "spans": {"SYSTEM: School ERP Pro 1.0": [[0, 18]], "VULNERABILITY: Arbitrary File Read": [[21, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48394"}}
{"text": "School ERP Pro 1.0 - Remote Code Execution", "spans": {"SYSTEM: School ERP Pro 1.0": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48392"}}
{"text": "School ERP System 1.0 - Cross Site Request Forgery (Add Admin)", "spans": {"SYSTEM: School ERP System 1.0": [[0, 21]], "VULNERABILITY: Cross Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47992"}}
{"text": "School Event Attendance Monitoring System 1.0 - 'Item Name' Stored Cross-Site Scripting", "spans": {"SYSTEM: School Event Attendance Monitoring System 1.0": [[0, 45]], "VULNERABILITY: Stored Cross-Site Scripting": [[60, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49560"}}
{"text": "School Faculty Scheduling System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: School Faculty Scheduling System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48938"}}
{"text": "School Faculty Scheduling System 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: School Faculty Scheduling System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48939"}}
{"text": "School Faculty Scheduling System 1.0 - Authentication Bypass POC", "spans": {"SYSTEM: School Faculty Scheduling System 1.0": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48922"}}
{"text": "School Faculty Scheduling System 1.0 - Stored Cross Site Scripting POC", "spans": {"SYSTEM: School Faculty Scheduling System 1.0": [[0, 36]], "VULNERABILITY: Stored Cross Site Scripting": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48921"}}
{"text": "School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting", "spans": {"SYSTEM: School File Management System 1.0": [[0, 33]], "VULNERABILITY: Stored Cross-Site Scripting": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49559"}}
{"text": "School File Management System 1.0 - 'username' SQL Injection", "spans": {"SYSTEM: School File Management System 1.0": [[0, 33]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48437"}}
{"text": "School Log Management System 1.0 - 'username' SQL Injection / Remote Code Execution", "spans": {"SYSTEM: School Log Management System 1.0": [[0, 32]], "VULNERABILITY: Remote Code Execution": [[62, 83]]}, "info": {"source": "exploitdb", "exploit_id": "48988"}}
{"text": "Scriptcase 9.7 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Scriptcase 9.7": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50872"}}
{"text": "SCRMS 2023-05-27 1.0 - Multiple SQL Injection", "spans": {"SYSTEM: SCRMS 2023-05-27 1.0": [[0, 20]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51491"}}
{"text": "Seat Reservation System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Seat Reservation System 1.0": [[0, 27]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48822"}}
{"text": "Seat Reservation System 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Seat Reservation System 1.0": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48887"}}
{"text": "Seat Reservation System 1.0 - Unauthenticated SQL Injection", "spans": {"SYSTEM: Seat Reservation System 1.0": [[0, 27]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48889"}}
{"text": "Seeddms 5.1.10 - Remote Command Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Seeddms 5.1.10": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50062"}}
{"text": "SeedDMS 5.1.18 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: SeedDMS 5.1.18": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[17, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48324"}}
{"text": "Sellacious eCommerce 4.6 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Sellacious eCommerce 4.6": [[0, 24]], "VULNERABILITY: Persistent Cross-Site Scripting": [[27, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48467"}}
{"text": "Senayan Library Management System v9.0.0 - SQL Injection", "spans": {"SYSTEM: Senayan Library Management System v9.0.0": [[0, 40]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51161"}}
{"text": "Senayan Library Management System v9.5.0 - SQL Injection", "spans": {"SYSTEM: Senayan Library Management System v9.5.0": [[0, 40]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51120"}}
{"text": "Sentrifugo 3.2 - 'assets' Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Sentrifugo 3.2": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48997"}}
{"text": "Sentrifugo 3.2 - File Upload Restriction Bypass (Authenticated)", "spans": {"SYSTEM: Sentrifugo 3.2": [[0, 14]], "VULNERABILITY: File Upload": [[17, 28]]}, "info": {"source": "exploitdb", "exploit_id": "48955"}}
{"text": "Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Sentrifugo CMS 3.2": [[0, 18]], "VULNERABILITY: Persistent Cross-Site Scripting": [[21, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48446"}}
{"text": "Sentrifugo HRMS 3.2 - 'id' SQL Injection", "spans": {"SYSTEM: Sentrifugo HRMS 3.2": [[0, 19]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48179"}}
{"text": "Sentrifugo Version 3.2 - 'announcements' Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Sentrifugo Version 3.2": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48998"}}
{"text": "SEO Panel 4.6.0 - Remote Code Execution (1)", "spans": {"SYSTEM: SEO Panel 4.6.0": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48862"}}
{"text": "SEO Panel 4.6.0 - Remote Code Execution (2)", "spans": {"SYSTEM: SEO Panel 4.6.0": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49525"}}
{"text": "Seo Panel 4.8.0 - 'category' Reflected XSS", "spans": {"SYSTEM: Seo Panel 4.8.0": [[0, 15]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49932"}}
{"text": "Seo Panel 4.8.0 - 'from_time' Reflected XSS", "spans": {"SYSTEM: Seo Panel 4.8.0": [[0, 15]], "VULNERABILITY: XSS": [[40, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49935"}}
{"text": "SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (1)", "spans": {"SYSTEM: SEO Panel 4.8.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49666"}}
{"text": "SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)", "spans": {"SYSTEM: SEO Panel 4.8.0": [[0, 15]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49804"}}
{"text": "Seo Panel 4.8.0 - 'search_name' Reflected XSS", "spans": {"SYSTEM: Seo Panel 4.8.0": [[0, 15]], "VULNERABILITY: XSS": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49931"}}
{"text": "Seotoaster 3.2.0 - Stored XSS on Edit page properties", "spans": {"SYSTEM: Seotoaster 3.2.0": [[0, 16]], "VULNERABILITY: XSS": [[26, 29]]}, "info": {"source": "exploitdb", "exploit_id": "49268"}}
{"text": "Serendipity 2.4.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Serendipity 2.4.0": [[0, 17]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51373"}}
{"text": "Serendipity 2.4.0 - File Inclusion RCE", "spans": {"SYSTEM: Serendipity 2.4.0": [[0, 17]], "VULNERABILITY: File Inclusion": [[20, 34]]}, "info": {"source": "exploitdb", "exploit_id": "51403"}}
{"text": "Serendipity 2.4.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Serendipity 2.4.0": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51372"}}
{"text": "Serendipity 2.5.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Serendipity 2.5.0": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52036"}}
{"text": "Service Provider Management System v1.0 - SQL Injection", "spans": {"SYSTEM: Service Provider Management System v1.0": [[0, 39]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51482"}}
{"text": "Shopping Portal ProVersion 3.0 - Authentication Bypass", "spans": {"SYSTEM: Shopping Portal ProVersion 3.0": [[0, 30]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "47834"}}
{"text": "ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting", "spans": {"SYSTEM: ShoreTel Conferencing 19.46.1802.0": [[0, 34]], "VULNERABILITY: Reflected Cross-Site Scripting": [[37, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49026"}}
{"text": "Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Showdoc 2.10.3": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[17, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50941"}}
{"text": "Shuttle-Booking-Software v1.0 - Multiple-SQLi", "spans": {"SYSTEM: Shuttle-Booking-Software v1.0": [[0, 29]], "VULNERABILITY: SQLi": [[41, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51745"}}
{"text": "Simple Attendance System 1.0 - Authenticated bypass", "spans": {"SYSTEM: Simple Attendance System 1.0": [[0, 28]], "VULNERABILITY: Authenticated bypass": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50301"}}
{"text": "Simple Attendance System 1.0 - Unauthenticated Blind SQLi", "spans": {"SYSTEM: Simple Attendance System 1.0": [[0, 28]], "VULNERABILITY: SQLi": [[53, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50312"}}
{"text": "Simple Backup Plugin Python Exploit 2.7.10 - Path Traversal", "spans": {"SYSTEM: Simple Backup Plugin Python Exploit 2.7.10": [[0, 42]], "VULNERABILITY: Path Traversal": [[45, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51937"}}
{"text": "Simple Chatbot Application 1.0 - 'Category' Stored Cross site Scripting", "spans": {"SYSTEM: Simple Chatbot Application 1.0": [[0, 30]], "VULNERABILITY: Stored Cross site Scripting": [[44, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49873"}}
{"text": "Simple Chatbot Application 1.0 - 'message' Blind SQLi", "spans": {"SYSTEM: Simple Chatbot Application 1.0": [[0, 30]], "VULNERABILITY: SQLi": [[49, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50673"}}
{"text": "Simple Chatbot Application 1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Simple Chatbot Application 1.0": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50672"}}
{"text": "Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Simple Client Management System 1.0": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50498"}}
{"text": "Simple Client Management System 1.0 - 'uemail' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Simple Client Management System 1.0": [[0, 35]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50063"}}
{"text": "Simple Client Management System 1.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Simple Client Management System 1.0": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50094"}}
{"text": "Simple Client Management System 1.0 - SQLi (Authentication Bypass)", "spans": {"SYSTEM: Simple Client Management System 1.0": [[0, 35]], "VULNERABILITY: Authentication Bypass": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50497"}}
{"text": "Simple College Website 1.0 - 'full' Stored Cross Site Scripting", "spans": {"SYSTEM: Simple College Website 1.0": [[0, 26]], "VULNERABILITY: Stored Cross Site Scripting": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49477"}}
{"text": "Simple College Website 1.0 - 'name' Sql Injection (Authentication Bypass)", "spans": {"SYSTEM: Simple College Website 1.0": [[0, 26]], "VULNERABILITY: Authentication Bypass": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49476"}}
{"text": "Simple College Website 1.0 - 'page' Local File Inclusion", "spans": {"SYSTEM: Simple College Website 1.0": [[0, 26]], "VULNERABILITY: Local File Inclusion": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49175"}}
{"text": "Simple College Website 1.0 - 'username' SQL Injection / Remote Code Execution", "spans": {"SYSTEM: Simple College Website 1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48977"}}
{"text": "Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Simple CRM 3.0": [[0, 14]], "VULNERABILITY: CSRF": [[71, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50043"}}
{"text": "Simple CRM 3.0 - 'email' SQL injection (Authentication Bypass)", "spans": {"SYSTEM: Simple CRM 3.0": [[0, 14]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50055"}}
{"text": "Simple CRM 3.0 - 'name' Stored Cross site scripting (XSS)", "spans": {"SYSTEM: Simple CRM 3.0": [[0, 14]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50044"}}
{"text": "Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated)", "spans": {"SYSTEM: Simple Employee Records System 1.0": [[0, 34]], "VULNERABILITY: RCE": [[49, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49596"}}
{"text": "Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Simple Food Ordering System v1.0": [[0, 32]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51292"}}
{"text": "Simple Food Website 1.0 - Authentication Bypass", "spans": {"SYSTEM: Simple Food Website 1.0": [[0, 23]], "VULNERABILITY: Authentication Bypass": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49740"}}
{"text": "Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Simple Grocery Store Sales And Inventory System 1.0": [[0, 51]], "VULNERABILITY: Authentication Bypass": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48879"}}
{"text": "Simple Image Gallery 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Simple Image Gallery 1.0": [[0, 24]], "VULNERABILITY: Remote Code Execution (RCE)": [[27, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50214"}}
{"text": "Simple Image Gallery System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Simple Image Gallery System 1.0": [[0, 31]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50198"}}
{"text": "Simple Issue Tracker System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Simple Issue Tracker System 1.0": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50411"}}
{"text": "Simple Library Management System 1.0 - 'rollno' SQL Injection", "spans": {"SYSTEM: Simple Library Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50189"}}
{"text": "Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection", "spans": {"SYSTEM: Simple Online College Entrance Exam System 1.0": [[0, 46]], "VULNERABILITY: SQL injection": [[60, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50398"}}
{"text": "Simple Online College Entrance Exam System 1.0 - Account Takeover", "spans": {"SYSTEM: Simple Online College Entrance Exam System 1.0": [[0, 46]], "VULNERABILITY: Account Takeover": [[49, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50397"}}
{"text": "Simple Online College Entrance Exam System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Simple Online College Entrance Exam System 1.0": [[0, 46]], "VULNERABILITY: Authentication Bypass": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50390"}}
{"text": "Simple Online College Entrance Exam System 1.0 - Unauthenticated Admin Creation", "spans": {"SYSTEM: Simple Online College Entrance Exam System 1.0": [[0, 46]], "VULNERABILITY: Unauthenticated Admin Creation": [[49, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50396"}}
{"text": "Simple Online Food Ordering System 1.0 - 'id' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Simple Online Food Ordering System 1.0": [[0, 38]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48829"}}
{"text": "Simple Payroll System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Simple Payroll System 1.0": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50403"}}
{"text": "Simple Phone Book  1.0 - 'Username' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Simple Phone Book  1.0": [[0, 22]], "VULNERABILITY: SQL Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50223"}}
{"text": "Simple Public Chat Room 1.0 - 'msg' Stored Cross-Site Scripting", "spans": {"SYSTEM: Simple Public Chat Room 1.0": [[0, 27]], "VULNERABILITY: Stored Cross-Site Scripting": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49498"}}
{"text": "Simple Public Chat Room 1.0 - Authentication Bypass SQLi", "spans": {"SYSTEM: Simple Public Chat Room 1.0": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49497"}}
{"text": "Simple Real Estate Portal System 1.0 - 'id'  SQLi", "spans": {"SYSTEM: Simple Real Estate Portal System 1.0": [[0, 36]], "VULNERABILITY: SQLi": [[45, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50778"}}
{"text": "Simple Student Information System 1.0 - SQL Injection (Authentication Bypass)", "spans": {"SYSTEM: Simple Student Information System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49758"}}
{"text": "Simple Student Quarterly Result/Grade System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Simple Student Quarterly Result/Grade System 1.0": [[0, 48]], "VULNERABILITY: Authentication Bypass": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50740"}}
{"text": "Simple Subscription Website 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Simple Subscription Website 1.0": [[0, 31]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50522"}}
{"text": "Simple Task List 1.0 - 'status' SQLi", "spans": {"SYSTEM: Simple Task List 1.0": [[0, 20]], "VULNERABILITY: SQLi": [[32, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51913"}}
{"text": "Simple Task Managing System v1.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Simple Task Managing System v1.0": [[0, 32]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51273"}}
{"text": "Simple Water Refilling Station Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Simple Water Refilling Station Management System 1.0": [[0, 52]], "VULNERABILITY: Authentication Bypass": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50204"}}
{"text": "Simple Water Refilling Station Management System 1.0 - Remote Code Execution (RCE) through File Upload", "spans": {"SYSTEM: Simple Water Refilling Station Management System 1.0": [[0, 52]], "VULNERABILITY: Remote Code Execution (RCE)": [[55, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50205"}}
{"text": "SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution", "spans": {"SYSTEM: SimpleMachinesForum v2.1.1": [[0, 26]], "VULNERABILITY: Authenticated Remote Code Execution": [[29, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51057"}}
{"text": "SimplePHPGal 0.7 - Remote File Inclusion", "spans": {"SYSTEM: SimplePHPGal 0.7": [[0, 16]], "VULNERABILITY: Remote File Inclusion": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48424"}}
{"text": "Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection", "spans": {"SYSTEM: Simplephpscripts Simple CMS 2.1": [[0, 31]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50483"}}
{"text": "Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Simplephpscripts Simple CMS 2.1": [[0, 31]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[45, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50482"}}
{"text": "Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Sistem Informasi Pengumuman Kelulusan Online 1.0": [[0, 48]], "VULNERABILITY: Cross-Site Request Forgery": [[51, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48571"}}
{"text": "SiteMagic CMS 4.4.2 - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: SiteMagic CMS 4.4.2": [[0, 19]], "VULNERABILITY: Arbitrary File Upload": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48788"}}
{"text": "SitemagicCMS 4.4.3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: SitemagicCMS 4.4.3": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51464"}}
{"text": "SLIMSV 9.5.2 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: SLIMSV 9.5.2": [[0, 12]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[15, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51211"}}
{"text": "Small CRM 2.0 - 'email' SQL Injection", "spans": {"SYSTEM: Small CRM 2.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48867"}}
{"text": "Small CRM 2.0 - Authentication Bypass", "spans": {"SYSTEM: Small CRM 2.0": [[0, 13]], "VULNERABILITY: Authentication Bypass": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "47874"}}
{"text": "Small CRM 3.0 - 'Authentication Bypass' SQL Injection", "spans": {"SYSTEM: Small CRM 3.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49995"}}
{"text": "Small CRM 3.0 - 'description' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Small CRM 3.0": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[30, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50435"}}
{"text": "Smart Hospital 3.1 - _Add Patient_ Stored XSS", "spans": {"SYSTEM: Smart Hospital 3.1": [[0, 18]], "VULNERABILITY: XSS": [[42, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49290"}}
{"text": "Smart Manager 8.27.0 - Post-Authenticated SQL Injection", "spans": {"SYSTEM: Smart Manager 8.27.0": [[0, 20]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52247"}}
{"text": "Smart School 6.4.1 - SQL Injection", "spans": {"SYSTEM: Smart School 6.4.1": [[0, 18]], "VULNERABILITY: SQL Injection": [[21, 34]]}, "info": {"source": "exploitdb", "exploit_id": "51958"}}
{"text": "Smart School v1.0 - SQL Injection", "spans": {"SYSTEM: Smart School v1.0": [[0, 17]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51472"}}
{"text": "SmartBlog 2.0.1 - 'id_post' Blind SQL injection", "spans": {"SYSTEM: SmartBlog 2.0.1": [[0, 15]], "VULNERABILITY: SQL injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48995"}}
{"text": "Social Networking Site - Authentication Bypass (SQli)", "spans": {"SYSTEM: Social Networking Site": [[0, 22]], "VULNERABILITY: Authentication Bypass": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49140"}}
{"text": "Social-Commerce 3.1.6 - Reflected XSS", "spans": {"SYSTEM: Social-Commerce 3.1.6": [[0, 21]], "VULNERABILITY: XSS": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51671"}}
{"text": "Social-Share-Buttons v2.2.3 - SQL Injection", "spans": {"SYSTEM: Social-Share-Buttons v2.2.3": [[0, 27]], "VULNERABILITY: SQL Injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51116"}}
{"text": "SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)", "spans": {"SYSTEM: SofaWiki 3.9.2": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51999"}}
{"text": "SoftExpert (SE) Suite v2.1.3 - Local File Inclusion", "spans": {"SYSTEM: SoftExpert (SE) Suite v2.1.3": [[0, 28]], "VULNERABILITY: Local File Inclusion": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51404"}}
{"text": "soosyze 2.0.0 - File Upload", "spans": {"SYSTEM: soosyze 2.0.0": [[0, 13]], "VULNERABILITY: File Upload": [[16, 27]]}, "info": {"source": "exploitdb", "exploit_id": "51718"}}
{"text": "Sophos Web Appliance 4.3.10.4 - Pre-auth command injection", "spans": {"SYSTEM: Sophos Web Appliance 4.3.10.4": [[0, 29]], "VULNERABILITY: Pre-auth command injection": [[32, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51396"}}
{"text": "SOPlanning 1.45 - 'by' SQL Injection", "spans": {"SYSTEM: SOPlanning 1.45": [[0, 15]], "VULNERABILITY: SQL Injection": [[23, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48074"}}
{"text": "SOPlanning 1.45 - 'users' SQL Injection", "spans": {"SYSTEM: SOPlanning 1.45": [[0, 15]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48089"}}
{"text": "SOPlanning 1.45 - Cross-Site Request Forgery (Add User)", "spans": {"SYSTEM: SOPlanning 1.45": [[0, 15]], "VULNERABILITY: Cross-Site Request Forgery": [[18, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48086"}}
{"text": "SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: SOPlanning 1.52.01 (Simple Online Planning Tool)": [[0, 48]], "VULNERABILITY: Remote Code Execution (RCE)": [[51, 78]]}, "info": {"source": "exploitdb", "exploit_id": "52082"}}
{"text": "SPA-CART CMS - Stored XSS", "spans": {"SYSTEM: SPA-CART CMS": [[0, 12]], "VULNERABILITY: XSS": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "51919"}}
{"text": "SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS", "spans": {"SYSTEM: SPA-Cart eCommerce CMS 1.9.0.3": [[0, 30]], "VULNERABILITY: XSS": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51713"}}
{"text": "SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection", "spans": {"SYSTEM: SPA-Cart eCommerce CMS 1.9.0.3": [[0, 30]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51714"}}
{"text": "SpamTitan 7.07 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: SpamTitan 7.07": [[0, 14]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[17, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48856"}}
{"text": "Sphider Search Engine 1.3.6 - 'word_upper_bound' RCE (Authenticated)", "spans": {"SYSTEM: Sphider Search Engine 1.3.6": [[0, 27]], "VULNERABILITY: RCE": [[49, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48957"}}
{"text": "spip v4.1.10 - Spoofing Admin account", "spans": {"SYSTEM: spip v4.1.10": [[0, 12]], "VULNERABILITY: Spoofing Admin account": [[15, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51557"}}
{"text": "SPIP v4.2.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: SPIP v4.2.0": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51536"}}
{"text": "Spitfire CMS 1.0.475 - PHP Object Injection", "spans": {"SYSTEM: Spitfire CMS 1.0.475": [[0, 20]], "VULNERABILITY: PHP Object Injection": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51162"}}
{"text": "Stackposts Social Marketing Tool v1.0 - SQL Injection", "spans": {"SYSTEM: Stackposts Social Marketing Tool v1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51473"}}
{"text": "Statamic 4.7.0 - File-Inclusion", "spans": {"SYSTEM: Statamic 4.7.0": [[0, 14]], "VULNERABILITY: File-Inclusion": [[17, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51602"}}
{"text": "Stock Management System 1.0 - 'Brand Name' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: Persistent Cross-Site Scripting": [[43, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48926"}}
{"text": "Stock Management System 1.0 - 'brandId and categoriesId' SQL Injection", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: SQL Injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48930"}}
{"text": "Stock Management System 1.0 - 'Categories Name' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: Persistent Cross-Site Scripting": [[48, 79]]}, "info": {"source": "exploitdb", "exploit_id": "48925"}}
{"text": "Stock Management System 1.0 - 'Product Name' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: Persistent Cross-Site Scripting": [[45, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48924"}}
{"text": "Stock Management System 1.0 - 'user_id' Blind SQL injection (Authenticated)", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: SQL injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49994"}}
{"text": "Stock Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48733"}}
{"text": "Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)", "spans": {"SYSTEM: Stock Management System 1.0": [[0, 27]], "VULNERABILITY: Cross-Site Request Forgery": [[30, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48783"}}
{"text": "Stock Management System v1.0 - Unauthenticated SQL Injection", "spans": {"SYSTEM: Stock Management System v1.0": [[0, 28]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51990"}}
{"text": "Storage Unit Rental Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Storage Unit Rental Management System 1.0": [[0, 41]], "VULNERABILITY: Remote Code Execution (RCE)": [[44, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50348"}}
{"text": "Student Attendance Management System 1.0 - 'username' SQL Injection / Remote Code Execution", "spans": {"SYSTEM: Student Attendance Management System 1.0": [[0, 40]], "VULNERABILITY: Remote Code Execution": [[70, 91]]}, "info": {"source": "exploitdb", "exploit_id": "48989"}}
{"text": "Student Enrollment 1.0 - Unauthenticated Remote Code Execution", "spans": {"SYSTEM: Student Enrollment 1.0": [[0, 22]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[25, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48608"}}
{"text": "Student Management System 1.0 - 'message' Persistent Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: Student Management System 1.0": [[0, 29]], "VULNERABILITY: Persistent Cross-Site Scripting": [[42, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49865"}}
{"text": "Student Management System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Student Management System 1.0": [[0, 29]], "VULNERABILITY: Authentication Bypass": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50579"}}
{"text": "Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Student Quarterly Grading System 1.0": [[0, 36]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[47, 80]]}, "info": {"source": "exploitdb", "exploit_id": "50412"}}
{"text": "Student Quarterly Grading System 1.0 - SQLi Authentication Bypass", "spans": {"SYSTEM: Student Quarterly Grading System 1.0": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50376"}}
{"text": "Student Record System 1.0 - 'cid' SQLi (Authenticated)", "spans": {"SYSTEM: Student Record System 1.0": [[0, 25]], "VULNERABILITY: SQLi": [[34, 38]]}, "info": {"source": "exploitdb", "exploit_id": "50782"}}
{"text": "Student Record System 4.0 - 'cid' SQL Injection", "spans": {"SYSTEM: Student Record System 4.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49513"}}
{"text": "Student Result Management System 1.0 - 'class' SQL Injection", "spans": {"SYSTEM: Student Result Management System 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49974"}}
{"text": "Student Study Center Management System v1.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Student Study Center Management System v1.0": [[0, 43]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[46, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51528"}}
{"text": "Submitty 20.04.01 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Submitty 20.04.01": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48488"}}
{"text": "Subrion CMS 4.0.5 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: Subrion CMS 4.0.5": [[0, 17]], "VULNERABILITY: Cross-Site Request Forgery": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47851"}}
{"text": "Subrion CMS 4.2.1 - 'avatar[path]' XSS", "spans": {"SYSTEM: Subrion CMS 4.2.1": [[0, 17]], "VULNERABILITY: XSS": [[35, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49346"}}
{"text": "Subrion CMS 4.2.1 - Arbitrary File Upload", "spans": {"SYSTEM: Subrion CMS 4.2.1": [[0, 17]], "VULNERABILITY: Arbitrary File Upload": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49876"}}
{"text": "Subrion CMS 4.2.1 - Cross Site Request Forgery (CSRF) (Add Amin)", "spans": {"SYSTEM: Subrion CMS 4.2.1": [[0, 17]], "VULNERABILITY: CSRF": [[48, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50737"}}
{"text": "Subrion CMS 4.2.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Subrion CMS 4.2.1": [[0, 17]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[20, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51110"}}
{"text": "SugarCRM 12.2.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: SugarCRM 12.2.0": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51187"}}
{"text": "SugarCRM 6.5.18 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: SugarCRM 6.5.18": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[18, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49060"}}
{"text": "SuiteCRM 7.11.15 - 'last_name' Remote Code Execution (Authenticated)", "spans": {"SYSTEM: SuiteCRM 7.11.15": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49001"}}
{"text": "SuiteCRM 7.11.18 - Remote Code Execution (RCE) (Authenticated) (Metasploit)", "spans": {"SYSTEM: SuiteCRM 7.11.18": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]], "TOOL: Metasploit": [[64, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50531"}}
{"text": "Super Socializer 7.13.52 - Reflected XSS", "spans": {"SYSTEM: Super Socializer 7.13.52": [[0, 24]], "VULNERABILITY: XSS": [[37, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51534"}}
{"text": "SuperStoreFinder - Multiple Vulnerabilities", "spans": {"SYSTEM: SuperStoreFinder": [[0, 16]], "VULNERABILITY: Multiple Vulnerabilities": [[19, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51822"}}
{"text": "Supply Chain Management System - Auth Bypass SQL Injection", "spans": {"SYSTEM: Supply Chain Management System": [[0, 30]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49239"}}
{"text": "Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: Support Board 3.3.3": [[0, 19]], "VULNERABILITY: SQL Injection": [[33, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50294"}}
{"text": "Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Support Board 3.3.4": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[32, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50419"}}
{"text": "SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: SymphonyCMS 3.0.0": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48773"}}
{"text": "Tailor Management System - 'id' SQL Injection", "spans": {"SYSTEM: Tailor Management System": [[0, 24]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48797"}}
{"text": "Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution", "spans": {"SYSTEM: Tailor Management System 1.0": [[0, 28]], "VULNERABILITY: Remote Code Execution": [[59, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49136"}}
{"text": "Tailor MS 1.0 - Reflected Cross-Site Scripting", "spans": {"SYSTEM: Tailor MS 1.0": [[0, 13]], "VULNERABILITY: Reflected Cross-Site Scripting": [[16, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48813"}}
{"text": "TAO Open Source Assessment Platform 3.3.0 RC02 - HTML Injection", "spans": {"SYSTEM: TAO Open Source Assessment Platform 3.3.0 RC02": [[0, 46]], "VULNERABILITY: HTML Injection": [[49, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48341"}}
{"text": "Task Management System 1.0 - 'First Name and Last Name' Stored XSS", "spans": {"SYSTEM: Task Management System 1.0": [[0, 26]], "VULNERABILITY: XSS": [[63, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49222"}}
{"text": "Task Management System 1.0 - 'id' SQL Injection", "spans": {"SYSTEM: Task Management System 1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49224"}}
{"text": "Task Management System 1.0 - 'page' Local File Inclusion", "spans": {"SYSTEM: Task Management System 1.0": [[0, 26]], "VULNERABILITY: Local File Inclusion": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49258"}}
{"text": "Task Management System 1.0 - Unrestricted File Upload to Remote Code Execution", "spans": {"SYSTEM: Task Management System 1.0": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49223"}}
{"text": "taskhub 2.8.7 - SQL Injection", "spans": {"SYSTEM: taskhub 2.8.7": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51810"}}
{"text": "Taskhub CRM Tool 2.8.6 - SQL Injection", "spans": {"SYSTEM: Taskhub CRM Tool 2.8.6": [[0, 22]], "VULNERABILITY: SQL Injection": [[25, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51692"}}
{"text": "Tatsu 3.3.11 - Unauthenticated RCE", "spans": {"SYSTEM: Tatsu 3.3.11": [[0, 12]], "VULNERABILITY: RCE": [[31, 34]]}, "info": {"source": "exploitdb", "exploit_id": "52260"}}
{"text": "Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi", "spans": {"SYSTEM: Teacher Subject Allocation Management System 1.0": [[0, 48]], "VULNERABILITY: SQLi": [[64, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51914"}}
{"text": "Teachers Record Management System 1.0 - 'email' Stored Cross-site Scripting (XSS)", "spans": {"SYSTEM: Teachers Record Management System 1.0": [[0, 37]], "VULNERABILITY: XSS": [[77, 80]]}, "info": {"source": "exploitdb", "exploit_id": "50019"}}
{"text": "Teachers Record Management System 1.0 - 'Multiple' SQL Injection (Authenticated)", "spans": {"SYSTEM: Teachers Record Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[51, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50018"}}
{"text": "Teachers Record Management System 1.0 - 'searchteacher' SQL Injection", "spans": {"SYSTEM: Teachers Record Management System 1.0": [[0, 37]], "VULNERABILITY: SQL Injection": [[56, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49562"}}
{"text": "Teachers Record Management System 1.0 - File Upload Type Validation", "spans": {"SYSTEM: Teachers Record Management System 1.0": [[0, 37]], "VULNERABILITY: File Upload": [[40, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51512"}}
{"text": "TeamCity Agent XML-RPC 10.0 - Remote Code Execution", "spans": {"SYSTEM: TeamCity Agent XML-RPC 10.0": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48201"}}
{"text": "TeamPass 3.0.0.21 - SQL Injection", "spans": {"SYSTEM: TeamPass 3.0.0.21": [[0, 17]], "VULNERABILITY: SQL Injection": [[20, 33]]}, "info": {"source": "exploitdb", "exploit_id": "52094"}}
{"text": "Terramaster TOS 4.2.15 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Terramaster TOS 4.2.15": [[0, 22]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50635"}}
{"text": "Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Testa 3.5.1 Online Test Management System": [[0, 41]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[44, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51023"}}
{"text": "TestLink 1.19 - Arbitrary File Download (Unauthenticated)", "spans": {"SYSTEM: TestLink 1.19": [[0, 13]], "VULNERABILITY: Arbitrary File Download": [[16, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50578"}}
{"text": "TestLink 1.9.20 - Unrestricted File Upload (Authenticated)", "spans": {"SYSTEM: TestLink 1.9.20": [[0, 15]], "VULNERABILITY: Unrestricted File Upload": [[18, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49561"}}
{"text": "Textpattern 4.8.3 - Remote code execution (Authenticated) (2)", "spans": {"SYSTEM: Textpattern 4.8.3": [[0, 17]], "VULNERABILITY: Remote code execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49620"}}
{"text": "Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Textpattern 4.8.8": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51176"}}
{"text": "Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Textpattern CMS 4.6.2": [[0, 21]], "VULNERABILITY: Persistent Cross-Site Scripting": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48861"}}
{"text": "Textpattern CMS 4.6.2 - Cross-site Request Forgery", "spans": {"SYSTEM: Textpattern CMS 4.6.2": [[0, 21]], "VULNERABILITY: Cross-site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48907"}}
{"text": "TextPattern CMS 4.8.3 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: TextPattern CMS 4.8.3": [[0, 21]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48943"}}
{"text": "Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Textpattern CMS 4.8.4": [[0, 21]], "VULNERABILITY: Persistent Cross-Site Scripting": [[35, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49616"}}
{"text": "TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)", "spans": {"SYSTEM: TextPattern CMS 4.8.7": [[0, 21]], "VULNERABILITY: Remote Command Execution": [[24, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49996"}}
{"text": "TextPattern CMS 4.8.7 - Remote Command Execution (RCE) (Authenticated)", "spans": {"SYSTEM: TextPattern CMS 4.8.7": [[0, 21]], "VULNERABILITY: Remote Command Execution": [[24, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50415"}}
{"text": "TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: TextPattern CMS 4.8.7": [[0, 21]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[24, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49975"}}
{"text": "Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Textpattern CMS 4.9.0-dev": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[38, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49617"}}
{"text": "TextPattern CMS 4.9.0-dev - Remote Command Execution (RCE) (Authenticated)", "spans": {"SYSTEM: TextPattern CMS 4.9.0-dev": [[0, 25]], "VULNERABILITY: Remote Command Execution": [[28, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50095"}}
{"text": "Textpattern CMS v4.8.8 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Textpattern CMS v4.8.8": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[25, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51523"}}
{"text": "The Shop v2.5 - SQL Injection", "spans": {"SYSTEM: The Shop v2.5": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51525"}}
{"text": "ThinkAdmin 6 -  Arbitrarily File Read", "spans": {"SYSTEM: ThinkAdmin 6": [[0, 12]], "VULNERABILITY: Arbitrarily File Read": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48812"}}
{"text": "thrsrossi Millhouse-Project 1.414 - Remote Code Execution", "spans": {"SYSTEM: thrsrossi Millhouse-Project 1.414": [[0, 33]], "VULNERABILITY: Remote Code Execution": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51450"}}
