Exploitdb Exploits
4,759 exploits tracked across all sources.
NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC)
by LinxzSec
Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection via Login Portal
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials.
by Chase Comardelle
CVSS 9.8
Duplicator < 1.3.28 and < 3.8.7.1 - Directory Traversal via File Parameter
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
by nam3lum
CVSS 7.5
Cypress Solutions CTM-200/CTM-ONE <1.3.6 - Code Injection
Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices.
by LiquidWorm
CVSS 7.5
Keycloak < 13.0.0 - Server-Side Request Forgery via OIDC request_uri Parameter
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.
by Mayank Deshmukh
CVSS 5.3
Maian Cart 3.8 - Unauthenticated Remote Code Execution via Elfinder Plugin
Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.
by DreyAnd
CVSS 9.8
Wordpress BulletProof Security Backup Disclosure
The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.
by Ron Jost
CVSS 5.3
WordPress MStore API 2.0.6 Arbitrary File Upload
WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the config_file endpoint to achieve remote code execution on the server.
by spacehen
CVSS 9.8
WordPress TheCartPress 1.5.3.6 Privilege Escalation Unauthenticated
WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler. Attackers can send POST requests to the tcp_register_and_login_ajax action with tcp_role set to administrator to gain full administrative access without authentication.
by spacehen
CVSS 9.8
OpenGamePanel OGP-Agent-Linux < 2021-08-14 - Authenticated OS Command Injection via Counter-Strike Map Field
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command.
by prey
CVSS 8.8
OpenGamePanel OGP-Agent-Linux < 2021-08-14 - Cleartext Storage of Sensitive Information in Config.pm
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext.
by prey
CVSS 8.8
CMSimple_XH 1.7.4 - Authenticated Remote Code Execution via Content Editing
CMSimple_XH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitrary command execution on the server.
by Halit AKAYDIN
CVSS 7.2
Vehicle Service Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Ghuliev
CMSimple 5.4 - Authenticated Remote Code Execution via Template Editing
CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by crafting a reverse shell payload and saving it through the template editing endpoint with a valid CSRF token.
by pussycat0x
CVSS 8.8
Storage Unit Rental Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Ghuliev
Apache James Server 2.3.2 - Remote Command Execution (RCE) (Authenticated) (2)
by shinris3n
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - Remote Privilege Escalation
by LiquidWorm
Ether MP3 CD Burner 1.3.8 - Remote Code Execution via Registration Name Field Buffer Overflow
Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation.
by stresser
CVSS 9.8
Cyberfox Web Browser 52.9.1 - Denial of Service via Search Bar Overflow
Cyberfox Web Browser 52.9.1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the search bar with excessive data. Attackers can generate a 9,000,000 byte payload and paste it into the search bar to trigger an application crash.
by Aryan Chehreghani
CVSS 7.5
Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers
by Michael Alamoot
Redragon Gaming Mouse - Denial of Service via Malformed IOCTL Request
Redragon Gaming Mouse driver contains a kernel-level vulnerability that allows attackers to trigger a denial of service by sending malformed IOCTL requests. Attackers can send a crafted 2000-byte buffer with specific byte patterns to the REDRAGON_MOUSE device to crash the kernel driver.
by Quadron Research Lab
CVSS 7.5
Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload
by spacehen
e107 CMS 2.3.0 Authenticated Remote Code Execution via Theme Upload
e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files. Attackers can upload a crafted theme package through the theme.php endpoint that deploys a web shell to the e107_themes directory, then execute system commands via the payload.php script.
by Halit AKAYDIN
CVSS 8.8
Sentry 8.2.0 Remote Code Execution via Pickle Deserialization
Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute arbitrary commands by injecting malicious pickle-serialized objects through the audit log entry data parameter. Attackers can submit crafted POST requests to the admin audit log endpoint with base64-encoded compressed pickle payloads in the data field to achieve code execution with application privileges.
by Mohin Paramasivam
CVSS 8.8
By Source