Exploitdb Exploits
4,726 exploits tracked across all sources.
Popojicms - Code Injection
PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.
by Ahmet Ümit BAYRAM
CVSS 7.2
Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
by Ahmet Ümit BAYRAM
Modcluster Mod Proxy Cluster - XSS
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.
by Mohamed Mounir Boudjema
CVSS 5.4
SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)
by Ahmet Ümit BAYRAM
djangorestframework-simplejwt <5.3.1 - Info Disclosure
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the for_user method.
by Dhrumil Mistry
CVSS 5.5
Jenkins cli Ampersand Replacement Arbitrary File Read
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
by Matisse Beckandt
CVSS 9.8
Compuware iStrobe Web 20.13 - RCE
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute arbitrary commands by sending POST requests to the uploaded JSP endpoint.
by trancap
Stock Management System 1.0 - RCE
SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file.
by blu3ming
CVSS 9.8
Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - _sort_ parameter
by Julio Ángel Ferrari
Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload
by Milad karimi
Open Source Medicine Ordering System v1.0 - SQLi
by Onur Karasalihoğlu
Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass
by LiquidWorm
CE Phoenix <1.0.8.20 - RCE
A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.
by tmrswrr
CVSS 7.2
Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)
by Gian Paris C. Agsam
GL-iNet devices - Info Disclosure
An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203.
by Bandar Alharbi
CVSS 7.5
Siklu MultiHaul TG <2.0.0 - RCE
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling direct SSH access to the device.
by semaja2
Asterisk AMI - Partial File Content & Path Disclosure (Authenticated)
by Sean Pesce
RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service
by ice-wzl
Craft CMS 4.4.14 - Unauthenticated Remote Code Execution
by Olivier Lasne
SMU <14.8.7825.01 - Info Disclosure
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
by Arslan Masood
CVSS 7.6
Gibbon <26.0.00 - Code Injection
Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
by Ali Maharramli_Fikrat Guliev_Islam Rzayev
CVSS 8.8
By Source