{"text": "Tiki Wiki CMS Groupware 21.1 - Authentication Bypass", "spans": {"SYSTEM: Tiki Wiki CMS Groupware 21.1": [[0, 28]], "VULNERABILITY: Authentication Bypass": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48927"}}
{"text": "Time Slot Booking Calendar 1.8 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Time Slot Booking Calendar 1.8": [[0, 30]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[33, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51558"}}
{"text": "TimeClock Software 1.01 0 - (Authenticated) Time-Based SQL Injection", "spans": {"SYSTEM: TimeClock Software 1.01 0": [[0, 25]], "VULNERABILITY: SQL Injection": [[55, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48874"}}
{"text": "Tiny File Manager 2.4.6 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Tiny File Manager 2.4.6": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50828"}}
{"text": "Tiny Tiny RSS - Remote Code Execution", "spans": {"SYSTEM: Tiny Tiny RSS": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49606"}}
{"text": "TinyWebGallery v2.5 - Remote Code Execution (RCE)", "spans": {"SYSTEM: TinyWebGallery v2.5": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51443"}}
{"text": "TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: TinyWebGallery v2.5": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[22, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51442"}}
{"text": "Total CMS 1.7.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Total CMS 1.7.4": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51500"}}
{"text": "Tourism Management System 1.0 - Arbitrary File Upload", "spans": {"SYSTEM: Tourism Management System 1.0": [[0, 29]], "VULNERABILITY: Arbitrary File Upload": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48892"}}
{"text": "Tourism Management System v2.0 - Arbitrary File Upload", "spans": {"SYSTEM: Tourism Management System v2.0": [[0, 30]], "VULNERABILITY: Arbitrary File Upload": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51923"}}
{"text": "Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Traffic Offense Management System 1.0": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50244"}}
{"text": "Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection", "spans": {"SYSTEM: Translatepress Multilinugal WordPress plugin < 2.3.3": [[0, 52]], "VULNERABILITY: SQL Injection": [[69, 82]]}, "info": {"source": "exploitdb", "exploit_id": "51043"}}
{"text": "TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: TranzAxis 3.2.41.10.26": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[25, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52086"}}
{"text": "Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Tree Page View Plugin 1.6.7": [[0, 27]], "VULNERABILITY: Cross Site Scripting": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51507"}}
{"text": "Triconsole 3.75 - Reflected XSS", "spans": {"SYSTEM: Triconsole 3.75": [[0, 15]], "VULNERABILITY: XSS": [[28, 31]]}, "info": {"source": "exploitdb", "exploit_id": "49597"}}
{"text": "Trixbox 2.8.0.4 - 'lang' Path Traversal", "spans": {"SYSTEM: Trixbox 2.8.0.4": [[0, 15]], "VULNERABILITY: Path Traversal": [[25, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49914"}}
{"text": "Trixbox 2.8.0.4 - 'lang' Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Trixbox 2.8.0.4": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49913"}}
{"text": "Tryton 5.4 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Tryton 5.4": [[0, 10]], "VULNERABILITY: Persistent Cross-Site Scripting": [[13, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48466"}}
{"text": "Typecho 1.3.0 - Race Condition", "spans": {"SYSTEM: Typecho 1.3.0": [[0, 13]], "VULNERABILITY: Race Condition": [[16, 30]]}, "info": {"source": "exploitdb", "exploit_id": "52161"}}
{"text": "Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Typecho 1.3.0": [[0, 13]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[16, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52162"}}
{"text": "TypeSetter 5.1 - CSRF (Change admin e-mail)", "spans": {"SYSTEM: TypeSetter 5.1": [[0, 14]], "VULNERABILITY: CSRF": [[17, 21]]}, "info": {"source": "exploitdb", "exploit_id": "49128"}}
{"text": "Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Typesetter CMS 5.1": [[0, 18]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48852"}}
{"text": "Typesetter CMS 5.1 - Arbitrary Code Execution (Authenticated)", "spans": {"SYSTEM: Typesetter CMS 5.1": [[0, 18]], "VULNERABILITY: Arbitrary Code Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48906"}}
{"text": "TYPO3 11.5.24 - Path Traversal (Authenticated)", "spans": {"SYSTEM: TYPO3 11.5.24": [[0, 13]], "VULNERABILITY: Path Traversal": [[16, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51901"}}
{"text": "UADMIN Botnet 1.0 - 'link' SQL Injection", "spans": {"SYSTEM: UADMIN Botnet 1.0": [[0, 17]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48222"}}
{"text": "uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: uBidAuction v2.0.1": [[0, 18]], "VULNERABILITY: Cross Site Scripting": [[32, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50693"}}
{"text": "uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: uDoctorAppointment v2.1.1": [[0, 25]], "VULNERABILITY: Cross Site Scripting": [[39, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50676"}}
{"text": "UliCMS 2020.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: UliCMS 2020.1": [[0, 13]], "VULNERABILITY: Persistent Cross-Site Scripting": [[16, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48244"}}
{"text": "Ulicms 2023.1 - create admin user via mass assignment", "spans": {"SYSTEM: Ulicms 2023.1": [[0, 13]], "VULNERABILITY: create admin user via mass assignment": [[16, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51486"}}
{"text": "Ulicms-2023.1 sniffing-vicuna - Remote Code Execution (RCE)", "spans": {"SYSTEM: Ulicms-2023.1 sniffing-vicuna": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51434"}}
{"text": "Ulicms-2023.1 sniffing-vicuna - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Ulicms-2023.1 sniffing-vicuna": [[0, 29]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[32, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51435"}}
{"text": "Ulicms-2023.1-sniffing-vicuna - Privilege escalation", "spans": {"SYSTEM: Ulicms-2023.1-sniffing-vicuna": [[0, 29]], "VULNERABILITY: Privilege escalation": [[32, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51433"}}
{"text": "Ultimate POS 4.4 - 'name' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Ultimate POS 4.4": [[0, 16]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50492"}}
{"text": "Ultimate Project Manager CRM PRO Version 2.0.5 - SQLi (Authenticated)", "spans": {"SYSTEM: Ultimate Project Manager CRM PRO Version 2.0.5": [[0, 46]], "VULNERABILITY: SQLi": [[49, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48912"}}
{"text": "Unified Office Total Connect Now 1.0 - 'data' SQL Injection", "spans": {"SYSTEM: Unified Office Total Connect Now 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50022"}}
{"text": "unilogies/bumsys v1.0.3 beta - Unrestricted File Upload", "spans": {"SYSTEM: unilogies/bumsys v1.0.3 beta": [[0, 28]], "VULNERABILITY: Unrestricted File Upload": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51492"}}
{"text": "UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read", "spans": {"SYSTEM: UniSharp Laravel File Manager 2.0.0": [[0, 35]], "VULNERABILITY: Arbitrary File Read": [[38, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48166"}}
{"text": "UPS Network Management Card 4 - Path Traversal", "spans": {"SYSTEM: UPS Network Management Card 4": [[0, 29]], "VULNERABILITY: Path Traversal": [[32, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51897"}}
{"text": "User Management System 1.0 - 'uid' SQL Injection", "spans": {"SYSTEM: User Management System 1.0": [[0, 26]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49502"}}
{"text": "User Management System 2.0 - Authentication Bypass", "spans": {"SYSTEM: User Management System 2.0": [[0, 26]], "VULNERABILITY: Authentication Bypass": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48369"}}
{"text": "User Management System 2.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: User Management System 2.0": [[0, 26]], "VULNERABILITY: Persistent Cross-Site Scripting": [[29, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48368"}}
{"text": "User Registration & Login and User Management System 2.1 - Cross Site Request Forgery", "spans": {"SYSTEM: User Registration & Login and User Management System 2.1": [[0, 56]], "VULNERABILITY: Cross Site Request Forgery": [[59, 85]]}, "info": {"source": "exploitdb", "exploit_id": "49180"}}
{"text": "User Registration & Login and User Management System 2.1 - Login Bypass SQL Injection", "spans": {"SYSTEM: User Registration & Login and User Management System 2.1": [[0, 56]], "VULNERABILITY: SQL Injection": [[72, 85]]}, "info": {"source": "exploitdb", "exploit_id": "49052"}}
{"text": "User Registration & Login and User Management System 2.1 - SQL Injection", "spans": {"SYSTEM: User Registration & Login and User Management System 2.1": [[0, 56]], "VULNERABILITY: SQL Injection": [[59, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48932"}}
{"text": "User Registration & Login and User Management System v3.0 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: User Registration & Login and User Management System v3.0": [[0, 57]], "VULNERABILITY: SQL Injection": [[60, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51695"}}
{"text": "User Registration & Login and User Management System v3.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: User Registration & Login and User Management System v3.0": [[0, 57]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[60, 93]]}, "info": {"source": "exploitdb", "exploit_id": "51694"}}
{"text": "User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS", "spans": {"SYSTEM: User Registration & Login and User Management System With admin panel 2.1": [[0, 73]], "VULNERABILITY: XSS": [[87, 90]]}, "info": {"source": "exploitdb", "exploit_id": "48914"}}
{"text": "Uvdesk 1.1.4 - Stored XSS (Authenticated)", "spans": {"SYSTEM: Uvdesk 1.1.4": [[0, 12]], "VULNERABILITY: XSS": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "51696"}}
{"text": "Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Uvdesk v1.1.3": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51639"}}
{"text": "Vacation Rental 1.8 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Vacation Rental 1.8": [[0, 19]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[22, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51562"}}
{"text": "Vaidya-Mitra 1.0 - Multiple SQLi", "spans": {"SYSTEM: Vaidya-Mitra 1.0": [[0, 16]], "VULNERABILITY: SQLi": [[28, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51596"}}
{"text": "Vanguard 2.1 - 'Search' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Vanguard 2.1": [[0, 12]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50491"}}
{"text": "Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Vanilla Forums 2.6.3": [[0, 20]], "VULNERABILITY: Persistent Cross-Site Scripting": [[23, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48042"}}
{"text": "vBulletin 5.6.1 - 'nodeId' SQL Injection", "spans": {"SYSTEM: vBulletin 5.6.1": [[0, 15]], "VULNERABILITY: SQL Injection": [[27, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48472"}}
{"text": "vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution", "spans": {"SYSTEM: vBulletin 5.6.2": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48743"}}
{"text": "vBulletin 5.6.3 - 'group' Cross Site Scripting", "spans": {"SYSTEM: vBulletin 5.6.3": [[0, 15]], "VULNERABILITY: Cross Site Scripting": [[26, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49209"}}
{"text": "Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Vehicle Parking Management System 1.0": [[0, 37]], "VULNERABILITY: Persistent Cross-Site Scripting": [[51, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49595"}}
{"text": "Vehicle Parking Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Vehicle Parking Management System 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48877"}}
{"text": "Vehicle Parking Tracker System 1.0 - 'Owner Name'  Stored Cross-Site Scripting", "spans": {"SYSTEM: Vehicle Parking Tracker System 1.0": [[0, 34]], "VULNERABILITY: Stored Cross-Site Scripting": [[51, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49509"}}
{"text": "Vehicle Service Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: Vehicle Service Management System 1.0": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50364"}}
{"text": "VehicleWorkshop 1.0 - 'bookingid' SQL Injection", "spans": {"SYSTEM: VehicleWorkshop 1.0": [[0, 19]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48023"}}
{"text": "VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities", "spans": {"SYSTEM: VIAVIWEB Wallpaper Admin 1.0": [[0, 28]], "VULNERABILITY: Multiple Vulnerabilities": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51033"}}
{"text": "Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48511"}}
{"text": "Victor CMS 1.0 - 'cat_id' SQL Injection", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48485"}}
{"text": "Victor CMS 1.0 - 'comment_author' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48484"}}
{"text": "Victor CMS 1.0 - 'post' SQL Injection", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: SQL Injection": [[24, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48451"}}
{"text": "Victor CMS 1.0 - 'Search' SQL Injection", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48734"}}
{"text": "Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: Persistent Cross-Site Scripting": [[34, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48626"}}
{"text": "Victor CMS 1.0 - Authenticated Arbitrary File Upload", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: Arbitrary File Upload": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48490"}}
{"text": "Victor CMS 1.0 - File Upload To RCE", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: RCE": [[32, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49310"}}
{"text": "Victor CMS 1.0 - Multiple SQL Injection (Authenticated)", "spans": {"SYSTEM: Victor CMS 1.0": [[0, 14]], "VULNERABILITY: SQL Injection": [[26, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49282"}}
{"text": "Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection", "spans": {"SYSTEM: Virtual Airlines Manager 2.6.2": [[0, 30]], "VULNERABILITY: SQL Injection": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48567"}}
{"text": "Virtual Airlines Manager 2.6.2 - 'id' SQL Injection", "spans": {"SYSTEM: Virtual Airlines Manager 2.6.2": [[0, 30]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48574"}}
{"text": "Virtual Airlines Manager 2.6.2 - 'multiple' SQL Injection", "spans": {"SYSTEM: Virtual Airlines Manager 2.6.2": [[0, 30]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50634"}}
{"text": "Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection", "spans": {"SYSTEM: Virtual Airlines Manager 2.6.2": [[0, 30]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48562"}}
{"text": "Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Virtual Airlines Manager 2.6.2": [[0, 30]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48715"}}
{"text": "Virtual Freer 1.58 - Remote Command Execution", "spans": {"SYSTEM: Virtual Freer 1.58": [[0, 18]], "VULNERABILITY: Remote Command Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48094"}}
{"text": "Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Visitor Management System in PHP 1.0": [[0, 36]], "VULNERABILITY: Persistent Cross-Site Scripting": [[39, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48830"}}
{"text": "Visitor Management System in PHP 1.0 - SQL Injection (Authenticated)", "spans": {"SYSTEM: Visitor Management System in PHP 1.0": [[0, 36]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48911"}}
{"text": "Voting System 1.0 - Authentication Bypass (SQLI)", "spans": {"SYSTEM: Voting System 1.0": [[0, 17]], "VULNERABILITY: Authentication Bypass": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49843"}}
{"text": "Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution)", "spans": {"SYSTEM: Voting System 1.0": [[0, 17]], "VULNERABILITY: Authenticated Remote Code Execution": [[37, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49445"}}
{"text": "Voting System 1.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Voting System 1.0": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49846"}}
{"text": "Voting System 1.0 - Time based SQLI  (Unauthenticated SQL injection)", "spans": {"SYSTEM: Voting System 1.0": [[0, 17]], "VULNERABILITY: SQL injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49817"}}
{"text": "Voyager 1.3.0 - Directory Traversal", "spans": {"SYSTEM: Voyager 1.3.0": [[0, 13]], "VULNERABILITY: Directory Traversal": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "47875"}}
{"text": "VTiger v7.0 CRM - 'To' Persistent XSS", "spans": {"SYSTEM: VTiger v7.0 CRM": [[0, 15]], "VULNERABILITY: XSS": [[34, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49090"}}
{"text": "Wallos < 1.11.2 - File Upload RCE", "spans": {"SYSTEM: Wallos < 1.11.2": [[0, 15]], "VULNERABILITY: RCE": [[30, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51924"}}
{"text": "Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password)", "spans": {"SYSTEM: Warehouse Inventory System 1.0": [[0, 30]], "VULNERABILITY: Cross-Site Request Forgery": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48738"}}
{"text": "Water Billing System 1.0 - 'id' SQL Injection (Authenticated)", "spans": {"SYSTEM: Water Billing System 1.0": [[0, 24]], "VULNERABILITY: SQL Injection": [[32, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49048"}}
{"text": "Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection", "spans": {"SYSTEM: Water Billing System 1.0": [[0, 24]], "VULNERABILITY: SQL Injection": [[64, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49032"}}
{"text": "WBCE 1.6.0 - Unauthenticated SQL injection", "spans": {"SYSTEM: WBCE 1.6.0": [[0, 10]], "VULNERABILITY: SQL injection": [[29, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51985"}}
{"text": "WBCE CMS 1.5.1 - Admin Password Reset", "spans": {"SYSTEM: WBCE CMS 1.5.1": [[0, 14]], "VULNERABILITY: Admin Password Reset": [[17, 37]]}, "info": {"source": "exploitdb", "exploit_id": "50609"}}
{"text": "WBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WBCE CMS 1.5.2": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50707"}}
{"text": "WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WBCE CMS 1.6.1": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51484"}}
{"text": "WBCE CMS 1.6.1 - Open Redirect & CSRF", "spans": {"SYSTEM: WBCE CMS 1.6.1": [[0, 14]], "VULNERABILITY: Open Redirect": [[17, 30]]}, "info": {"source": "exploitdb", "exploit_id": "51566"}}
{"text": "WBCE CMS v1.6.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: WBCE CMS v1.6.2": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52039"}}
{"text": "WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)", "spans": {"SYSTEM: WBCE CMS Version 1.6.1": [[0, 22]], "VULNERABILITY: Remote Command Execution": [[25, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51986"}}
{"text": "WBiz Desk 1.2 - SQL Injection", "spans": {"SYSTEM: WBiz Desk 1.2": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51451"}}
{"text": "Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass", "spans": {"SYSTEM: Web Based Online Hotel Booking System 0.1.0": [[0, 43]], "VULNERABILITY: Authentication Bypass": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48672"}}
{"text": "Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)", "spans": {"SYSTEM: Web Based Quiz System 1.0": [[0, 25]], "VULNERABILITY: Union Based Sql Injection": [[34, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49619"}}
{"text": "Web Based Quiz System 1.0 - 'MCQ options' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Web Based Quiz System 1.0": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[42, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49605"}}
{"text": "Web Based Quiz System 1.0 - 'name' Persistent Cross-Site Scripting", "spans": {"SYSTEM: Web Based Quiz System 1.0": [[0, 25]], "VULNERABILITY: Persistent Cross-Site Scripting": [[35, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49607"}}
{"text": "Webedition CMS v2.9.8.8 - Blind SSRF", "spans": {"SYSTEM: Webedition CMS v2.9.8.8": [[0, 23]], "VULNERABILITY: SSRF": [[32, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51743"}}
{"text": "Webedition CMS v2.9.8.8 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Webedition CMS v2.9.8.8": [[0, 23]], "VULNERABILITY: Remote Code Execution (RCE)": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51661"}}
{"text": "Webedition CMS v2.9.8.8 - Stored XSS", "spans": {"SYSTEM: Webedition CMS v2.9.8.8": [[0, 23]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51662"}}
{"text": "webERP 4.15.1 - Unauthenticated Backup File Access", "spans": {"SYSTEM: webERP 4.15.1": [[0, 13]], "VULNERABILITY: Unauthenticated Backup File Access": [[16, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48420"}}
{"text": "Webgrind 1.1 - Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE)", "spans": {"SYSTEM: Webgrind 1.1": [[0, 12]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[15, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51074"}}
{"text": "WebHMI 4.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WebHMI 4.0": [[0, 10]], "VULNERABILITY: Remote Code Execution (RCE)": [[13, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50589"}}
{"text": "WebHMI 4.1 - Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WebHMI 4.1": [[0, 10]], "VULNERABILITY: Stored Cross Site Scripting": [[13, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50785"}}
{"text": "WebHMI 4.1.1 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WebHMI 4.1.1": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50784"}}
{"text": "WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: WEBIGniter v28.7.23": [[0, 19]], "VULNERABILITY: Stored Cross Site Scripting": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51807"}}
{"text": "WEBIGniter v28.7.23 - Stored XSS", "spans": {"SYSTEM: WEBIGniter v28.7.23": [[0, 19]], "VULNERABILITY: XSS": [[29, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51900"}}
{"text": "WEBIGniter v28.7.23 File Upload - Remote Code Execution", "spans": {"SYSTEM: WEBIGniter v28.7.23 File Upload": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51736"}}
{"text": "Webile v1.0.1 - Multiple Cross Site Scripting", "spans": {"SYSTEM: Webile v1.0.1": [[0, 13]], "VULNERABILITY: Cross Site Scripting": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51616"}}
{"text": "Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Webkul Qloapps 1.5.2": [[0, 20]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[23, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51465"}}
{"text": "WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting", "spans": {"SYSTEM: WebPort 1.19.1": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting": [[25, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48612"}}
{"text": "WebsiteBaker 2.12.2 - 'display_name' SQL Injection (authenticated)", "spans": {"SYSTEM: WebsiteBaker 2.12.2": [[0, 19]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48849"}}
{"text": "WebsiteBaker 2.12.2 - Remote Code Execution", "spans": {"SYSTEM: WebsiteBaker 2.12.2": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48838"}}
{"text": "WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WebsiteBaker 2.13.0": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50310"}}
{"text": "WebsiteBaker v2.13.3 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WebsiteBaker v2.13.3": [[0, 20]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[23, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51349"}}
{"text": "WebsiteBaker v2.13.3 - Directory Traversal", "spans": {"SYSTEM: WebsiteBaker v2.13.3": [[0, 20]], "VULNERABILITY: Directory Traversal": [[23, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51554"}}
{"text": "WebsiteBaker v2.13.3 - Stored XSS", "spans": {"SYSTEM: WebsiteBaker v2.13.3": [[0, 20]], "VULNERABILITY: XSS": [[30, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51553"}}
{"text": "Websvn 2.6.0 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: Websvn 2.6.0": [[0, 12]], "VULNERABILITY: Remote Code Execution": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50042"}}
{"text": "Webtareas 2.0 - 'id' SQL Injection", "spans": {"SYSTEM: Webtareas 2.0": [[0, 13]], "VULNERABILITY: SQL Injection": [[21, 34]]}, "info": {"source": "exploitdb", "exploit_id": "47959"}}
{"text": "webTareas 2.0.p8 - Arbitrary File Deletion", "spans": {"SYSTEM: webTareas 2.0.p8": [[0, 16]], "VULNERABILITY: Arbitrary File Deletion": [[19, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48430"}}
{"text": "Webtareas 2.1p - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: Webtareas 2.1p": [[0, 14]], "VULNERABILITY: Arbitrary File Upload": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48709"}}
{"text": "WebTareas 2.4 - Blind SQLi (Authenticated)", "spans": {"SYSTEM: WebTareas 2.4": [[0, 13]], "VULNERABILITY: SQLi": [[22, 26]]}, "info": {"source": "exploitdb", "exploit_id": "50893"}}
{"text": "WebTareas 2.4 - RCE (Authorized)", "spans": {"SYSTEM: WebTareas 2.4": [[0, 13]], "VULNERABILITY: RCE": [[16, 19]]}, "info": {"source": "exploitdb", "exploit_id": "51089"}}
{"text": "WebTareas 2.4 - Reflected XSS (Unauthorised)", "spans": {"SYSTEM: WebTareas 2.4": [[0, 13]], "VULNERABILITY: XSS": [[26, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51088"}}
{"text": "WebTareas 2.4 - SQL Injection (Unauthorised)", "spans": {"SYSTEM: WebTareas 2.4": [[0, 13]], "VULNERABILITY: SQL Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51087"}}
{"text": "Webtateas 2.0 - Arbitrary File Read", "spans": {"SYSTEM: Webtateas 2.0": [[0, 13]], "VULNERABILITY: Arbitrary File Read": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48312"}}
{"text": "Webutler v3.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Webutler v3.2": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51660"}}
{"text": "WeGIA 3.5.0 - SQL Injection", "spans": {"SYSTEM: WeGIA 3.5.0": [[0, 11]], "VULNERABILITY: SQL Injection": [[14, 27]]}, "info": {"source": "exploitdb", "exploit_id": "52483"}}
{"text": "Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection", "spans": {"SYSTEM: Wifi Soft Unibox Administration 3.0 & 3.1": [[0, 41]], "VULNERABILITY: SQL Injection": [[44, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51610"}}
{"text": "Wing FTP Server - Authenticated CSRF (Delete Admin)", "spans": {"SYSTEM: Wing FTP Server": [[0, 15]], "VULNERABILITY: CSRF": [[32, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48200"}}
{"text": "Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)", "spans": {"SYSTEM: Winter CMS 1.2.3": [[0, 16]], "VULNERABILITY: SSTI": [[51, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51893"}}
{"text": "WinterCMS < 1.2.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WinterCMS < 1.2.3": [[0, 17]], "VULNERABILITY: Persistent Cross-Site Scripting": [[20, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51591"}}
{"text": "Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Wolf CMS 0.8.3.1": [[0, 16]], "VULNERABILITY: Remote Code Execution (RCE)": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51421"}}
{"text": "WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting", "spans": {"SYSTEM: WonderCMS 3.1.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49085"}}
{"text": "WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting", "spans": {"SYSTEM: WonderCMS 3.1.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[25, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49164"}}
{"text": "WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting", "spans": {"SYSTEM: WonderCMS 3.1.3": [[0, 15]], "VULNERABILITY: Persistent Cross-Site Scripting": [[25, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49102"}}
{"text": "WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting", "spans": {"SYSTEM: WonderCMS 3.1.3": [[0, 15]], "VULNERABILITY: Stored Cross-Site Scripting": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49109"}}
{"text": "WonderCMS 3.1.3 - Authenticated Remote Code Execution", "spans": {"SYSTEM: WonderCMS 3.1.3": [[0, 15]], "VULNERABILITY: Authenticated Remote Code Execution": [[18, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49155"}}
{"text": "WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution", "spans": {"SYSTEM: WonderCMS 3.1.3": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49154"}}
{"text": "WooCommerce v7.1.0 - Remote Code Execution(RCE)", "spans": {"SYSTEM: WooCommerce v7.1.0": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51156"}}
{"text": "Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) (2)", "spans": {"SYSTEM: Wordpress 4.9.6": [[0, 15]], "VULNERABILITY: Arbitrary File Deletion": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50456"}}
{"text": "WordPress 5.0.0 - Image Remote Code Execution", "spans": {"SYSTEM: WordPress 5.0.0": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49512"}}
{"text": "WordPress 5.7 - 'Media Library' XML External Entity Injection (XXE) (Authenticated)", "spans": {"SYSTEM: WordPress 5.7": [[0, 13]], "VULNERABILITY: XML External Entity Injection": [[32, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50304"}}
{"text": "WordPress adivaha Travel Plugin 2.3 - Reflected XSS", "spans": {"SYSTEM: WordPress adivaha Travel Plugin 2.3": [[0, 35]], "VULNERABILITY: XSS": [[48, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51663"}}
{"text": "WordPress adivaha Travel Plugin 2.3 - SQL Injection", "spans": {"SYSTEM: WordPress adivaha Travel Plugin 2.3": [[0, 35]], "VULNERABILITY: SQL Injection": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51655"}}
{"text": "Wordpress Augmented-Reality - Remote Code Execution Unauthenticated", "spans": {"SYSTEM: Wordpress Augmented-Reality": [[0, 27]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51788"}}
{"text": "Wordpress Core 5.2.2 - 'post previews' XSS", "spans": {"SYSTEM: Wordpress Core 5.2.2": [[0, 20]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49338"}}
{"text": "WordPress Core 5.8.2 - 'WP_Query' SQL Injection", "spans": {"SYSTEM: WordPress Core 5.8.2": [[0, 20]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50663"}}
{"text": "WordPress Core 6.2 - Directory Traversal", "spans": {"SYSTEM: WordPress Core 6.2": [[0, 18]], "VULNERABILITY: Directory Traversal": [[21, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52274"}}
{"text": "Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection", "spans": {"SYSTEM: Wordpress Epsilon Framework Multiple Themes": [[0, 43]], "VULNERABILITY: Unauthenticated Function Injection": [[46, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49327"}}
{"text": "WordPress File Upload Plugin < 4.23.3 - Stored XSS", "spans": {"SYSTEM: WordPress File Upload Plugin < 4.23.3": [[0, 37]], "VULNERABILITY: XSS": [[47, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51899"}}
{"text": "Wordpress Plugin - Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)", "spans": {"SYSTEM: Wordpress Plugin - Membership For WooCommerce < v2.1.7": [[0, 54]], "VULNERABILITY: Arbitrary File Upload": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "51959"}}
{"text": "Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Wordpress Plugin 3dady real-time web stats 1.0": [[0, 46]], "VULNERABILITY: Stored Cross Site Scripting": [[49, 76]]}, "info": {"source": "exploitdb", "exploit_id": "51021"}}
{"text": "Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload", "spans": {"SYSTEM: Wordpress Plugin 3DPrint Lite 1.9.1.4": [[0, 37]], "VULNERABILITY: Arbitrary File Upload": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50321"}}
{"text": "Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin 404 to 301 2.0.2": [[0, 33]], "VULNERABILITY: SQL-Injection": [[36, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50698"}}
{"text": "WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin AAWP 3.16": [[0, 26]], "VULNERABILITY: Cross Site Scripting": [[45, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50643"}}
{"text": "WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin AccessPress Social Icons 1.8.2": [[0, 47]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[63, 96]]}, "info": {"source": "exploitdb", "exploit_id": "50515"}}
{"text": "WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - _Dashboard Redirect_ field Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8": [[0, 68]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[98, 131]]}, "info": {"source": "exploitdb", "exploit_id": "51831"}}
{"text": "WordPress Plugin admin-word-count-column 2.2 - Local File Read", "spans": {"SYSTEM: WordPress Plugin admin-word-count-column 2.2": [[0, 44]], "VULNERABILITY: Local File Read": [[47, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50845"}}
{"text": "WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload", "spans": {"SYSTEM: WordPress Plugin Adning Advertising 1.5.5": [[0, 41]], "VULNERABILITY: Arbitrary File Upload": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49332"}}
{"text": "WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Advanced Order Export For WooCommerce 3.1.7": [[0, 60]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[63, 99]]}, "info": {"source": "exploitdb", "exploit_id": "50324"}}
{"text": "WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Advanced Uploader 4.2": [[0, 38]], "VULNERABILITY: Arbitrary File Upload": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50895"}}
{"text": "WordPress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection", "spans": {"SYSTEM: WordPress Plugin Ajax Load More 5.3.1": [[0, 37]], "VULNERABILITY: SQL Injection": [[59, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48475"}}
{"text": "Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Wordpress Plugin Alemha Watermarker 1.3.1": [[0, 41]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[44, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51966"}}
{"text": "WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion (LFI)", "spans": {"SYSTEM: WordPress Plugin All-in-One Video Gallery plugin 2.4.9": [[0, 54]], "VULNERABILITY: Local File Inclusion": [[57, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50562"}}
{"text": "WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated", "spans": {"SYSTEM: WordPress Plugin amministrazione-aperta 3.7.3": [[0, 45]], "VULNERABILITY: Local File Read - Unauthenticated": [[48, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50838"}}
{"text": "WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal", "spans": {"SYSTEM: WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59": [[0, 70]], "VULNERABILITY: Directory Traversal": [[73, 92]]}, "info": {"source": "exploitdb", "exploit_id": "50107"}}
{"text": "WordPress Plugin AN_Gradebook 5.0.1 - SQLi", "spans": {"SYSTEM: WordPress Plugin AN_Gradebook 5.0.1": [[0, 35]], "VULNERABILITY: SQLi": [[38, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51632"}}
{"text": "WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection", "spans": {"SYSTEM: WordPress Plugin Appointment Booking Calendar 1.3.34": [[0, 52]], "VULNERABILITY: CSV Injection": [[55, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48204"}}
{"text": "Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin Autoptimize 2.7.6": [[0, 34]], "VULNERABILITY: Arbitrary File Upload": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48770"}}
{"text": "WordPress Plugin Autoptimize 2.7.6 - Authenticated Arbitrary File Upload (Metasploit)", "spans": {"SYSTEM: WordPress Plugin Autoptimize 2.7.6": [[0, 34]], "VULNERABILITY: Arbitrary File Upload": [[51, 72]], "TOOL: Metasploit": [[74, 84]]}, "info": {"source": "exploitdb", "exploit_id": "49399"}}
{"text": "Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution", "spans": {"SYSTEM: Wordpress Plugin Background Image Cropper v1.2": [[0, 46]], "VULNERABILITY: Remote Code Execution": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51998"}}
{"text": "WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion", "spans": {"SYSTEM: WordPress Plugin Backup and Restore 1.0.3": [[0, 41]], "VULNERABILITY: Arbitrary File Deletion": [[44, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50503"}}
{"text": "Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin Backup Guard 1.5.8": [[0, 35]], "VULNERABILITY: Remote Code Execution": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50093"}}
{"text": "WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup", "spans": {"SYSTEM: WordPress Plugin Backup Migration 1.2.8": [[0, 39]], "VULNERABILITY: Unauthenticated Database Backup": [[42, 73]]}, "info": {"source": "exploitdb", "exploit_id": "51445"}}
{"text": "WordPress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation", "spans": {"SYSTEM: WordPress Plugin BBPress 2.5": [[0, 28]], "VULNERABILITY: Privilege Escalation": [[47, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48534"}}
{"text": "WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: WordPress Plugin Blue Admin 21.06.01": [[0, 36]], "VULNERABILITY: CSRF": [[67, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50925"}}
{"text": "WordPress Plugin Buddypress 6.2.0 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin Buddypress 6.2.0": [[0, 33]], "VULNERABILITY: Persistent Cross-Site Scripting": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49061"}}
{"text": "Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure", "spans": {"SYSTEM: Wordpress Plugin BulletProof Security 5.1": [[0, 41]], "VULNERABILITY: Information Disclosure": [[54, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50382"}}
{"text": "WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion", "spans": {"SYSTEM: WordPress Plugin cab-fare-calculator 1.0.3": [[0, 42]], "VULNERABILITY: Local File Inclusion": [[45, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50843"}}
{"text": "Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)", "spans": {"SYSTEM: Wordpress Plugin Canto < 3.0.5": [[0, 30]], "VULNERABILITY: Remote Code Execution (RCE)": [[65, 92]]}, "info": {"source": "exploitdb", "exploit_id": "51826"}}
{"text": "Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin Catch Themes Demo Import 1.6.1": [[0, 47]], "VULNERABILITY: Remote Code Execution (RCE)": [[50, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50580"}}
{"text": "WordPress Plugin ChopSlider 3.4 - 'id' SQL Injection", "spans": {"SYSTEM: WordPress Plugin ChopSlider 3.4": [[0, 31]], "VULNERABILITY: SQL Injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48457"}}
{"text": "WordPress Plugin Contact Form 1.7.14 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Contact Form 1.7.14": [[0, 36]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[39, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50344"}}
{"text": "WordPress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Contact Form Builder 1.6.1": [[0, 43]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[46, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50734"}}
{"text": "WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control", "spans": {"SYSTEM: WordPress Plugin Contact Form Check Tester 1.0.2": [[0, 48]], "VULNERABILITY: Broken Access Control": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50703"}}
{"text": "WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting (XSS) (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Contact Form Entries 1.1.6": [[0, 43]], "VULNERABILITY: Cross Site Scripting": [[46, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50617"}}
