Exploitdb Exploits
4,724 exploits tracked across all sources.
Ajenti 2.1.36 - Command Injection
Ajenti 2.1.36 contains an authentication bypass vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port.
by Ahmet Ümit BAYRAM
CVSS 9.8
TextPattern CMS 4.8.3 - Remote Code Execution (Authenticated)
by 0blio_
Bludit - Brute Force
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
by Mayank Deshmukh
CVSS 9.8
Tiki Wiki CMS Groupware 21.1 - Authentication Bypass
by Maximilian Barz
Ultimate Project Manager CRM PRO 2.0.5 - SQL Injection
Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract usernames and password hashes from the tbl_users database table. Attackers can exploit the /frontend/get_article_suggestion/ endpoint by crafting malicious search parameters to progressively guess and retrieve user credentials through boolean-based inference techniques.
by nag0mez
CVSS 8.2
RiteCMS 2.2.1 - Remote Code Execution (Authenticated)
by H0j3n
Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution
by Jonatas Fil
Comtrend AR-5387un router - Persistent XSS (Authenticated)
by OscarAkaElvis
Typesetter < 5.1 - Unrestricted File Upload
Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2
by Rodolfo Tavares
CVSS 7.2
Seat Reservation System 1.0 - Remote Code Execution (Unauthenticated)
by Rahul Ramkumar
Hotel Management System 1.0 - Remote Code Execution (Authenticated)
by Aporlorxl23
rConfig 3.9.5 - Remote Code Execution (Unauthenticated)
by Daniel Monzón
MedDream PACS Server 6.8.3.751 - Remote Code Execution (Unauthenticated)
by bzyo
SEOPanel <4.7.0 - RCE
A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function.
by Kiko Andreu
CVSS 8.8
Titanhq Spamtitan - Command Injection
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server.
by Felipe Molina
CVSS 9.8
MedDream PACS Server 6.8.3.751 - Authenticated RCE
MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that allows authorized users to upload malicious PHP files. Attackers can exploit the uploadImage.php endpoint by authenticating and uploading a PHP shell to execute arbitrary system commands with elevated privileges.
by bzyo
CVSS 8.8
Sony IPELA Network Camera 1.82.01 - RCE
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality, potentially causing remote code execution or denial of service.
by LiquidWorm
CVSS 9.8
BearShare Lite 5.2.5 - Buffer Overflow
BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search keywords field.
by Christian Vierschilling
CVSS 9.8
Cloudme Sync < 1.10.9 - Memory Corruption
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
by boku
CVSS 9.8
Midasolutions Eframework < 2.9.0 - OS Command Injection
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
by elbae
CVSS 9.8
Projectworlds Visitor Management System - XSS
Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc.
by Rahul Ramkumar
CVSS 6.1
Comodo UTM Firewall <2.7.0 - RCE
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.
by Milad Fadavvi
CVSS 9.8
B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution
by LiquidWorm
Midasolutions Eframework < 2.9.0 - Authentication Bypass
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
by elbae
CVSS 9.8
By Source