Python Exploits
6,612 exploits tracked across all sources.
Simple Board Job < 2.9.3 - Authenticated Path Traversal via sjb_file Parameter
Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.
by Ven3xy
CVSS 7.7
WBCE CMS 1.5.2 - Authenticated Remote Code Execution via Droplet Upload
WBCE CMS version 1.5.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious droplets through the admin panel. Authenticated attackers can exploit the droplet upload functionality in the admin tools to create and execute arbitrary PHP code by crafting a specially designed zip file payload.
by Antonio Cuomo
CVSS 8.8
Fetch Softworks Fetch FTP Client 5.8.2 - Denial of Service via Long FTP Server Response
Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application.
by LiquidWorm
CVSS 7.5
WordPress Download Monitor <4.4.5 - SQL Injection
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue
by Ron Jost
CVSS 7.2
404_to_301 < 2.0.3 - SQL Injection
The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.
by Ron Jost
CVSS 9.8
PHPUnit < 4.8.28 and 5.x < 5.6.3 - Remote Code Execution via HTTP POST Data
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
by souzo
CVSS 9.8
Wordpress RegistrationMagic task_ids Authenticated SQLi
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue
by Ron Jost
CVSS 7.2
WordPress Modern Events Calendar SQLi Scanner
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue
by Ron Jost
CVSS 9.8
phpipam 1.4.4 - Authenticated SQL Injection via Subnet Parameter
PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php
by Rodolfo Tavares
CVSS 7.2
VUPlayer < 2.49 - Buffer Overflow via Long URL in .pls File
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
by Bryan Leong
CVSS 8.8
Online Admission System 1.0 - Code Injection
The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution.
by Jeremiasz Pluta
CVSS 9.8
Vodafone H500s <3.5.10 - Info Disclosure
Vodafone H500s devices running firmware v3.5.10 (hardware model Sercomm VFH500) expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document that contains the wifi_password field. This allows an unauthenticated attacker to obtain the WiFi credentials and gain unauthorized access to the wireless network, compromising confidentiality of network traffic and attached systems.
by Daniel Monzón
AWebServer GhostBuilding 18 - Denial of Service via High-Volume HTTP Requests
AWebServer GhostBuilding 18 contains a denial of service vulnerability that allows remote attackers to overwhelm the server by sending multiple concurrent HTTP requests. Attackers can generate high-volume requests to multiple endpoints including /mysqladmin to potentially crash or render the service unresponsive.
by Andres Ramos
CVSS 7.5
Gerapy < 0.9.8 - Remote Code Execution
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.
by Jeremiasz Pluta
CVSS 9.8
WP Visitor Statistics <4.8 - SQL Injection
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks
by Ron Jost
CVSS 8.8
True Ranker <= 2.2.2 - Unauthenticated Arbitrary File Read via src Parameter
The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file.
by Liad Levy
CVSS 7.5
Terramaster TOS 4.2.15 - Remote Code Execution (RCE) (Unauthenticated)
by n0tme
Movie Rating System 1.0 - SQLi to RCE (Unauthenticated)
by Tagoletta
Movie Rating System 1.0 - Broken Access Control (Admin Account Creation) (Unauthenticated)
by Tagoletta
ConnectWise Control <19.3.25270.7185 - Info Disclosure
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with certainty if an account exists for a given username.
by Luca Cuzzolin
CVSS 5.3
Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow (DoS)
by Yehia Elghaly
phpKF CMS 3.00 Beta y6 - Unauthenticated Arbitrary File Upload via File Extension Bypass
phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks. Attackers can upload a PHP file disguised as a PNG, rename it, and execute system commands through a crafted web shell parameter.
by Halit AKAYDIN
CVSS 9.8
WBCE CMS < 1.5.2 - SQL Injection
wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
by citril
CVSS 9.8
Laravel Valet <2.0.3 - Privilege Escalation
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication.
by leonjza
CVSS 8.4
By Source