{"text": "WordPress Plugin Contact Form to Email 1.3.24 - Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Contact Form to Email 1.3.24": [[0, 45]], "VULNERABILITY: Stored Cross Site Scripting": [[48, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50524"}}
{"text": "WordPress Plugin contact-form-7 5.1.6 - Remote File Upload", "spans": {"SYSTEM: WordPress Plugin contact-form-7 5.1.6": [[0, 37]], "VULNERABILITY: File Upload": [[47, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48062"}}
{"text": "WordPress Plugin Cookie Law Bar 1.2.1 - 'clb_bar_msg' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Cookie Law Bar 1.2.1": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[54, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49905"}}
{"text": "WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin CP Blocks 1.0.14": [[0, 33]], "VULNERABILITY: Stored Cross Site Scripting": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50724"}}
{"text": "WordPress Plugin Current Book 1.0.1 - 'Book Title' Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin Current Book 1.0.1": [[0, 35]], "VULNERABILITY: Persistent Cross-Site Scripting": [[51, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50127"}}
{"text": "WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF)", "spans": {"SYSTEM: WordPress Plugin Curtain 1.0.2": [[0, 30]], "VULNERABILITY: CSRF": [[61, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50842"}}
{"text": "WordPress Plugin Custom Global Variables 1.0.5 - 'name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Custom Global Variables 1.0.5": [[0, 46]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[56, 89]]}, "info": {"source": "exploitdb", "exploit_id": "49406"}}
{"text": "WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification", "spans": {"SYSTEM: WordPress Plugin Custom Searchable Data System": [[0, 46]], "VULNERABILITY: Unauthenticated Data M]odification": [[49, 83]]}, "info": {"source": "exploitdb", "exploit_id": "48213"}}
{"text": "WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF", "spans": {"SYSTEM: WordPress Plugin Database Backups 1.2.2.6": [[0, 41]], "VULNERABILITY: CSRF": [[71, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49984"}}
{"text": "WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal", "spans": {"SYSTEM: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6": [[0, 60]], "VULNERABILITY: Path Traversal": [[63, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49693"}}
{"text": "WordPress Plugin Domain Check 1.0.16 - Reflected Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Domain Check 1.0.16": [[0, 36]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[39, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50697"}}
{"text": "Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload", "spans": {"SYSTEM: Wordpress Plugin Download From Files 1.48": [[0, 41]], "VULNERABILITY: Arbitrary File Upload": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50287"}}
{"text": "Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin Download Monitor WordPress V 4.4.4": [[0, 51]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50695"}}
{"text": "WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution", "spans": {"SYSTEM: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2": [[0, 63]], "VULNERABILITY: Remote Code Execution": [[66, 87]]}, "info": {"source": "exploitdb", "exploit_id": "48520"}}
{"text": "WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Duplicate Page 4.4.1": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[40, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50256"}}
{"text": "Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read", "spans": {"SYSTEM: Wordpress Plugin Duplicator 1.3.26": [[0, 34]], "VULNERABILITY: Arbitrary File Read": [[53, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50420"}}
{"text": "Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit)", "spans": {"SYSTEM: Wordpress Plugin Duplicator 1.3.26": [[0, 34]], "VULNERABILITY: Arbitrary File Read": [[53, 72]], "TOOL: Metasploit": [[74, 84]]}, "info": {"source": "exploitdb", "exploit_id": "49288"}}
{"text": "WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download", "spans": {"SYSTEM: WordPress Plugin Duplicator 1.4.6": [[0, 33]], "VULNERABILITY: Unauthenticated Backup Download": [[36, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50992"}}
{"text": "WordPress Plugin Duplicator 1.4.7 - Information Disclosure", "spans": {"SYSTEM: WordPress Plugin Duplicator 1.4.7": [[0, 33]], "VULNERABILITY: Information Disclosure": [[36, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50993"}}
{"text": "WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover", "spans": {"SYSTEM: WordPress Plugin Duplicator < 1.5.7.1": [[0, 37]], "VULNERABILITY: Unauthenticated Sensitive Data Exposure to Account Takeover": [[40, 99]]}, "info": {"source": "exploitdb", "exploit_id": "51874"}}
{"text": "WordPress Plugin DZS Zoomsounds 6.45 - Arbitrary File Read (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin DZS Zoomsounds 6.45": [[0, 36]], "VULNERABILITY: Arbitrary File Read": [[39, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50564"}}
{"text": "WordPress Plugin dzs-zoomsounds 6.60 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin dzs-zoomsounds 6.60": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50753"}}
{"text": "WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Easy Contact Form 1.1.7": [[0, 40]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[50, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49427"}}
{"text": "WordPress Plugin Easy Cookie Policy 1.6.2 - Broken Access Control to Stored XSS", "spans": {"SYSTEM: WordPress Plugin Easy Cookie Policy 1.6.2": [[0, 41]], "VULNERABILITY: XSS": [[76, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50849"}}
{"text": "Wordpress Plugin Elementor 3.5.5 - Iframe Injection", "spans": {"SYSTEM: Wordpress Plugin Elementor 3.5.5": [[0, 32]], "VULNERABILITY: Iframe Injection": [[35, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51716"}}
{"text": "WordPress Plugin Elementor 3.6.2 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Elementor 3.6.2": [[0, 32]], "VULNERABILITY: Remote Code Execution (RCE)": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50882"}}
{"text": "WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Email Subscribers & Newsletters 4.2.2": [[0, 54]], "VULNERABILITY: SQL Injection": [[64, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48699"}}
{"text": "WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download", "spans": {"SYSTEM: WordPress Plugin Email Subscribers & Newsletters 4.2.2": [[0, 54]], "VULNERABILITY: Unauthenticated File Download": [[57, 86]]}, "info": {"source": "exploitdb", "exploit_id": "48698"}}
{"text": "WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Error Log Viewer 1.1.1": [[0, 39]], "VULNERABILITY: Arbitrary File Clearing": [[42, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50746"}}
{"text": "Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting", "spans": {"SYSTEM: Wordpress Plugin EventON Calendar 3.0.5": [[0, 39]], "VULNERABILITY: Reflected Cross-Site Scripting": [[42, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49130"}}
{"text": "Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access", "spans": {"SYSTEM: Wordpress Plugin EventON Calendar 4.4": [[0, 37]], "VULNERABILITY: Unauthenticated Event Access": [[40, 68]]}, "info": {"source": "exploitdb", "exploit_id": "51658"}}
{"text": "Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR", "spans": {"SYSTEM: Wordpress Plugin EventON Calendar 4.4": [[0, 37]], "VULNERABILITY: IDOR": [[72, 76]]}, "info": {"source": "exploitdb", "exploit_id": "51659"}}
{"text": "WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Filterable Portfolio Gallery 1.0": [[0, 49]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[60, 93]]}, "info": {"source": "exploitdb", "exploit_id": "50458"}}
{"text": "WordPress Plugin Fitness Calculators 1.9.5 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: WordPress Plugin Fitness Calculators 1.9.5": [[0, 42]], "VULNERABILITY: CSRF": [[73, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50325"}}
{"text": "WordPress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Form Maker 5.4.1": [[0, 33]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48509"}}
{"text": "WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution", "spans": {"SYSTEM: WordPress Plugin Forminator 1.24.6": [[0, 34]], "VULNERABILITY: Remote Command Execution": [[53, 77]]}, "info": {"source": "exploitdb", "exploit_id": "51664"}}
{"text": "WordPress Plugin Frontend Uploader 1.3.2 - Stored Cross Site Scripting (XSS) (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Frontend Uploader 1.3.2": [[0, 40]], "VULNERABILITY: Stored Cross Site Scripting": [[43, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50655"}}
{"text": "Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection", "spans": {"SYSTEM: Wordpress Plugin Good LMS 2.1.4": [[0, 31]], "VULNERABILITY: SQL Injection": [[55, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49033"}}
{"text": "WordPress Plugin Helpful 2.4.11 - SQL Injection", "spans": {"SYSTEM: WordPress Plugin Helpful 2.4.11": [[0, 31]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48307"}}
{"text": "WordPress Plugin Hotel Listing 3 - 'Multiple' Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Hotel Listing 3": [[0, 32]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[46, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50476"}}
{"text": "WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload", "spans": {"SYSTEM: WordPress Plugin HS Brand Logo Slider 2.1": [[0, 41]], "VULNERABILITY: File Upload": [[57, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48913"}}
{"text": "Wordpress Plugin ImageMagick-Engine 1.7.4 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin ImageMagick-Engine 1.7.4": [[0, 41]], "VULNERABILITY: Remote Code Execution (RCE)": [[44, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51025"}}
{"text": "WordPress Plugin InfiniteWP - Client Authentication Bypass (Metasploit)", "spans": {"SYSTEM: WordPress Plugin InfiniteWP": [[0, 27]], "VULNERABILITY: Authentication Bypass": [[37, 58]], "TOOL: Metasploit": [[60, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48047"}}
{"text": "WordPress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass", "spans": {"SYSTEM: WordPress Plugin InfiniteWP Client 1.9.4.5": [[0, 42]], "VULNERABILITY: Authentication Bypass": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "47939"}}
{"text": "WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin International Sms For Contact Form 7 Integration V1.2": [[0, 70]], "VULNERABILITY: Cross Site Scripting": [[73, 93]]}, "info": {"source": "exploitdb", "exploit_id": "50719"}}
{"text": "WordPress Plugin IP2Location Country Blocker 2.26.7 - Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin IP2Location Country Blocker 2.26.7": [[0, 51]], "VULNERABILITY: Stored Cross Site Scripting": [[54, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50709"}}
{"text": "Wordpress Plugin iQ Block Country 1.2.13 - Arbitrary File Deletion via Zip Slip (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin iQ Block Country 1.2.13": [[0, 40]], "VULNERABILITY: Arbitrary File Deletion": [[43, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50830"}}
{"text": "WordPress Plugin Jetpack 9.1 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Jetpack 9.1": [[0, 28]], "VULNERABILITY: Cross Site Scripting": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50735"}}
{"text": "WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin KN Fix Your Title 1.0.1": [[0, 40]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[55, 88]]}, "info": {"source": "exploitdb", "exploit_id": "50143"}}
{"text": "WordPress Plugin LearnDash LMS 3.1.2 - Reflective Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin LearnDash LMS 3.1.2": [[0, 36]], "VULNERABILITY: Cross-Site Scripting": [[50, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48030"}}
{"text": "WordPress Plugin LearnPress 3.2.6.7 - 'current_items' SQL Injection (Authenticated)", "spans": {"SYSTEM: WordPress Plugin LearnPress 3.2.6.7": [[0, 35]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50137"}}
{"text": "WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation", "spans": {"SYSTEM: WordPress Plugin LearnPress 3.2.6.8": [[0, 35]], "VULNERABILITY: Privilege Escalation": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50138"}}
{"text": "WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming", "spans": {"SYSTEM: WordPress Plugin Learnpress 4.1.4.1": [[0, 35]], "VULNERABILITY: Arbitrary Image Renaming": [[38, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50706"}}
{"text": "WordPress Plugin LifterLMS 4.21.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin LifterLMS 4.21.0": [[0, 33]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[36, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49912"}}
{"text": "WordPress Plugin litespeed cache 3.6 - 'server_ip' Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin litespeed cache 3.6": [[0, 36]], "VULNERABILITY: Cross-Site Scripting": [[51, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49374"}}
{"text": "WordPress Plugin Mail Masta 1.0 - Local File Inclusion (2)", "spans": {"SYSTEM: WordPress Plugin Mail Masta 1.0": [[0, 31]], "VULNERABILITY: Local File Inclusion": [[34, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50226"}}
{"text": "Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Wordpress Plugin Maintenance Mode by SeedProd 5.1.1": [[0, 51]], "VULNERABILITY: Persistent Cross-Site Scripting": [[54, 85]]}, "info": {"source": "exploitdb", "exploit_id": "48724"}}
{"text": "Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation", "spans": {"SYSTEM: Wordpress Plugin Masterstudy LMS": [[0, 32]], "VULNERABILITY: 3.0.17 - Unauthenticated Instructor Account Creation": [[35, 87]]}, "info": {"source": "exploitdb", "exploit_id": "51735"}}
{"text": "WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation", "spans": {"SYSTEM: WordPress Plugin MasterStudy LMS 2.7.5": [[0, 38]], "VULNERABILITY: Unauthenticated Admin Account Creation": [[41, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50752"}}
{"text": "WordPress Plugin Media Library Assistant 2.81 - Local File Inclusion", "spans": {"SYSTEM: WordPress Plugin Media Library Assistant 2.81": [[0, 45]], "VULNERABILITY: Local File Inclusion": [[48, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48315"}}
{"text": "WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Media-Tags 3.2.0.2": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[38, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50454"}}
{"text": "WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Mimetic Books 0.2.13": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[69, 102]]}, "info": {"source": "exploitdb", "exploit_id": "50139"}}
{"text": "Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthenticated)", "spans": {"SYSTEM: Wordpress Plugin Modern Events Calendar 5.16.2": [[0, 46]], "VULNERABILITY: Event export": [[49, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50084"}}
{"text": "Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin Modern Events Calendar 5.16.2": [[0, 46]], "VULNERABILITY: Remote Code Execution": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50082"}}
{"text": "WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Modern Events Calendar V 6.1": [[0, 45]], "VULNERABILITY: SQL Injection": [[48, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50687"}}
{"text": "WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Mortgage Calculators WP 1.52": [[0, 45]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[48, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50685"}}
{"text": "WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - SQL Injection", "spans": {"SYSTEM: WordPress Plugin Motopress Hotel Booking Lite 4.2.4": [[0, 51]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50869"}}
{"text": "WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Motopress Hotel Booking Lite 4.2.4": [[0, 51]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[54, 87]]}, "info": {"source": "exploitdb", "exploit_id": "50951"}}
{"text": "Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload", "spans": {"SYSTEM: Wordpress Plugin MStore API 2.0.6": [[0, 33]], "VULNERABILITY: Arbitrary File Upload": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50379"}}
{"text": "WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)", "spans": {"SYSTEM: WordPress Plugin Multi-Scheduler 1.0.0": [[0, 38]], "VULNERABILITY: Cross-Site Request Forgery": [[41, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48532"}}
{"text": "WordPress Plugin Netroics Blog Posts Grid 1.0 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Netroics Blog Posts Grid 1.0": [[0, 45]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[48, 81]]}, "info": {"source": "exploitdb", "exploit_id": "51008"}}
{"text": "WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS", "spans": {"SYSTEM: WordPress Plugin Ninja Forms 3.6.25": [[0, 35]], "VULNERABILITY: XSS": [[48, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51644"}}
{"text": "WordPress Plugin Ninja Tables 4.1.7 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Ninja Tables 4.1.7": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[38, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50455"}}
{"text": "WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection", "spans": {"SYSTEM: WordPress Plugin Payments Plugin | GetPaid 2.4.6": [[0, 48]], "VULNERABILITY: HTML Injection": [[51, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50246"}}
{"text": "WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Perfect Survey - 1.5.1": [[0, 39]], "VULNERABILITY: SQLi": [[42, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50766"}}
{"text": "WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Picture Gallery 1.4.2": [[0, 38]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[60, 93]]}, "info": {"source": "exploitdb", "exploit_id": "50187"}}
{"text": "Wordpress Plugin PicUploader 1.0 - Remote File Upload", "spans": {"SYSTEM: Wordpress Plugin PicUploader 1.0": [[0, 32]], "VULNERABILITY: File Upload": [[42, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48238"}}
{"text": "WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Pie Register 3.7.1.4": [[0, 37]], "VULNERABILITY: Privilege Escalation": [[46, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50395"}}
{"text": "WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)", "spans": {"SYSTEM: WordPress Plugin Plainview Activity Monitor 20161228": [[0, 52]], "VULNERABILITY: Remote Code Execution (RCE)": [[55, 82]]}, "info": {"source": "exploitdb", "exploit_id": "50110"}}
{"text": "Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Wordpress Plugin Playlist for Youtube 1.32": [[0, 42]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[45, 78]]}, "info": {"source": "exploitdb", "exploit_id": "51981"}}
{"text": "WordPress Plugin Poll_ Survey_ Questionnaire and Voting system 1.5.2 - 'date_answers' Blind SQL Injection", "spans": {"SYSTEM: WordPress Plugin Poll_ Survey_ Questionnaire and Voting system 1.5.2": [[0, 68]], "VULNERABILITY: SQL Injection": [[92, 105]]}, "info": {"source": "exploitdb", "exploit_id": "50052"}}
{"text": "WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Popular Posts 5.3.2": [[0, 36]], "VULNERABILITY: Remote Code Execution (RCE)": [[39, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50129"}}
{"text": "WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Popup 1.10.4": [[0, 29]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[32, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50346"}}
{"text": "WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Popup Anything 2.0.3": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[51, 84]]}, "info": {"source": "exploitdb", "exploit_id": "50479"}}
{"text": "WordPress Plugin Popup Builder 3.69.6 - Multiple Stored Cross Site Scripting", "spans": {"SYSTEM: WordPress Plugin Popup Builder 3.69.6": [[0, 37]], "VULNERABILITY: Stored Cross Site Scripting": [[49, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49231"}}
{"text": "WordPress Plugin Popup Maker 1.16.5 - Stored Cross-Site Scripting (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Popup Maker 1.16.5": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50876"}}
{"text": "WordPress Plugin Post Grid 2.1.1 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Post Grid 2.1.1": [[0, 32]], "VULNERABILITY: Cross Site Scripting": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50705"}}
{"text": "WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin Postie 1.9.40": [[0, 30]], "VULNERABILITY: Persistent Cross-Site Scripting": [[33, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47925"}}
{"text": "Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31": [[0, 50]], "VULNERABILITY: Persistent Cross-Site Scripting": [[53, 84]]}, "info": {"source": "exploitdb", "exploit_id": "48656"}}
{"text": "WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Product Slider for WooCommerce 1.13.21": [[0, 55]], "VULNERABILITY: Cross Site Scripting": [[58, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50704"}}
{"text": "WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin ProfilePress 3.1.3": [[0, 35]], "VULNERABILITY: Privilege Escalation": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50242"}}
{"text": "WordPress Plugin ReDi Restaurant Reservation 21.0307 - 'Comment' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin ReDi Restaurant Reservation 21.0307": [[0, 52]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[65, 98]]}, "info": {"source": "exploitdb", "exploit_id": "49903"}}
{"text": "WordPress Plugin Redirect 404 to Parent 1.3.0 - Reflected Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin Redirect 404 to Parent 1.3.0": [[0, 45]], "VULNERABILITY: Reflected Cross-Site Scripting": [[48, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50350"}}
{"text": "WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)", "spans": {"SYSTEM: WordPress Plugin RegistrationMagic V 5.0.1.5": [[0, 44]], "VULNERABILITY: SQL Injection": [[47, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50686"}}
{"text": "WordPress Plugin Rest Google Maps < 7.11.18 - SQL Injection", "spans": {"SYSTEM: WordPress Plugin Rest Google Maps < 7.11.18": [[0, 43]], "VULNERABILITY: SQL Injection": [[46, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48918"}}
{"text": "WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin RSS for Yandex Turbo 1.29": [[0, 42]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[45, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49778"}}
{"text": "WordPress Plugin Search Meter 2.13.2 - CSV injection", "spans": {"SYSTEM: WordPress Plugin Search Meter 2.13.2": [[0, 36]], "VULNERABILITY: CSV injection": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48197"}}
{"text": "WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1": [[0, 73]], "VULNERABILITY: SQL-Injection": [[76, 89]]}, "info": {"source": "exploitdb", "exploit_id": "50733"}}
{"text": "WordPress Plugin Security Audit 1.0.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Security Audit 1.0.0": [[0, 37]], "VULNERABILITY: Stored Cross Site Scripting": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50723"}}
{"text": "WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Select All Categories and Taxonomies 1.3.1": [[0, 59]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[62, 98]]}, "info": {"source": "exploitdb", "exploit_id": "50349"}}
{"text": "WordPress Plugin Simple File List 4.2.2 - Arbitrary File Upload", "spans": {"SYSTEM: WordPress Plugin Simple File List 4.2.2": [[0, 39]], "VULNERABILITY: Arbitrary File Upload": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48979"}}
{"text": "WordPress Plugin Simple File List 4.2.2 - Remote Code Execution", "spans": {"SYSTEM: WordPress Plugin Simple File List 4.2.2": [[0, 39]], "VULNERABILITY: Remote Code Execution": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48449"}}
{"text": "Wordpress Plugin Simple Job Board 2.9.3 - Authenticated File Read (Metasploit)", "spans": {"SYSTEM: Wordpress Plugin Simple Job Board 2.9.3": [[0, 39]], "VULNERABILITY: Authenticated File Read": [[42, 65]], "TOOL: Metasploit": [[67, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49450"}}
{"text": "Wordpress Plugin Simple Job Board 2.9.3 - Local File Inclusion", "spans": {"SYSTEM: Wordpress Plugin Simple Job Board 2.9.3": [[0, 39]], "VULNERABILITY: Local File Inclusion": [[42, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50721"}}
{"text": "WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Simple Post 1.1": [[0, 32]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[48, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50150"}}
{"text": "WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Slider by Soliloquy 2.6.2": [[0, 42]], "VULNERABILITY: Stored Cross Site Scripting": [[53, 80]]}, "info": {"source": "exploitdb", "exploit_id": "50563"}}
{"text": "Wordpress Plugin Smart Product Review 1.0.4 - Arbitrary File Upload", "spans": {"SYSTEM: Wordpress Plugin Smart Product Review 1.0.4": [[0, 43]], "VULNERABILITY: Arbitrary File Upload": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50533"}}
{"text": "WordPress Plugin Smart Slider-3 3.5.0.8 - 'name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Smart Slider-3 3.5.0.8": [[0, 39]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49958"}}
{"text": "Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin SP Project & Document Manager 4.21": [[0, 51]], "VULNERABILITY: Remote Code Execution (RCE)": [[54, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50115"}}
{"text": "WordPress Plugin stafflist 3.1.2 - SQLi (Authenticated)", "spans": {"SYSTEM: WordPress Plugin stafflist 3.1.2": [[0, 32]], "VULNERABILITY: SQLi": [[35, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50928"}}
{"text": "WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected Cross-site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Stop Spammers 2021.8": [[0, 37]], "VULNERABILITY: XSS": [[78, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49880"}}
{"text": "WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settings[currency_code]' Stored XSS", "spans": {"SYSTEM: WordPress Plugin Stripe Payments 2.0.39": [[0, 39]], "VULNERABILITY: XSS": [[96, 99]]}, "info": {"source": "exploitdb", "exploit_id": "49354"}}
{"text": "WordPress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin Strong Testimonials 2.40.1": [[0, 43]], "VULNERABILITY: Persistent Cross-Site Scripting": [[46, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48076"}}
{"text": "WordPress Plugin SuperForms 4.9 - Arbitrary File Upload", "spans": {"SYSTEM: WordPress Plugin SuperForms 4.9": [[0, 31]], "VULNERABILITY: Arbitrary File Upload": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49490"}}
{"text": "WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion", "spans": {"SYSTEM: WordPress Plugin Supsystic Backup 2.3.9": [[0, 39]], "VULNERABILITY: Local File Inclusion": [[42, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49545"}}
{"text": "WordPress Plugin Supsystic Contact Form  1.7.18 - 'label' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Supsystic Contact Form  1.7.18": [[0, 47]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[58, 91]]}, "info": {"source": "exploitdb", "exploit_id": "50460"}}
{"text": "WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities", "spans": {"SYSTEM: WordPress Plugin Supsystic Contact Form 1.7.5": [[0, 45]], "VULNERABILITY: Multiple Vulnerabilities": [[48, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49544"}}
{"text": "WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities", "spans": {"SYSTEM: WordPress Plugin Supsystic Data Tables Generator 1.9.96": [[0, 55]], "VULNERABILITY: Multiple Vulnerabilities": [[58, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49543"}}
{"text": "WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities", "spans": {"SYSTEM: WordPress Plugin Supsystic Digital Publications 1.6.9": [[0, 53]], "VULNERABILITY: Multiple Vulnerabilities": [[56, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49542"}}
{"text": "WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection", "spans": {"SYSTEM: WordPress Plugin Supsystic Membership 1.4.7": [[0, 43]], "VULNERABILITY: SQL injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49540"}}
{"text": "WordPress Plugin Supsystic Newsletter 1.5.5 - 'sidx' SQL injection", "spans": {"SYSTEM: WordPress Plugin Supsystic Newsletter 1.5.5": [[0, 43]], "VULNERABILITY: SQL injection": [[53, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49539"}}
{"text": "WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities", "spans": {"SYSTEM: WordPress Plugin Supsystic Pricing Table 1.8.7": [[0, 46]], "VULNERABILITY: Multiple Vulnerabilities": [[49, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49533"}}
{"text": "WordPress Plugin Supsystic Ultimate Maps 1.1.12 - 'sidx' SQL injection", "spans": {"SYSTEM: WordPress Plugin Supsystic Ultimate Maps 1.1.12": [[0, 47]], "VULNERABILITY: SQL injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49532"}}
{"text": "WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection (2)", "spans": {"SYSTEM: WordPress Plugin Survey & Poll 1.5.7.3": [[0, 38]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50269"}}
{"text": "WordPress Plugin TablePress 1.14 - CSV Injection", "spans": {"SYSTEM: WordPress Plugin TablePress 1.14": [[0, 32]], "VULNERABILITY: CSV Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50270"}}
{"text": "WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin TaxoPress 3.0.7.1": [[0, 34]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[37, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50442"}}
{"text": "WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Testimonial Slider and Showcase 2.2.6": [[0, 54]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[57, 90]]}, "info": {"source": "exploitdb", "exploit_id": "51007"}}
{"text": "WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin The True Ranker 2.2.2": [[0, 38]], "VULNERABILITY: Arbitrary File Read": [[41, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50624"}}
{"text": "Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation (Unauthenticated)", "spans": {"SYSTEM: Wordpress Plugin TheCartPress 1.5.3.6": [[0, 37]], "VULNERABILITY: Privilege Escalation": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50378"}}
{"text": "WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass", "spans": {"SYSTEM: WordPress Plugin Time Capsule 1.21.16": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "47941"}}
{"text": "WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin TranslatePress 2.0.8": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[40, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50343"}}
{"text": "WordPress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)", "spans": {"SYSTEM: WordPress Plugin Tutor LMS 1.5.3": [[0, 32]], "VULNERABILITY: Cross-Site Request Forgery": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48151"}}
{"text": "WordPress Plugin Tutor.1.5.3 - Local File Inclusion", "spans": {"SYSTEM: WordPress Plugin Tutor.1.5.3": [[0, 28]], "VULNERABILITY: Local File Inclusion": [[31, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48058"}}
{"text": "WordPress Plugin tutor.1.5.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin tutor.1.5.3": [[0, 28]], "VULNERABILITY: Persistent Cross-Site Scripting": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48059"}}
{"text": "WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin Typebot 1.4.3": [[0, 30]], "VULNERABILITY: Stored Cross Site Scripting": [[33, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50593"}}
{"text": "WordPress Plugin Ultimate Maps 1.2.4 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Ultimate Maps 1.2.4": [[0, 36]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[39, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50345"}}
{"text": "WordPress Plugin ultimate-member 2.1.3 - Local File Inclusion", "spans": {"SYSTEM: WordPress Plugin ultimate-member 2.1.3": [[0, 38]], "VULNERABILITY: Local File Inclusion": [[41, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48065"}}
{"text": "WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion", "spans": {"SYSTEM: WordPress Plugin video-synchro-pdf 1.7.4": [[0, 40]], "VULNERABILITY: Local File Inclusion": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50844"}}
{"text": "WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Videos sync PDF 1.7.4": [[0, 38]], "VULNERABILITY: Stored Cross Site Scripting": [[41, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50874"}}
{"text": "WordPress Plugin visitors-app 0.3 - 'user-agent' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin visitors-app 0.3": [[0, 33]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[49, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49972"}}
{"text": "WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi", "spans": {"SYSTEM: WordPress Plugin Visual Slide Box Builder 3.2.9": [[0, 47]], "VULNERABILITY: SQLi": [[50, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50980"}}
{"text": "WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit)", "spans": {"SYSTEM: WordPress Plugin W3 Total Cache": [[0, 31]], "VULNERABILITY: Arbitrary File Read": [[50, 69]], "TOOL: Metasploit": [[71, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49317"}}
{"text": "WordPress Plugin Wappointment 2.2.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin Wappointment 2.2.4": [[0, 35]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[38, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50333"}}
{"text": "WordPress Plugin Weblizar 8.9 - Backdoor", "spans": {"SYSTEM: WordPress Plugin Weblizar 8.9": [[0, 29]], "VULNERABILITY: Backdoor": [[32, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50969"}}
{"text": "WordPress Plugin Welcart e-Commerce 2.0.0 - 'search[order_column][0]' SQL injection", "spans": {"SYSTEM: WordPress Plugin Welcart e-Commerce 2.0.0": [[0, 41]], "VULNERABILITY: SQL injection": [[70, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49531"}}
{"text": "WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass", "spans": {"SYSTEM: WordPress Plugin WooCommerce Booster Plugin 5.4.3": [[0, 49]], "VULNERABILITY: Authentication Bypass": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50299"}}
{"text": "WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass", "spans": {"SYSTEM: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15": [[0, 60]], "VULNERABILITY: Payment Process Bypass": [[63, 85]]}, "info": {"source": "exploitdb", "exploit_id": "48134"}}
{"text": "WordPress Plugin WOOF Products Filter for WooCommerce 1.2.3 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin WOOF Products Filter for WooCommerce 1.2.3": [[0, 59]], "VULNERABILITY: Persistent Cross-Site Scripting": [[62, 93]]}, "info": {"source": "exploitdb", "exploit_id": "48088"}}
{"text": "WordPress Plugin Wordfence.7.4.5 - Local File Disclosure", "spans": {"SYSTEM: WordPress Plugin Wordfence.7.4.5": [[0, 32]], "VULNERABILITY: Local File Disclosure": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48061"}}
{"text": "Wordpress Plugin WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure", "spans": {"SYSTEM: Wordpress Plugin WP Courses < 2.0.29": [[0, 36]], "VULNERABILITY: Broken Access Controls leading to Courses Content Disclosure": [[39, 99]]}, "info": {"source": "exploitdb", "exploit_id": "48910"}}
{"text": "WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WP Customize Login 1.1": [[0, 39]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[62, 95]]}, "info": {"source": "exploitdb", "exploit_id": "50174"}}
{"text": "WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WP Google Maps 8.1.11": [[0, 38]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[41, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50051"}}
{"text": "Wordpress Plugin WP Guppy 1.1 - WP-JSON API Sensitive Information Disclosure", "spans": {"SYSTEM: Wordpress Plugin WP Guppy 1.1": [[0, 29]], "VULNERABILITY: Information Disclosure": [[54, 76]]}, "info": {"source": "exploitdb", "exploit_id": "50540"}}
{"text": "WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WP Learn Manager 1.1.2": [[0, 39]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[42, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50086"}}
{"text": "WordPress Plugin WP Prayer version 1.6.1 - 'prayer_messages' Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WordPress Plugin WP Prayer version 1.6.1": [[0, 40]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[61, 94]]}, "info": {"source": "exploitdb", "exploit_id": "49921"}}
{"text": "WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin WP Sitemap Page 1.6.2": [[0, 38]], "VULNERABILITY: Persistent Cross-Site Scripting": [[41, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48093"}}
{"text": "WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WP Sitemap Page 1.6.4": [[0, 38]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[41, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50268"}}
{"text": "WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin WP Statistics 13.0.7": [[0, 37]], "VULNERABILITY: SQL Injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49894"}}
{"text": "WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: WordPress Plugin WP Super Cache 1.7.1": [[0, 37]], "VULNERABILITY: Remote Code Execution": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49718"}}
{"text": "Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload", "spans": {"SYSTEM: Wordpress Plugin WP Super Edit 2.5.4": [[0, 36]], "VULNERABILITY: File Upload": [[46, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49839"}}
{"text": "WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WP Symposium Pro 2021.10": [[0, 41]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[71, 104]]}, "info": {"source": "exploitdb", "exploit_id": "50514"}}
{"text": "WordPress Plugin WP User Frontend 3.5.25 - SQLi (Authenticated)", "spans": {"SYSTEM: WordPress Plugin WP User Frontend 3.5.25": [[0, 40]], "VULNERABILITY: SQLi": [[43, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50772"}}
{"text": "Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Wordpress Plugin WP Video Playlist 1.1.1": [[0, 40]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[43, 76]]}, "info": {"source": "exploitdb", "exploit_id": "51987"}}
{"text": "WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection", "spans": {"SYSTEM: WordPress Plugin WP Visitor Statistics 4.7": [[0, 42]], "VULNERABILITY: SQL Injection": [[45, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50619"}}
{"text": "WordPress Plugin Wp-FileManager 6.8 - RCE", "spans": {"SYSTEM: WordPress Plugin Wp-FileManager 6.8": [[0, 35]], "VULNERABILITY: RCE": [[38, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49178"}}
{"text": "WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS", "spans": {"SYSTEM: WordPress Plugin WP-Paginate 2.1.3": [[0, 34]], "VULNERABILITY: XSS": [[53, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49355"}}
{"text": "WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin WP-PostRatings 1.86": [[0, 36]], "VULNERABILITY: Cross-Site Scripting": [[59, 79]]}, "info": {"source": "exploitdb", "exploit_id": "49333"}}
{"text": "WordPress Plugin WP-UserOnline 2.87.6 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WP-UserOnline 2.87.6": [[0, 37]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[40, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50988"}}
