Exploitdb Exploits
4,759 exploits tracked across all sources.
ZesleCP < 3.1.9 - Authenticated Remote Code Execution via FTP Account Creation
ZesleCP 3.1.9 contains an authenticated remote code execution vulnerability that allows attackers to create malicious FTP accounts with shell injection payloads. Attackers can exploit the FTP account creation endpoint by injecting a reverse shell command that establishes a network connection to a specified listening host.
by numan türle
CVSS 8.8
Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated)
by Musyoka Ian
Strapi < 3.0.0-beta.17.8 - Remote Code Execution via Plugin Install/Uninstall
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.
by David Utón
CVSS 7.2
Strapi CMS Unauthenticated Password Reset
strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.
by David Anglada
CVSS 9.8
Usermin 1.820 - Remote Code Execution (RCE) (Authenticated)
by numan türle
MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)
by ninpwn
CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack
CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to /filemanager/controller to create symbolic links, read sensitive files like database credentials, and execute arbitrary shell commands through the /websites/fetchFolderDetails endpoint.
by numan türle
CVSS 8.8
WordPress Plugin Mail Masta 1.0 - Local File Inclusion (2)
by Matheus Alexandre
Online Leave Management System 1.0 - Arbitrary File Upload to Shell (Unauthenticated)
by Justin White
HP OfficeJet 7110 Firmware >=2117a - Cross-Site Scripting
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS).
by Tyler Butler
CVSS 4.8
RaspAP 2.6.6 - Remote Code Execution (RCE) (Authenticated)
by Moritz Gruber
Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Halit AKAYDIN
Simple Image Gallery Web App 1.0 - Remote Code Execution via Username Parameter
Simple Image Gallery v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the username parameter.
by Tagoletta
CVSS 9.8
CrossFire 1.9.0 - Buffer Overflow via Long Setup Sound Command
Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010.
by Khaled Salem
Simple Water Refilling Station Management System 1.0 - RCE
Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.
by Matt Sorrell
CVSS 8.8
Simple Water Refilling Station Management System 1.0 - SQL Injection
SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.
by Matt Sorrell
CVSS 9.8
easy-mock <1.6.0 - Command Injection
easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js code.
by LionTree
CVSS 8.8
IPCop <= 2.1.9 - Authenticated Remote Code Execution via Email Configuration
IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. The email configuration component inserts user-controlled values, including the EMAIL_PW parameter, directly into system-level operations without proper input sanitation. By modifying the email password field to include shell metacharacters and issuing a save-and-test-mail action, an authenticated attacker can execute arbitrary operating system commands with the privileges of the web interface, resulting in full system compromise.
by Mücahit Saratar
Agentejo Cockpit < 0.11.2 - NoSQL Injection via Auth Controller New Password Function
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function.
by Brian Ombongi
CVSS 9.8
GFI Archiver <= 15.1 - Unauthenticated Arbitrary File Upload via Telerik Web UI Plugin
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.
by Amin Bohio
CVSS 9.8
qdPM < 9.1 - Authenticated Remote Code Execution via Profile Photo Path Traversal
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
by Leon Trappett
CVSS 8.8
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
by Merbin Russel
CloverDX < 5.7.1 - Cross-Site Request Forgery in Server Console
A Cross Site Request Forgery (CSRF) issue in Server Console in CloverDX through 5.9.0 allows remote attackers to execute any action as the logged-in user (including script execution). The issue is resolved in CloverDX 5.10, CloverDX 5.9.1, CloverDX 5.8.2, and CloverDX 5.7.1.
by niebardzo
CVSS 8.8
Event Registration System with QR Code 1.0 - Authentication Bypass
by Javier Olmedo
By Source