Exploitdb Exploits

4,724 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110632 EXPLOITDB python
PHP 7.3.15-3 - 'PHP_SESSION_UPLOAD_PROGRESS' Session Data Injection
by S1lv3r
CVE-2021-47798 EXPLOITDB CRITICAL python
NoteBurner 2.35 - Buffer Overflow
NoteBurner 2.35 contains a buffer overflow vulnerability in the license code input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the 'Name' and 'Code' fields to trigger an application crash.
by stresser
CVSS 9.8
CVE-2021-47797 EXPLOITDB HIGH python
Leawo Prof. Media 11.0.0.1 - DoS
Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into the registration interface.
by stresser
CVSS 7.5
CVE-2021-22146 EXPLOITDB HIGH python
Elastic Cloud Enterprise - Info Disclosure
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster.
by Joan Martinez
CVSS 7.5
CVE-2021-22145 EXPLOITDB MEDIUM python
Elasticsearch < 7.13.3 - Information Disclosure
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.
by r0ny
CVSS 6.5
CVE-2020-1147 EXPLOITDB HIGH python
Microsoft .net Core < 15.9 - Remote Code Execution
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
by Podalirius
CVSS 7.8
CVE-2021-31761 EXPLOITDB CRITICAL python
Webmin - XSS
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
by Mesh3l_911
CVSS 9.6
CVE-2022-25012 EXPLOITDB MEDIUM python VERIFIED
Argussurveillance Dvr - Weak Encryption
Argus Surveillance DVR v4.0 employs weak password encryption.
by Salman Asad
CVSS 5.5
CVE-2021-35464 EXPLOITDB CRITICAL python
ForgeRock AM <7.0 - Code Injection
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier
by Photubias
CVSS 9.8
EIP-2026-101972 EXPLOITDB python
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
by Metin Yunus Kandemir
CVE-2021-25155 EXPLOITDB MEDIUM python
Aruba Instant <6.4.4.8-4.2.4.17 <6.5.4.18 <8.3.0.14 <8.5.0.11 - Remote Arbitrary File Modification
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
by Gr33nh4t
CVSS 6.5
CVE-2021-42362 EXPLOITDB HIGH python
Wordpress Popular Posts < 5.3.2 - Unrestricted File Upload
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
by Simone Cristofaro
CVSS 8.8
EIP-2026-110380 EXPLOITDB python
osCommerce 2.3.4.1 - Remote Code Execution (2)
by Bryan Leong
CVE-2021-25162 EXPLOITDB HIGH python
Arubanetworks Instant < 6.4.4.8-4.2.4.18 - OS Command Injection
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
by Aleph Security
CVSS 8.1
CVE-2021-31762 EXPLOITDB HIGH python
Webmin - CSRF
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
by Mesh3l_911
CVSS 8.8
EIP-2026-107347 EXPLOITDB python
Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload
by Luca Bernardi
EIP-2026-105846 EXPLOITDB python
Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE
by Eleonora Guardini
CVE-2021-36622 EXPLOITDB CRITICAL python
Online Covid Vaccination Scheduler System - Unrestricted File Upload
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the Content-Type: image/png. Then, the attacker have to visit the uploaded profile photo to access the shell.
by faisalfs10x
CVSS 9.8
EIP-2026-114078 EXPLOITDB python
Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)
by Ron Jost
EIP-2026-106952 EXPLOITDB python
Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthenticated)
by Davide \'yth1n\' Bianchin
CVE-2018-15877 EXPLOITDB HIGH python
Plainview Activity Monitor < 20180826 - OS Command Injection
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request.
by Beren Kuday GÖRÜN
CVSS 8.8
CVE-2021-22911 EXPLOITDB CRITICAL python VERIFIED
Rocket.Chat <3.14 - SQL Injection
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
by enox
CVSS 9.8
CVE-2019-14322 EXPLOITDB HIGH python
Pallets Werkzeug <0.15.5 - Path Traversal
In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
by faisalfs10x
CVSS 7.5
EIP-2026-113566 EXPLOITDB python
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal
by TheSmuggler
EIP-2026-105481 EXPLOITDB python
Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Talha DEMİRSOY
By Source
All 4,724 Exploitdb 50,121 Writeup 46,628 Nomisec 21,129 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,729 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24