{"text": "Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Wordpress Plugin WP-UserOnline 2.88.0": [[0, 37]], "VULNERABILITY: Stored Cross Site Scripting": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51020"}}
{"text": "WordPress Plugin WP24 Domain Check 1.6.2 - 'fieldnameDomain' Stored Cross Site Scripting", "spans": {"SYSTEM: WordPress Plugin WP24 Domain Check 1.6.2": [[0, 40]], "VULNERABILITY: Stored Cross Site Scripting": [[61, 88]]}, "info": {"source": "exploitdb", "exploit_id": "49377"}}
{"text": "Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload (Unauthenticated)", "spans": {"SYSTEM: Wordpress Plugin wpDiscuz 7.0.4": [[0, 31]], "VULNERABILITY: Arbitrary File Upload": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49962"}}
{"text": "WordPress Plugin wpDiscuz 7.0.4 - Remote Code Execution (Unauthenticated)", "spans": {"SYSTEM: WordPress Plugin wpDiscuz 7.0.4": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49967"}}
{"text": "Wordpress Plugin wpDiscuz 7.0.4 - Unauthenticated Arbitrary File Upload (Metasploit)", "spans": {"SYSTEM: Wordpress Plugin wpDiscuz 7.0.4": [[0, 31]], "VULNERABILITY: Arbitrary File Upload": [[50, 71]], "TOOL: Metasploit": [[73, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49401"}}
{"text": "WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Plugin WPForms 1.5.8.2": [[0, 32]], "VULNERABILITY: Persistent Cross-Site Scripting": [[35, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48245"}}
{"text": "Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin WPForms 1.6.3.1": [[0, 32]], "VULNERABILITY: Cross Site Scripting": [[46, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49069"}}
{"text": "WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WPFront Notification Bar 1.9.1.04012": [[0, 53]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[56, 89]]}, "info": {"source": "exploitdb", "exploit_id": "50120"}}
{"text": "WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin WPSchoolPress 2.1.16": [[0, 37]], "VULNERABILITY: Cross Site Scripting": [[51, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50520"}}
{"text": "Wordpress Plugin XCloner 4.2.12 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Wordpress Plugin XCloner 4.2.12": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50077"}}
{"text": "WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Plugin YOP Polls 6.2.7": [[0, 32]], "VULNERABILITY: Stored Cross Site Scripting": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50066"}}
{"text": "Wordpress Plugin Zephyr Project Manager 3.2.42 - Multiple SQLi", "spans": {"SYSTEM: Wordpress Plugin Zephyr Project Manager 3.2.42": [[0, 46]], "VULNERABILITY: SQLi": [[58, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51024"}}
{"text": "Wordpress Seotheme - Remote Code Execution Unauthenticated", "spans": {"SYSTEM: Wordpress Seotheme": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51789"}}
{"text": "Wordpress Sonaar Music Plugin 4.7 - Stored XSS", "spans": {"SYSTEM: Wordpress Sonaar Music Plugin 4.7": [[0, 33]], "VULNERABILITY: XSS": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51739"}}
{"text": "Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection (Authenticated)", "spans": {"SYSTEM: Wordpress Theme Accesspress Social Icons 1.7.9": [[0, 46]], "VULNERABILITY: SQL injection": [[49, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49115"}}
{"text": "WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WordPress Theme Enfold 4.8.3": [[0, 28]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[31, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50427"}}
{"text": "WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting", "spans": {"SYSTEM: WordPress Theme Fruitful 3.8": [[0, 28]], "VULNERABILITY: Persistent Cross-Site Scripting": [[31, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48083"}}
{"text": "WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password", "spans": {"SYSTEM: WordPress Theme Medic v1.0.0": [[0, 28]], "VULNERABILITY: Weak Password Recovery Mechanism for Forgotten Password": [[31, 86]]}, "info": {"source": "exploitdb", "exploit_id": "51531"}}
{"text": "WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection", "spans": {"SYSTEM: WordPress Theme NexosReal Estate 1.7": [[0, 36]], "VULNERABILITY: SQL Injection": [[54, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48682"}}
{"text": "Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload", "spans": {"SYSTEM: Wordpress Theme Travelscape v1.0.3": [[0, 34]], "VULNERABILITY: Arbitrary File Upload": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51969"}}
{"text": "Wordpress Theme Wibar 1.1.8 - 'Brand Component' Stored Cross Site Scripting", "spans": {"SYSTEM: Wordpress Theme Wibar 1.1.8": [[0, 27]], "VULNERABILITY: Stored Cross Site Scripting": [[48, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49107"}}
{"text": "WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution", "spans": {"SYSTEM: WordPress Theme Workreap 2.2.2": [[0, 30]], "VULNERABILITY: Remote Code Execution": [[67, 88]]}, "info": {"source": "exploitdb", "exploit_id": "51510"}}
{"text": "Wordpress Theme XStore 9.3.8 - SQLi", "spans": {"SYSTEM: Wordpress Theme XStore 9.3.8": [[0, 28]], "VULNERABILITY: SQLi": [[31, 35]]}, "info": {"source": "exploitdb", "exploit_id": "52019"}}
{"text": "WorkOrder CMS 0.1.0 - SQL Injection", "spans": {"SYSTEM: WorkOrder CMS 0.1.0": [[0, 19]], "VULNERABILITY: SQL Injection": [[22, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51038"}}
{"text": "Workout Journal App 1.0 - Stored XSS", "spans": {"SYSTEM: Workout Journal App 1.0": [[0, 23]], "VULNERABILITY: XSS": [[33, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51928"}}
{"text": "WoWonder Social Network Platform 3.1 - 'event_id' SQL Injection", "spans": {"SYSTEM: WoWonder Social Network Platform 3.1": [[0, 36]], "VULNERABILITY: SQL Injection": [[50, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49657"}}
{"text": "WoWonder Social Network Platform 3.1 - Authentication Bypass", "spans": {"SYSTEM: WoWonder Social Network Platform 3.1": [[0, 36]], "VULNERABILITY: Authentication Bypass": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49989"}}
{"text": "WP All Import v3.6.7 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: WP All Import v3.6.7": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51122"}}
{"text": "WP AutoComplete 1.0.4 - Unauthenticated SQLi", "spans": {"SYSTEM: WP AutoComplete 1.0.4": [[0, 21]], "VULNERABILITY: SQLi": [[40, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51560"}}
{"text": "WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection", "spans": {"SYSTEM: WP Fastest Cache 1.2.2": [[0, 22]], "VULNERABILITY: SQL Injection": [[41, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51835"}}
{"text": "WP Rocket < 2.10.3 - Local File Inclusion (LFI)", "spans": {"SYSTEM: WP Rocket < 2.10.3": [[0, 18]], "VULNERABILITY: Local File Inclusion": [[21, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51830"}}
{"text": "WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated)", "spans": {"SYSTEM: WP Statistics Plugin 13.1.5 current_page_id": [[0, 43]], "VULNERABILITY: SQL injection": [[57, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51711"}}
{"text": "WP Sticky Social 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WP Sticky Social 1.0.1": [[0, 22]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[55, 88]]}, "info": {"source": "exploitdb", "exploit_id": "51533"}}
{"text": "WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE", "spans": {"SYSTEM: WP-file-manager v6.9": [[0, 20]], "VULNERABILITY: Arbitrary File Upload": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51224"}}
{"text": "WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: WP-UserOnline 2.88.0": [[0, 20]], "VULNERABILITY: Stored Cross Site Scripting": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52048"}}
{"text": "Wp2Fac - OS Command Injection", "spans": {"SYSTEM: Wp2Fac": [[0, 6]], "VULNERABILITY: Command Injection": [[12, 29]]}, "info": {"source": "exploitdb", "exploit_id": "51717"}}
{"text": "WPForms 1.7.8 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WPForms 1.7.8": [[0, 13]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51152"}}
{"text": "WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities", "spans": {"SYSTEM: WPN-XM Serverstack for Windows 0.8.6": [[0, 36]], "VULNERABILITY: Multiple Vulnerabilities": [[39, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51075"}}
{"text": "WSO2 Management Console (Multiple Products) - Unauthenticated Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: WSO2 Management Console (Multiple Products)": [[0, 43]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[62, 98]]}, "info": {"source": "exploitdb", "exploit_id": "50970"}}
{"text": "X2CRM 8.5 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: X2CRM 8.5": [[0, 9]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[12, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52098"}}
{"text": "X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: X2CRM v6.6/6.9": [[0, 14]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[17, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51346"}}
{"text": "X2CRM v6.6/6.9 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: X2CRM v6.6/6.9": [[0, 14]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[17, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51345"}}
{"text": "xbtitFM 4.1.18 - Multiple Vulnerabilities", "spans": {"SYSTEM: xbtitFM 4.1.18": [[0, 14]], "VULNERABILITY: Multiple Vulnerabilities": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51909"}}
{"text": "XCMS v1.83 - Remote Command Execution (RCE)", "spans": {"SYSTEM: XCMS v1.83": [[0, 10]], "VULNERABILITY: Remote Command Execution": [[13, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51184"}}
{"text": "Xenforo Version 2.2.13 - Authenticated Stored XSS", "spans": {"SYSTEM: Xenforo Version 2.2.13": [[0, 22]], "VULNERABILITY: XSS": [[46, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51547"}}
{"text": "Xeroneit Library Management System 3.0 - 'category' SQL Injection", "spans": {"SYSTEM: Xeroneit Library Management System 3.0": [[0, 38]], "VULNERABILITY: SQL Injection": [[52, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48328"}}
{"text": "Xeroneit Library Management System 3.1 - _Add Book Category _ Stored XSS", "spans": {"SYSTEM: Xeroneit Library Management System 3.1": [[0, 38]], "VULNERABILITY: XSS": [[69, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49292"}}
{"text": "Xerte 3.10.3 - Directory Traversal (Authenticated)", "spans": {"SYSTEM: Xerte 3.10.3": [[0, 12]], "VULNERABILITY: Directory Traversal": [[15, 34]]}, "info": {"source": "exploitdb", "exploit_id": "50794"}}
{"text": "Xerte 3.9 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Xerte 3.9": [[0, 9]], "VULNERABILITY: Remote Code Execution (RCE)": [[12, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50795"}}
{"text": "Xhibiter NFT Marketplace 1.10.2 - SQL Injection", "spans": {"SYSTEM: Xhibiter NFT Marketplace 1.10.2": [[0, 31]], "VULNERABILITY: SQL Injection": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52060"}}
{"text": "XMB 1.9.12.06 - Stored XSS", "spans": {"SYSTEM: XMB 1.9.12.06": [[0, 13]], "VULNERABILITY: XSS": [[23, 26]]}, "info": {"source": "exploitdb", "exploit_id": "52044"}}
{"text": "Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)", "spans": {"SYSTEM: Xoops CMS 2.5.10": [[0, 16]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[19, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51520"}}
{"text": "XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)", "spans": {"SYSTEM: XOS Shop 1.0.9": [[0, 14]], "VULNERABILITY: Arbitrary File Deletion": [[28, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50155"}}
{"text": "XWiki Standard 14.10 - Remote Code Execution (RCE)", "spans": {"SYSTEM: XWiki Standard 14.10": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52105"}}
{"text": "Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)", "spans": {"SYSTEM: Yahoo User Interface library (YUI2) TreeView v2.8.2": [[0, 51]], "VULNERABILITY: Cross Site Scripting": [[73, 93]]}, "info": {"source": "exploitdb", "exploit_id": "51198"}}
{"text": "YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection", "spans": {"SYSTEM: YesWiki cercopitheque 2020.04.18.1": [[0, 34]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48432"}}
{"text": "YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery", "spans": {"SYSTEM: YetiShare File Hosting Script 5.1.0": [[0, 35]], "VULNERABILITY: Server-Side Request Forgery": [[44, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49534"}}
{"text": "Yoga Class Registration System v1.0 - Multiple SQLi", "spans": {"SYSTEM: Yoga Class Registration System v1.0": [[0, 35]], "VULNERABILITY: SQLi": [[47, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51048"}}
{"text": "Young Entrepreneur E-Negosyo System 1.0 - 'PRODESC' Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Young Entrepreneur E-Negosyo System 1.0": [[0, 39]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[52, 85]]}, "info": {"source": "exploitdb", "exploit_id": "50375"}}
{"text": "Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass", "spans": {"SYSTEM: Young Entrepreneur E-Negosyo System 1.0": [[0, 39]], "VULNERABILITY: Authentication Bypass": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "50374"}}
{"text": "YouPHPTube<= 7.8 - Multiple Vulnerabilities", "spans": {"SYSTEM: YouPHPTube<= 7.8": [[0, 16]], "VULNERABILITY: Multiple Vulnerabilities": [[19, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51101"}}
{"text": "YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting", "spans": {"SYSTEM: YzmCMS 5.5": [[0, 10]], "VULNERABILITY: Persistent Cross-Site Scripting": [[19, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48189"}}
{"text": "Zabbix 3.4.7 - Stored XSS", "spans": {"SYSTEM: Zabbix 3.4.7": [[0, 12]], "VULNERABILITY: XSS": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "49729"}}
{"text": "Zabbix 5.0.0 - Stored XSS via URL Widget Iframe", "spans": {"SYSTEM: Zabbix 5.0.0": [[0, 12]], "VULNERABILITY: XSS": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "49202"}}
{"text": "Zabbix 5.0.17 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Zabbix 5.0.17": [[0, 13]], "VULNERABILITY: Remote Code Execution (RCE)": [[16, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50816"}}
{"text": "Zabbix 7.0.0 - SQL Injection", "spans": {"SYSTEM: Zabbix 7.0.0": [[0, 12]], "VULNERABILITY: SQL Injection": [[15, 28]]}, "info": {"source": "exploitdb", "exploit_id": "52230"}}
{"text": "Zen Cart 1.5.7b - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Zen Cart 1.5.7b": [[0, 15]], "VULNERABILITY: Remote Code Execution": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49608"}}
{"text": "Zenario CMS 8.8.52729 - 'cID' SQL injection (Authenticated)", "spans": {"SYSTEM: Zenario CMS 8.8.52729": [[0, 21]], "VULNERABILITY: SQL injection": [[30, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49988"}}
{"text": "Zenario CMS 8.8.53370 - 'id' Blind SQL Injection", "spans": {"SYSTEM: Zenario CMS 8.8.53370": [[0, 21]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49642"}}
{"text": "Zenario CMS 9.0.54156 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Zenario CMS 9.0.54156": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50850"}}
{"text": "Zenphoto 1.6 - Multiple stored XSS", "spans": {"SYSTEM: Zenphoto 1.6": [[0, 12]], "VULNERABILITY: XSS": [[31, 34]]}, "info": {"source": "exploitdb", "exploit_id": "51485"}}
{"text": "ZenTao Pro 8.8.2 - Command Injection", "spans": {"SYSTEM: ZenTao Pro 8.8.2": [[0, 16]], "VULNERABILITY: Command Injection": [[19, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48633"}}
{"text": "Zentao Project Management System 17.0 - Authenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: Zentao Project Management System 17.0": [[0, 37]], "VULNERABILITY: Authenticated Remote Code Execution": [[40, 75]]}, "info": {"source": "exploitdb", "exploit_id": "51069"}}
{"text": "Zomplog 3.9 - Cross-site scripting (XSS)", "spans": {"SYSTEM: Zomplog 3.9": [[0, 11]], "VULNERABILITY: XSS": [[36, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51625"}}
{"text": "zomplog 3.9 - Remote Code Execution (RCE)", "spans": {"SYSTEM: zomplog 3.9": [[0, 11]], "VULNERABILITY: Remote Code Execution (RCE)": [[14, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51624"}}
{"text": "Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass", "spans": {"SYSTEM: Zoneminder < v1.37.24": [[0, 21]], "VULNERABILITY: CSRF": [[53, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51071"}}
{"text": "ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE", "spans": {"SYSTEM: ZoneMinder Snapshots < 1.37.33": [[0, 30]], "VULNERABILITY: RCE": [[49, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51902"}}
{"text": "Zoo Management System 1.0 - 'anid' SQL Injection", "spans": {"SYSTEM: Zoo Management System 1.0": [[0, 25]], "VULNERABILITY: SQL Injection": [[35, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49501"}}
{"text": "Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)", "spans": {"SYSTEM: Zoo Management System 1.0": [[0, 25]], "VULNERABILITY: XSS": [[72, 75]]}, "info": {"source": "exploitdb", "exploit_id": "50117"}}
{"text": "Zoo Management System 1.0 - Authentication Bypass", "spans": {"SYSTEM: Zoo Management System 1.0": [[0, 25]], "VULNERABILITY: Authentication Bypass": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48880"}}
{"text": "Zoo Management System 1.0 - Unauthenticated RCE", "spans": {"SYSTEM: Zoo Management System 1.0": [[0, 25]], "VULNERABILITY: RCE": [[44, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51819"}}
{"text": "Zstore 6.5.4 - Reflected Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Zstore 6.5.4": [[0, 12]], "VULNERABILITY: Reflected Cross-Site Scripting (XSS)": [[15, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51207"}}
{"text": "zstore 6.6.0 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: zstore 6.6.0": [[0, 12]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[15, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51240"}}
{"text": "dirsearch 0.4.1 - CSV Injection", "spans": {"SYSTEM: dirsearch 0.4.1": [[0, 15]], "VULNERABILITY: CSV Injection": [[18, 31]]}, "info": {"source": "exploitdb", "exploit_id": "49370"}}
{"text": "Facebook ParlAI 1.0.0 -  Deserialization of Untrusted Data in parlai", "spans": {"SYSTEM: Facebook ParlAI 1.0.0": [[0, 21]], "VULNERABILITY: Deserialization of Untrusted Data in parlai": [[25, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50289"}}
{"text": "Knockpy 4.1.1 - CSV Injection", "spans": {"SYSTEM: Knockpy 4.1.1": [[0, 13]], "VULNERABILITY: CSV Injection": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "49342"}}
{"text": "Binwalk v2.3.2 - Remote Command Execution (RCE)", "spans": {"SYSTEM: Binwalk v2.3.2": [[0, 14]], "VULNERABILITY: Remote Command Execution": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51249"}}
{"text": "Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Gerapy 0.9.7": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50640"}}
{"text": "Hugging Face Transformers MobileViTV2 4.41.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Hugging Face Transformers MobileViTV2 4.41.1": [[0, 44]], "VULNERABILITY: Remote Code Execution (RCE)": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52227"}}
{"text": "Keras 2.15 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Keras 2.15": [[0, 10]], "VULNERABILITY: Remote Code Execution (RCE)": [[13, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52359"}}
{"text": "NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle", "spans": {"SYSTEM: NVFLARE < 2.1.4": [[0, 15]], "VULNERABILITY: Unsafe Deserialization due to Pickle": [[18, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51051"}}
{"text": "Pymatgen 2024.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Pymatgen 2024.1": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52205"}}
{"text": "PyScript - Read Remote Python Source Code", "spans": {"SYSTEM: PyScript": [[0, 8]], "VULNERABILITY: Read Remote Python Source Code": [[11, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50918"}}
{"text": "rpc.py 0.6.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: rpc.py 0.6.0": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50983"}}
{"text": "_camp_ Raspberry Pi camera server 1.0 -  Authentication Bypass", "spans": {"SYSTEM: _camp_ Raspberry Pi camera server 1.0": [[0, 37]], "VULNERABILITY: Authentication Bypass": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51041"}}
{"text": "aaPanel 6.6.6 - Privilege Escalation & Remote Code Execution (Authenticated)", "spans": {"SYSTEM: aaPanel 6.6.6": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48886"}}
{"text": "aiohttp 3.9.1 - directory traversal PoC", "spans": {"SYSTEM: aiohttp 3.9.1": [[0, 13]], "VULNERABILITY: directory traversal PoC": [[16, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52474"}}
{"text": "Ajenti 2.1.36 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Ajenti 2.1.36": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48929"}}
{"text": "Bitbucket v7.0.0 -  RCE", "spans": {"SYSTEM: Bitbucket v7.0.0": [[0, 16]], "VULNERABILITY: RCE": [[20, 23]]}, "info": {"source": "exploitdb", "exploit_id": "51040"}}
{"text": "copyparty 1.8.2 - Directory Traversal", "spans": {"SYSTEM: copyparty 1.8.2": [[0, 15]], "VULNERABILITY: Directory Traversal": [[18, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51636"}}
{"text": "copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)", "spans": {"SYSTEM: copyparty v1.8.6": [[0, 16]], "VULNERABILITY: Cross Site Scripting": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51635"}}
{"text": "CVAT 2.0 - Server Side Request Forgery", "spans": {"SYSTEM: CVAT 2.0": [[0, 8]], "VULNERABILITY: Server Side Request Forgery": [[11, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51030"}}
{"text": "Devika v1 - Path Traversal via 'snapshot_path'", "spans": {"SYSTEM: Devika v1": [[0, 9]], "VULNERABILITY: Path Traversal": [[12, 26]]}, "info": {"source": "exploitdb", "exploit_id": "52066"}}
{"text": "django-unicorn 0.35.3 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: django-unicorn 0.35.3": [[0, 21]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[24, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50393"}}
{"text": "djangorestframework-simplejwt 5.3.1 - Information Disclosure", "spans": {"SYSTEM: djangorestframework-simplejwt 5.3.1": [[0, 35]], "VULNERABILITY: Information Disclosure": [[38, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51992"}}
{"text": "DocsGPT 0.12.0 - Remote Code Execution", "spans": {"SYSTEM: DocsGPT 0.12.0": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "52145"}}
{"text": "ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: ERPNext 14.82.1": [[0, 15]], "VULNERABILITY: CSRF": [[67, 71]]}, "info": {"source": "exploitdb", "exploit_id": "52283"}}
{"text": "Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Frappe Framework (ERPNext) 13.4.0": [[0, 33]], "VULNERABILITY: Remote Code Execution": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51580"}}
{"text": "Home Assistant Community Store (HACS) 1.10.0 - Directory Traversal", "spans": {"SYSTEM: Home Assistant Community Store (HACS) 1.10.0": [[0, 44]], "VULNERABILITY: Directory Traversal": [[47, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49495"}}
{"text": "Invesalius3 - Remote Code Execution", "spans": {"SYSTEM: Invesalius3": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "52076"}}
{"text": "Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF)", "spans": {"SYSTEM: Label Studio 1.5.0": [[0, 18]], "VULNERABILITY: Server Side Request Forgery": [[35, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51109"}}
{"text": "modoboa  2.0.4 - Admin TakeOver", "spans": {"SYSTEM: modoboa  2.0.4": [[0, 14]], "VULNERABILITY: Admin TakeOver": [[17, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51276"}}
{"text": "OpenPLC 3 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: OpenPLC 3": [[0, 9]], "VULNERABILITY: Remote Code Execution": [[12, 33]]}, "info": {"source": "exploitdb", "exploit_id": "49803"}}
{"text": "Pallets Werkzeug 0.15.4 - Path Traversal", "spans": {"SYSTEM: Pallets Werkzeug 0.15.4": [[0, 23]], "VULNERABILITY: Path Traversal": [[26, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50101"}}
{"text": "Pi-hole 4.3.2 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Pi-hole 4.3.2": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48727"}}
{"text": "Products.PluggableAuthService 2.6.0 - Open Redirect", "spans": {"SYSTEM: Products.PluggableAuthService 2.6.0": [[0, 35]], "VULNERABILITY: Open Redirect": [[38, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49930"}}
{"text": "PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)", "spans": {"SYSTEM: PyLoad 0.5.0": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51532"}}
{"text": "Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)", "spans": {"SYSTEM: Pyro CMS 3.9": [[0, 12]], "VULNERABILITY: SSTI": [[47, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51669"}}
{"text": "Ray OS v2.6.3 - Command Injection RCE(Unauthorized)", "spans": {"SYSTEM: Ray OS v2.6.3": [[0, 13]], "VULNERABILITY: Command Injection": [[16, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51978"}}
{"text": "Roxy WI v6.1.0.0 - Improper Authentication Control", "spans": {"SYSTEM: Roxy WI v6.1.0.0": [[0, 16]], "VULNERABILITY: Improper Authentication Control": [[19, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51226"}}
{"text": "Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: Roxy WI v6.1.0.0": [[0, 16]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[19, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51227"}}
{"text": "Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload", "spans": {"SYSTEM: Roxy WI v6.1.1.0": [[0, 16]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[19, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51228"}}
{"text": "Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Sentry 8.2.0": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50318"}}
{"text": "pdfkit v0.8.7.2 - Command Injection", "spans": {"SYSTEM: pdfkit v0.8.7.2": [[0, 15]], "VULNERABILITY: Command Injection": [[18, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51293"}}
{"text": "Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)", "spans": {"SYSTEM: Camaleon CMS v2.7.0": [[0, 19]], "VULNERABILITY: SSTI": [[54, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51489"}}
{"text": "Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title", "spans": {"SYSTEM: Cameleon CMS 2.7.4": [[0, 18]], "VULNERABILITY: XSS": [[39, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51446"}}
{"text": "GitLab 11.4.7 - RCE (Authenticated) (2)", "spans": {"SYSTEM: GitLab 11.4.7": [[0, 13]], "VULNERABILITY: RCE": [[16, 19]]}, "info": {"source": "exploitdb", "exploit_id": "49334"}}
{"text": "GitLab 11.4.7 - Remote Code Execution (Authenticated) (1)", "spans": {"SYSTEM: GitLab 11.4.7": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49257"}}
{"text": "GitLab 12.9.0 - Arbitrary File Read", "spans": {"SYSTEM: GitLab 12.9.0": [[0, 13]], "VULNERABILITY: Arbitrary File Read": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48431"}}
{"text": "Gitlab 12.9.0 - Arbitrary File Read (Authenticated)", "spans": {"SYSTEM: Gitlab 12.9.0": [[0, 13]], "VULNERABILITY: Arbitrary File Read": [[16, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49076"}}
{"text": "Gitlab 13.10.2 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Gitlab 13.10.2": [[0, 14]], "VULNERABILITY: Remote Code Execution": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49951"}}
{"text": "GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)", "spans": {"SYSTEM: GitLab 13.10.2": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50532"}}
{"text": "Gitlab 13.9.3 - Remote Code Execution (Authenticated)", "spans": {"SYSTEM: Gitlab 13.9.3": [[0, 13]], "VULNERABILITY: Remote Code Execution": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "49944"}}
{"text": "Gitlab 14.9 - Authentication Bypass", "spans": {"SYSTEM: Gitlab 14.9": [[0, 11]], "VULNERABILITY: Authentication Bypass": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50888"}}
{"text": "GitLab 14.9 - Stored Cross-Site Scripting (XSS)", "spans": {"SYSTEM: GitLab 14.9": [[0, 11]], "VULNERABILITY: Stored Cross-Site Scripting (XSS)": [[14, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50889"}}
{"text": "GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration", "spans": {"SYSTEM: GitLab Community Edition (CE) 13.10.3": [[0, 37]], "VULNERABILITY: User Enumeration": [[50, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49822"}}
{"text": "GitLab Community Edition (CE) 13.10.3 - User Enumeration", "spans": {"SYSTEM: GitLab Community Edition (CE) 13.10.3": [[0, 37]], "VULNERABILITY: User Enumeration": [[40, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49821"}}
{"text": "GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: GitLab v15.3": [[0, 12]], "VULNERABILITY: Remote Code Execution (RCE)": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51181"}}
{"text": "Rails 5.0.1 - Remote Code Execution", "spans": {"SYSTEM: Rails 5.0.1": [[0, 11]], "VULNERABILITY: Remote Code Execution": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48716"}}
{"text": "STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)", "spans": {"SYSTEM: STVS ProVision 5.9.10": [[0, 21]], "VULNERABILITY: Cross-Site Request Forgery": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49482"}}
{"text": "STVS ProVision 5.9.10 - File Disclosure (Authenticated)", "spans": {"SYSTEM: STVS ProVision 5.9.10": [[0, 21]], "VULNERABILITY: File Disclosure": [[24, 39]]}, "info": {"source": "exploitdb", "exploit_id": "49481"}}
{"text": "SCO Openserver 5.0.7 - 'outputform' Command Injection", "spans": {"SYSTEM: SCO Openserver 5.0.7": [[0, 20]], "VULNERABILITY: Command Injection": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49301"}}
{"text": "SCO Openserver 5.0.7 - 'section' Reflected XSS", "spans": {"SYSTEM: SCO Openserver 5.0.7": [[0, 20]], "VULNERABILITY: XSS": [[43, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49300"}}
{"text": "Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation", "spans": {"SYSTEM: Oracle Solaris Common Desktop Environment 1.6": [[0, 45]], "VULNERABILITY: Local Privilege Escalation": [[48, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48359"}}
{"text": "Solaris 10  (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)", "spans": {"SYSTEM: Solaris 10  (SPARC)": [[0, 19]], "VULNERABILITY: Local Privilege Escalation": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49518"}}
{"text": "Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)", "spans": {"SYSTEM: Solaris 10 (Intel)": [[0, 18]], "VULNERABILITY: Local Privilege Escalation": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49514"}}
{"text": "Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)", "spans": {"SYSTEM: Solaris 10 (Intel)": [[0, 18]], "VULNERABILITY: Local Privilege Escalation": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49515"}}
{"text": "Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)", "spans": {"SYSTEM: Solaris 10 (SPARC)": [[0, 18]], "VULNERABILITY: Local Privilege Escalation": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49516"}}
{"text": "Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)", "spans": {"SYSTEM: Solaris 10 (SPARC)": [[0, 18]], "VULNERABILITY: Local Privilege Escalation": [[35, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49517"}}
{"text": "Solaris 10 libXm - Buffer overflow Local privilege escalation", "spans": {"SYSTEM: Solaris 10 libXm": [[0, 16]], "VULNERABILITY: Buffer overflow Local privilege escalation": [[19, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51209"}}
{"text": "SunOS 5.10 Generic_147148-26 - Local Privilege Escalation", "spans": {"SYSTEM: SunOS 5.10 Generic_147148-26": [[0, 28]], "VULNERABILITY: Local Privilege Escalation": [[31, 57]]}, "info": {"source": "exploitdb", "exploit_id": "47932"}}
{"text": "Solaris SunSSH 11.0 x86 - libpam Remote Root", "spans": {"SYSTEM: Solaris SunSSH 11.0 x86": [[0, 23]], "VULNERABILITY: libpam Remote Root": [[26, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49261"}}
{"text": "Solaris SunSSH 11.0 x86 - libpam Remote Root (2)", "spans": {"SYSTEM: Solaris SunSSH 11.0 x86": [[0, 23]], "VULNERABILITY: libpam Remote Root": [[26, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49896"}}
{"text": "Solaris SunSSH 11.0 x86 - libpam Remote Root (3)", "spans": {"SYSTEM: Solaris SunSSH 11.0 x86": [[0, 23]], "VULNERABILITY: libpam Remote Root": [[26, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50039"}}
{"text": "Client Management System 1.1 - 'Search' SQL Injection", "spans": {"SYSTEM: Client Management System 1.1": [[0, 28]], "VULNERABILITY: SQL Injection": [[40, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50008"}}
{"text": "ever gauzy v0.281.9 - JWT weak HMAC secret", "spans": {"SYSTEM: ever gauzy v0.281.9": [[0, 19]], "VULNERABILITY: JWT weak HMAC secret": [[22, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51354"}}
{"text": "Flowise 1.6.5 - Authentication Bypass", "spans": {"SYSTEM: Flowise 1.6.5": [[0, 13]], "VULNERABILITY: Authentication Bypass": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52001"}}
{"text": "FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)", "spans": {"SYSTEM: FUXA V.1.1.13-1186": [[0, 18]], "VULNERABILITY: Unauthenticated Remote Code Execution": [[21, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51385"}}
{"text": "Grafana <=6.2.4 - HTML Injection", "spans": {"SYSTEM: Grafana <=6.2.4": [[0, 15]], "VULNERABILITY: HTML Injection": [[18, 32]]}, "info": {"source": "exploitdb", "exploit_id": "51073"}}
{"text": "Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)", "spans": {"SYSTEM: Rejetto HTTP File Server 2.3m": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52102"}}
{"text": "vsftpd 2.3.4 - Backdoor Command Execution", "spans": {"SYSTEM: vsftpd 2.3.4": [[0, 12]], "VULNERABILITY: Backdoor Command Execution": [[15, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49757"}}
{"text": "AbsoluteTelnet 11.12 - _license name_ Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.12": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[38, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48005"}}
{"text": "AbsoluteTelnet 11.12 - 'license name' Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.12": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[38, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48006"}}
{"text": "AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.12": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[39, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48305"}}
{"text": "AbsoluteTelnet 11.12 - 'SSH2/username' Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.12": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[39, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48010"}}
{"text": "AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.21": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[34, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48493"}}
{"text": "AbsoluteTelnet 11.24 - 'Phone' Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.24": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50511"}}
{"text": "AbsoluteTelnet 11.24 - 'Username' Denial of Service (PoC)", "spans": {"SYSTEM: AbsoluteTelnet 11.24": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[34, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50510"}}
{"text": "ACTi NVR3 Standard or Professional Server 3.0.12.42 - Denial of Service (PoC)", "spans": {"SYSTEM: ACTi NVR3 Standard or Professional Server 3.0.12.42": [[0, 51]], "VULNERABILITY: Denial of Service (PoC)": [[54, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48731"}}
{"text": "AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)", "spans": {"SYSTEM: AgataSoft PingMaster Pro 2.1": [[0, 28]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49567"}}
{"text": "AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)", "spans": {"SYSTEM: AimOne Video Converter V2.04 Build 103": [[0, 38]], "VULNERABILITY: Buffer Overflow": [[41, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51196"}}
{"text": "APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: APKF Product Key Finder 2.5.8.0": [[0, 31]], "VULNERABILITY: Denial of Service (PoC)": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47937"}}
{"text": "aSc TimeTables 2020.11.4 - Denial of Service (PoC)", "spans": {"SYSTEM: aSc TimeTables 2020.11.4": [[0, 24]], "VULNERABILITY: Denial of Service (PoC)": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48133"}}
{"text": "Backup Key Recovery 2.2.5 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: Backup Key Recovery 2.2.5": [[0, 25]], "VULNERABILITY: Denial of Service (PoC)": [[35, 58]]}, "info": {"source": "exploitdb", "exploit_id": "47909"}}
{"text": "Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5": [[0, 62]], "VULNERABILITY: Denial of Service (PoC)": [[71, 94]]}, "info": {"source": "exploitdb", "exploit_id": "47864"}}
{"text": "BACnet Test Server 1.01 - Remote Denial of Service (PoC)", "spans": {"SYSTEM: BACnet Test Server 1.01": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[33, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48860"}}
{"text": "BlueAuditor 1.7.2.0 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: BlueAuditor 1.7.2.0": [[0, 19]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "47857"}}
{"text": "BOOTP Turbo 2.0 - Denial of Service (SEH)(PoC)", "spans": {"SYSTEM: BOOTP Turbo 2.0": [[0, 15]], "VULNERABILITY: Denial of Service": [[18, 35]]}, "info": {"source": "exploitdb", "exploit_id": "47955"}}
{"text": "Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)", "spans": {"SYSTEM: Calavera UpLoader 3.5": [[0, 21]], "VULNERABILITY: Denial of Service": [[35, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48697"}}
{"text": "Code Blocks 20.03 - Denial Of Service (PoC)", "spans": {"SYSTEM: Code Blocks 20.03": [[0, 17]], "VULNERABILITY: Denial Of Service": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48617"}}
{"text": "Core FTP LE 2.2 - Denial of Service (PoC)", "spans": {"SYSTEM: Core FTP LE 2.2": [[0, 15]], "VULNERABILITY: Denial of Service (PoC)": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48137"}}
{"text": "Core FTP Lite 1.3 - Denial of Service (PoC)", "spans": {"SYSTEM: Core FTP Lite 1.3": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "48100"}}
{"text": "DiskBoss 7.7.14 - Denial of Service (PoC)", "spans": {"SYSTEM: DiskBoss 7.7.14": [[0, 15]], "VULNERABILITY: Denial of Service (PoC)": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48276"}}
{"text": "Dnss Domain Name Search Software - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: Dnss Domain Name Search Software": [[0, 32]], "VULNERABILITY: Denial of Service (PoC)": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "47856"}}
{"text": "Dnss Domain Name Search Software - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: Dnss Domain Name Search Software": [[0, 32]], "VULNERABILITY: Denial of Service (PoC)": [[42, 65]]}, "info": {"source": "exploitdb", "exploit_id": "47861"}}
{"text": "Dota 2 7.23f - Denial of Service (PoC)", "spans": {"SYSTEM: Dota 2 7.23f": [[0, 12]], "VULNERABILITY: Denial of Service (PoC)": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48031"}}
{"text": "Duplicate Cleaner Pro 4 - Denial of Service (PoC)", "spans": {"SYSTEM: Duplicate Cleaner Pro 4": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[26, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47873"}}
{"text": "DupTerminator 1.4.5639.37199 - Denial of Service (PoC)", "spans": {"SYSTEM: DupTerminator 1.4.5639.37199": [[0, 28]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49917"}}
{"text": "Easy CD & DVD Cover Creator 4.13 - Denial of Service (PoC)", "spans": {"SYSTEM: Easy CD & DVD Cover Creator 4.13": [[0, 32]], "VULNERABILITY: Denial of Service (PoC)": [[35, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49337"}}
{"text": "Everest 5.50.2100 - 'Open File' Denial of Service (PoC)", "spans": {"SYSTEM: Everest 5.50.2100": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[32, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48259"}}
{"text": "Filetto 1.0 - 'FEAT' Denial of Service (PoC)", "spans": {"SYSTEM: Filetto 1.0": [[0, 11]], "VULNERABILITY: Denial of Service (PoC)": [[21, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48503"}}
{"text": "Fire Web Server 0.1 - Remote Denial of Service (PoC)", "spans": {"SYSTEM: Fire Web Server 0.1": [[0, 19]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48637"}}
{"text": "FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)", "spans": {"SYSTEM: FlashFXP 4.2.0 Build 1730": [[0, 25]], "VULNERABILITY: Denial of Service (PoC)": [[28, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48269"}}
{"text": "FlashGet 1.9.6 - Denial of Service (PoC)", "spans": {"SYSTEM: FlashGet 1.9.6": [[0, 14]], "VULNERABILITY: Denial of Service (PoC)": [[17, 40]]}, "info": {"source": "exploitdb", "exploit_id": "48434"}}
{"text": "Frigate 2.02 - Denial Of Service (PoC)", "spans": {"SYSTEM: Frigate 2.02": [[0, 12]], "VULNERABILITY: Denial Of Service": [[15, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48613"}}
{"text": "Frigate 3.36 - Denial of Service (PoC)", "spans": {"SYSTEM: Frigate 3.36": [[0, 12]], "VULNERABILITY: Denial of Service (PoC)": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "48287"}}
{"text": "FTPGetter Professional 5.97.0.223 - Denial of Service (PoC)", "spans": {"SYSTEM: FTPGetter Professional 5.97.0.223": [[0, 33]], "VULNERABILITY: Denial of Service (PoC)": [[36, 59]]}, "info": {"source": "exploitdb", "exploit_id": "47871"}}
{"text": "Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service (PoC)", "spans": {"SYSTEM: Google Chrome 80.0.3987.87": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[52, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48237"}}
{"text": "GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: GTalk Password Finder 2.2.1": [[0, 27]], "VULNERABILITY: Denial of Service (PoC)": [[36, 59]]}, "info": {"source": "exploitdb", "exploit_id": "47942"}}
{"text": "Hex Workshop v6.7 - Buffer overflow DoS", "spans": {"SYSTEM: Hex Workshop v6.7": [[0, 17]], "VULNERABILITY: Buffer overflow DoS": [[20, 39]]}, "info": {"source": "exploitdb", "exploit_id": "51080"}}
{"text": "iDailyDiary 4.30 - Denial of Service (PoC)", "spans": {"SYSTEM: iDailyDiary 4.30": [[0, 16]], "VULNERABILITY: Denial of Service (PoC)": [[19, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49898"}}
{"text": "Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)", "spans": {"SYSTEM: Internet Download Manager 6.38.12": [[0, 33]], "VULNERABILITY: Buffer Overflow": [[66, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49083"}}
{"text": "Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)", "spans": {"SYSTEM: Konica Minolta FTP Utility 1.0": [[0, 30]], "VULNERABILITY: Denial of Service (PoC)": [[40, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48501"}}
{"text": "Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service (PoC)", "spans": {"SYSTEM: Konica Minolta FTP Utility 1.0": [[0, 30]], "VULNERABILITY: Denial of Service (PoC)": [[40, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48502"}}
{"text": "Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)", "spans": {"SYSTEM: Leawo Prof. Media 11.0.0.1": [[0, 26]], "VULNERABILITY: Denial of Service (DoS)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50153"}}
{"text": "Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)", "spans": {"SYSTEM: Managed Switch Port Mapping Tool 2.85.2": [[0, 39]], "VULNERABILITY: Denial of Service (PoC)": [[42, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49566"}}
{"text": "Microsoft Outlook VCF cards - Denial of Service (PoC)", "spans": {"SYSTEM: Microsoft Outlook VCF cards": [[0, 27]], "VULNERABILITY: Denial of Service (PoC)": [[30, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47878"}}
{"text": "Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)", "spans": {"SYSTEM: Microsoft Windows 10 (1903/1909)": [[0, 32]], "VULNERABILITY: Buffer Overflow": [[87, 102]]}, "info": {"source": "exploitdb", "exploit_id": "48216"}}
{"text": "Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)", "spans": {"SYSTEM: Mocha Telnet Lite for iOS 4.2": [[0, 29]], "VULNERABILITY: Denial of Service (PoC)": [[39, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48728"}}
{"text": "Modbus Slave 7.3.1 - Buffer Overflow (DoS)", "spans": {"SYSTEM: Modbus Slave 7.3.1": [[0, 18]], "VULNERABILITY: Buffer Overflow": [[21, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50536"}}
{"text": "MSN Password Recovery 1.30 - Denial of Service (PoC)", "spans": {"SYSTEM: MSN Password Recovery 1.30": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "47839"}}
{"text": "NBMonitor 1.6.6.0 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: NBMonitor 1.6.6.0": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[26, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47866"}}
{"text": "NBMonitor 1.6.8 - Denial of Service (PoC)", "spans": {"SYSTEM: NBMonitor 1.6.8": [[0, 15]], "VULNERABILITY: Denial of Service (PoC)": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49964"}}
{"text": "NetShareWatcher 1.5.8.0 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: NetShareWatcher 1.5.8.0": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[32, 55]]}, "info": {"source": "exploitdb", "exploit_id": "47860"}}
{"text": "NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service", "spans": {"SYSTEM: NetShareWatcher 1.5.8.0": [[0, 23]], "VULNERABILITY: Denial Of Service": [[33, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47848"}}
{"text": "NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: NetworkSleuth 3.0.0.0": [[0, 21]], "VULNERABILITY: Denial of Service (PoC)": [[30, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47853"}}
{"text": "NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC)", "spans": {"SYSTEM: NIMax 5.3.1": [[0, 11]], "VULNERABILITY: Denial of Service (PoC)": [[35, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50433"}}
{"text": "NIMax 5.3.1f0 - 'VISA Alias' Denial of Service (PoC)", "spans": {"SYSTEM: NIMax 5.3.1f0": [[0, 13]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50434"}}
{"text": "Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)", "spans": {"SYSTEM: Nsasoft Hardware Software Inventory 1.6.4.0": [[0, 43]], "VULNERABILITY: Denial of Service (PoC)": [[57, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49638"}}
{"text": "Nsauditor 3.2.0.0 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: Nsauditor 3.2.0.0": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48286"}}
{"text": "Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)", "spans": {"SYSTEM: Nsauditor 3.2.2.0": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[40, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49568"}}
{"text": "Nsauditor 3.2.3 - Denial of Service (PoC)", "spans": {"SYSTEM: Nsauditor 3.2.3": [[0, 15]], "VULNERABILITY: Denial of Service (PoC)": [[18, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49965"}}
{"text": "Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service (PoC)", "spans": {"SYSTEM: Odin Secure FTP Expert 7.6.3": [[0, 28]], "VULNERABILITY: Denial of Service (PoC)": [[43, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48262"}}
{"text": "Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)", "spans": {"SYSTEM: Odin Secure FTP Expert 7.6.3": [[0, 28]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48136"}}
{"text": "Office Product Key Finder 1.5.4 - Denial of Service (PoC)", "spans": {"SYSTEM: Office Product Key Finder 1.5.4": [[0, 31]], "VULNERABILITY: Denial of Service (PoC)": [[34, 57]]}, "info": {"source": "exploitdb", "exploit_id": "47867"}}
{"text": "Pinkie 2.15 - TFTP Remote Buffer Overflow (PoC)", "spans": {"SYSTEM: Pinkie 2.15": [[0, 11]], "VULNERABILITY: Remote Buffer Overflow": [[19, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50535"}}
{"text": "Product Key Explorer 4.2.2.0 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: Product Key Explorer 4.2.2.0": [[0, 28]], "VULNERABILITY: Denial of Service (PoC)": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48284"}}
{"text": "Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)", "spans": {"SYSTEM: Product Key Explorer 4.2.7": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[40, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49590"}}
{"text": "QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)", "spans": {"SYSTEM: QlikView 12.50.20000.0": [[0, 22]], "VULNERABILITY: Denial of Service (PoC)": [[46, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48732"}}
{"text": "Quick N Easy Web Server 3.3.8 - Denial of Service (PoC)", "spans": {"SYSTEM: Quick N Easy Web Server 3.3.8": [[0, 29]], "VULNERABILITY: Denial of Service (PoC)": [[32, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48111"}}
{"text": "RarmaRadio 2.72.4 - 'server' Denial of Service (PoC)", "spans": {"SYSTEM: RarmaRadio 2.72.4": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48015"}}
{"text": "RarmaRadio 2.72.4 - 'username' Denial of Service (PoC)", "spans": {"SYSTEM: RarmaRadio 2.72.4": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48014"}}
{"text": "RarmaRadio 2.72.5 - Denial of Service (PoC)", "spans": {"SYSTEM: RarmaRadio 2.72.5": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49207"}}
{"text": "RarmaRadio 2.72.8 - Denial of Service (PoC)", "spans": {"SYSTEM: RarmaRadio 2.72.8": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49906"}}
{"text": "Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial of Service (PoC)", "spans": {"SYSTEM: Redragon Gaming Mouse": [[0, 21]], "VULNERABILITY: Denial of Service (PoC)": [[45, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50322"}}
{"text": "Remote Desktop Gateway - 'BlueGate' Denial of Service (PoC)", "spans": {"SYSTEM: Remote Desktop Gateway": [[0, 22]], "VULNERABILITY: Denial of Service (PoC)": [[36, 59]]}, "info": {"source": "exploitdb", "exploit_id": "47963"}}
{"text": "RemShutdown 2.9.0.0 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: RemShutdown 2.9.0.0": [[0, 19]], "VULNERABILITY: Denial of Service (PoC)": [[28, 51]]}, "info": {"source": "exploitdb", "exploit_id": "47863"}}
{"text": "RemShutdown 2.9.0.0 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: RemShutdown 2.9.0.0": [[0, 19]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "47865"}}
{"text": "RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)", "spans": {"SYSTEM: RTSP for iOS 1.0": [[0, 16]], "VULNERABILITY: Denial of Service (PoC)": [[32, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48729"}}
{"text": "Sandboxie 5.49.7 - Denial of Service (PoC)", "spans": {"SYSTEM: Sandboxie 5.49.7": [[0, 16]], "VULNERABILITY: Denial of Service (PoC)": [[19, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49844"}}
{"text": "Scdbg 1.0 - Buffer overflow DoS", "spans": {"SYSTEM: Scdbg 1.0": [[0, 9]], "VULNERABILITY: Buffer overflow DoS": [[12, 31]]}, "info": {"source": "exploitdb", "exploit_id": "51081"}}
{"text": "ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: ShareAlarmPro Advanced Network Access Control": [[0, 45]], "VULNERABILITY: Denial of Service (PoC)": [[54, 77]]}, "info": {"source": "exploitdb", "exploit_id": "47859"}}
{"text": "SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service (PoC)", "spans": {"SYSTEM: SmartFTP Client 10.0.2909.0": [[0, 27]], "VULNERABILITY: Denial of Service (PoC)": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50266"}}
{"text": "SpotAuditor 5.3.4 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: SpotAuditor 5.3.4": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48285"}}
{"text": "SpotAuditor 5.3.5 - 'multiple' Denial Of Service (PoC)", "spans": {"SYSTEM: SpotAuditor 5.3.5": [[0, 17]], "VULNERABILITY: Denial Of Service": [[31, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49589"}}
{"text": "SpotDialup 1.6.7 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: SpotDialup 1.6.7": [[0, 16]], "VULNERABILITY: Denial of Service (PoC)": [[25, 48]]}, "info": {"source": "exploitdb", "exploit_id": "47872"}}
{"text": "SpotDialup 1.6.7 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: SpotDialup 1.6.7": [[0, 16]], "VULNERABILITY: Denial of Service (PoC)": [[26, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47904"}}
{"text": "SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: SpotFTP FTP Password Recovery 3.0.0.0": [[0, 37]], "VULNERABILITY: Denial of Service (PoC)": [[46, 69]]}, "info": {"source": "exploitdb", "exploit_id": "47849"}}
{"text": "SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: SpotFTP FTP Password Recovery 3.0.0.0": [[0, 37]], "VULNERABILITY: Denial of Service (PoC)": [[47, 70]]}, "info": {"source": "exploitdb", "exploit_id": "47868"}}
{"text": "SpotFTP-FTP Password Recover 2.4.8 - Denial of Service (PoC)", "spans": {"SYSTEM: SpotFTP-FTP Password Recover 2.4.8": [[0, 34]], "VULNERABILITY: Denial of Service (PoC)": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48132"}}
{"text": "SpotIE 2.9.5 - 'Key' Denial of Service (PoC)", "spans": {"SYSTEM: SpotIE 2.9.5": [[0, 12]], "VULNERABILITY: Denial of Service (PoC)": [[21, 44]]}, "info": {"source": "exploitdb", "exploit_id": "47855"}}
{"text": "SpotIM 2.2 - 'Name' Denial Of Service", "spans": {"SYSTEM: SpotIM 2.2": [[0, 10]], "VULNERABILITY: Denial Of Service": [[20, 37]]}, "info": {"source": "exploitdb", "exploit_id": "47870"}}
{"text": "SpotMSN 2.4.6 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: SpotMSN 2.4.6": [[0, 13]], "VULNERABILITY: Denial of Service (PoC)": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47869"}}
{"text": "SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC)", "spans": {"SYSTEM: SpotOutlook 1.2.6": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47906"}}
{"text": "SuperMailer v11.20 - Buffer overflow DoS", "spans": {"SYSTEM: SuperMailer v11.20": [[0, 18]], "VULNERABILITY: Buffer overflow DoS": [[21, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51102"}}
{"text": "SyncBreeze 15.2.24 - 'login' Denial of Service", "spans": {"SYSTEM: SyncBreeze 15.2.24": [[0, 18]], "VULNERABILITY: Denial of Service": [[29, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51725"}}
{"text": "Sysax Multi Server 5.50 - Denial of Service (PoC)", "spans": {"SYSTEM: Sysax Multi Server 5.50": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[26, 49]]}, "info": {"source": "exploitdb", "exploit_id": "47947"}}
{"text": "Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)", "spans": {"SYSTEM: Sysax Multi Server 6.95": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[37, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51066"}}
{"text": "TapinRadio 2.12.3 - 'address' Denial of Service (PoC)", "spans": {"SYSTEM: TapinRadio 2.12.3": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[30, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48011"}}
{"text": "TapinRadio 2.12.3 - 'username' Denial of Service (PoC)", "spans": {"SYSTEM: TapinRadio 2.12.3": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48013"}}
{"text": "TapinRadio 2.13.7 - Denial of Service (PoC)", "spans": {"SYSTEM: TapinRadio 2.13.7": [[0, 17]], "VULNERABILITY: Denial of Service (PoC)": [[20, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49206"}}
{"text": "TaskCanvas 1.4.0 - 'Registration' Denial Of Service", "spans": {"SYSTEM: TaskCanvas 1.4.0": [[0, 16]], "VULNERABILITY: Denial Of Service": [[34, 51]]}, "info": {"source": "exploitdb", "exploit_id": "47911"}}
{"text": "Telegram Desktop 2.9.2 - Denial of Service (PoC)", "spans": {"SYSTEM: Telegram Desktop 2.9.2": [[0, 22]], "VULNERABILITY: Denial of Service (PoC)": [[25, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50247"}}
{"text": "TextCrawler Pro3.1.1 - Denial of Service (PoC)", "spans": {"SYSTEM: TextCrawler Pro3.1.1": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47862"}}
{"text": "Top Password Firefox Password Recovery 2.8 - Denial of Service (PoC)", "spans": {"SYSTEM: Top Password Firefox Password Recovery 2.8": [[0, 42]], "VULNERABILITY: Denial of Service (PoC)": [[45, 68]]}, "info": {"source": "exploitdb", "exploit_id": "47912"}}
{"text": "Top Password Software Dialup Password Recovery 1.30 - Denial of Service (PoC)", "spans": {"SYSTEM: Top Password Software Dialup Password Recovery 1.30": [[0, 51]], "VULNERABILITY: Denial of Service (PoC)": [[54, 77]]}, "info": {"source": "exploitdb", "exploit_id": "47907"}}
{"text": "Tunnel Interface Driver - Denial of Service", "spans": {"SYSTEM: Tunnel Interface Driver": [[0, 23]], "VULNERABILITY: Denial of Service": [[26, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51114"}}
{"text": "UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service (PoC)", "spans": {"SYSTEM: UltraVNC Launcher 1.2.4.0": [[0, 25]], "VULNERABILITY: Denial of Service (PoC)": [[39, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48290"}}
{"text": "UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service (PoC)", "spans": {"SYSTEM: UltraVNC Launcher 1.2.4.0": [[0, 25]], "VULNERABILITY: Denial of Service (PoC)": [[43, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48288"}}
{"text": "UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service (PoC)", "spans": {"SYSTEM: UltraVNC Viewer 1.2.4.0": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[38, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48291"}}
{"text": "VirtualTablet Server 3.0.2 - Denial of Service (PoC)", "spans": {"SYSTEM: VirtualTablet Server 3.0.2": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[29, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48402"}}
{"text": "VMware Workstation 15 Pro - Denial of Service", "spans": {"SYSTEM: VMware Workstation 15 Pro": [[0, 25]], "VULNERABILITY: Denial of Service": [[28, 45]]}, "info": {"source": "exploitdb", "exploit_id": "51100"}}
{"text": "Windows TCP/IP - RCE Checker and Denial of Service", "spans": {"SYSTEM: Windows TCP/IP": [[0, 14]], "VULNERABILITY: Denial of Service": [[33, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52075"}}
{"text": "XAMPP - Buffer Overflow POC", "spans": {"SYSTEM: XAMPP": [[0, 5]], "VULNERABILITY: Buffer Overflow": [[8, 23]]}, "info": {"source": "exploitdb", "exploit_id": "51800"}}
{"text": "Xlight FTP 3.9.3.1 - Buffer Overflow (PoC)", "spans": {"SYSTEM: Xlight FTP 3.9.3.1": [[0, 18]], "VULNERABILITY: Buffer Overflow": [[21, 36]]}, "info": {"source": "exploitdb", "exploit_id": "50516"}}
{"text": "Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' (DOS)", "spans": {"SYSTEM: Xlight FTP Server 3.9.3.6": [[0, 25]], "VULNERABILITY: 'Stack Buffer Overflow'": [[28, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51665"}}
{"text": "XWorm Trojan 2.1 - Null Pointer Derefernce DoS", "spans": {"SYSTEM: XWorm Trojan 2.1": [[0, 16]], "VULNERABILITY: Null Pointer Derefernce DoS": [[19, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51265"}}
{"text": "Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service (PoC)", "spans": {"SYSTEM: Yenkee Hornet Gaming Mouse": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[45, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50311"}}
{"text": "ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service (PoC)", "spans": {"SYSTEM: ZIP Password Recovery 2.30": [[0, 26]], "VULNERABILITY: Denial of Service (PoC)": [[40, 63]]}, "info": {"source": "exploitdb", "exploit_id": "47894"}}
{"text": "ZOC Terminal 7.25.5 - 'Script' Denial of Service (PoC)", "spans": {"SYSTEM: ZOC Terminal 7.25.5": [[0, 19]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48302"}}
{"text": "ZOC Terminal v7.25.5 - 'Private key file' Denial of Service (PoC)", "spans": {"SYSTEM: ZOC Terminal v7.25.5": [[0, 20]], "VULNERABILITY: Denial of Service (PoC)": [[42, 65]]}, "info": {"source": "exploitdb", "exploit_id": "48292"}}
{"text": "10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH) (ASLR + DEP Bypass)", "spans": {"SYSTEM: 10-Strike Bandwidth Monitor 3.9": [[0, 31]], "VULNERABILITY: Buffer Overflow": [[34, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48570"}}
{"text": "10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer": [[0, 36]], "VULNERABILITY: Unquoted Service Path": [[63, 84]]}, "info": {"source": "exploitdb", "exploit_id": "48251"}}
{"text": "10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow (SEH)", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer 8.54": [[0, 41]], "VULNERABILITY: Buffer Overflow": [[56, 71]]}, "info": {"source": "exploitdb", "exploit_id": "48253"}}
{"text": "10-Strike Network Inventory Explorer 8.65 - Buffer Overflow (SEH)", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer 8.65": [[0, 41]], "VULNERABILITY: Buffer Overflow": [[44, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49134"}}
{"text": "10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH) (ROP)", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer 9.03": [[0, 41]], "VULNERABILITY: Buffer Overflow": [[61, 76]]}, "info": {"source": "exploitdb", "exploit_id": "48264"}}
{"text": "10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer Pro 9.05": [[0, 45]], "VULNERABILITY: Buffer Overflow": [[48, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49322"}}
{"text": "10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer Pro 9.31": [[0, 45]], "VULNERABILITY: Unquoted Service Path": [[72, 93]]}, "info": {"source": "exploitdb", "exploit_id": "50494"}}
{"text": "10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)", "spans": {"SYSTEM: 10-Strike Network Inventory Explorer Pro 9.31": [[0, 45]], "VULNERABILITY: Buffer Overflow": [[48, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50472"}}
{"text": "10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)", "spans": {"SYSTEM: 10Strike LANState 9.32": [[0, 22]], "VULNERABILITY: Buffer Overflow": [[39, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48277"}}
{"text": "7 Sticky Notes v1.9 - OS Command Injection", "spans": {"SYSTEM: 7 Sticky Notes v1.9": [[0, 19]], "VULNERABILITY: Command Injection": [[25, 42]]}, "info": {"source": "exploitdb", "exploit_id": "51748"}}
{"text": "Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe'  Unquoted Service Path", "spans": {"SYSTEM: Acer Updater Service 1.2.3500.0": [[0, 31]], "VULNERABILITY: Unquoted Service Path": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49890"}}
{"text": "ActFax 10.10 - Unquoted Path Services", "spans": {"SYSTEM: ActFax 10.10": [[0, 12]], "VULNERABILITY: Unquoted Path Services": [[15, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51332"}}
{"text": "Active WebCam 11.5 - Unquoted Service Path", "spans": {"SYSTEM: Active WebCam 11.5": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50273"}}
{"text": "ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path", "spans": {"SYSTEM: ActivIdentity 8.2": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49703"}}
{"text": "Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path", "spans": {"SYSTEM: Adaware Web Companion 4.9.2159": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "47852"}}
{"text": "Advanced Host Monitor v12.56 - Unquoted Service Path", "spans": {"SYSTEM: Advanced Host Monitor v12.56": [[0, 28]], "VULNERABILITY: Unquoted Service Path": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51412"}}
{"text": "Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path", "spans": {"SYSTEM: Advanced System Care Service 13": [[0, 31]], "VULNERABILITY: Unquoted Service Path": [[64, 85]]}, "info": {"source": "exploitdb", "exploit_id": "49049"}}
{"text": "Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions", "spans": {"SYSTEM: Advanced System Repair Pro 1.9.1.7": [[0, 34]], "VULNERABILITY: Insecure File Permissions": [[37, 62]]}, "info": {"source": "exploitdb", "exploit_id": "47905"}}
{"text": "AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)", "spans": {"SYSTEM: AIDA64 Engineer 6.20.5300": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[51, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48281"}}
{"text": "Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH)", "spans": {"SYSTEM: Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217": [[0, 48]], "VULNERABILITY: Stack Overflow": [[51, 65]]}, "info": {"source": "exploitdb", "exploit_id": "47910"}}
{"text": "Allok Video Converter 4.6.1217 - Stack Overflow (SEH)", "spans": {"SYSTEM: Allok Video Converter 4.6.1217": [[0, 30]], "VULNERABILITY: Stack Overflow": [[33, 47]]}, "info": {"source": "exploitdb", "exploit_id": "47908"}}
{"text": "Amarok 2.8.0 - Denial-of-Service", "spans": {"SYSTEM: Amarok 2.8.0": [[0, 12]], "VULNERABILITY: Denial-of-Service": [[15, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48993"}}
{"text": "AMD Fuel Service - 'Fuel.service' Unquote Service Path", "spans": {"SYSTEM: AMD Fuel Service": [[0, 16]], "VULNERABILITY: Unquote Service Path": [[34, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49535"}}
{"text": "Amica Prodigy 1.7 - Privilege Escalation", "spans": {"SYSTEM: Amica Prodigy 1.7": [[0, 17]], "VULNERABILITY: Privilege Escalation": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50184"}}
{"text": "Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path", "spans": {"SYSTEM: Andrea ST Filters Service 1.0.64.7": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[66, 87]]}, "info": {"source": "exploitdb", "exploit_id": "48396"}}
{"text": "AnyBurn 4.8 - Buffer Overflow (SEH)", "spans": {"SYSTEM: AnyBurn 4.8": [[0, 11]], "VULNERABILITY: Buffer Overflow": [[14, 29]]}, "info": {"source": "exploitdb", "exploit_id": "48211"}}
{"text": "AnyDesk 5.4.0 - Unquoted Service Path", "spans": {"SYSTEM: AnyDesk 5.4.0": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "47883"}}
{"text": "AnyDesk 7.0.15 - Unquoted Service Path", "spans": {"SYSTEM: AnyDesk 7.0.15": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51968"}}
{"text": "AnyDesk 9.0.1 - Unquoted Service Path", "spans": {"SYSTEM: AnyDesk 9.0.1": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "52258"}}
{"text": "AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path", "spans": {"SYSTEM: AnyTXT Searcher 1.2.394": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49549"}}
{"text": "Arcsoft PhotoStudio 6.0.0.172 - Unquoted Service Path", "spans": {"SYSTEM: Arcsoft PhotoStudio 6.0.0.172": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51393"}}
{"text": "Argus Surveillance DVR 4.0 - Unquoted Service Path", "spans": {"SYSTEM: Argus Surveillance DVR 4.0": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50261"}}
{"text": "Argus Surveillance DVR 4.0 - Weak Password Encryption", "spans": {"SYSTEM: Argus Surveillance DVR 4.0": [[0, 26]], "VULNERABILITY: Weak Password Encryption": [[29, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50130"}}
{"text": "aSc TimeTables 2021.6.2 - Denial of Service (PoC)", "spans": {"SYSTEM: aSc TimeTables 2021.6.2": [[0, 23]], "VULNERABILITY: Denial of Service (PoC)": [[26, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49147"}}
{"text": "AspEmail v5.6.0.2 - Local Privilege Escalation", "spans": {"SYSTEM: AspEmail v5.6.0.2": [[0, 17]], "VULNERABILITY: Local Privilege Escalation": [[20, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51380"}}
{"text": "ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path", "spans": {"SYSTEM: ASUS AAHM 1.00.22": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48206"}}
{"text": "ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path", "spans": {"SYSTEM: ASUS AXSP 1.02.00": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48193"}}
{"text": "ASUS Control Center Express 01.06.15 - Unquoted Service Path", "spans": {"SYSTEM: ASUS Control Center Express 01.06.15": [[0, 36]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51939"}}
{"text": "Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted Service Path", "spans": {"SYSTEM: Asus GameSDK v1.0.0.4": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50985"}}
{"text": "ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path", "spans": {"SYSTEM: ASUS GiftBox Desktop 1.1.1.127": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48173"}}
{"text": "ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path", "spans": {"SYSTEM: ASUS HID Access Service 1.0.94.0": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49888"}}
{"text": "ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow (DEP_ASLR Bypass) (PoC)", "spans": {"SYSTEM: ASX to MP3 converter 3.1.3.7.2010.11.05": [[0, 39]], "VULNERABILITY: Buffer Overflow": [[55, 70]]}, "info": {"source": "exploitdb", "exploit_id": "48769"}}
{"text": "Atheros Coex Service Application 8.0.0.255 - 'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path", "spans": {"SYSTEM: Atheros Coex Service Application 8.0.0.255": [[0, 42]], "VULNERABILITY: Unquoted Service Path": [[75, 96]]}, "info": {"source": "exploitdb", "exploit_id": "49053"}}
{"text": "Atomic Alarm Clock 6.3 - Stack Overflow (Unicode+SEH)", "spans": {"SYSTEM: Atomic Alarm Clock 6.3": [[0, 22]], "VULNERABILITY: Stack Overflow": [[25, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48346"}}
{"text": "Audio Conversion Wizard v2.01 - Buffer Overflow", "spans": {"SYSTEM: Audio Conversion Wizard v2.01": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[32, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50811"}}
{"text": "Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)", "spans": {"SYSTEM: Audio Playback Recorder 3.2.2": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48796"}}
{"text": "Automox Agent 32 - Local Privilege Escalation", "spans": {"SYSTEM: Automox Agent 32": [[0, 16]], "VULNERABILITY: Local Privilege Escalation": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50642"}}
{"text": "AVAST Antivirus 25.11 - Unquoted Service Path", "spans": {"SYSTEM: AVAST Antivirus 25.11": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52510"}}
{"text": "AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path", "spans": {"SYSTEM: AVAST SecureLine 5.5.522.0": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48249"}}
{"text": "AVG Anti Spyware 7.5 - Unquoted Service Path _AVG Anti-Spyware Guard_", "spans": {"SYSTEM: AVG Anti Spyware 7.5": [[0, 20]], "VULNERABILITY: Unquoted Service Path _AVG Anti-Spyware Guard_": [[23, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51583"}}
{"text": "AVS Audio Converter 10.3 - Stack Overflow (SEH)", "spans": {"SYSTEM: AVS Audio Converter 10.3": [[0, 24]], "VULNERABILITY: Stack Overflow": [[27, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51090"}}
{"text": "B64dec 1.1.2 - Buffer Overflow (SEH Overflow + EggHunter)", "spans": {"SYSTEM: B64dec 1.1.2": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[15, 30]]}, "info": {"source": "exploitdb", "exploit_id": "48317"}}
{"text": "BacklinkSpeed 2.4 - Buffer Overflow PoC (SEH)", "spans": {"SYSTEM: BacklinkSpeed 2.4": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[20, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48726"}}
{"text": "Backup Key Recovery 2.2.7 - Denial of Service (PoC)", "spans": {"SYSTEM: Backup Key Recovery 2.2.7": [[0, 25]], "VULNERABILITY: Denial of Service (PoC)": [[28, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49966"}}
{"text": "Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path", "spans": {"SYSTEM: Backup Manager Module 3.0.0.99": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49889"}}
{"text": "Bandwidth Monitor 3.9 - 'Svc10StrikeBandMontitor' Unquoted Service Path", "spans": {"SYSTEM: Bandwidth Monitor 3.9": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "48591"}}
{"text": "BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path", "spans": {"SYSTEM: BarcodeOCR 19.3.6": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48740"}}
{"text": "BarracudaDrive v6.5 - Insecure Folder Permissions", "spans": {"SYSTEM: BarracudaDrive v6.5": [[0, 19]], "VULNERABILITY: Insecure Folder Permissions": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48789"}}
{"text": "Battle.Net 1.27.1.12428 - Insecure File Permissions", "spans": {"SYSTEM: Battle.Net 1.27.1.12428": [[0, 23]], "VULNERABILITY: Insecure File Permissions": [[26, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48873"}}
{"text": "BattlEye 0.9 - 'BEService' Unquoted Service Path", "spans": {"SYSTEM: BattlEye 0.9": [[0, 12]], "VULNERABILITY: Unquoted Service Path": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50815"}}
{"text": "BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in (PoC)", "spans": {"SYSTEM: BearShare Lite 5.2.5": [[0, 20]], "VULNERABILITY: Buffer Overflow": [[40, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48839"}}
{"text": "BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow (SEH_ASLR_DEP)", "spans": {"SYSTEM: BlazeDVD 7.0 Professional": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[41, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48776"}}
{"text": "BlazeDVD 7.0.2 - Buffer Overflow (SEH)", "spans": {"SYSTEM: BlazeDVD 7.0.2": [[0, 14]], "VULNERABILITY: Buffer Overflow": [[17, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48329"}}
{"text": "Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path", "spans": {"SYSTEM: Bluetooth Application 5.4.277": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50761"}}
{"text": "Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation", "spans": {"SYSTEM: Bonjour Service 'mDNSResponder.exe'": [[0, 35]], "VULNERABILITY: Privilege Escalation": [[60, 80]]}, "info": {"source": "exploitdb", "exploit_id": "52061"}}
{"text": "BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path", "spans": {"SYSTEM: BOOTP Turbo 2.0.0.1253": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49851"}}
{"text": "BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path", "spans": {"SYSTEM: BOOTP Turbo 2.0.1214": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48078"}}
{"text": "Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH)", "spans": {"SYSTEM: Boxoft Audio Converter 2.3.0": [[0, 28]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49089"}}
{"text": "Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit", "spans": {"SYSTEM: Boxoft Convert Master 1.3.0": [[0, 27]], "VULNERABILITY: SEH Local Exploit": [[36, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49088"}}
{"text": "BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path", "spans": {"SYSTEM: BRAdmin Professional 3.75": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49671"}}
{"text": "Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path", "spans": {"SYSTEM: Brother BRAgent 1.38": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50010"}}
{"text": "Brother BRPrint Auditor - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: Brother BRPrint Auditor": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50005"}}
{"text": "bVPN 2.5.1 - 'waselvpnserv' Unquoted Service Path", "spans": {"SYSTEM: bVPN 2.5.1": [[0, 10]], "VULNERABILITY: Unquoted Service Path": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49632"}}
{"text": "Cain & Abel 4.9.56 - Unquoted Service Path", "spans": {"SYSTEM: Cain & Abel 4.9.56": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50728"}}
{"text": "Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE'  - Unquoted Service Path", "spans": {"SYSTEM: Canon Inkjet Extended Survey Program 5.1.0.8": [[0, 44]], "VULNERABILITY: - Unquoted Service Path": [[63, 86]]}, "info": {"source": "exploitdb", "exploit_id": "49019"}}
{"text": "Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path", "spans": {"SYSTEM: Chromacam 4.0.3.0": [[0, 17]], "VULNERABILITY: PsyFrameGrabberService Unquoted Service Path": [[20, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51210"}}
{"text": "Cloudflare WARP 1.4 - Unquoted Service Path", "spans": {"SYSTEM: Cloudflare WARP 1.4": [[0, 19]], "VULNERABILITY: Unquoted Service Path": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50805"}}
{"text": "CloudMe 1.11.2 - Buffer Overflow (SEH_DEP_ASLR)", "spans": {"SYSTEM: CloudMe 1.11.2": [[0, 14]], "VULNERABILITY: Buffer Overflow": [[17, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48499"}}
{"text": "CloudMe 1.11.2 - Buffer Overflow ROP (DEP_ASLR)", "spans": {"SYSTEM: CloudMe 1.11.2": [[0, 14]], "VULNERABILITY: Buffer Overflow": [[17, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48840"}}
{"text": "Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of Service (PoC)", "spans": {"SYSTEM: Cmder Console Emulator 1.3.18": [[0, 29]], "VULNERABILITY: Denial of Service (PoC)": [[44, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50401"}}
{"text": "Cobian Backup 0.9 - Unquoted Service Path", "spans": {"SYSTEM: Cobian Backup 0.9": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50810"}}
{"text": "Cobian Backup 11 Gravity 11.2.0.582 - 'Password' Denial of Service (PoC)", "spans": {"SYSTEM: Cobian Backup 11 Gravity 11.2.0.582": [[0, 35]], "VULNERABILITY: Denial of Service (PoC)": [[49, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50790"}}
{"text": "Cobian Backup Gravity 11.2.0.582 - 'CobianBackup11' Unquoted Service Path", "spans": {"SYSTEM: Cobian Backup Gravity 11.2.0.582": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50791"}}
{"text": "Cobian Reflector 0.9.93 RC1 - 'Password' Denial of Service (PoC)", "spans": {"SYSTEM: Cobian Reflector 0.9.93 RC1": [[0, 27]], "VULNERABILITY: Denial of Service (PoC)": [[41, 64]]}, "info": {"source": "exploitdb", "exploit_id": "50789"}}
{"text": "Code Blocks 16.01 - Buffer Overflow (SEH) UNICODE", "spans": {"SYSTEM: Code Blocks 16.01": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[20, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48344"}}
{"text": "Code Blocks 17.12 - 'File Name' Local Buffer Overflow (Unicode) (SEH) (PoC)", "spans": {"SYSTEM: Code Blocks 17.12": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48594"}}
{"text": "CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path", "spans": {"SYSTEM: CodeMeter 6.60": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48735"}}
{"text": "Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path", "spans": {"SYSTEM: Configuration Tool 1.6.53": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49624"}}
{"text": "Connectify Hotspot 2018 'ConnectifyService' - Unquoted Service Path", "spans": {"SYSTEM: Connectify Hotspot 2018 'ConnectifyService'": [[0, 43]], "VULNERABILITY: Unquoted Service Path": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50764"}}
{"text": "CONTPAQi(R) AdminPAQ 14.0.0 - Unquoted Service Path", "spans": {"SYSTEM: CONTPAQi(R) AdminPAQ 14.0.0": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50690"}}
{"text": "CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path", "spans": {"SYSTEM: CoolerMaster MasterPlus 1.8.5": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51159"}}
{"text": "CrowdStrike Falcon AGENT  6.44.15806  - Uninstall without Installation Token", "spans": {"SYSTEM: CrowdStrike Falcon AGENT  6.44.15806": [[0, 36]], "VULNERABILITY: Uninstall without Installation Token": [[40, 76]]}, "info": {"source": "exploitdb", "exploit_id": "51146"}}
{"text": "Cuckoo Clock v5.0 - Buffer Overflow", "spans": {"SYSTEM: Cuckoo Clock v5.0": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[20, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48087"}}
{"text": "Cyberfox Web Browser 52.9.1 - Denial of Service (PoC)", "spans": {"SYSTEM: Cyberfox Web Browser 52.9.1": [[0, 27]], "VULNERABILITY: Denial of Service (PoC)": [[30, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50336"}}
