Exploitdb Exploits
4,759 exploits tracked across all sources.
Check Point Security Gateway - Information Disclosure (Unauthenticated)
by Yesith Alvarez
PopojiCMS 2.0.1 - Authenticated Remote Code Execution via Metadata Settings
PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.
by Ahmet Ümit BAYRAM
CVSS 7.2
Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
by Ahmet Ümit BAYRAM
mod_proxy_cluster - Stored Cross-Site Scripting via Alias Parameter
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.
by Mohamed Mounir Boudjema
CVSS 5.4
SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)
by Ahmet Ümit BAYRAM
djangorestframework-simplejwt <5.3.1 - Info Disclosure
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the for_user method.
by Dhrumil Mistry
CVSS 5.5
Jenkins cli Ampersand Replacement Arbitrary File Read
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
by Matisse Beckandt
CVSS 9.8
Compuware iStrobe Web 20.13 - Unauthenticated Remote Code Execution via JSP File Upload
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute arbitrary commands by sending POST requests to the uploaded JSP endpoint.
by trancap
Stock Management System 1.0 - SQL Injection via manage_bo.php id Parameter
SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file.
by blu3ming
CVSS 9.8
Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - _sort_ parameter
by Julio Ángel Ferrari
WordPress Theme Travelscape 1.0.3 Arbitrary File Upload
WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.
by Milad karimi
CVSS 9.8
Open Source Medicine Ordering System v1.0 - SQLi
by Onur Karasalihoğlu
Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass
by LiquidWorm
CE Phoenix 1.0.8.20 - Remote Code Execution via define_language.php
A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.
by tmrswrr
CVSS 7.2
Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)
by Gian Paris C. Agsam
GL-iNet Firmware - Unauthenticated Sensitive Information Exposure via File Download Commands
An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203.
by Bandar Alharbi
CVSS 7.5
Mikrotik RouterOS 6.40.5-6.49.10 - DoS
Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445.
by ice-wzl
CVSS 7.5
Siklu MultiHaul TG series < 2.0.0 - Unauthenticated Credential Disclosure via Port 12777
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling direct SSH access to the device.
by semaja2
Asterisk AMI - Partial File Content & Path Disclosure (Authenticated)
by Sean Pesce
Craft CMS 4.4.14 - Unauthenticated Remote Code Execution
by Olivier Lasne
SMU <14.8.7825.01 - Info Disclosure
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
by Arslan Masood
CVSS 7.6
By Source