Exploitdb Exploits

4,759 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-46770 EXPLOITDB HIGH python
Mirage Firewall 0.8.0-0.8.3 - Denial of Service via Crafted Multicast UDP Packet
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).
by Krzysztof Burghardt
CVSS 7.5
CVE-2020-36911 EXPLOITDB CRITICAL python
Covenant 0.1.3-0.5 - Remote Code Execution via JWT Token Forgery
Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system.
by xThaz
CVSS 9.8
CVE-2022-24632 EXPLOITDB MEDIUM python
AudioCodes Device Manager Express <7.8.20002.47752 - Path Traversal
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter.
by Eric Flokstra
CVSS 5.3
EIP-2026-101071 EXPLOITDB python
Router ZTE-H108NS - Stack Buffer Overflow (DoS)
by George Tsimpidas
CVE-2023-54330 EXPLOITDB CRITICAL python
Inbit Messenger 4.6.0-4.9.0 - Unauthenticated Remote Code Execution via SEH Overflow
Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to overwrite the Structured Exception Handler (SEH) and execute shellcode on vulnerable Windows systems.
by a-rey
CVSS 9.8
CVE-2023-54329 EXPLOITDB CRITICAL python
inbit_messenger 4.6.0-4.9.0 - Unauthenticated Remote Code Execution via Malicious XML Packet
Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload to trigger the vulnerability and execute commands with system privileges.
by a-rey
CVSS 9.8
CVE-2022-1565 EXPLOITDB HIGH python VERIFIED
WP All Import < 3.6.8 - Authenticated Arbitrary File Upload via wp_all_import_get_gz.php
The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible.
by AkuCyberSec
CVSS 7.2
EIP-2026-111761 EXPLOITDB python
Revenue Collection System v1.0 - Remote Code Execution (RCE)
by Joe Pollock
CVE-2022-32272 EXPLOITDB CRITICAL python
OPSWAT MetaDefender Core < 5.1.2 - Privilege Escalation via Incorrect Access Control
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
by Ulascan Yildirim
CVSS 9.8
CVE-2023-53772 EXPLOITDB HIGH python
MiniDVBLinux 5.4 - Arbitrary File Read via About Page File Parameter
MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device.
by LiquidWorm
CVSS 7.5
CVE-2025-25038 EXPLOITDB CRITICAL python
MiniDVBLinux <5.4 - Command Injection
An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system’s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device. Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC.
by LiquidWorm
CVSS 9.8
EIP-2026-119274 EXPLOITDB python
WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)
by Payal
EIP-2026-116864 EXPLOITDB python
AVS Audio Converter 10.3 - Stack Overflow (SEH)
by Yehia Elghaly
CVE-2022-39291 EXPLOITDB MEDIUM python VERIFIED
ZoneMinder < 1.36.27 - Log Injection via /zm/index.php Endpoint
ZoneMinder is a free, open source Closed-circuit television software application. Affected versions of zoneminder are subject to a vulnerability which allows users with "View" system permissions to inject new data into the logs stored by Zoneminder. This was observed through an HTTP POST request containing log information to the "/zm/index.php" endpoint. Submission is not rate controlled and could affect database performance and/or consume all storage resources. Users are advised to upgrade. There are no known workarounds for this issue.
by Trenches of IT
CVSS 5.4
CVE-2022-31814 EXPLOITDB CRITICAL python
pfBlockerNG < 2.1.4_26 - Remote Code Execution via HTTP Host Header
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
by IHTeam
CVSS 9.8
CVE-2022-24637 EXPLOITDB CRITICAL python
Open Web Analytics <1.7.4 - Info Disclosure
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter.
by Jacob Ebben
CVSS 9.8
CVE-2022-37661 EXPLOITDB CRITICAL python
SmartRG SR506n 2.5.15 and SR510n 2.6.13 - Remote Code Execution via Ping Host Feature
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.
by Yerodin Richards
CVSS 9.8
CVE-2022-32429 EXPLOITDB CRITICAL python
Mega System Technologies MSNSwitch MNT.2408 - Unauthenticated Remote Code Execution via ExportSettings.sh
An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.
by Eli Fulkerson
CVSS 9.8
CVE-2021-4045 EXPLOITDB CRITICAL python
TP-Link Tapo C200 Firmware < 1.1.15 - Unauthenticated Remote Code Execution
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
by hacefresko
CVSS 9.8
CVE-2023-31902 EXPLOITDB CRITICAL python
RPA Technology Mobile Mouse 3.6.0.4 - RCE
RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE).
by Chokri Hammedi
CVSS 9.8
CVE-2022-36267 EXPLOITDB CRITICAL python
Airspan AirSpot 5410 <0.3.4.1-4 - Command Injection
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device.
by Samy Younsi
CVSS 9.8
CVE-2022-31101 EXPLOITDB HIGH python
PrestaShop blockwishlist < 2.1.1 - Authenticated SQL Injection
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
by Karthik UJ
CVSS 8.1
CVE-2020-2038 EXPLOITDB HIGH python
Palo Alto Networks Authenticated Remote Code Execution
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.
by UnD3sc0n0c1d0
CVSS 7.2
CVE-2022-50898 EXPLOITDB HIGH python
NanoCMS 0.4 - Remote Code Execution
NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper input sanitization.
by p1ckzi
CVSS 8.8
CVE-2022-50897 EXPLOITDB MEDIUM python
mPDF 7.0 - Local File Inclusion via Annotation File Parameters
mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications.
by Musyoka Ian
CVSS 5.5
By Source
All 4,759 Writeup 62,260 Exploitdb 50,076 Nomisec 22,408 Github 3,623 Metasploit 3,312 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,570 ruby 6,003 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25