{"text": "Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Cyberoam Authentication Client 2.1.2.7": [[0, 38]], "VULNERABILITY: Buffer Overflow": [[41, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48148"}}
{"text": "Dameware Remote Support 12.1.1.273 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Dameware Remote Support 12.1.1.273": [[0, 34]], "VULNERABILITY: Buffer Overflow": [[37, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48469"}}
{"text": "dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)", "spans": {"SYSTEM: dataSIMS Avionics ARINC 664-1": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49577"}}
{"text": "Deep Instinct Windows Agent 1.2.24.0 - 'DeepNetworkService' Unquoted Service Path", "spans": {"SYSTEM: Deep Instinct Windows Agent 1.2.24.0": [[0, 36]], "VULNERABILITY: Unquoted Service Path": [[60, 81]]}, "info": {"source": "exploitdb", "exploit_id": "49020"}}
{"text": "Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path", "spans": {"SYSTEM: Deep Instinct Windows Agent 1.2.29.0": [[0, 36]], "VULNERABILITY: Unquoted Service Path": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48174"}}
{"text": "DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)", "spans": {"SYSTEM: DELL dbutil_2_3.sys 2.3": [[0, 23]], "VULNERABILITY: Local Privilege Escalation": [[45, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49893"}}
{"text": "Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation", "spans": {"SYSTEM: Desktop Window Manager Core Library 10.0.10240.0": [[0, 48]], "VULNERABILITY: Privilege Escalation": [[51, 71]]}, "info": {"source": "exploitdb", "exploit_id": "52493"}}
{"text": "DHCP Broadband 4.1.0.1503 - 'dhcpt.exe' Unquoted Service Path", "spans": {"SYSTEM: DHCP Broadband 4.1.0.1503": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49850"}}
{"text": "DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path", "spans": {"SYSTEM: DHCP Turbo 4.61298": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48080"}}
{"text": "DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path", "spans": {"SYSTEM: DigitalPersona 4.5.0.2213": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49008"}}
{"text": "DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path", "spans": {"SYSTEM: DigitalPersona 5.1.0.656 'DpHostW'": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49041"}}
{"text": "Disk Savvy 13.6.14 - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: Disk Savvy 13.6.14": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50024"}}
{"text": "Disk Savvy Enterprise 12.3.18 - Unquoted Service Path", "spans": {"SYSTEM: Disk Savvy Enterprise 12.3.18": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48049"}}
{"text": "Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path", "spans": {"SYSTEM: Disk Sorter Enterprise 12.4.16": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[58, 79]]}, "info": {"source": "exploitdb", "exploit_id": "48048"}}
{"text": "Disk Sorter Enterprise 13.6.12 - 'Disk Sorter Enterprise' Unquoted Service Path", "spans": {"SYSTEM: Disk Sorter Enterprise 13.6.12": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[58, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50014"}}
{"text": "Disk Sorter Server 13.6.12 - 'Disk Sorter Server' Unquoted Service Path", "spans": {"SYSTEM: Disk Sorter Server 13.6.12": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "50013"}}
{"text": "DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow (PoC)", "spans": {"SYSTEM: DiskBoss 7.7.14": [[0, 15]], "VULNERABILITY: Buffer Overflow": [[42, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48279"}}
{"text": "DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)", "spans": {"SYSTEM: DiskBoss 7.7.14": [[0, 15]], "VULNERABILITY: Buffer Overflow": [[47, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48689"}}
{"text": "DiskBoss Service 12.2.18 - 'diskbsa.exe' Unquoted Service Path", "spans": {"SYSTEM: DiskBoss Service 12.2.18": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49899"}}
{"text": "DiskBoss v11.7.28 - Multiple Services Unquoted Service Path", "spans": {"SYSTEM: DiskBoss v11.7.28": [[0, 17]], "VULNERABILITY: Multiple Services Unquoted Service Path": [[20, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49022"}}
{"text": "DiskPulse 13.6.14 - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: DiskPulse 13.6.14": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50012"}}
{"text": "Docker-Credential-Wincred.exe - Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Docker-Credential-Wincred.exe": [[0, 29]], "VULNERABILITY: Privilege Escalation": [[32, 52]], "TOOL: Metasploit": [[54, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48388"}}
{"text": "docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)", "spans": {"SYSTEM: docPrint Pro 8.0": [[0, 16]], "VULNERABILITY: Buffer Overflow": [[29, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49100"}}
{"text": "Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path", "spans": {"SYSTEM: Dr. Fone 4.0.8": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50977"}}
{"text": "Druva inSync Windows Client 6.5.2 - Local Privilege Escalation", "spans": {"SYSTEM: Druva inSync Windows Client 6.5.2": [[0, 33]], "VULNERABILITY: Local Privilege Escalation": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48400"}}
{"text": "Druva inSync Windows Client 6.6.3 - Local Privilege Escalation", "spans": {"SYSTEM: Druva inSync Windows Client 6.6.3": [[0, 33]], "VULNERABILITY: Local Privilege Escalation": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48505"}}
{"text": "Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)", "spans": {"SYSTEM: Druva inSync Windows Client 6.6.3": [[0, 33]], "VULNERABILITY: Local Privilege Escalation": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49211"}}
{"text": "Dup Scout 13.5.28 - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: Dup Scout 13.5.28": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50025"}}
{"text": "DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow", "spans": {"SYSTEM: DVD Photo Slideshow Professional 8.07": [[0, 37]], "VULNERABILITY: Buffer Overflow": [[46, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48041"}}
{"text": "DVD Photo Slideshow Professional 8.07 - 'Name' Buffer Overflow", "spans": {"SYSTEM: DVD Photo Slideshow Professional 8.07": [[0, 37]], "VULNERABILITY: Buffer Overflow": [[47, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48046"}}
{"text": "Dynojet Power Core 2.3.0 - Unquoted Service Path", "spans": {"SYSTEM: Dynojet Power Core 2.3.0": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50466"}}
{"text": "EaseUS Data Recovery - 'ensserver.exe' Unquoted Service Path", "spans": {"SYSTEM: EaseUS Data Recovery": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50886"}}
{"text": "Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow (SEH + DEP)", "spans": {"SYSTEM: Easy MPEG to DVD Burner 1.7.11": [[0, 30]], "VULNERABILITY: Buffer Overflow": [[33, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48339"}}
{"text": "Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)", "spans": {"SYSTEM: Easy RM to MP3 Converter 2.7.3.700": [[0, 34]], "VULNERABILITY: Buffer Overflow": [[51, 66]]}, "info": {"source": "exploitdb", "exploit_id": "48257"}}
{"text": "eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path", "spans": {"SYSTEM: eBeam education suite 2.5.0.9": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49647"}}
{"text": "Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path", "spans": {"SYSTEM: Eclipse Mosquitto MQTT broker 2.0.9": [[0, 35]], "VULNERABILITY: Unquoted Service Path": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49673"}}
{"text": "ELAN Smart-Pad 11.10.15.1 - 'ETDService' Unquoted Service Path", "spans": {"SYSTEM: ELAN Smart-Pad 11.10.15.1": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48009"}}
{"text": "ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path", "spans": {"SYSTEM: ELAN Touchpad 15.2.13.1_X64_WHQL": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49702"}}
{"text": "Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path", "spans": {"SYSTEM: Elodea Event Collector 4.9.3": [[0, 28]], "VULNERABILITY: Unquoted Service Path": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "49704"}}
{"text": "EmEditor 19.8 - Insecure File Permissions", "spans": {"SYSTEM: EmEditor 19.8": [[0, 13]], "VULNERABILITY: Insecure File Permissions": [[16, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48398"}}
{"text": "Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path", "spans": {"SYSTEM: Emerson PAC Machine Edition 9.80 Build 8695": [[0, 43]], "VULNERABILITY: Unquoted Service Path": [[60, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50745"}}
{"text": "Epic Games Easy Anti-Cheat 4.0 - Local Privilege Escalation", "spans": {"SYSTEM: Epic Games Easy Anti-Cheat 4.0": [[0, 30]], "VULNERABILITY: Local Privilege Escalation": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49841"}}
{"text": "Epic Games Rocket League 1.95 - Stack Buffer Overrun", "spans": {"SYSTEM: Epic Games Rocket League 1.95": [[0, 29]], "VULNERABILITY: Stack Buffer Overrun": [[32, 52]]}, "info": {"source": "exploitdb", "exploit_id": "49848"}}
{"text": "ePowerSvc 6.0.3008.0 - 'ePowerSvc.exe' Unquoted Service Path", "spans": {"SYSTEM: ePowerSvc 6.0.3008.0": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49900"}}
{"text": "EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path", "spans": {"SYSTEM: EPSON EasyMP Network Projection 2.81": [[0, 36]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48069"}}
{"text": "EPSON Status Monitor 3 'EPSON_PM_RPCV4_06' - Unquoted Service Path", "spans": {"SYSTEM: EPSON Status Monitor 3 'EPSON_PM_RPCV4_06'": [[0, 42]], "VULNERABILITY: Unquoted Service Path": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49141"}}
{"text": "Epson USB Display 1.6.0.0 - 'EMP_UDSA' Unquoted Service Path", "spans": {"SYSTEM: Epson USB Display 1.6.0.0": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49548"}}
{"text": "ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path", "spans": {"SYSTEM: ESET NOD32 Antivirus 17.0.16.0": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51964"}}
{"text": "ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path", "spans": {"SYSTEM: ESET Service 16.0.26.0": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51351"}}
{"text": "Ether_MP3_CD_Burner 1.3.8 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Ether_MP3_CD_Burner 1.3.8": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[28, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50332"}}
{"text": "Exploit - EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path", "spans": {"SYSTEM: Exploit": [[0, 7]], "VULNERABILITY: EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path": [[10, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48965"}}
{"text": "Explorer32++ v1.3.5.531 - Buffer overflow", "spans": {"SYSTEM: Explorer32++ v1.3.5.531": [[0, 23]], "VULNERABILITY: Buffer overflow": [[26, 41]]}, "info": {"source": "exploitdb", "exploit_id": "51077"}}
{"text": "Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path", "spans": {"SYSTEM: Ext2Fsd v0.68": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[26, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49706"}}
{"text": "FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR & DEP Bypass)", "spans": {"SYSTEM: FastStone Image Viewer 7.5": [[0, 26]], "VULNERABILITY: Buffer Overflow": [[74, 89]]}, "info": {"source": "exploitdb", "exploit_id": "49660"}}
{"text": "File Replication Pro 7.5.0 - Privilege Escalation/Password reset due Incorrect Access Control", "spans": {"SYSTEM: File Replication Pro 7.5.0": [[0, 26]], "VULNERABILITY: Privilege Escalation": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51375"}}
{"text": "File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path", "spans": {"SYSTEM: File Sanitizer for HP ProtectTools 5.0.1.3": [[0, 42]], "VULNERABILITY: Unquoted Service Path": [[59, 80]]}, "info": {"source": "exploitdb", "exploit_id": "50763"}}
{"text": "FileZilla Client 3.63.1 - 'TextShaping.dl' DLL Hijacking", "spans": {"SYSTEM: FileZilla Client 3.63.1": [[0, 23]], "VULNERABILITY: DLL Hijacking": [[43, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51267"}}
{"text": "Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation", "spans": {"SYSTEM: Filmora 12 version ( Build 1.0.0.7)": [[0, 35]], "VULNERABILITY: Privilege Escalation": [[61, 81]]}, "info": {"source": "exploitdb", "exploit_id": "51483"}}
{"text": "FLAME II MODEM USB - Unquoted Service Path", "spans": {"SYSTEM: FLAME II MODEM USB": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50708"}}
{"text": "Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission", "spans": {"SYSTEM: Fluentd TD-agent plugin 4.0.1": [[0, 29]], "VULNERABILITY: Insecure Folder Permission": [[32, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49363"}}
{"text": "ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path", "spans": {"SYSTEM: ForensiTAppxService 2.2.0.4": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "48821"}}
{"text": "Foxit PDF Reader 11.0 - Unquoted Service Path", "spans": {"SYSTEM: Foxit PDF Reader 11.0": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[24, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50807"}}
{"text": "Foxit Reader 9.0.1.1049 - Arbitrary Code Execution", "spans": {"SYSTEM: Foxit Reader 9.0.1.1049": [[0, 23]], "VULNERABILITY: Arbitrary Code Execution": [[26, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49116"}}
{"text": "Foxit Reader 9.7.1 - Remote Command Execution (Javascript API)", "spans": {"SYSTEM: Foxit Reader 9.7.1": [[0, 18]], "VULNERABILITY: Remote Command Execution": [[21, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48982"}}
{"text": "Free MP3 CD Ripper 2.8 - Multiple File Buffer Overflow (Metasploit)", "spans": {"SYSTEM: Free MP3 CD Ripper 2.8": [[0, 22]], "VULNERABILITY: Buffer Overflow": [[39, 54]], "TOOL: Metasploit": [[56, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49087"}}
{"text": "Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)", "spans": {"SYSTEM: Free MP3 CD Ripper 2.8": [[0, 22]], "VULNERABILITY: Buffer Overflow": [[31, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48696"}}
{"text": "Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow", "spans": {"SYSTEM: Freefloat FTP Server 1.0": [[0, 24]], "VULNERABILITY: Remote Buffer Overflow": [[33, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51706"}}
{"text": "freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path", "spans": {"SYSTEM: freeFTPd v1.0.13": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48043"}}
{"text": "FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path", "spans": {"SYSTEM: FreeLAN 2.2": [[0, 11]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49630"}}
{"text": "FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path", "spans": {"SYSTEM: FreeSSHd 1.3.1": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "48044"}}
{"text": "Frhed (Free hex editor) v1.6.0 - Buffer overflow", "spans": {"SYSTEM: Frhed (Free hex editor) v1.6.0": [[0, 30]], "VULNERABILITY: Buffer overflow": [[33, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51078"}}
{"text": "Frigate 3.36 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Frigate 3.36": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[15, 30]]}, "info": {"source": "exploitdb", "exploit_id": "48415"}}
{"text": "Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow (SEH) (PoC)", "spans": {"SYSTEM: Frigate 3.36.0.9": [[0, 16]], "VULNERABILITY: Buffer Overflow": [[40, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48563"}}
{"text": "Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow (SEH) (PoC)", "spans": {"SYSTEM: Frigate Professional 3.36.0.9": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[54, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48579"}}
{"text": "Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)", "spans": {"SYSTEM: Frigate Professional 3.36.0.9": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[44, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48688"}}
{"text": "FTPDummy 4.80 - Local Buffer Overflow (SEH)", "spans": {"SYSTEM: FTPDummy 4.80": [[0, 13]], "VULNERABILITY: Buffer Overflow": [[22, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48685"}}
{"text": "Game Jackal Server v5 - Unquoted Service Path _GJServiceV5_", "spans": {"SYSTEM: Game Jackal Server v5": [[0, 21]], "VULNERABILITY: Unquoted Service Path _GJServiceV5_": [[24, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51584"}}
{"text": "General Device Manager 2.5.2.2 - Buffer Overflow (SEH)", "spans": {"SYSTEM: General Device Manager 2.5.2.2": [[0, 30]], "VULNERABILITY: Buffer Overflow": [[33, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51641"}}
{"text": "Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path", "spans": {"SYSTEM: Genexus Protection Server 9.6.4.2": [[0, 33]], "VULNERABILITY: Unquoted Service Path": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49007"}}
{"text": "Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path", "spans": {"SYSTEM: Genexus Protection Server 9.7.2.10": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "52065"}}
{"text": "GeoGebra CAS Calculato‪r‬ 6.0.631.0 - Denial of Service (PoC)", "spans": {"SYSTEM: GeoGebra CAS Calculato‪r‬ 6.0.631.0": [[0, 35]], "VULNERABILITY: Denial of Service (PoC)": [[38, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49655"}}
{"text": "GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)", "spans": {"SYSTEM: GeoGebra Classic 5.0.631.0-d": [[0, 28]], "VULNERABILITY: Denial of Service (PoC)": [[31, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49654"}}
{"text": "GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service (PoC)", "spans": {"SYSTEM: GeoGebra Graphing Calculato‪r‬ 6.0.631.0": [[0, 40]], "VULNERABILITY: Denial Of Service": [[43, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49653"}}
{"text": "GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure", "spans": {"SYSTEM: GeoVision ASManager Windows Application 6.1.2.0": [[0, 47]], "VULNERABILITY: Credentials Disclosure": [[50, 72]]}, "info": {"source": "exploitdb", "exploit_id": "52423"}}
{"text": "Gestionale Open 11.00.00 - Local Privilege Escalation", "spans": {"SYSTEM: Gestionale Open 11.00.00": [[0, 24]], "VULNERABILITY: Local Privilege Escalation": [[27, 53]]}, "info": {"source": "exploitdb", "exploit_id": "50449"}}
{"text": "Gestionale Open 12.00.00 - 'DB_GO_80' Unquoted Service Path", "spans": {"SYSTEM: Gestionale Open 12.00.00": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51065"}}
{"text": "Global Registration Service 1.0.0.3 - 'GREGsvc.exe' Unquoted Service Path", "spans": {"SYSTEM: Global Registration Service 1.0.0.3": [[0, 35]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49142"}}
{"text": "GoldWave - Buffer Overflow (SEH Unicode)", "spans": {"SYSTEM: GoldWave": [[0, 8]], "VULNERABILITY: Buffer Overflow": [[11, 26]]}, "info": {"source": "exploitdb", "exploit_id": "48510"}}
{"text": "GOM Player 2.3.90.5360 - Buffer Overflow (PoC)", "spans": {"SYSTEM: GOM Player 2.3.90.5360": [[0, 22]], "VULNERABILITY: Buffer Overflow": [[25, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51724"}}
{"text": "Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow", "spans": {"SYSTEM: Grand Theft Auto III/Vice City Skin File v1.1": [[0, 45]], "VULNERABILITY: Buffer Overflow": [[48, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51223"}}
{"text": "GreenShot  1.2.10 - Insecure Deserialization Arbitrary Code Execution", "spans": {"SYSTEM: GreenShot  1.2.10": [[0, 17]], "VULNERABILITY: Arbitrary Code Execution": [[45, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51633"}}
{"text": "Guild Wars 2 - Insecure Folder Permissions", "spans": {"SYSTEM: Guild Wars 2": [[0, 12]], "VULNERABILITY: Insecure Folder Permissions": [[15, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48876"}}
{"text": "HCL Lotus Notes V12 - Unquoted Service Path", "spans": {"SYSTEM: HCL Lotus Notes V12": [[0, 19]], "VULNERABILITY: Unquoted Service Path": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50566"}}
{"text": "HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path", "spans": {"SYSTEM: HDD Health 4.2.0.112": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51105"}}
{"text": "Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path", "spans": {"SYSTEM: Hi-Rez Studios 5.1.6.3": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49701"}}
{"text": "HMA VPN 5.3 - Unquoted Service Path", "spans": {"SYSTEM: HMA VPN 5.3": [[0, 11]], "VULNERABILITY: Unquoted Service Path": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50765"}}
{"text": "HomeGuard Pro 9.3.1 - Insecure Folder Permissions", "spans": {"SYSTEM: HomeGuard Pro 9.3.1": [[0, 19]], "VULNERABILITY: Insecure Folder Permissions": [[22, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48068"}}
{"text": "HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path", "spans": {"SYSTEM: HotKey Clipboard 2.1.0.6": [[0, 24]], "VULNERABILITY: Privilege Escalation": [[27, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51206"}}
{"text": "HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path", "spans": {"SYSTEM: HP Display Assistant x64 Edition 3.20": [[0, 37]], "VULNERABILITY: Unquoted Service Path": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49002"}}
{"text": "HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path", "spans": {"SYSTEM: HP LaserJet Professional M1210 MFP Series Receive Fax Service": [[0, 61]], "VULNERABILITY: Unquoted Service Path": [[64, 85]]}, "info": {"source": "exploitdb", "exploit_id": "50959"}}
{"text": "HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path", "spans": {"SYSTEM: HP System Event 1.2.9.0": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48075"}}
{"text": "HP System Event Utility - Local Privilege Escalation", "spans": {"SYSTEM: HP System Event Utility": [[0, 23]], "VULNERABILITY: Local Privilege Escalation": [[26, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48057"}}
{"text": "HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path", "spans": {"SYSTEM: HP WMI Service 1.4.8.0": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49010"}}
{"text": "HTTPDebuggerPro 9.11 - Unquoted Service Path", "spans": {"SYSTEM: HTTPDebuggerPro 9.11": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50545"}}
{"text": "Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking", "spans": {"SYSTEM: Hubstaff 1.6.14-61e5e22e": [[0, 24]], "VULNERABILITY: DLL Search Order Hijacking": [[38, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51461"}}
{"text": "IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow", "spans": {"SYSTEM: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1": [[0, 72]], "VULNERABILITY: Buffer Overflow": [[97, 112]]}, "info": {"source": "exploitdb", "exploit_id": "49086"}}
{"text": "IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP", "spans": {"SYSTEM: IcoFX 2.6": [[0, 9]], "VULNERABILITY: Buffer Overflow": [[19, 34]]}, "info": {"source": "exploitdb", "exploit_id": "49959"}}
{"text": "iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path", "spans": {"SYSTEM: iDeskService 3.0.2.1": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49018"}}
{"text": "IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path", "spans": {"SYSTEM: IDT PC Audio 1.0.6425.0": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49043"}}
{"text": "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path", "spans": {"SYSTEM: IDT PC Audio 1.0.6433.0": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49157"}}
{"text": "IDT PC Audio 1.0.6499.0 - 'STacSV' Unquoted Service Path", "spans": {"SYSTEM: IDT PC Audio 1.0.6499.0": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49191"}}
{"text": "iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path", "spans": {"SYSTEM: iFunbox 4.2": [[0, 11]], "VULNERABILITY: Unquoted Service Path": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50040"}}
{"text": "Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions", "spans": {"SYSTEM: Inosoft VisiWin 7 2022-2.1": [[0, 26]], "VULNERABILITY: Insecure Folders Permissions": [[29, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51682"}}
{"text": "Input Director 1.4.3 - 'Input Director' Unquoted Service Path", "spans": {"SYSTEM: Input Director 1.4.3": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48795"}}
{"text": "Intel(R) Audio Service x64 01.00.1080.0 - 'IntelAudioService' Unquoted Service Path", "spans": {"SYSTEM: Intel(R) Audio Service x64 01.00.1080.0": [[0, 39]], "VULNERABILITY: Unquoted Service Path": [[62, 83]]}, "info": {"source": "exploitdb", "exploit_id": "49929"}}
{"text": "Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path", "spans": {"SYSTEM: Intel(r) Management and Security Application 5.2": [[0, 48]], "VULNERABILITY: User Notification Service Unquoted Service Path": [[51, 98]]}, "info": {"source": "exploitdb", "exploit_id": "49144"}}
{"text": "Intel(R) Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path", "spans": {"SYSTEM: Intel(R) Management Engine Components 6.0.0.1189": [[0, 48]], "VULNERABILITY: Unquoted Service Path": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "50762"}}
{"text": "Intel(R) Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path", "spans": {"SYSTEM: Intel(R) Matrix Storage Event Monitor x86 8.0.0.1039": [[0, 52]], "VULNERABILITY: Unquoted Service Path": [[66, 87]]}, "info": {"source": "exploitdb", "exploit_id": "49350"}}
{"text": "Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path", "spans": {"SYSTEM: Interactive Suite 3.6": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49648"}}
{"text": "Internet Download Manager 6.37.11.1 - Stack Buffer Overflow (PoC)", "spans": {"SYSTEM: Internet Download Manager 6.37.11.1": [[0, 35]], "VULNERABILITY: Buffer Overflow": [[44, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48397"}}
{"text": "IObit Uninstaller 10 Pro - Unquoted Service Path", "spans": {"SYSTEM: IObit Uninstaller 10 Pro": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "49371"}}
{"text": "IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path", "spans": {"SYSTEM: IObit Uninstaller 9.5.0.15": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48543"}}
{"text": "IOTransfer V4 - Unquoted Service Path", "spans": {"SYSTEM: IOTransfer V4": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[16, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51029"}}
{"text": "IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path", "spans": {"SYSTEM: IP Watcher v3.0.0.30": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48968"}}
{"text": "IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path", "spans": {"SYSTEM: IPTInstaller 4.0.9": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49006"}}
{"text": "Iskysoft Application Framework Service 2.4.3.241 - 'IsAppService' Unquoted Service Path", "spans": {"SYSTEM: Iskysoft Application Framework Service 2.4.3.241": [[0, 48]], "VULNERABILITY: Unquoted Service Path": [[66, 87]]}, "info": {"source": "exploitdb", "exploit_id": "48171"}}
{"text": "Kingdia CD Extractor 3.0.2 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Kingdia CD Extractor 3.0.2": [[0, 26]], "VULNERABILITY: Buffer Overflow": [[29, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50470"}}
{"text": "Kingo ROOT 1.5.8 - Unquoted Service Path", "spans": {"SYSTEM: Kingo ROOT 1.5.8": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51707"}}
{"text": "Kite 1.2020.1119.0 - 'KiteService' Unquoted Service Path", "spans": {"SYSTEM: Kite 1.2020.1119.0": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49205"}}
{"text": "Kite 1.2021.610.0 - Unquoted Service Path", "spans": {"SYSTEM: Kite 1.2021.610.0": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "50975"}}
{"text": "KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path", "spans": {"SYSTEM: KiteService 1.2020.1113.1": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49047"}}
{"text": "KiteService 1.2020.618.0 - Unquoted Service Path", "spans": {"SYSTEM: KiteService 1.2020.618.0": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48625"}}
{"text": "KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow", "spans": {"SYSTEM: KiTTY 0.76.1.13": [[0, 15]], "VULNERABILITY: Buffer Overflow": [[54, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51890"}}
{"text": "KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow", "spans": {"SYSTEM: KiTTY 0.76.1.13": [[0, 15]], "VULNERABILITY: Buffer Overflow": [[54, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51891"}}
{"text": "KiTTY 0.76.1.13 - Command Injection", "spans": {"SYSTEM: KiTTY 0.76.1.13": [[0, 15]], "VULNERABILITY: Command Injection": [[18, 35]]}, "info": {"source": "exploitdb", "exploit_id": "51892"}}
{"text": "KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path", "spans": {"SYSTEM: KMSpico 17.1.0.0": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49003"}}
{"text": "LaborOfficeFree 19.10 - MySQL Root Password Calculator", "spans": {"SYSTEM: LaborOfficeFree 19.10": [[0, 21]], "VULNERABILITY: MySQL Root Password Calculator": [[24, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51894"}}
{"text": "LanSend 3.2 - Buffer Overflow (SEH)", "spans": {"SYSTEM: LanSend 3.2": [[0, 11]], "VULNERABILITY: Buffer Overflow": [[14, 29]]}, "info": {"source": "exploitdb", "exploit_id": "48461"}}
{"text": "Lansweeper 7.2 - Incorrect Access Control", "spans": {"SYSTEM: Lansweeper 7.2": [[0, 14]], "VULNERABILITY: Incorrect Access Control": [[17, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48618"}}
{"text": "Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path", "spans": {"SYSTEM: Lavasoft web companion 4.1.0.409": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51143"}}
{"text": "LCD_Service 1.0.1.0 - 'LCD_Service' Unquote Service Path", "spans": {"SYSTEM: LCD_Service 1.0.1.0": [[0, 19]], "VULNERABILITY: Unquote Service Path": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49066"}}
{"text": "Lexmark Printer Software G2 Installation Package 1.8.0.0 - 'LM__bdsvc' Unquoted Service Path", "spans": {"SYSTEM: Lexmark Printer Software G2 Installation Package 1.8.0.0": [[0, 56]], "VULNERABILITY: Unquoted Service Path": [[71, 92]]}, "info": {"source": "exploitdb", "exploit_id": "50045"}}
{"text": "Logitech Solar Keyboard Service - 'L4301_Solar' Unquoted Service Path", "spans": {"SYSTEM: Logitech Solar Keyboard Service": [[0, 31]], "VULNERABILITY: Unquoted Service Path": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49050"}}
{"text": "LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path", "spans": {"SYSTEM: LogonExpert 8.1": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49586"}}
{"text": "MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path", "spans": {"SYSTEM: MacPaw Encrypto 1.0.1": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49694"}}
{"text": "Macro Expert 4.7 - Unquoted Service Path", "spans": {"SYSTEM: Macro Expert 4.7": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50431"}}
{"text": "Macro Expert 4.9 - Unquoted Service Path", "spans": {"SYSTEM: Macro Expert 4.9": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "51506"}}
{"text": "Magic Mouse 2 utilities  2.20 - 'magicmouse2service' Unquoted Service Path", "spans": {"SYSTEM: Magic Mouse 2 utilities  2.20": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49017"}}
{"text": "Malwarebytes 4.5 - Unquoted Service Path", "spans": {"SYSTEM: Malwarebytes 4.5": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50806"}}
{"text": "McAfee(R) Safe Connect VPN - Unquoted Service Path Elevation Of Privilege", "spans": {"SYSTEM: McAfee(R) Safe Connect VPN": [[0, 26]], "VULNERABILITY: Unquoted Service Path Elevation Of Privilege": [[29, 73]]}, "info": {"source": "exploitdb", "exploit_id": "50814"}}
{"text": "Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path", "spans": {"SYSTEM: Mediconta 3.7.27": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "51064"}}
{"text": "MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path", "spans": {"SYSTEM: MEMU PLAY 3.7.0": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49016"}}
{"text": "Memu Play 7.1.3 - Insecure Folder Permissions", "spans": {"SYSTEM: Memu Play 7.1.3": [[0, 15]], "VULNERABILITY: Insecure Folder Permissions": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48283"}}
{"text": "Microsoft - NTLM Hash Disclosure Spoofing (library-ms)", "spans": {"SYSTEM: Microsoft": [[0, 9]], "VULNERABILITY: NTLM Hash Disclosure Spoofing": [[12, 41]]}, "info": {"source": "exploitdb", "exploit_id": "52280"}}
{"text": "Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege", "spans": {"SYSTEM: Microsoft Brokering File System Windows 11 Version 22H2": [[0, 55]], "VULNERABILITY: Elevation of Privilege": [[58, 80]]}, "info": {"source": "exploitdb", "exploit_id": "52360"}}
{"text": "Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Excel LTSC 2024": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52337"}}
{"text": "Microsoft Excel Use After Free - Local Code Execution", "spans": {"SYSTEM: Microsoft Excel Use After Free": [[0, 30]], "VULNERABILITY: Local Code Execution": [[33, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52332"}}
{"text": "Microsoft Exchange Active Directory Topology 15.0.847.40 - 'Service MSExchangeADTopology' Unquoted Service Path", "spans": {"SYSTEM: Microsoft Exchange Active Directory Topology 15.0.847.40": [[0, 56]], "VULNERABILITY: Unquoted Service Path": [[90, 111]]}, "info": {"source": "exploitdb", "exploit_id": "50868"}}
{"text": "Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path", "spans": {"SYSTEM: Microsoft Exchange Active Directory Topology 15.02.1118.007": [[0, 59]], "VULNERABILITY: Unquoted Service Path": [[93, 114]]}, "info": {"source": "exploitdb", "exploit_id": "51212"}}
{"text": "Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path", "spans": {"SYSTEM: Microsoft Exchange Mailbox Assistants 15.0.847.40": [[0, 49]], "VULNERABILITY: Unquoted Service Path": [[90, 111]]}, "info": {"source": "exploitdb", "exploit_id": "50867"}}
{"text": "Microsoft Gaming Services 2.52.13001.0 - Unquoted Service Path", "spans": {"SYSTEM: Microsoft Gaming Services 2.52.13001.0": [[0, 38]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50776"}}
{"text": "Microsoft GamingServices 2.47.10001.0 - 'GamingServices' Unquoted Service Path", "spans": {"SYSTEM: Microsoft GamingServices 2.47.10001.0": [[0, 37]], "VULNERABILITY: Unquoted Service Path": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49214"}}
{"text": "Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges", "spans": {"SYSTEM: Microsoft Graphics Component Windows 11 Pro (Build 26100+)": [[0, 58]], "VULNERABILITY: Local Elevation of Privileges": [[61, 90]]}, "info": {"source": "exploitdb", "exploit_id": "52362"}}
{"text": "Microsoft Internet Explorer / ActiveX Control - Security Bypass", "spans": {"SYSTEM: Microsoft Internet Explorer / ActiveX Control": [[0, 45]], "VULNERABILITY: Security Bypass": [[48, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50598"}}
{"text": "Microsoft Internet Explorer 11 - Use-After-Free", "spans": {"SYSTEM: Microsoft Internet Explorer 11": [[0, 30]], "VULNERABILITY: Use-After-Free": [[33, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49062"}}
{"text": "Microsoft Internet Explorer 11 32-bit - Use-After-Free", "spans": {"SYSTEM: Microsoft Internet Explorer 11 32-bit": [[0, 37]], "VULNERABILITY: Use-After-Free": [[40, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49541"}}
{"text": "Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free", "spans": {"SYSTEM: Microsoft Internet Explorer 8": [[0, 29]], "VULNERABILITY: Use After Free": [[51, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49872"}}
{"text": "Microsoft MMC MSC EvilTwin - Local Admin Creation", "spans": {"SYSTEM: Microsoft MMC MSC EvilTwin": [[0, 26]], "VULNERABILITY: Local Admin Creation": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "52498"}}
{"text": "Microsoft NET USE win10 - Insufficient Authentication Logic", "spans": {"SYSTEM: Microsoft NET USE win10": [[0, 23]], "VULNERABILITY: Insufficient Authentication Logic": [[26, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48299"}}
{"text": "Microsoft Virtual Hard Disk (VHDX) 11 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Virtual Hard Disk (VHDX) 11": [[0, 37]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "52394"}}
{"text": "Microsoft Windows - 'WizardOpium' Local Privilege Escalation", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: Local Privilege Escalation": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48180"}}
{"text": "Microsoft Windows - CryptoAPI (Crypt32.dll) Elliptic Curve Cryptography (ECC) Spoof Code-Signing Certificate", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]]}, "info": {"source": "exploitdb", "exploit_id": "47933"}}
{"text": "Microsoft Windows - Shell COM Server Registrar Local Privilege Escalation", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: Local Privilege Escalation": [[47, 73]]}, "info": {"source": "exploitdb", "exploit_id": "47880"}}
{"text": "Microsoft Windows - Storage QoS Filter Driver Checker", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: Storage QoS Filter Driver Checker": [[20, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52399"}}
{"text": "Microsoft Windows - Win32k Elevation of Privilege", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: Win32k Elevation of Privilege": [[20, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49179"}}
{"text": "Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: Information Disclosure": [[37, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52277"}}
{"text": "Microsoft Windows .Group File - Code Execution", "spans": {"SYSTEM: Microsoft Windows .Group File": [[0, 29]], "VULNERABILITY: Code Execution": [[32, 46]]}, "info": {"source": "exploitdb", "exploit_id": "47838"}}
{"text": "Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass", "spans": {"SYSTEM: Microsoft Windows .Reg File": [[0, 27]], "VULNERABILITY: Dialog Spoof / Mitigation Bypass": [[30, 62]]}, "info": {"source": "exploitdb", "exploit_id": "50653"}}
{"text": "Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Local Privilege Escalation", "spans": {"SYSTEM: Microsoft Windows 10 (1903/1909)": [[0, 32]], "VULNERABILITY: Local Privilege Escalation": [[87, 113]]}, "info": {"source": "exploitdb", "exploit_id": "48267"}}
{"text": "Microsoft Windows 10 - Theme API 'ThemePack' File Parsing", "spans": {"SYSTEM: Microsoft Windows 10": [[0, 20]], "VULNERABILITY: Theme API 'ThemePack' File Parsing": [[23, 57]]}, "info": {"source": "exploitdb", "exploit_id": "47975"}}
{"text": "Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass)", "spans": {"SYSTEM: Microsoft Windows 10 build 1809": [[0, 31]], "VULNERABILITY: Local Privilege Escalation": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "47915"}}
{"text": "Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation", "spans": {"SYSTEM: Microsoft Windows 10.0.17763.5458": [[0, 33]], "VULNERABILITY: Privilege Escalation": [[43, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51946"}}
{"text": "Microsoft Windows 11 - 'apds.dll' DLL hijacking (Forced)", "spans": {"SYSTEM: Microsoft Windows 11": [[0, 20]], "VULNERABILITY: DLL hijacking": [[34, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51733"}}
{"text": "Microsoft Windows 11 - Kernel Privilege Escalation", "spans": {"SYSTEM: Microsoft Windows 11": [[0, 20]], "VULNERABILITY: Privilege Escalation": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "52275"}}
{"text": "Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege", "spans": {"SYSTEM: Microsoft Windows 11 23h2": [[0, 25]], "VULNERABILITY: CLFS.sys Elevation of Privilege": [[28, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52270"}}
