Exploitdb Exploits
4,759 exploits tracked across all sources.
A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc
by George Washington
TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution
by LiquidWorm
GL.iNET GL-AR300M <4.3.7 - Command Injection
In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality.
by cyberaz0r
CVSS 9.8
GL.iNET GL-AR300M <4.3.7 - Path Traversal
In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.
by cyberaz0r
CVSS 7.5
GL.iNET GL-AR300M <3.216 - Command Injection
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.
by cyberaz0r
CVSS 9.8
Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)
by Leopoldo Angulo (leoanggal1)
comments-like-dislike < 1.2.0 - Authenticated (Subscriber+) Plugin Setting Reset
by Diaa Hanna
WonderCMS 4.3.2 - Stored Cross-Site Scripting via Module Installation Endpoint
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an authenticated administrator into accessing a malicious link.
by Anas Zakir
CVSS 8.8
Lost and Found Information System 1.0 - Privilege Escalation
Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI.
by Or4nG.M4N
CVSS 9.8
ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure
by Metin Yunus Kandemir
WP Travel Kit Travelscape - WordPress Seotheme Remote Code Execution Unauthenticated
WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands and upload additional files for persistent access.
by Milad karimi
CVSS 9.8
WordPress Augmented-Reality Plugin Remote Code Execution Unauthenticated
WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to create malicious PHP files in the file_manager directory and execute them on the server.
by Milad karimi
CVSS 7.5
Milesight Routers UR5X_ UR32L_ UR32_ UR35_ UR41 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption
by Bipin Jitiya
PCMan FTP Server 2.0 - Stack-based Buffer Overflow via PWD Command
PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access.
by Waqas Ahmed Faroouqi
CVSS 9.8
Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)
by whiteOwl
Electrolink FM/DAB/TV Transmitter - Remote Authentication Removal
by LiquidWorm
Tinycontrol LAN Controller v3 LK3 <1.58a - Info Disclosure
Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that allows remote attackers to download configuration backup files containing sensitive credentials. Attackers can retrieve the lk3_settings.bin file and extract base64-encoded user and admin passwords without authentication.
by LiquidWorm
By Source