Exploitdb Exploits
1,269 exploits tracked across all sources.
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
by GeekHack
phpList 3.5.0 - Auth Bypass
phpList 3.5.0 allows type juggling for admin login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
by Suvadip Kar
CVSS 9.8
PHP 7.0 < 7.4 (Unix) - 'debug_backtrace' disable_functions Bypass
by mm0r1
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
by Jinny Ramsmark
CVSS 9.8
XML-RPC - Code Injection
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0.
by crlf
CVSS 9.8
Vbulletin < 5.5.4 - Code Injection
vBulletin through 5.5.4 mishandles custom avatars.
by EgiX
CVSS 9.8
Nagios XI 5.6.5 - Remote Code Execution / Root Privilege Escalation
by Jak Gibb
Apache HTTP Server < 2.4.38 - Use After Free
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
by cfreal
CVSS 7.8
Thinkst Canarytokens <4e89ee0 - Info Disclosure
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.
by Benjamin Zink Loft_ Gionathan Reale
CVSS 7.5
Moodle 3.x - RCE
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.
by Darryn Ten
CVSS 8.8
GD Graphics Library <2.2.5 - Buffer Overflow
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
by cfreal
CVSS 8.8
Globee Woocommerce < 1.1.2 - Improper Input Validation
The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.
by GeekHack
CVSS 7.5
PrestaShop <1.6.1.23, <1.7.4.4 - Path Traversal
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.
by Fariskhi Vidyan
CVSS 7.5
Prestashop < 1.6.1.23 - Unrestricted File Upload
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.
by Fariskhi Vidyan
CVSS 9.8
PHP 5.2.3 imap (Debian Based) - 'imap_open' disable_functions Bypass
by Anton Lopanitsyn
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure
by numan türle
Academic Timetable Final Build 7.0 - Information Disclosure
by Ihsan Sencan
Hazzardweb Easylogin Pro < 1.3.0 - Insecure Deserialization
An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key.
by mr_me
CVSS 8.1
Harmis Ek Rishta <2.10 - SQL Injection
router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI.
by Guilherme Assmann
CVSS 8.8
By Source