{"text": "Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation", "spans": {"SYSTEM: Microsoft Windows 11 Pro 23H2": [[0, 29]], "VULNERABILITY: Privilege Escalation": [[70, 90]]}, "info": {"source": "exploitdb", "exploit_id": "52284"}}
{"text": "Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege", "spans": {"SYSTEM: Microsoft Windows 11 Version 24H2 Cross Device Service": [[0, 54]], "VULNERABILITY: Elevation of Privilege": [[57, 79]]}, "info": {"source": "exploitdb", "exploit_id": "52320"}}
{"text": "Microsoft Windows cmd.exe - Stack Buffer Overflow", "spans": {"SYSTEM: Microsoft Windows cmd.exe": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[34, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50331"}}
{"text": "Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G", "spans": {"SYSTEM: Microsoft Windows Defender": [[0, 26]], "VULNERABILITY: Detection Mitigation Bypass TrojanWin32Powessere.G": [[29, 79]]}, "info": {"source": "exploitdb", "exploit_id": "51960"}}
{"text": "Microsoft Windows Defender - Detections Bypass", "spans": {"SYSTEM: Microsoft Windows Defender": [[0, 26]], "VULNERABILITY: Detections Bypass": [[29, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50654"}}
{"text": "Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass", "spans": {"SYSTEM: Microsoft Windows Defender / Trojan.Win32/Powessere.G": [[0, 53]], "VULNERABILITY: Detection Mitigation Bypass": [[56, 83]]}, "info": {"source": "exploitdb", "exploit_id": "51873"}}
{"text": "Microsoft Windows Kernel - Information Disclosure", "spans": {"SYSTEM: Microsoft Windows Kernel": [[0, 24]], "VULNERABILITY: Information Disclosure": [[27, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48071"}}
{"text": "Microsoft Windows Media Center WMV / WMA 6.3.9600.16384 - Code Execution", "spans": {"SYSTEM: Microsoft Windows Media Center WMV / WMA 6.3.9600.16384": [[0, 55]], "VULNERABILITY: Code Execution": [[58, 72]]}, "info": {"source": "exploitdb", "exploit_id": "47981"}}
{"text": "Microsoft Windows Server 2016 - Win32k Elevation of Privilege", "spans": {"SYSTEM: Microsoft Windows Server 2016": [[0, 29]], "VULNERABILITY: Win32k Elevation of Privilege": [[32, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52301"}}
{"text": "Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege", "spans": {"SYSTEM: Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP": [[0, 63]], "VULNERABILITY: Elevation of Privilege": [[66, 88]]}, "info": {"source": "exploitdb", "exploit_id": "52436"}}
{"text": "MilleGPG5 5.7.2 Luglio 2021 - Local Privilege Escalation", "spans": {"SYSTEM: MilleGPG5 5.7.2 Luglio 2021": [[0, 27]], "VULNERABILITY: Local Privilege Escalation": [[30, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50558"}}
{"text": "MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control", "spans": {"SYSTEM: MilleGPG5 5.9.2 (Gennaio 2023)": [[0, 30]], "VULNERABILITY: Local Privilege Escalation": [[33, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51410"}}
{"text": "Millewin 13.39.146.1 - Local Privilege Escalation", "spans": {"SYSTEM: Millewin 13.39.146.1": [[0, 20]], "VULNERABILITY: Local Privilege Escalation": [[23, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49530"}}
{"text": "MiniTool Partition Wizard - Unquoted Service Path", "spans": {"SYSTEM: MiniTool Partition Wizard": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50859"}}
{"text": "MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path _MTAgentService_", "spans": {"SYSTEM: MiniTool Partition Wizard ShadowMaker v.12.7": [[0, 44]], "VULNERABILITY: Unquoted Service Path _MTAgentService_": [[47, 85]]}, "info": {"source": "exploitdb", "exploit_id": "51578"}}
{"text": "MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path _MTSchedulerService_", "spans": {"SYSTEM: MiniTool Partition Wizard ShadowMaker v.12.7": [[0, 44]], "VULNERABILITY: Unquoted Service Path _MTSchedulerService_": [[47, 89]]}, "info": {"source": "exploitdb", "exploit_id": "51579"}}
{"text": "MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path", "spans": {"SYSTEM: MiniTool ShadowMaker 3.2": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49336"}}
{"text": "MobileTrans  4.0.11 - Weak Service Privilege Escalation", "spans": {"SYSTEM: MobileTrans  4.0.11": [[0, 19]], "VULNERABILITY: Privilege Escalation": [[35, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51479"}}
{"text": "Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path", "spans": {"SYSTEM: Motorola Device Manager 2.4.5": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49011"}}
{"text": "Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe ' Unquoted Service Path", "spans": {"SYSTEM: Motorola Device Manager 2.5.4": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49013"}}
{"text": "Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path", "spans": {"SYSTEM: Motorola Device Manager 2.5.4": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49012"}}
{"text": "Mozilla Firefox 67 - Array.pop JIT Type Confusion", "spans": {"SYSTEM: Mozilla Firefox 67": [[0, 18]], "VULNERABILITY: Type Confusion": [[35, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50691"}}
{"text": "Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code", "spans": {"SYSTEM: Mozilla Firefox 88.0.1": [[0, 22]], "VULNERABILITY: File Extension Execution of Arbitrary Code": [[25, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49892"}}
{"text": "mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory", "spans": {"SYSTEM: mRemoteNG v1.77.3.1784-NB": [[0, 25]], "VULNERABILITY: Cleartext Storage of Sensitive Information in Memory": [[28, 80]]}, "info": {"source": "exploitdb", "exploit_id": "51637"}}
{"text": "MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation", "spans": {"SYSTEM: MSI Ambient Link Driver 1.0.0.8": [[0, 31]], "VULNERABILITY: Local Privilege Escalation": [[34, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48836"}}
{"text": "MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation", "spans": {"SYSTEM: MSI Packages Symbolic Links Processing": [[0, 38]], "VULNERABILITY: Privilege Escalation": [[52, 72]]}, "info": {"source": "exploitdb", "exploit_id": "48079"}}
{"text": "MTPutty 1.0.1.21 - SSH Password Disclosure", "spans": {"SYSTEM: MTPutty 1.0.1.21": [[0, 16]], "VULNERABILITY: Password Disclosure": [[23, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50574"}}
{"text": "MyVideoConverter Pro 3.14 - 'Movie' Buffer Overflow", "spans": {"SYSTEM: MyVideoConverter Pro 3.14": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[36, 51]]}, "info": {"source": "exploitdb", "exploit_id": "48054"}}
{"text": "MyVideoConverter Pro 3.14 - 'Output Folder' Buffer Overflow", "spans": {"SYSTEM: MyVideoConverter Pro 3.14": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[44, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48055"}}
{"text": "MyVideoConverter Pro 3.14 - 'TVSeries' Buffer Overflow", "spans": {"SYSTEM: MyVideoConverter Pro 3.14": [[0, 25]], "VULNERABILITY: Buffer Overflow": [[39, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48056"}}
{"text": "NCH Express Invoice - Clear Text Password Storage and Account Takeover", "spans": {"SYSTEM: NCH Express Invoice": [[0, 19]], "VULNERABILITY: Clear Text Password Storage and Account Takeover": [[22, 70]]}, "info": {"source": "exploitdb", "exploit_id": "51540"}}
{"text": "NEOWISE CARBONFTP 1.4 - Weak Password Encryption", "spans": {"SYSTEM: NEOWISE CARBONFTP 1.4": [[0, 21]], "VULNERABILITY: Weak Password Encryption": [[24, 48]]}, "info": {"source": "exploitdb", "exploit_id": "47950"}}
{"text": "NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path", "spans": {"SYSTEM: NetBackup 7.0": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48227"}}
{"text": "Netgear Genie 2.4.64 - Unquoted Service Path", "spans": {"SYSTEM: Netgear Genie 2.4.64": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[23, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50443"}}
{"text": "NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit", "spans": {"SYSTEM: NetIQ/Microfocus Performance Endpoint v5.1": [[0, 42]], "VULNERABILITY: remote root/SYSTEM exploit": [[45, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51199"}}
{"text": "NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter)", "spans": {"SYSTEM: NetPCLinker 1.0.0.0": [[0, 19]], "VULNERABILITY: Buffer Overflow": [[22, 37]]}, "info": {"source": "exploitdb", "exploit_id": "48680"}}
{"text": "Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow", "spans": {"SYSTEM: Nidesoft 3GP Video Converter 2.6.18": [[0, 35]], "VULNERABILITY: Buffer Overflow": [[50, 65]]}, "info": {"source": "exploitdb", "exploit_id": "49034"}}
{"text": "Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)", "spans": {"SYSTEM: Nidesoft DVD Ripper 5.2.18": [[0, 26]], "VULNERABILITY: Buffer Overflow": [[35, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48687"}}
{"text": "Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path", "spans": {"SYSTEM: Nord VPN-6.31.13.0": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48790"}}
{"text": "Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))", "spans": {"SYSTEM: Nsauditor 3.2.1.0": [[0, 17]], "VULNERABILITY: Buffer Overflow": [[20, 35]]}, "info": {"source": "exploitdb", "exploit_id": "48350"}}
{"text": "NVClient v5.0 - Stack Buffer Overflow (DoS)", "spans": {"SYSTEM: NVClient v5.0": [[0, 13]], "VULNERABILITY: Buffer Overflow": [[22, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51700"}}
{"text": "NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path", "spans": {"SYSTEM: NVIDIA Update Service Daemon 1.0.21": [[0, 35]], "VULNERABILITY: Unquoted Service Path": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "48391"}}
{"text": "OCS Inventory NG 2.3.0.0 - Unquoted Service Path", "spans": {"SYSTEM: OCS Inventory NG 2.3.0.0": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[27, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51389"}}
{"text": "Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path", "spans": {"SYSTEM: Odoo 12.0.20190101": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49857"}}
{"text": "OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path", "spans": {"SYSTEM: OKI sPSV Port Manager 1.0.41": [[0, 28]], "VULNERABILITY: Unquoted Service Path": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "49005"}}
{"text": "OpenClinic GA 5.194.18 - Local Privilege Escalation", "spans": {"SYSTEM: OpenClinic GA 5.194.18": [[0, 22]], "VULNERABILITY: Local Privilege Escalation": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50448"}}
{"text": "OpenTFTP 1.66 - Local Privilege Escalation", "spans": {"SYSTEM: OpenTFTP 1.66": [[0, 13]], "VULNERABILITY: Local Privilege Escalation": [[16, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48060"}}
{"text": "Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path", "spans": {"SYSTEM: Oracle Database 11g Release 2": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48418"}}
{"text": "Oracle Database 12c Release 1 - Unquoted Service Path", "spans": {"SYSTEM: Oracle Database 12c Release 1": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52063"}}
{"text": "OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path", "spans": {"SYSTEM: OSAS Traverse Extension 11": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49698"}}
{"text": "Outline Service 1.3.3 - 'Outline Service ' Unquoted Service Path", "spans": {"SYSTEM: Outline Service 1.3.3": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48414"}}
{"text": "Outline V1.6.0 - Unquoted Service Path", "spans": {"SYSTEM: Outline V1.6.0": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "51128"}}
{"text": "OutSystems Service Studio 11.53.30 - DLL Hijacking", "spans": {"SYSTEM: OutSystems Service Studio 11.53.30": [[0, 34]], "VULNERABILITY: DLL Hijacking": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51678"}}
{"text": "PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation", "spans": {"SYSTEM: PaperStream IP (TWAIN) 1.42.0.5685": [[0, 34]], "VULNERABILITY: Local Privilege Escalation": [[37, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49382"}}
{"text": "PDF Complete 3.5.310.2002 - 'pdfsvc.exe' Unquoted Service Path", "spans": {"SYSTEM: PDF Complete 3.5.310.2002": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49226"}}
{"text": "PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path", "spans": {"SYSTEM: PDFCOMPLETE Corporate Edition 4.1.45": [[0, 36]], "VULNERABILITY: Unquoted Service Path": [[56, 77]]}, "info": {"source": "exploitdb", "exploit_id": "49558"}}
{"text": "Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path", "spans": {"SYSTEM: Pearson Vue VTS 2.3.1911 Installer": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "48810"}}
{"text": "Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path", "spans": {"SYSTEM: Pearson Vue VTS 2.3.1911 Installer": [[0, 34]], "VULNERABILITY: VUEApplicationWrapper Unquoted Service Path": [[37, 80]]}, "info": {"source": "exploitdb", "exploit_id": "49143"}}
{"text": "Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path", "spans": {"SYSTEM: Pingzapper 2.3.1": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49626"}}
{"text": "Plantronics Hub 3.13.2 - Local Privilege Escalation", "spans": {"SYSTEM: Plantronics Hub 3.13.2": [[0, 22]], "VULNERABILITY: Local Privilege Escalation": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "47845"}}
{"text": "Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Plantronics Hub 3.13.2": [[0, 22]], "VULNERABILITY: Privilege Escalation": [[45, 65]], "TOOL: Metasploit": [[67, 77]]}, "info": {"source": "exploitdb", "exploit_id": "47944"}}
{"text": "Plantronics Hub 3.25.1 - Arbitrary File Read", "spans": {"SYSTEM: Plantronics Hub 3.25.1": [[0, 22]], "VULNERABILITY: Arbitrary File Read": [[25, 44]]}, "info": {"source": "exploitdb", "exploit_id": "52011"}}
{"text": "Popcorn Time 6.2 - 'Update service' Unquoted Service Path", "spans": {"SYSTEM: Popcorn Time 6.2": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48378"}}
{"text": "Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Port Forwarding Wizard 4.8.0": [[0, 28]], "VULNERABILITY: Buffer Overflow": [[31, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48695"}}
{"text": "PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval", "spans": {"SYSTEM: PortableKanban 4.3.6578.38136": [[0, 29]], "VULNERABILITY: Encrypted Password Retrieval": [[32, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49409"}}
{"text": "Prey 1.9.6 - _CronService_ Unquoted Service Path", "spans": {"SYSTEM: Prey 1.9.6": [[0, 10]], "VULNERABILITY: _CronService_ Unquoted Service Path": [[13, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48967"}}
{"text": "Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path", "spans": {"SYSTEM: Print Job Accounting 4.4.10": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49623"}}
{"text": "Printix Client 1.3.1106.0 - Privilege Escalation", "spans": {"SYSTEM: Printix Client 1.3.1106.0": [[0, 25]], "VULNERABILITY: Privilege Escalation": [[28, 48]]}, "info": {"source": "exploitdb", "exploit_id": "50812"}}
{"text": "Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path", "spans": {"SYSTEM: Privacy Drive v3.17.0": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49023"}}
{"text": "Private Internet Access 3.3 - 'pia-service' Unquoted Service Path", "spans": {"SYSTEM: Private Internet Access 3.3": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[44, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50804"}}
{"text": "Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path", "spans": {"SYSTEM: Program Access Controller v1.2.0.0": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[54, 75]]}, "info": {"source": "exploitdb", "exploit_id": "48966"}}
{"text": "ProtonVPN 1.26.0 - Unquoted Service Path", "spans": {"SYSTEM: ProtonVPN 1.26.0": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50837"}}
{"text": "PTPublisher v2.3.4 - Unquoted Service Path", "spans": {"SYSTEM: PTPublisher v2.3.4": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50885"}}
{"text": "QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path", "spans": {"SYSTEM: QNAP QVR Client 5.0.0.13230": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[43, 64]]}, "info": {"source": "exploitdb", "exploit_id": "49645"}}
{"text": "Quick N Easy FTP Service 3.2 - Unquoted Service Path", "spans": {"SYSTEM: Quick N Easy FTP Service 3.2": [[0, 28]], "VULNERABILITY: Unquoted Service Path": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48983"}}
{"text": "Quick Player 1.3 - '.m3l' Buffer Overflow (Unicode & SEH)", "spans": {"SYSTEM: Quick Player 1.3": [[0, 16]], "VULNERABILITY: Buffer Overflow": [[26, 41]]}, "info": {"source": "exploitdb", "exploit_id": "48564"}}
{"text": "RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)", "spans": {"SYSTEM: RaidenFTPD 2.4.4005": [[0, 19]], "VULNERABILITY: Buffer Overflow": [[22, 37]]}, "info": {"source": "exploitdb", "exploit_id": "51611"}}
{"text": "Rapid7 nexpose - 'nexposeconsole' Unquoted Service Path", "spans": {"SYSTEM: Rapid7 nexpose": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51941"}}
{"text": "Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path", "spans": {"SYSTEM: Rapid7 Nexpose Installer 6.6.39": [[0, 31]], "VULNERABILITY: Unquoted Service Path": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "48808"}}
{"text": "RDP Manager 4.9.9.3 - Denial-of-Service (PoC)", "spans": {"SYSTEM: RDP Manager 4.9.9.3": [[0, 19]], "VULNERABILITY: Denial-of-Service": [[22, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50484"}}
{"text": "Real Player 16.0.3.51 - 'external::Import()' Directory Traversal to Remote Code Execution (RCE)", "spans": {"SYSTEM: Real Player 16.0.3.51": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[68, 95]]}, "info": {"source": "exploitdb", "exploit_id": "50954"}}
{"text": "Real Player v.20.0.8.310 G2 Control - 'DoGoToURL()' Remote Code Execution (RCE)", "spans": {"SYSTEM: Real Player v.20.0.8.310 G2 Control": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[52, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50953"}}
{"text": "Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path", "spans": {"SYSTEM: Realtek Andrea RT Filters 1.0.64.10": [[0, 35]], "VULNERABILITY: Unquoted Service Path": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "49014"}}
{"text": "Realtek Andrea RT Filters 1.0.64.7 - 'AERTSr64.EXE' Unquoted Service Path", "spans": {"SYSTEM: Realtek Andrea RT Filters 1.0.64.7": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49158"}}
{"text": "Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path", "spans": {"SYSTEM: Realtek Audio Service 1.0.0.55": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[57, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49015"}}
{"text": "Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path", "spans": {"SYSTEM: Realtek Wireless LAN Utility 700.1631": [[0, 37]], "VULNERABILITY: Unquoted Service Path": [[55, 76]]}, "info": {"source": "exploitdb", "exploit_id": "49646"}}
{"text": "RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path", "spans": {"SYSTEM: RealTimes Desktop Service 18.1.4": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "49021"}}
{"text": "Remote Desktop Audit 2.3.0.157 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Remote Desktop Audit 2.3.0.157": [[0, 30]], "VULNERABILITY: Buffer Overflow": [[33, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48465"}}
{"text": "Remote Mouse 4.002 - Unquoted Service Path", "spans": {"SYSTEM: Remote Mouse 4.002": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50258"}}
{"text": "Remote Mouse GUI 3.008 - Local Privilege Escalation", "spans": {"SYSTEM: Remote Mouse GUI 3.008": [[0, 22]], "VULNERABILITY: Local Privilege Escalation": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50047"}}
{"text": "Resource Hacker v3.6.0.92 - Buffer overflow", "spans": {"SYSTEM: Resource Hacker v3.6.0.92": [[0, 25]], "VULNERABILITY: Buffer overflow": [[28, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51079"}}
{"text": "Ricoh Driver - Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Ricoh Driver": [[0, 12]], "VULNERABILITY: Privilege Escalation": [[15, 35]], "TOOL: Metasploit": [[37, 47]]}, "info": {"source": "exploitdb", "exploit_id": "48036"}}
{"text": "Ricoh Printer Drivers - Local Privilege Escalation", "spans": {"SYSTEM: Ricoh Printer Drivers": [[0, 21]], "VULNERABILITY: Local Privilege Escalation": [[24, 50]]}, "info": {"source": "exploitdb", "exploit_id": "47962"}}
{"text": "RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)", "spans": {"SYSTEM: RM Downloader 2.50.60 2006.06.23": [[0, 32]], "VULNERABILITY: Buffer Overflow": [[48, 63]]}, "info": {"source": "exploitdb", "exploit_id": "48628"}}
{"text": "RM Downloader 3.1.3.2.2010.06.13 - 'Load' Buffer Overflow (SEH)", "spans": {"SYSTEM: RM Downloader 3.1.3.2.2010.06.13": [[0, 32]], "VULNERABILITY: Buffer Overflow": [[42, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48364"}}
{"text": "Rockstar Service - Insecure File Permissions", "spans": {"SYSTEM: Rockstar Service": [[0, 16]], "VULNERABILITY: Insecure File Permissions": [[19, 44]]}, "info": {"source": "exploitdb", "exploit_id": "49739"}}
{"text": "RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution", "spans": {"SYSTEM: RSA NetWitness Platform 12.2": [[0, 28]], "VULNERABILITY: Incorrect Access Control / Code Execution": [[31, 72]]}, "info": {"source": "exploitdb", "exploit_id": "51336"}}
{"text": "Rubo DICOM Viewer 2.0 - Buffer Overflow (SEH)", "spans": {"SYSTEM: Rubo DICOM Viewer 2.0": [[0, 21]], "VULNERABILITY: Buffer Overflow": [[24, 39]]}, "info": {"source": "exploitdb", "exploit_id": "48351"}}
{"text": "Rumble Mail Server 0.51.3135 - 'rumble_win32.exe' Unquoted Service Path", "spans": {"SYSTEM: Rumble Mail Server 0.51.3135": [[0, 28]], "VULNERABILITY: Unquoted Service Path": [[50, 71]]}, "info": {"source": "exploitdb", "exploit_id": "49203"}}
{"text": "Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path", "spans": {"SYSTEM: Sandboxie Plus 0.7.4": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49842"}}
{"text": "Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path", "spans": {"SYSTEM: Sandboxie Plus v0.7.2": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49631"}}
{"text": "Sandboxie-Plus 5.50.2 - 'Service SbieSvc' Unquoted Service Path", "spans": {"SYSTEM: Sandboxie-Plus 5.50.2": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50819"}}
{"text": "SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path", "spans": {"SYSTEM: SAntivirus IC 10.0.21.61": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49042"}}
{"text": "SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path", "spans": {"SYSTEM: SAPSetup Automatic Workstation Update Service 750": [[0, 49]], "VULNERABILITY: Unquoted Service Path": [[84, 105]]}, "info": {"source": "exploitdb", "exploit_id": "49689"}}
{"text": "SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path", "spans": {"SYSTEM: SAPSprint 7.60": [[0, 14]], "VULNERABILITY: Unquoted Service Path": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50061"}}
{"text": "Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation", "spans": {"SYSTEM: Selea CarPlateServer (CPS) 4.0.1.6": [[0, 34]], "VULNERABILITY: Local Privilege Escalation": [[37, 63]]}, "info": {"source": "exploitdb", "exploit_id": "49453"}}
{"text": "ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path", "spans": {"SYSTEM: ShareMouse 5.0.43": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48794"}}
{"text": "Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path", "spans": {"SYSTEM: Sherpa Connector Service v2020.2.20328.2050": [[0, 43]], "VULNERABILITY: Unquoted Service Path": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50852"}}
{"text": "Simple Startup Manager 1.17 - 'File' Local Buffer Overflow (PoC)", "spans": {"SYSTEM: Simple Startup Manager 1.17": [[0, 27]], "VULNERABILITY: Buffer Overflow": [[43, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48678"}}
{"text": "Snes9K 0.09z - 'Port Number' Buffer Overflow (SEH)", "spans": {"SYSTEM: Snes9K 0.09z": [[0, 12]], "VULNERABILITY: Buffer Overflow": [[29, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48686"}}
{"text": "Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow (SEH Egghunter)", "spans": {"SYSTEM: Socusoft Photo to Video Converter Professional 8.07": [[0, 51]], "VULNERABILITY: Buffer Overflow": [[70, 85]]}, "info": {"source": "exploitdb", "exploit_id": "48691"}}
{"text": "Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path", "spans": {"SYSTEM: Softros LAN Messenger 9.6.4": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49588"}}
{"text": "SolarWinds Kiwi CatTools 3.11.8 - Unquoted Service Path", "spans": {"SYSTEM: SolarWinds Kiwi CatTools 3.11.8": [[0, 31]], "VULNERABILITY: Unquoted Service Path": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50416"}}
{"text": "SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path", "spans": {"SYSTEM: SolarWinds Kiwi Syslog Server 9.6.7.1": [[0, 37]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52064"}}
{"text": "SolarWinds MSP PME Cache Service 1.1.14 - Insecure File Permissions", "spans": {"SYSTEM: SolarWinds MSP PME Cache Service 1.1.14": [[0, 39]], "VULNERABILITY: Insecure File Permissions": [[42, 67]]}, "info": {"source": "exploitdb", "exploit_id": "48448"}}
{"text": "Solstice Pod 6.2 - API Session Key Extraction via API Endpoint", "spans": {"SYSTEM: Solstice Pod 6.2": [[0, 16]], "VULNERABILITY: API Session Key Extraction via API Endpoint": [[19, 62]]}, "info": {"source": "exploitdb", "exploit_id": "52104"}}
{"text": "Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path", "spans": {"SYSTEM: Sonar Qube 8.3.1": [[0, 16]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48677"}}
{"text": "SonicWall NetExtender 10.2.0.300 -  Unquoted Service Path", "spans": {"SYSTEM: SonicWall NetExtender 10.2.0.300": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "50212"}}
{"text": "Sony playmemories home - 'PMBDeviceInfoProvider' Unquoted Service Path", "spans": {"SYSTEM: Sony playmemories home": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[49, 70]]}, "info": {"source": "exploitdb", "exploit_id": "50817"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x  -  Denial Of Service (DoS)", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Denial Of Service": [[39, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51170"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x  - Authorization Bypass (IDOR)", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Authorization Bypass": [[38, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51169"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Authentication Bypass": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51171"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Cross-Site Request Forgery": [[37, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51168"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Directory Traversal": [[37, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51172"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Remote Command Execution (RCE)", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Remote Command Execution": [[37, 61]]}, "info": {"source": "exploitdb", "exploit_id": "51173"}}
{"text": "SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset", "spans": {"SYSTEM: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x": [[0, 34]], "VULNERABILITY: Unauthenticated Factory Reset": [[37, 66]]}, "info": {"source": "exploitdb", "exploit_id": "51174"}}
{"text": "SOUND4 Server Service 4.1.102 - Local Privilege Escalation", "spans": {"SYSTEM: SOUND4 Server Service 4.1.102": [[0, 29]], "VULNERABILITY: Local Privilege Escalation": [[32, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51167"}}
{"text": "SOYAL 701 Client 9.0.1 - Insecure Permissions", "spans": {"SYSTEM: SOYAL 701 Client 9.0.1": [[0, 22]], "VULNERABILITY: Insecure Permissions": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49679"}}
{"text": "SOYAL 701 Server 9.0.1 - Insecure Permissions", "spans": {"SYSTEM: SOYAL 701 Server 9.0.1": [[0, 22]], "VULNERABILITY: Insecure Permissions": [[25, 45]]}, "info": {"source": "exploitdb", "exploit_id": "49678"}}
{"text": "Splashtop 8.71.12001.0 - Unquoted Service Path", "spans": {"SYSTEM: Splashtop 8.71.12001.0": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51182"}}
{"text": "SprintWork 2.3.1 - Local Privilege Escalation", "spans": {"SYSTEM: SprintWork 2.3.1": [[0, 16]], "VULNERABILITY: Local Privilege Escalation": [[19, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48070"}}
{"text": "Spy Emergency 25.0.650 - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: Spy Emergency 25.0.650": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "49997"}}
{"text": "SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path", "spans": {"SYSTEM: SpyHunter 4": [[0, 11], [15, 26]], "VULNERABILITY: Unquoted Service Path": [[36, 57]]}, "info": {"source": "exploitdb", "exploit_id": "48172"}}
{"text": "SQLite 3.50.1 - Heap Overflow", "spans": {"SYSTEM: SQLite 3.50.1": [[0, 13]], "VULNERABILITY: Heap Overflow": [[16, 29]]}, "info": {"source": "exploitdb", "exploit_id": "52499"}}
{"text": "Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation", "spans": {"SYSTEM: Stonesoft VPN Client 6.2.0 / 6.8.0": [[0, 34]], "VULNERABILITY: Local Privilege Escalation": [[37, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51341"}}
{"text": "StreamRipper32 2.6 - Buffer Overflow (PoC)", "spans": {"SYSTEM: StreamRipper32 2.6": [[0, 18]], "VULNERABILITY: Buffer Overflow": [[21, 36]]}, "info": {"source": "exploitdb", "exploit_id": "48517"}}
{"text": "SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path", "spans": {"SYSTEM: SugarSync 4.1.3": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "51106"}}
{"text": "Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: Sync Breeze 13.6.18": [[0, 19]], "VULNERABILITY: Unquoted Service Path": [[33, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50023"}}
{"text": "Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path", "spans": {"SYSTEM: Sync Breeze Enterprise 12.4.18": [[0, 30]], "VULNERABILITY: Unquoted Service Path": [[58, 79]]}, "info": {"source": "exploitdb", "exploit_id": "48045"}}
{"text": "Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path", "spans": {"SYSTEM: Syncplify.me Server! 5.0.37": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "49009"}}
{"text": "Sysax FTP Automation 6.9.0 - Privilege Escalation", "spans": {"SYSTEM: Sysax FTP Automation 6.9.0": [[0, 26]], "VULNERABILITY: Privilege Escalation": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50834"}}
{"text": "SysGauge 7.9.18 - ' SysGauge Server' Unquoted Service Path", "spans": {"SYSTEM: SysGauge 7.9.18": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50009"}}
{"text": "System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path", "spans": {"SYSTEM: System Explorer 7.0.0": [[0, 21]], "VULNERABILITY: Unquoted Service Path": [[52, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49248"}}
{"text": "System Mechanic v15.5.0.61 - Arbitrary Read/Write", "spans": {"SYSTEM: System Mechanic v15.5.0.61": [[0, 26]], "VULNERABILITY: Arbitrary Read/Write": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51044"}}
{"text": "TCQ - ITeCProteccioAppServer.exe - Unquoted Service Path", "spans": {"SYSTEM: TCQ": [[0, 3]], "VULNERABILITY: ITeCProteccioAppServer.exe - Unquoted Service Path": [[6, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50902"}}
{"text": "TDM Digital Signage PC Player 4.1 - Insecure File Permissions", "spans": {"SYSTEM: TDM Digital Signage PC Player 4.1": [[0, 33]], "VULNERABILITY: Insecure File Permissions": [[36, 61]]}, "info": {"source": "exploitdb", "exploit_id": "48953"}}
{"text": "TeamSpeak 3.5.6 - Insecure File Permissions", "spans": {"SYSTEM: TeamSpeak 3.5.6": [[0, 15]], "VULNERABILITY: Insecure File Permissions": [[18, 43]]}, "info": {"source": "exploitdb", "exploit_id": "50743"}}
{"text": "TFTP Broadband 4.3.0.1465 - 'tftpt.exe' Unquoted Service Path", "spans": {"SYSTEM: TFTP Broadband 4.3.0.1465": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "49852"}}
{"text": "TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path", "spans": {"SYSTEM: TFTP Turbo 4.6.1273": [[0, 19]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "48085"}}
{"text": "Tftpd32_SE 4.60 - 'Tftpd32_svc' Unquoted Service Path", "spans": {"SYSTEM: Tftpd32_SE 4.60": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "51076"}}
{"text": "Tftpd64 4.64 - 'Tftpd32_svc' Unquoted Service Path", "spans": {"SYSTEM: Tftpd64 4.64": [[0, 12]], "VULNERABILITY: Unquoted Service Path": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50004"}}
{"text": "Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation", "spans": {"SYSTEM: Throttlestop Kernel Driver": [[0, 26]], "VULNERABILITY: Privilege Escalation": [[56, 76]]}, "info": {"source": "exploitdb", "exploit_id": "52512"}}
{"text": "Torrent 3GP Converter 1.51 - Stack Overflow (SEH)", "spans": {"SYSTEM: Torrent 3GP Converter 1.51": [[0, 26]], "VULNERABILITY: Stack Overflow": [[29, 43]]}, "info": {"source": "exploitdb", "exploit_id": "47965"}}
{"text": "Torrent FLV Converter 1.51 Build 117 - Stack Oveflow (SEH partial overwrite)", "spans": {"SYSTEM: Torrent FLV Converter 1.51 Build 117": [[0, 36]], "VULNERABILITY: Stack Oveflow": [[39, 52]]}, "info": {"source": "exploitdb", "exploit_id": "47938"}}
{"text": "Torrent iPod Video Converter 1.51 - Stack Overflow", "spans": {"SYSTEM: Torrent iPod Video Converter 1.51": [[0, 33]], "VULNERABILITY: Stack Overflow": [[36, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48039"}}
{"text": "TOSHIBA DVD PLAYER Navi Support Service - 'TNaviSrv' Unquoted Service Path", "spans": {"SYSTEM: TOSHIBA DVD PLAYER Navi Support Service": [[0, 39]], "VULNERABILITY: Unquoted Service Path": [[53, 74]]}, "info": {"source": "exploitdb", "exploit_id": "50760"}}
{"text": "TotalAV 2020 4.14.31 - Privilege Escalation", "spans": {"SYSTEM: TotalAV 2020 4.14.31": [[0, 20]], "VULNERABILITY: Privilege Escalation": [[23, 43]]}, "info": {"source": "exploitdb", "exploit_id": "47897"}}
{"text": "TotalAV 5.15.69 - Unquoted Service Path", "spans": {"SYSTEM: TotalAV 5.15.69": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[18, 39]]}, "info": {"source": "exploitdb", "exploit_id": "50314"}}
{"text": "Trend Micro Maximum Security 2019 - Arbitrary Code Execution", "spans": {"SYSTEM: Trend Micro Maximum Security 2019": [[0, 33]], "VULNERABILITY: Arbitrary Code Execution": [[36, 60]]}, "info": {"source": "exploitdb", "exploit_id": "47940"}}
{"text": "Trend Micro Maximum Security 2019 - Privilege Escalation", "spans": {"SYSTEM: Trend Micro Maximum Security 2019": [[0, 33]], "VULNERABILITY: Privilege Escalation": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "47943"}}
{"text": "Trend Micro OfficeScan Client 10.0 - ACL Service LPE", "spans": {"SYSTEM: Trend Micro OfficeScan Client 10.0": [[0, 34]], "VULNERABILITY: ACL Service LPE": [[37, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51453"}}
{"text": "TRIGONE Remote System Monitor 3.61 - Unquoted Service Path", "spans": {"SYSTEM: TRIGONE Remote System Monitor 3.61": [[0, 34]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50633"}}
{"text": "Triologic Media Player 8 - '.m3l' Buffer Overflow (Unicode) (SEH)", "spans": {"SYSTEM: Triologic Media Player 8": [[0, 24]], "VULNERABILITY: Buffer Overflow": [[34, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48293"}}
{"text": "Typora v1.7.4 - OS Command Injection", "spans": {"SYSTEM: Typora v1.7.4": [[0, 13]], "VULNERABILITY: Command Injection": [[19, 36]]}, "info": {"source": "exploitdb", "exploit_id": "51752"}}
{"text": "UDisk Monitor Z5 Phone - 'MonServiceUDisk.exe' Unquoted Service Path", "spans": {"SYSTEM: UDisk Monitor Z5 Phone": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "50901"}}
{"text": "USB Flash Drives Control 4.1.0.0 - Unquoted Service Path", "spans": {"SYSTEM: USB Flash Drives Control 4.1.0.0": [[0, 32]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51508"}}
{"text": "VeeVPN 1.6.1 - Unquoted Service Path", "spans": {"SYSTEM: VeeVPN 1.6.1": [[0, 12]], "VULNERABILITY: Unquoted Service Path": [[15, 36]]}, "info": {"source": "exploitdb", "exploit_id": "52088"}}
{"text": "Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths", "spans": {"SYSTEM: Vembu BDR 4.2.0.1 U1": [[0, 20]], "VULNERABILITY: Multiple Unquoted Service Paths": [[23, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49641"}}
{"text": "Veyon 4.3.4 - 'VeyonService' Unquoted Service Path", "spans": {"SYSTEM: Veyon 4.3.4": [[0, 11]], "VULNERABILITY: Unquoted Service Path": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "48246"}}
{"text": "Veyon 4.4.1 - 'VeyonService' Unquoted Service Path", "spans": {"SYSTEM: Veyon 4.4.1": [[0, 11]], "VULNERABILITY: Unquoted Service Path": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "49925"}}
{"text": "VFS for Git 1.0.21014.1 - 'GVFS.Service' Unquoted Service Path", "spans": {"SYSTEM: VFS for Git 1.0.21014.1": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[41, 62]]}, "info": {"source": "exploitdb", "exploit_id": "49661"}}
{"text": "VirtualBox 7.0.16 - Privilege Escalation", "spans": {"SYSTEM: VirtualBox 7.0.16": [[0, 17]], "VULNERABILITY: Privilege Escalation": [[20, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52287"}}
{"text": "Visual Studio Code 1.47.1 - Denial of Service (PoC)", "spans": {"SYSTEM: Visual Studio Code 1.47.1": [[0, 25]], "VULNERABILITY: Denial of Service (PoC)": [[28, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49882"}}
{"text": "VIVE Runtime Service - 'ViveAgentService' Unquoted Service Path", "spans": {"SYSTEM: VIVE Runtime Service": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[42, 63]]}, "info": {"source": "exploitdb", "exploit_id": "50824"}}
{"text": "VPN unlimited 6.1 - Unquoted Service Path", "spans": {"SYSTEM: VPN unlimited 6.1": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[20, 41]]}, "info": {"source": "exploitdb", "exploit_id": "47916"}}
{"text": "VUPlayer 2.49 - '.wax' Local Buffer Overflow (DEP Bypass)", "spans": {"SYSTEM: VUPlayer 2.49": [[0, 13]], "VULNERABILITY: Buffer Overflow": [[29, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50650"}}
{"text": "VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP_ASLR)", "spans": {"SYSTEM: VUPlayer 2.49 .m3u": [[0, 18]], "VULNERABILITY: Buffer Overflow": [[27, 42]]}, "info": {"source": "exploitdb", "exploit_id": "48507"}}
{"text": "VX Search 13.5.28 - 'Multiple' Unquoted Service Path", "spans": {"SYSTEM: VX Search 13.5.28": [[0, 17]], "VULNERABILITY: Unquoted Service Path": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "50026"}}
{"text": "Wedding Slideshow Studio 1.36 - 'Key' Buffer Overflow", "spans": {"SYSTEM: Wedding Slideshow Studio 1.36": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[38, 53]]}, "info": {"source": "exploitdb", "exploit_id": "48028"}}
{"text": "Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow", "spans": {"SYSTEM: Wedding Slideshow Studio 1.36": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[39, 54]]}, "info": {"source": "exploitdb", "exploit_id": "48050"}}
{"text": "WibuKey Runtime 6.51 - 'WkSvW32.exe' Unquoted Service Path", "spans": {"SYSTEM: WibuKey Runtime 6.51": [[0, 20]], "VULNERABILITY: Unquoted Service Path": [[37, 58]]}, "info": {"source": "exploitdb", "exploit_id": "49999"}}
{"text": "WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path", "spans": {"SYSTEM: WifiHotSpot 1.0.0.0": [[0, 19]], "VULNERABILITY: Unquoted Service Path": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49845"}}
{"text": "WinAVR Version 20100110 - Insecure Folder Permissions", "spans": {"SYSTEM: WinAVR Version 20100110": [[0, 23]], "VULNERABILITY: Insecure Folder Permissions": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49379"}}
{"text": "Windows 11 10.0.22000 -  Backup service Privilege Escalation", "spans": {"SYSTEM: Windows 11 10.0.22000": [[0, 21]], "VULNERABILITY: Privilege Escalation": [[40, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51203"}}
