Exploitdb Exploits
4,724 exploits tracked across all sources.
Hasura Graphql Engine - SSRF
Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the add_remote_schema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL definitions to potentially access internal network resources.
by Dolev Farhi
CVSS 5.3
Hasura Graphql Engine - SQL Injection
Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pg_read_file() PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server.
by Dolev Farhi
CVSS 5.5
Hasura Graphql Engine - Resource Allocation Without Limits
Hasura GraphQL 1.3.3 contains a denial of service vulnerability that allows attackers to overwhelm the service by crafting malicious GraphQL queries with excessive nested fields. Attackers can send repeated requests with extremely long query strings and multiple threads to consume server resources and potentially crash the GraphQL endpoint.
by Dolev Farhi
CVSS 7.5
Remote Clinic v2.0 - XSS
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php.
by nu11secur1ty
CVSS 5.4
GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF
GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery (CSRF) vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not directly enable remote code execution.
by boku
CVSS 6.5
GetSimple CMS My SMTP Contact Plugin <1.1.2 - Code Injection
GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server.
by boku
CVSS 7.2
Glftpd - Resource Allocation Without Limits
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service via exceeding the connection limit.
by xynmaps
CVSS 7.5
htmly 2.8.0 - XSS
htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php.
by nu11secur1ty
CVSS 5.4
Horde Groupware < 5.2.22 - XSS
An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.
by nu11secur1ty
CVSS 6.1
Vsftpd - OS Command Injection
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
by HerculesRD
CVSS 9.8
PrestaShop <1.7.6.8 - Blind SQL Injection
PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8
by Vanshal Gaur
CVSS 9.8
Dell Emc Openmanage Server Administrator < 9.4 - Path Traversal
Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station.
by Rhino Security Labs
CVSS 9.1
Yodinfo Mini Mouse - OS Command Injection
Mini Mouse 9.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary commands through an unauthenticated HTTP endpoint. Attackers can leverage the /op=command endpoint to download and execute payloads by sending crafted JSON requests with malicious script commands.
by gosh
CVSS 9.8
F5 iControl REST Unauthenticated SSRF Token Generation RCE
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
by Al1ex
CVSS 9.8
ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1)
by Fellipe Oliveira
ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2)
by Fellipe Oliveira
DD-WRT <45723 - Buffer Overflow
DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target device.
by Enesdex
CVSS 9.8
GetSimple CMS <3.3.16 - XSS
A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.
by boku
CVSS 6.1
VSFTPD 3.0.3 - DoS
VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.
by xynmaps
CVSS 7.5
Flexense Syncbreeze - Memory Corruption
Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.
by Filipe Oliveira
CVSS 7.8
Dolibarr < 11.0.5 - Unrestricted File Upload
Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar files can be uploaded. Also, a .htaccess file can be uploaded to reconfigure access control (e.g., to let .noexe files be executed as PHP code to defeat the .noexe protection mechanism).
by Andrea Gonzalez
CVSS 8.8
Codiad <2.8.4 - RCE
Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.
by WangYihang
CVSS 9.8
ProFTPD 1.3.7a - DoS
ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access.
by xynmaps
CVSS 7.5
Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated)
by Christian Vierschilling
By Source