Exploitdb Exploits
4,724 exploits tracked across all sources.
Atlassian Confluence Widget Connector Macro Velocity Template Injection
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
by 46o60
CVSS 9.8
Oracle WebLogic Server <14.1.1.0.0 - RCE
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
by Photubias
CVSS 7.2
Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution)
by Richard Jones
E-Learning System 1.0 - SQL Injection
E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell.
by Himanshu Shukla
CVSS 9.8
Nagios XI < 5.8.0 - OS Command Injection
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
by Haboob Team
CVSS 7.2
Ignition <2.5.2 - RCE
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
by SunCSR Team
CVSS 9.8
Gila CMS <2.0.0 - RCE
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell_exec() to run system commands by sending crafted requests to the admin endpoint.
by Enesdex
CVSS 9.8
PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval
by rootabeta
Gitea < 1.7.6 - Remote Code Execution
models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 mishandles mirror repo URL settings, leading to remote code execution.
by 1F98D
CVSS 8.8
Nexus Repository Manager Java EL Injection RCE
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
by 1F98D
CVSS 8.8
Cassandra Web 0.5.0 - Path Traversal
Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. Attackers can exploit the disabled Rack::Protection module to read sensitive system files like /etc/passwd and retrieve Apache Cassandra database credentials.
by Jeremy Brown
CVSS 7.5
Responsive FileManager 9.13.4 - 'path' Path Traversal
by Sun* Cyber Security Research Team
Online Learning Management System 1.0 - RCE (Authenticated)
by Bedri Sertkaya
Klogserver Klog Server - OS Command Injection
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
by B3KC4T
CVSS 9.8
HPE Edgeline Infrastructure Manager 1.0 - Multiple Remote Vulnerabilities
by Jeremy Brown
Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated)
by Jeremy Brown
Easy CD & DVD Cover Creator 4.13 - Buffer Overflow
Easy CD & DVD Cover Creator 4.13 contains a buffer overflow vulnerability in the serial number input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the serial number field to trigger an application crash.
by stresser
CVSS 9.8
Arteco Web Client DVR/NVR - Auth Bypass
Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without authorization.
by LiquidWorm
CVSS 9.8
sar2html 3.2.1 - 'plot' Remote Code Execution
by Musyoka Ian
Mantisbt < 2.24.4 - SQL Injection
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.
by EthicalHCOP
CVSS 5.3
By Source