{"text": "Windows 11 22h2 - Kernel Privilege Elevation", "spans": {"SYSTEM: Windows 11 22h2": [[0, 15]], "VULNERABILITY: Kernel Privilege Elevation": [[18, 44]]}, "info": {"source": "exploitdb", "exploit_id": "51544"}}
{"text": "Windows Kernel - Elevation of Privilege", "spans": {"SYSTEM: Windows Kernel": [[0, 14]], "VULNERABILITY: Elevation of Privilege": [[17, 39]]}, "info": {"source": "exploitdb", "exploit_id": "52494"}}
{"text": "Windows MultiPoint Server 2011 SP1 - RpcEptMapper and Dnschade Local Privilege Escalation", "spans": {"SYSTEM: Windows MultiPoint Server 2011 SP1": [[0, 34]], "VULNERABILITY: Local Privilege Escalation": [[63, 89]]}, "info": {"source": "exploitdb", "exploit_id": "50517"}}
{"text": "Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software", "spans": {"SYSTEM: Windows TCPIP Finger Command": [[0, 28]], "VULNERABILITY: C2 Channel and Bypassing Security Software": [[31, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48815"}}
{"text": "Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)", "spans": {"SYSTEM: Windscribe": [[0, 10], [13, 23]], "VULNERABILITY: Privilege Escalation": [[42, 62]], "TOOL: Metasploit": [[64, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48021"}}
{"text": "Windscribe 1.83 - 'WindscribeService' Unquoted Service Path", "spans": {"SYSTEM: Windscribe 1.83": [[0, 15]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "48624"}}
{"text": "Wing FTP Server 6.2.3 - Privilege Escalation", "spans": {"SYSTEM: Wing FTP Server 6.2.3": [[0, 21]], "VULNERABILITY: Privilege Escalation": [[24, 44]]}, "info": {"source": "exploitdb", "exploit_id": "48160"}}
{"text": "WinGate 9.4.1.5998 - Insecure Folder Permissions", "spans": {"SYSTEM: WinGate 9.4.1.5998": [[0, 18]], "VULNERABILITY: Insecure Folder Permissions": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "48573"}}
{"text": "Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path", "spans": {"SYSTEM: Winpakpro 4.8": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[35, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49690"}}
{"text": "Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path", "spans": {"SYSTEM: Winpakpro 4.8": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49691"}}
{"text": "Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path", "spans": {"SYSTEM: Winpakpro 4.8": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49692"}}
{"text": "Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path", "spans": {"SYSTEM: Winstep 18.06.0096": [[0, 18]], "VULNERABILITY: Unquoted Service Path": [[38, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49004"}}
{"text": "WinWaste.NET 1.0.6183.16475 - Privilege Escalation due Incorrect Access Control", "spans": {"SYSTEM: WinWaste.NET 1.0.6183.16475": [[0, 27]], "VULNERABILITY: Privilege Escalation": [[30, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50083"}}
{"text": "Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path", "spans": {"SYSTEM: Wise Care 365 5.6.7.568": [[0, 23]], "VULNERABILITY: Unquoted Service Path": [[46, 67]]}, "info": {"source": "exploitdb", "exploit_id": "50038"}}
{"text": "Wondershare Dr Fone 12.9.6 - Privilege Escalation", "spans": {"SYSTEM: Wondershare Dr Fone 12.9.6": [[0, 26]], "VULNERABILITY: Privilege Escalation": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "51324"}}
{"text": "Wondershare Dr.Fone 11.4.10 - Insecure File Permissions", "spans": {"SYSTEM: Wondershare Dr.Fone 11.4.10": [[0, 27]], "VULNERABILITY: Insecure File Permissions": [[30, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50903"}}
{"text": "Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path", "spans": {"SYSTEM: Wondershare Dr.Fone 11.4.9": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[45, 66]]}, "info": {"source": "exploitdb", "exploit_id": "50755"}}
{"text": "Wondershare Dr.Fone 12.0.18 - 'Wondershare InstallAssist' Unquoted Service Path", "spans": {"SYSTEM: Wondershare Dr.Fone 12.0.18": [[0, 27]], "VULNERABILITY: Unquoted Service Path": [[58, 79]]}, "info": {"source": "exploitdb", "exploit_id": "50813"}}
{"text": "Wondershare Dr.Fone 12.0.7 - Privilege Escalation (ElevationService)", "spans": {"SYSTEM: Wondershare Dr.Fone 12.0.7": [[0, 26]], "VULNERABILITY: Privilege Escalation": [[29, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50912"}}
{"text": "Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path", "spans": {"SYSTEM: Wondershare Driver Install Service help 10.7.1.321": [[0, 50]], "VULNERABILITY: Unquote Service Path": [[72, 92]]}, "info": {"source": "exploitdb", "exploit_id": "49101"}}
{"text": "Wondershare FamiSafe 1.0 - 'FSService' Unquoted Service Path", "spans": {"SYSTEM: Wondershare FamiSafe 1.0": [[0, 24]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50757"}}
{"text": "Wondershare Filmora 12.2.9.2233 - Unquoted Service Path", "spans": {"SYSTEM: Wondershare Filmora 12.2.9.2233": [[0, 31]], "VULNERABILITY: Unquoted Service Path": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51395"}}
{"text": "Wondershare MirrorGo 2.0.11.346 - Insecure File Permissions", "spans": {"SYSTEM: Wondershare MirrorGo 2.0.11.346": [[0, 31]], "VULNERABILITY: Insecure File Permissions": [[34, 59]]}, "info": {"source": "exploitdb", "exploit_id": "50787"}}
{"text": "Wondershare MobileTrans 3.5.9 - 'ElevationService' Unquoted Service Path", "spans": {"SYSTEM: Wondershare MobileTrans 3.5.9": [[0, 29]], "VULNERABILITY: Unquoted Service Path": [[51, 72]]}, "info": {"source": "exploitdb", "exploit_id": "50756"}}
{"text": "Wondershare UBackit 2.0.5 - 'wsbackup' Unquoted Service Path", "spans": {"SYSTEM: Wondershare UBackit 2.0.5": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50758"}}
{"text": "Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path", "spans": {"SYSTEM: Workspace ONE Intelligent Hub 20.3.8.0": [[0, 38]], "VULNERABILITY: Unquoted Service Path": [[80, 101]]}, "info": {"source": "exploitdb", "exploit_id": "50028"}}
{"text": "WorkTime 10.20 Build 4967 - Unquoted Service Path", "spans": {"SYSTEM: WorkTime 10.20 Build 4967": [[0, 25]], "VULNERABILITY: Unquoted Service Path": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "50664"}}
{"text": "WOW21 5.0.1.9 - 'Service WOW21_Service' Unquoted Service Path", "spans": {"SYSTEM: WOW21 5.0.1.9": [[0, 13]], "VULNERABILITY: Unquoted Service Path": [[40, 61]]}, "info": {"source": "exploitdb", "exploit_id": "50818"}}
{"text": "XAMPP 7.4.3 - Local Privilege Escalation", "spans": {"SYSTEM: XAMPP 7.4.3": [[0, 11]], "VULNERABILITY: Local Privilege Escalation": [[14, 40]]}, "info": {"source": "exploitdb", "exploit_id": "50337"}}
{"text": "XAMPP 8.2.4 - Unquoted Path", "spans": {"SYSTEM: XAMPP 8.2.4": [[0, 11]], "VULNERABILITY: Unquoted Path": [[14, 27]]}, "info": {"source": "exploitdb", "exploit_id": "51585"}}
{"text": "XMLBlueprint 16.191112 - XML External Entity Injection", "spans": {"SYSTEM: XMLBlueprint 16.191112": [[0, 22]], "VULNERABILITY: XML External Entity Injection": [[25, 54]]}, "info": {"source": "exploitdb", "exploit_id": "47974"}}
{"text": "YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)", "spans": {"SYSTEM: YouTube Video Grabber 1.9.9.1": [[0, 29]], "VULNERABILITY: Buffer Overflow": [[32, 47]]}, "info": {"source": "exploitdb", "exploit_id": "50471"}}
{"text": "Zillya Total Security 3.0.2367.0  - Local Privilege Escalation", "spans": {"SYSTEM: Zillya Total Security 3.0.2367.0": [[0, 32]], "VULNERABILITY: Local Privilege Escalation": [[36, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51151"}}
{"text": "Zortam Mp3 Media Studio 27.60 - Remote Code Execution (SEH)", "spans": {"SYSTEM: Zortam Mp3 Media Studio 27.60": [[0, 29]], "VULNERABILITY: Remote Code Execution": [[32, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49084"}}
{"text": "Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution (RCE)", "spans": {"SYSTEM: Adobe ColdFusion 11": [[0, 19]], "VULNERABILITY: RCE": [[78, 81]]}, "info": {"source": "exploitdb", "exploit_id": "50781"}}
{"text": "Anviz CrossChex - Buffer Overflow (Metasploit)", "spans": {"SYSTEM: Anviz CrossChex": [[0, 15]], "VULNERABILITY: Buffer Overflow": [[18, 33]], "TOOL: Metasploit": [[35, 45]]}, "info": {"source": "exploitdb", "exploit_id": "48092"}}
{"text": "Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit)", "spans": {"SYSTEM: Apache ActiveMQ 5.x-5.11.1": [[0, 26]], "VULNERABILITY: Directory Traversal": [[29, 48]], "TOOL: Metasploit": [[63, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48181"}}
{"text": "Archeevo 5.0 - Local File Inclusion", "spans": {"SYSTEM: Archeevo 5.0": [[0, 12]], "VULNERABILITY: Local File Inclusion": [[15, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50665"}}
{"text": "ASUS Remote Link 1.1.2.13 - Remote Code Execution", "spans": {"SYSTEM: ASUS Remote Link 1.1.2.13": [[0, 25]], "VULNERABILITY: Remote Code Execution": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49594"}}
{"text": "CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow", "spans": {"SYSTEM: CA Unified Infrastructure Management Nimsoft 7.80": [[0, 49]], "VULNERABILITY: Remote Buffer Overflow": [[52, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48156"}}
{"text": "CloudMe 1.11.2 - Buffer Overflow (PoC)", "spans": {"SYSTEM: CloudMe 1.11.2": [[0, 14]], "VULNERABILITY: Buffer Overflow": [[17, 32]]}, "info": {"source": "exploitdb", "exploit_id": "48389"}}
{"text": "CompleteFTP Professional 12.1.3 - Remote Code Execution", "spans": {"SYSTEM: CompleteFTP Professional 12.1.3": [[0, 31]], "VULNERABILITY: Remote Code Execution": [[34, 55]]}, "info": {"source": "exploitdb", "exploit_id": "48657"}}
{"text": "CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)", "spans": {"SYSTEM: CoreFTP 2.0 Build 674 MDTM": [[0, 26]], "VULNERABILITY: Directory Traversal": [[29, 48]], "TOOL: Metasploit": [[50, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48195"}}
{"text": "CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)", "spans": {"SYSTEM: CoreFTP 2.0 Build 674 SIZE": [[0, 26]], "VULNERABILITY: Directory Traversal": [[29, 48]], "TOOL: Metasploit": [[50, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48194"}}
{"text": "CoreFTP Server build 725 - Directory Traversal (Authenticated)", "spans": {"SYSTEM: CoreFTP Server build 725": [[0, 24]], "VULNERABILITY: Directory Traversal": [[27, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50652"}}
{"text": "DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)", "spans": {"SYSTEM: DotNetNuke": [[0, 10]], "VULNERABILITY: Remote Code Execution": [[36, 57]], "TOOL: Metasploit": [[59, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48336"}}
{"text": "Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow", "spans": {"SYSTEM: Dup Scout Enterprise 10.0.18": [[0, 28]], "VULNERABILITY: Remote Buffer Overflow": [[53, 75]]}, "info": {"source": "exploitdb", "exploit_id": "49210"}}
{"text": "Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow (SEH)", "spans": {"SYSTEM: Dup Scout Enterprise 10.0.18": [[0, 28]], "VULNERABILITY: Remote Buffer Overflow": [[37, 59]]}, "info": {"source": "exploitdb", "exploit_id": "49217"}}
{"text": "Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH)", "spans": {"SYSTEM: Easy Chat Server 3.1": [[0, 20]], "VULNERABILITY: Buffer Overflow": [[36, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50999"}}
{"text": "Exchange Control Panel - Viewstate Deserialization (Metasploit)", "spans": {"SYSTEM: Exchange Control Panel": [[0, 22]], "VULNERABILITY: Viewstate Deserialization": [[25, 50]], "TOOL: Metasploit": [[52, 62]]}, "info": {"source": "exploitdb", "exploit_id": "48168"}}
{"text": "Fortinet FortiOS_ FortiProxy_ and FortiSwitchManager 7.2.0 - Authentication bypass", "spans": {"SYSTEM: Fortinet FortiOS_ FortiProxy_ and FortiSwitchManager 7.2.0": [[0, 58]], "VULNERABILITY: Authentication bypass": [[61, 82]]}, "info": {"source": "exploitdb", "exploit_id": "52239"}}
{"text": "freeSSHd 1.0.9 - Denial of Service (DoS)", "spans": {"SYSTEM: freeSSHd 1.0.9": [[0, 14]], "VULNERABILITY: Denial of Service (DoS)": [[17, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52342"}}
{"text": "GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: GeoVision ASManager Windows Application 6.1.2.0": [[0, 47]], "VULNERABILITY: Remote Code Execution (RCE)": [[50, 77]]}, "info": {"source": "exploitdb", "exploit_id": "52424"}}
{"text": "Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)", "spans": {"SYSTEM: Golden FTP Server 4.70": [[0, 22]], "VULNERABILITY: Buffer Overflow": [[32, 47]]}, "info": {"source": "exploitdb", "exploit_id": "49629"}}
{"text": "GOM Player 2.3.90.5360 - Remote Code Execution (RCE)", "spans": {"SYSTEM: GOM Player 2.3.90.5360": [[0, 22]], "VULNERABILITY: Remote Code Execution (RCE)": [[25, 52]]}, "info": {"source": "exploitdb", "exploit_id": "51719"}}
{"text": "HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)", "spans": {"SYSTEM: HFS (HTTP File Server) 2.3.x": [[0, 28]], "VULNERABILITY: Remote Command Execution": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49584"}}
{"text": "Huawei HedEx Lite 200R006C00SPC005 - Path Traversal", "spans": {"SYSTEM: Huawei HedEx Lite 200R006C00SPC005": [[0, 34]], "VULNERABILITY: Path Traversal": [[37, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49218"}}
{"text": "Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE)", "spans": {"SYSTEM: Inbit Messenger v4.9.0": [[0, 22]], "VULNERABILITY: Remote Command Execution": [[41, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51127"}}
{"text": "Inbit Messenger v4.9.0 - Unauthenticated Remote SEH Overflow", "spans": {"SYSTEM: Inbit Messenger v4.9.0": [[0, 22]], "VULNERABILITY: Unauthenticated Remote SEH Overflow": [[25, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51126"}}
{"text": "Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Internet Download Manager v6.41 Build 3": [[0, 39]], "VULNERABILITY: Remote Code Execution (RCE)": [[42, 69]]}, "info": {"source": "exploitdb", "exploit_id": "51131"}}
{"text": "IOTransfer 4.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: IOTransfer 4.0": [[0, 14]], "VULNERABILITY: Remote Code Execution (RCE)": [[17, 44]]}, "info": {"source": "exploitdb", "exploit_id": "50974"}}
{"text": "Ivanti Avalanche <v6.4.0.0 - Remote Code Execution", "spans": {"SYSTEM: Ivanti Avalanche <v6.4.0.0": [[0, 26]], "VULNERABILITY: Remote Code Execution": [[29, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51699"}}
{"text": "Kardex Mlog MCC 5.7.12 - RCE (Remote Code Execution)", "spans": {"SYSTEM: Kardex Mlog MCC 5.7.12": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[30, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51239"}}
{"text": "ManageEngine ADSelfService Plus 6.1 - User Enumeration", "spans": {"SYSTEM: ManageEngine ADSelfService Plus 6.1": [[0, 35]], "VULNERABILITY: User Enumeration": [[38, 54]]}, "info": {"source": "exploitdb", "exploit_id": "50873"}}
{"text": "ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure", "spans": {"SYSTEM: ManageEngine ADSelfService Plus Build 6118": [[0, 42]], "VULNERABILITY: NTLMv2 Hash Exposure": [[45, 65]]}, "info": {"source": "exploitdb", "exploit_id": "50904"}}
{"text": "Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)", "spans": {"SYSTEM: Marval MSM v14.19.0.12476": [[0, 25]], "VULNERABILITY: CSRF": [[56, 60]]}, "info": {"source": "exploitdb", "exploit_id": "50957"}}
{"text": "Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Marval MSM v14.19.0.12476": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50956"}}
{"text": "Microsoft Edge (Chromium-based) 135.0.7049.114/.115 - Information Disclosure", "spans": {"SYSTEM: Microsoft Edge (Chromium-based) 135.0.7049.114/.115": [[0, 51]], "VULNERABILITY: Information Disclosure": [[54, 76]]}, "info": {"source": "exploitdb", "exploit_id": "52389"}}
{"text": "Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)", "spans": {"SYSTEM: Microsoft Edge Windows 10 Version 1511": [[0, 38]], "VULNERABILITY: Cross Site Scripting": [[41, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52372"}}
{"text": "Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Excel 2024 Use after free": [[0, 35]], "VULNERABILITY: Remote Code Execution (RCE)": [[38, 65]]}, "info": {"source": "exploitdb", "exploit_id": "52343"}}
{"text": "Microsoft Exchange 2019 - Server-Side Request Forgery", "spans": {"SYSTEM: Microsoft Exchange 2019": [[0, 23]], "VULNERABILITY: Server-Side Request Forgery": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49663"}}
{"text": "Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution", "spans": {"SYSTEM: Microsoft Exchange 2019 15.2.221.12": [[0, 35]], "VULNERABILITY: Authenticated Remote Code Execution": [[38, 73]]}, "info": {"source": "exploitdb", "exploit_id": "48153"}}
{"text": "Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure", "spans": {"SYSTEM: Microsoft Office 2019 MSO Build 1808": [[0, 36]], "VULNERABILITY: NTLMv2 Hash Disclosure": [[39, 61]]}, "info": {"source": "exploitdb", "exploit_id": "52113"}}
{"text": "Microsoft Outlook - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Outlook": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52356"}}
{"text": "Microsoft PowerPoint 2019 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft PowerPoint 2019": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "52351"}}
{"text": "Microsoft SharePoint - Deserialization Remote Code Execution", "spans": {"SYSTEM: Microsoft SharePoint": [[0, 20]], "VULNERABILITY: Remote Code Execution": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "48053"}}
{"text": "Microsoft SharePoint 2019 - NTLM Authentication", "spans": {"SYSTEM: Microsoft SharePoint 2019": [[0, 25]], "VULNERABILITY: NTLM Authentication": [[28, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52349"}}
{"text": "Microsoft SharePoint Server 2019 (16.0.10383.20020) - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft SharePoint Server 2019 (16.0.10383.20020)": [[0, 51]], "VULNERABILITY: Remote Code Execution (RCE)": [[54, 81]]}, "info": {"source": "exploitdb", "exploit_id": "52405"}}
{"text": "Microsoft SQL Server Reporting Services 2016 - Remote Code Execution", "spans": {"SYSTEM: Microsoft SQL Server Reporting Services 2016": [[0, 44]], "VULNERABILITY: Remote Code Execution": [[47, 68]]}, "info": {"source": "exploitdb", "exploit_id": "48816"}}
{"text": "Microsoft Windows - 'SMBGhost' Remote Code Execution", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: Remote Code Execution": [[31, 52]]}, "info": {"source": "exploitdb", "exploit_id": "48537"}}
{"text": "Microsoft Windows - NTLM Hash Leak Malicious Windows Theme", "spans": {"SYSTEM: Microsoft Windows": [[0, 17]], "VULNERABILITY: NTLM Hash Leak Malicious Windows Theme": [[20, 58]]}, "info": {"source": "exploitdb", "exploit_id": "52092"}}
{"text": "Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure", "spans": {"SYSTEM: Microsoft Windows 10.0.19045": [[0, 28]], "VULNERABILITY: NTLMv2 Hash Disclosure": [[31, 53]]}, "info": {"source": "exploitdb", "exploit_id": "52415"}}
{"text": "Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)", "spans": {"SYSTEM: Microsoft Windows Server 2025 JScript Engine": [[0, 44]], "VULNERABILITY: Remote Code Execution (RCE)": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52315"}}
{"text": "minaliC 2.0.0 - Denied of Service", "spans": {"SYSTEM: minaliC 2.0.0": [[0, 13]], "VULNERABILITY: Denied of Service": [[16, 33]]}, "info": {"source": "exploitdb", "exploit_id": "51917"}}
{"text": "Mobile Mouse 3.6.0.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Mobile Mouse 3.6.0.4": [[0, 20]], "VULNERABILITY: Remote Code Execution (RCE)": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "51010"}}
{"text": "Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption", "spans": {"SYSTEM: Neowise CarbonFTP 1.4": [[0, 21]], "VULNERABILITY: Insecure Proprietary Password Encryption": [[24, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48363"}}
{"text": "Oliver Library Server v5 - Arbitrary File Download", "spans": {"SYSTEM: Oliver Library Server v5": [[0, 24]], "VULNERABILITY: Arbitrary File Download": [[27, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50599"}}
{"text": "Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion", "spans": {"SYSTEM: Oracle WebLogic Server 14.1.1.0.0": [[0, 33]], "VULNERABILITY: Local File Inclusion": [[36, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50688"}}
{"text": "PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow", "spans": {"SYSTEM: PCMan FTP Server 2.0": [[0, 20]], "VULNERABILITY: Remote Buffer Overflow": [[29, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51767"}}
{"text": "PCMan FTP Server 2.0.7 - Buffer Overflow", "spans": {"SYSTEM: PCMan FTP Server 2.0.7": [[0, 22]], "VULNERABILITY: Buffer Overflow": [[25, 40]]}, "info": {"source": "exploitdb", "exploit_id": "52326"}}
{"text": "Plesk/myLittleAdmin - ViewState .NET Deserialization (Metasploit)", "spans": {"SYSTEM: Plesk/myLittleAdmin": [[0, 19]], "VULNERABILITY: ViewState .NET Deserialization": [[22, 52]], "TOOL: Metasploit": [[54, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48513"}}
{"text": "Prime95 Version 30.7 build 9 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Prime95 Version 30.7 build 9": [[0, 28]], "VULNERABILITY: Remote Code Execution (RCE)": [[31, 58]]}, "info": {"source": "exploitdb", "exploit_id": "50905"}}
{"text": "Printix Client 1.3.1106.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Printix Client 1.3.1106.0": [[0, 25]], "VULNERABILITY: Remote Code Execution (RCE)": [[28, 55]]}, "info": {"source": "exploitdb", "exploit_id": "50798"}}
{"text": "ProSSHD 1.2 20090726 - Denial of Service (DoS)", "spans": {"SYSTEM: ProSSHD 1.2 20090726": [[0, 20]], "VULNERABILITY: Denial of Service (DoS)": [[23, 46]]}, "info": {"source": "exploitdb", "exploit_id": "52321"}}
{"text": "Prowise Reflect v1.0.9 - Remote Keystroke Injection", "spans": {"SYSTEM: Prowise Reflect v1.0.9": [[0, 22]], "VULNERABILITY: Remote Keystroke Injection": [[25, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50796"}}
{"text": "Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution", "spans": {"SYSTEM: Razer Chroma SDK Server 3.16.02": [[0, 31]], "VULNERABILITY: Race Condition Remote File Execution": [[34, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49106"}}
{"text": "Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)", "spans": {"SYSTEM: Remote Desktop Web Access": [[0, 25]], "VULNERABILITY: Authentication Timing Attack": [[28, 56]], "TOOL: Metasploit": [[58, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49599"}}
{"text": "Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Remote Keyboard Desktop 1.0.1": [[0, 29]], "VULNERABILITY: Remote Code Execution (RCE)": [[32, 59]]}, "info": {"source": "exploitdb", "exploit_id": "52299"}}
{"text": "SharePoint Workflows - XOML Injection (Metasploit)", "spans": {"SYSTEM: SharePoint Workflows": [[0, 20]], "VULNERABILITY: XOML Injection": [[23, 37]], "TOOL: Metasploit": [[39, 49]]}, "info": {"source": "exploitdb", "exploit_id": "48275"}}
{"text": "SmarterMail Build 6985 - Remote Code Execution", "spans": {"SYSTEM: SmarterMail Build 6985": [[0, 22]], "VULNERABILITY: Remote Code Execution": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49216"}}
{"text": "TermTalk Server 3.24.0.2 - Arbitrary File Read (Unauthenticated)", "spans": {"SYSTEM: TermTalk Server 3.24.0.2": [[0, 24]], "VULNERABILITY: Arbitrary File Read": [[27, 46]]}, "info": {"source": "exploitdb", "exploit_id": "50638"}}
{"text": "TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution (RCE)", "spans": {"SYSTEM: TitanFTP 2.0.1.2102": [[0, 19]], "VULNERABILITY: Remote Code Execution (RCE)": [[40, 67]]}, "info": {"source": "exploitdb", "exploit_id": "51268"}}
{"text": "TSPlus 16.0.0.0 - Remote Work Insecure Credential storage", "spans": {"SYSTEM: TSPlus 16.0.0.0": [[0, 15]], "VULNERABILITY: Remote Work Insecure Credential storage": [[18, 57]]}, "info": {"source": "exploitdb", "exploit_id": "51681"}}
{"text": "TSplus 16.0.0.0 - Remote Work Insecure Files and Folders", "spans": {"SYSTEM: TSplus 16.0.0.0": [[0, 15]], "VULNERABILITY: Remote Work Insecure Files and Folders": [[18, 56]]}, "info": {"source": "exploitdb", "exploit_id": "51680"}}
{"text": "TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions", "spans": {"SYSTEM: TSplus 16.0.2.14": [[0, 16]], "VULNERABILITY: Remote Access Insecure Files and Folders Permissions": [[19, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51679"}}
{"text": "Unified Remote 3.13.0 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Unified Remote 3.13.0": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "51309"}}
{"text": "Unified Remote 3.9.0.2463 - Remote Code Execution", "spans": {"SYSTEM: Unified Remote 3.9.0.2463": [[0, 25]], "VULNERABILITY: Remote Code Execution": [[28, 49]]}, "info": {"source": "exploitdb", "exploit_id": "49587"}}
{"text": "Virtua Software Cobranca 12S - SQLi", "spans": {"SYSTEM: Virtua Software Cobranca 12S": [[0, 28]], "VULNERABILITY: SQLi": [[31, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50958"}}
{"text": "WebCatalog 48.4 - Arbitrary Protocol Execution", "spans": {"SYSTEM: WebCatalog 48.4": [[0, 15]], "VULNERABILITY: Arbitrary Protocol Execution": [[18, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51765"}}
{"text": "WebDAV Windows 10 - Remote Code Execution (RCE)", "spans": {"SYSTEM: WebDAV Windows 10": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "52334"}}
{"text": "WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page", "spans": {"SYSTEM: WebMethods Integration Server 10.15.0.0000-0092": [[0, 47]], "VULNERABILITY: Improper Access on Login Page": [[50, 79]]}, "info": {"source": "exploitdb", "exploit_id": "52237"}}
{"text": "WiFi Mouse 1.7.8.5 - Remote Code Execution", "spans": {"SYSTEM: WiFi Mouse 1.7.8.5": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "49601"}}
{"text": "WiFi Mouse 1.7.8.5 - Remote Code Execution(v2)", "spans": {"SYSTEM: WiFi Mouse 1.7.8.5": [[0, 18]], "VULNERABILITY: Remote Code Execution": [[21, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50972"}}
{"text": "WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)", "spans": {"SYSTEM: WiFi Mouse 1.8.3.2": [[0, 18]], "VULNERABILITY: Remote Code Execution (RCE)": [[21, 48]]}, "info": {"source": "exploitdb", "exploit_id": "51072"}}
{"text": "WiFiMouse 1.8.3.4 - Remote Code Execution (RCE)", "spans": {"SYSTEM: WiFiMouse 1.8.3.4": [[0, 17]], "VULNERABILITY: Remote Code Execution (RCE)": [[20, 47]]}, "info": {"source": "exploitdb", "exploit_id": "51016"}}
{"text": "Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution", "spans": {"SYSTEM: Windows 10 v21H1": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[39, 60]]}, "info": {"source": "exploitdb", "exploit_id": "51575"}}
{"text": "Windows 10.0.17763.7009 - spoofing vulnerability", "spans": {"SYSTEM: Windows 10.0.17763.7009": [[0, 23]], "VULNERABILITY: spoofing vulnerability": [[26, 48]]}, "info": {"source": "exploitdb", "exploit_id": "52480"}}
{"text": "windows 10/11 - NTLM Hash Disclosure Spoofing", "spans": {"SYSTEM: windows 10/11": [[0, 13]], "VULNERABILITY: NTLM Hash Disclosure Spoofing": [[16, 45]]}, "info": {"source": "exploitdb", "exploit_id": "52478"}}
{"text": "Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)", "spans": {"SYSTEM: Windows 11 SMB Client": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[47, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52330"}}
{"text": "Windows 2024.15 - Unauthenticated Desktop Screenshot Capture", "spans": {"SYSTEM: Windows 2024.15": [[0, 15]], "VULNERABILITY: Unauthenticated Desktop Screenshot Capture": [[18, 60]]}, "info": {"source": "exploitdb", "exploit_id": "52300"}}
{"text": "Windows File Explorer Windows 10 Pro x64 - TAR Extraction", "spans": {"SYSTEM: Windows File Explorer Windows 10 Pro x64": [[0, 40]], "VULNERABILITY: TAR Extraction": [[43, 57]]}, "info": {"source": "exploitdb", "exploit_id": "52325"}}
{"text": "Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure", "spans": {"SYSTEM: Windows File Explorer Windows 11 (23H2)": [[0, 39]], "VULNERABILITY: NTLM Hash Disclosure": [[42, 62]]}, "info": {"source": "exploitdb", "exploit_id": "52310"}}
{"text": "Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: Wing FTP Server 4.3.8": [[0, 21]], "VULNERABILITY: Remote Code Execution (RCE)": [[24, 51]]}, "info": {"source": "exploitdb", "exploit_id": "50720"}}
{"text": "WinRAR version 6.22 - Remote Code Execution via ZIP archive", "spans": {"SYSTEM: WinRAR version 6.22": [[0, 19]], "VULNERABILITY: Remote Code Execution": [[22, 43]]}, "info": {"source": "exploitdb", "exploit_id": "51935"}}
{"text": "Wondershare Dr.Fone 12.0.7 - Remote Code Execution (RCE)", "spans": {"SYSTEM: Wondershare Dr.Fone 12.0.7": [[0, 26]], "VULNERABILITY: Remote Code Execution (RCE)": [[29, 56]]}, "info": {"source": "exploitdb", "exploit_id": "50913"}}
{"text": "YATinyWinFTP - Denial of Service (PoC)", "spans": {"SYSTEM: YATinyWinFTP": [[0, 12]], "VULNERABILITY: Denial of Service (PoC)": [[15, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49127"}}
{"text": "ZeroLogon - Netlogon Elevation of Privilege", "spans": {"SYSTEM: ZeroLogon": [[0, 9]], "VULNERABILITY: Netlogon Elevation of Privilege": [[12, 43]]}, "info": {"source": "exploitdb", "exploit_id": "49071"}}
{"text": "Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Alt-N MDaemon webmail 20.0.0": [[0, 28]], "VULNERABILITY: Stored Cross Site Scripting": [[46, 73]]}, "info": {"source": "exploitdb", "exploit_id": "49536"}}
{"text": "Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: Alt-N MDaemon webmail 20.0.0": [[0, 28]], "VULNERABILITY: Stored Cross Site Scripting": [[43, 70]]}, "info": {"source": "exploitdb", "exploit_id": "49537"}}
{"text": "Arteco Web Client DVR/NVR - 'SessionId' Brute Force", "spans": {"SYSTEM: Arteco Web Client DVR/NVR": [[0, 25]], "VULNERABILITY: Brute Force": [[40, 51]]}, "info": {"source": "exploitdb", "exploit_id": "49348"}}
{"text": "Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read", "spans": {"SYSTEM: Dell OpenManage Server Administrator 9.4.0.0": [[0, 44]], "VULNERABILITY: Arbitrary File Read": [[47, 66]]}, "info": {"source": "exploitdb", "exploit_id": "49750"}}
{"text": "Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read", "spans": {"SYSTEM: Easy Chat Server 3.1": [[0, 20]], "VULNERABILITY: Directory Traversal": [[23, 42]]}, "info": {"source": "exploitdb", "exploit_id": "50437"}}
{"text": "easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)", "spans": {"SYSTEM: easy-mock 1.6.0": [[0, 15]], "VULNERABILITY: Remote Code Execution (RCE)": [[18, 45]]}, "info": {"source": "exploitdb", "exploit_id": "50194"}}
{"text": "eScan Management Console 14.0.1400.2281 - Cross Site Scripting", "spans": {"SYSTEM: eScan Management Console 14.0.1400.2281": [[0, 39]], "VULNERABILITY: Cross Site Scripting": [[42, 62]]}, "info": {"source": "exploitdb", "exploit_id": "51467"}}
{"text": "eScan Management Console 14.0.1400.2281 - SQL Injection (Authenticated)", "spans": {"SYSTEM: eScan Management Console 14.0.1400.2281": [[0, 39]], "VULNERABILITY: SQL Injection": [[42, 55]]}, "info": {"source": "exploitdb", "exploit_id": "51466"}}
{"text": "HTTP Commander 3.1.9 - Stored Cross Site Scripting (XSS)", "spans": {"SYSTEM: HTTP Commander 3.1.9": [[0, 20]], "VULNERABILITY: Stored Cross Site Scripting": [[23, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50645"}}
{"text": "Kibana 6.6.1 - CSV Injection", "spans": {"SYSTEM: Kibana 6.6.1": [[0, 12]], "VULNERABILITY: CSV Injection": [[15, 28]]}, "info": {"source": "exploitdb", "exploit_id": "47971"}}
{"text": "ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure", "spans": {"SYSTEM: ManageEngine ADManager Plus Build < 7183": [[0, 40]], "VULNERABILITY: Password Disclosure": [[52, 71]]}, "info": {"source": "exploitdb", "exploit_id": "51794"}}
{"text": "Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape", "spans": {"SYSTEM: Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177": [[0, 57]], "VULNERABILITY: Sandbox Escape": [[60, 74]]}, "info": {"source": "exploitdb", "exploit_id": "52403"}}
{"text": "Microsoft Exchange 2019 - Server-Side Request Forgery (Proxylogon) (PoC)", "spans": {"SYSTEM: Microsoft Exchange 2019": [[0, 23]], "VULNERABILITY: Server-Side Request Forgery": [[26, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49637"}}
{"text": "Microsoft Exchange 2019 - Unauthenticated Email Download", "spans": {"SYSTEM: Microsoft Exchange 2019": [[0, 23]], "VULNERABILITY: Unauthenticated Email Download": [[26, 56]]}, "info": {"source": "exploitdb", "exploit_id": "49879"}}
{"text": "Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)", "spans": {"SYSTEM: Microsoft Exchange 2019": [[0, 23]], "VULNERABILITY: Unauthenticated Email Download": [[26, 56]], "TOOL: Metasploit": [[58, 68]]}, "info": {"source": "exploitdb", "exploit_id": "49895"}}
{"text": "Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery (SSRF)", "spans": {"SYSTEM: Microsoft SharePoint Server 16.0.10372.20060": [[0, 44]], "VULNERABILITY: Server-Side Request Forgery (SSRF)": [[74, 108]]}, "info": {"source": "exploitdb", "exploit_id": "49982"}}
{"text": "Mini Mouse 9.2.0 - Path Traversal", "spans": {"SYSTEM: Mini Mouse 9.2.0": [[0, 16]], "VULNERABILITY: Path Traversal": [[19, 33]]}, "info": {"source": "exploitdb", "exploit_id": "49744"}}
{"text": "Mini Mouse 9.2.0 - Remote Code Execution", "spans": {"SYSTEM: Mini Mouse 9.2.0": [[0, 16]], "VULNERABILITY: Remote Code Execution": [[19, 40]]}, "info": {"source": "exploitdb", "exploit_id": "49743"}}
{"text": "NoteBurner 2.35 - Denial Of Service (DoS) (PoC)", "spans": {"SYSTEM: NoteBurner 2.35": [[0, 15]], "VULNERABILITY: Denial Of Service": [[18, 35]]}, "info": {"source": "exploitdb", "exploit_id": "50154"}}
{"text": "PRTG Network Monitor 20.4.63.1412 - 'maps' Stored XSS", "spans": {"SYSTEM: PRTG Network Monitor 20.4.63.1412": [[0, 33]], "VULNERABILITY: XSS": [[50, 53]]}, "info": {"source": "exploitdb", "exploit_id": "49156"}}
{"text": "Rejetto HttpFileServer 2.3.x - Remote Command Execution (3)", "spans": {"SYSTEM: Rejetto HttpFileServer 2.3.x": [[0, 28]], "VULNERABILITY: Remote Command Execution": [[31, 55]]}, "info": {"source": "exploitdb", "exploit_id": "49125"}}
{"text": "Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)", "spans": {"SYSTEM: Reprise Software RLM v14.2BL4": [[0, 29]], "VULNERABILITY: Cross-Site Scripting (XSS)": [[32, 58]]}, "info": {"source": "exploitdb", "exploit_id": "51188"}}
{"text": "ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1)", "spans": {"SYSTEM: ScadaBR 1.0": [[0, 11]], "VULNERABILITY: Arbitrary File Upload": [[14, 35]]}, "info": {"source": "exploitdb", "exploit_id": "49734"}}
{"text": "Spiceworks 7.5 - HTTP Header Injection", "spans": {"SYSTEM: Spiceworks 7.5": [[0, 14]], "VULNERABILITY: HTTP Header Injection": [[17, 38]]}, "info": {"source": "exploitdb", "exploit_id": "49299"}}
{"text": "SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)", "spans": {"SYSTEM: SyncBreeze 10.0.28": [[0, 18]], "VULNERABILITY: Denial of Service": [[29, 46]]}, "info": {"source": "exploitdb", "exploit_id": "49291"}}
{"text": "SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow", "spans": {"SYSTEM: SyncBreeze 10.0.28": [[0, 18]], "VULNERABILITY: Remote Buffer Overflow": [[32, 54]]}, "info": {"source": "exploitdb", "exploit_id": "49104"}}
{"text": "SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow", "spans": {"SYSTEM: SyncBreeze 10.1.16": [[0, 18]], "VULNERABILITY: Buffer Overflow": [[45, 60]]}, "info": {"source": "exploitdb", "exploit_id": "49725"}}
{"text": "TripSpark VEO Transportation - Blind SQL Injection", "spans": {"SYSTEM: TripSpark VEO Transportation": [[0, 28]], "VULNERABILITY: SQL Injection": [[37, 50]]}, "info": {"source": "exploitdb", "exploit_id": "50161"}}
{"text": "Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path", "spans": {"SYSTEM: Atomic Alarm Clock x86 6.3": [[0, 26]], "VULNERABILITY: Unquoted Service Path": [[48, 69]]}, "info": {"source": "exploitdb", "exploit_id": "48352"}}
{"text": "Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)", "spans": {"SYSTEM: Free Desktop Clock x86 Venetian Blinds Zipper 3.0": [[0, 49]], "VULNERABILITY: Unicode Stack Overflow": [[52, 74]]}, "info": {"source": "exploitdb", "exploit_id": "48314"}}
{"text": "Firefox 72 IonMonkey - JIT Type Confusion", "spans": {"SYSTEM: Firefox 72 IonMonkey": [[0, 20]], "VULNERABILITY: Type Confusion": [[27, 41]]}, "info": {"source": "exploitdb", "exploit_id": "49864"}}
{"text": "Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free", "spans": {"SYSTEM: Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll'": [[0, 61]], "VULNERABILITY: Use-After-Free": [[64, 78]]}, "info": {"source": "exploitdb", "exploit_id": "49863"}}
{"text": "Microsoft Windows 10 (19H1 1901 x64) - 'ws2ifsl.sys' Use After Free Local Privilege Escalation (kASLR kCFG SMEP)", "spans": {"SYSTEM: Microsoft Windows 10 (19H1 1901 x64)": [[0, 36]], "VULNERABILITY: Local Privilege Escalation": [[68, 94]]}, "info": {"source": "exploitdb", "exploit_id": "47935"}}
{"text": "Microsoft Windows Defender - VBScript Detection Bypass", "spans": {"SYSTEM: Microsoft Windows Defender": [[0, 26]], "VULNERABILITY: VBScript Detection Bypass": [[29, 54]]}, "info": {"source": "exploitdb", "exploit_id": "51802"}}
{"text": "Microsoft Windows Defender Bypass - Detection Mitigation Bypass", "spans": {"SYSTEM: Microsoft Windows Defender Bypass": [[0, 33]], "VULNERABILITY: Detection Mitigation Bypass": [[36, 63]]}, "info": {"source": "exploitdb", "exploit_id": "51801"}}
{"text": "Terratec dmx_6fire USB - Unquoted Service Path", "spans": {"SYSTEM: Terratec dmx_6fire USB": [[0, 22]], "VULNERABILITY: Unquoted Service Path": [[25, 46]]}, "info": {"source": "exploitdb", "exploit_id": "51977"}}
{"text": "Windows PowerShell - Event Log Bypass Single Quote Code Execution", "spans": {"SYSTEM: Windows PowerShell": [[0, 18]], "VULNERABILITY: Event Log Bypass Single Quote Code Execution": [[21, 65]]}, "info": {"source": "exploitdb", "exploit_id": "51843"}}
{"text": "IBM i Access Client Solutions v1.1.2 - 1.1.4_ v1.1.4.3 - 1.1.9.4 - Remote Credential Theft", "spans": {"SYSTEM: IBM i Access Client Solutions v1.1.2": [[0, 36]], "VULNERABILITY: 1.1.4_ v1.1.4.3 - 1.1.9.4 - Remote Credential Theft": [[39, 90]]}, "info": {"source": "exploitdb", "exploit_id": "51817"}}
{"text": "Easy XML Editor 1.7.8 - XML External Entity Injection", "spans": {"SYSTEM: Easy XML Editor 1.7.8": [[0, 21]], "VULNERABILITY: XML External Entity Injection": [[24, 53]]}, "info": {"source": "exploitdb", "exploit_id": "47945"}}
{"text": "MSN Password Recovery 1.30 - XML External Entity Injection", "spans": {"SYSTEM: MSN Password Recovery 1.30": [[0, 26]], "VULNERABILITY: XML External Entity Injection": [[29, 58]]}, "info": {"source": "exploitdb", "exploit_id": "47896"}}
{"text": "Microsoft Windows mshta.exe 2019 - XML External Entity Injection", "spans": {"SYSTEM: Microsoft Windows mshta.exe 2019": [[0, 32]], "VULNERABILITY: XML External Entity Injection": [[35, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48650"}}
{"text": "BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection", "spans": {"SYSTEM: BlogEngine 3.3": [[0, 14]], "VULNERABILITY: XML External Entity Injection": [[35, 64]]}, "info": {"source": "exploitdb", "exploit_id": "48422"}}
{"text": "Citrix XenMobile Server 10.8 - XML External Entity Injection", "spans": {"SYSTEM: Citrix XenMobile Server 10.8": [[0, 28]], "VULNERABILITY: XML External Entity Injection": [[31, 60]]}, "info": {"source": "exploitdb", "exploit_id": "47951"}}
{"text": "ExpertGPS 6.38 - XML External Entity Injection", "spans": {"SYSTEM: ExpertGPS 6.38": [[0, 14]], "VULNERABILITY: XML External Entity Injection": [[17, 46]]}, "info": {"source": "exploitdb", "exploit_id": "48026"}}
{"text": "MAN-EAM-0003 V3.2.4 - XXE", "spans": {"SYSTEM: MAN-EAM-0003 V3.2.4": [[0, 19]], "VULNERABILITY: XXE": [[22, 25]]}, "info": {"source": "exploitdb", "exploit_id": "51037"}}