Exploitdb Exploits

4,726 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-0824 EXPLOITDB HIGH python
Webmin < 1.990 - Incorrect Authorization
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
by faisalfs10x
CVSS 8.8
CVE-2021-44088 EXPLOITDB CRITICAL python
Attendance And Payroll System - SQL Injection
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.
by pr0z
CVSS 9.8
CVE-2021-44087 EXPLOITDB CRITICAL python
Attendance And Payroll System - Remote Code Execution
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.
by pr0z
CVSS 9.8
EIP-2026-104274 EXPLOITDB python
Hasura GraphQL 2.2.0 - Information Disclosure
by Dolev Farhi
CVE-2022-22947 EXPLOITDB CRITICAL python
Spring Cloud Gateway Remote Code Execution
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
by Carlos E. Vieira
CVSS 10.0
CVE-2021-44664 EXPLOITDB HIGH python
Xerte < 3.9 - Path Traversal
An Authenticated Remote Code Exection (RCE) vulnerability exists in Xerte through 3.9 in website_code/php/import/fileupload.php by uploading a maliciously crafted PHP file though the project interface disguised as a language file to bypasses the upload filters. Attackers can manipulate the files destination by abusing path traversal in the 'mediapath' variable.
by Rik Lutz
CVSS 8.8
CVE-2021-44665 EXPLOITDB MEDIUM python
Xerte < 3.10.3 - Path Traversal
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php.
by Rik Lutz
CVSS 6.5
CVE-2022-50689 EXPLOITDB MEDIUM python
Cobian Reflector 0.9.93 RC1 - DoS
Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration.
by Luis Martínez
CVSS 6.2
CVE-2022-50687 EXPLOITDB MEDIUM python
Cobian Backup 11 Gravity 11.2.0.582 - DoS
Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash.
by Luis Martínez
CVSS 5.5
EIP-2026-113290 EXPLOITDB python
WebHMI 4.1.1 - Remote Code Execution (RCE) (Authenticated)
by Antonio Cuomo
CVE-2022-25359 EXPLOITDB CRITICAL python
Iclinks Scadaflex II Firmware - Missing Authentication
On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.
by LiquidWorm
CVSS 9.1
CVE-2021-25076 EXPLOITDB HIGH python
WP User Frontend <3.5.26 - SQL Injection
The WP User Frontend WordPress plugin before 3.5.26 does not validate and escape the status parameter before using it in a SQL statement in the Subscribers dashboard, leading to an SQL injection. Due to the lack of sanitisation and escaping, this could also lead to Reflected Cross-Site Scripting
by Ron Jost
CVSS 8.8
CVE-2021-24762 EXPLOITDB CRITICAL python
The Perfect Survey WP <1.5.2 - SQL Injection
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.
by Ron Jost
CVSS 9.8
EIP-2026-113703 EXPLOITDB python
WordPress Plugin dzs-zoomsounds 6.60 - Remote Code Execution (RCE) (Unauthenticated)
by Overthinker1877
CVE-2022-22909 EXPLOITDB HIGH python
Digitaldruid Hoteldruid - Code Injection
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.
by 0z09e
CVSS 8.8
CVE-2021-45901 EXPLOITDB MEDIUM python
ServiceNow Orlando - Info Disclosure
The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists.
by Victor Hanna
CVSS 5.3
CVE-2021-24931 EXPLOITDB CRITICAL python
Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection.
by Ron Jost
CVSS 9.8
EIP-2026-119283 EXPLOITDB python
Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)
by notcos
CVE-2020-35749 EXPLOITDB HIGH python
Presstigers Simple Board Job < 2.9.3 - Path Traversal
Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.
by Ven3xy
CVSS 7.7
CVE-2022-50936 EXPLOITDB HIGH python
WBCE CMS 1.5.2 - Authenticated RCE
WBCE CMS version 1.5.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious droplets through the admin panel. Authenticated attackers can exploit the droplet upload functionality in the admin tools to create and execute arbitrary PHP code by crafting a specially designed zip file payload.
by Antonio Cuomo
CVSS 8.8
CVE-2022-50799 EXPLOITDB HIGH python
Fetch FTP Client <5.8.2 - DoS
Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the application.
by LiquidWorm
CVSS 7.5
CVE-2021-24786 EXPLOITDB HIGH python
WordPress Download Monitor <4.4.5 - SQL Injection
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue
by Ron Jost
CVSS 7.2
CVE-2015-9323 EXPLOITDB CRITICAL python
Duckdev 404 TO 301 < 2.0.3 - SQL Injection
The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.
by Ron Jost
CVSS 9.8
CVE-2017-9841 EXPLOITDB CRITICAL python
PHPUnit <4.8.28, <5.6.3 - RCE
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
by souzo
CVSS 9.8
CVE-2021-24862 EXPLOITDB HIGH python
Wordpress RegistrationMagic task_ids Authenticated SQLi
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue
by Ron Jost
CVSS 7.2
By Source
All 4,726 Exploitdb 50,123 Writeup 46,621 Nomisec 21,121 Metasploit 3,189 Github 2,231 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 259 c++ 245 shell 68 go 41 postscript 25 xml 24