Suggest Exploit

Explore Vulnerabilities


Explore all Exploits:

Dotclear 2.29 – Remote Code Execution (RCE)

The Dotclear version 2.29 is vulnerable to remote code execution (RCE) due to improper input validation. An attacker can exploit this vulnerability to upload and execute malicious scripts on the server, leading to unauthorized access and control over the system. This vulnerability has been discovered by Ahmet Ümit BAYRAM on 26.04.2024.

Schoolhos CMS Multiple Vulnerabilities

Schoolhos CMS is prone to an arbitrary file-upload vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could exploit these issues to execute arbitrary script code in a user's browser in the context of the affected site or execute arbitrary code on the server.

Schoolhos CMS v2.29 – (kelas) Data Siswa SQL Injection Vulnerability

A remote sql injection web vulnerability has been discovered in the official Schoolhos v2_29 content management system. The web vulnerability allows remote attackers to execute own malicious sql commands to compromise the application or dbms. The sql injection vulnerability is located in the `kelas` parameter of the `index?p=siswakelas` module POST method request.

Recent Exploits: