Exploitdb Exploits
31,341 exploits tracked across all sources.
Online Examination System Project 1.0 - CSRF
The Online Examination System Project 1.0 version is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin's consent. The email of the user to be deleted is passed as a parameter in the URL, which can be manipulated by the attacker. This could result in a loss of data.
by Ramil Mustafayev
CVSS 6.5
PHPGurukul Teachers Record Management System 1.0 - Unrestricted Upload
A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0. Affected by this issue is some unknown functionality of the file /changeimage.php of the component Profile Picture Handler. The manipulation of the argument newpic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231176.
by AFFAN AHMED
CVSS 6.3
SourceCodester Sales Tracker Management System 1.0 - XSS
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231164.
by AFFAN AHMED
CVSS 2.4
USB Flash Drives Control 4.1.0.0 - Code Injection
USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious executables and escalate privileges on Windows systems.
by Jeffrey Bencteux
CVSS 6.2
Cms Tree Page View < 1.6.7 - XSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin <= 1.6.7 versions.
by LEE SE HYOUNG
CVSS 7.1
MotoCMS <3.4.3 - SQL Injection
SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via the keyword parameter of the search function.
by tmrswrr
CVSS 9.8
Total CMS <1.7.4 - RCE
File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function.
by tmrswrr
CVSS 8.8
Barebones CMS v2.0.2 - XSS
The Barebones CMS v2.0.2 is vulnerable to Stored Cross-Site Scripting (XSS) when an authenticated user interacts with certain features on the admin panel.
by tmrswrr
CVSS 5.4
Sourcecodester Enrollment System Project V1.0 - SQL Injection
Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code.
by VIVEK CHOUDHARY
CVSS 9.8
STARFACE - Auth Bypass
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash.
by RedTeam Pentesting GmbH
CVSS 8.1
Rukovoditel 3.3.1 - Code Injection
Rukovoditel 3.3.1 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into the firstname field. Attackers can craft payloads like =calc|a!z| to trigger code execution when an admin exports customer data as a CSV file.
by Mirabbas Ağalarov
CVSS 8.8
MotoCMS 3.4.3 - SSTI
MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the keyword parameter.
by tmrswrr
CVSS 9.8
Bumsys - Unrestricted File Upload
Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.
by AFFAN AHMED
CVSS 8.8
Pydio Cells < 3.0.12 - Incorrect Authorization
Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted.
by RedTeam Pentesting GmbH
CVSS 8.8
Pydio Cells < 3.0.12 - SSRF
Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.
by RedTeam Pentesting GmbH
CVSS 6.5
Pydio Cells < 3.0.12 - XSS
Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it is possible to generate valid signatures for arbitrary download URLs. By uploading an HTML file and modifying the download URL to serve the file inline instead of as an attachment, any included JavaScript code is executed when the URL is opened in a browser, leading to a cross-site scripting vulnerability.
by RedTeam Pentesting GmbH
CVSS 5.4
Tuzitio Camaleon Cms < 2.7.0 - Code Injection
Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.
by PARAG BAGUL
CVSS 9.8
Zenphoto 1.6 - XSS
Zenphoto 1.6 contains a stored cross-site scripting vulnerability in the user postal code field accessible through the admin-users.php interface. When administrators view user information imported as HTML, malicious JavaScript payloads injected into the postal code field execute in their browser context.
by Mirabbas Ağalarov
CVSS 4.6
Zenphoto 1.6 - XSS
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users view the album page.
by Mirabbas Ağalarov
CVSS 4.6
UliCMS 2023.1 - Auth Bypass
UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative account with full system access.
by Mirabbas Ağalarov
CVSS 9.8
WBCE CMS 1.6.1 - XSS
WBCE CMS 1.6.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by inserting script tags into page content through the WYSIWYG editor. Attackers can submit POST requests to /wbce/modules/wysiwyg/save.php with malicious script content in the content parameter to execute JavaScript when users view the affected page.
by Mirabbas Ağalarov
CVSS 5.4
WBCE CMS 1.6.1 - XSS
WBCE CMS 1.6.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by uploading crafted SVG files through the media manager. Attackers can upload SVG files containing script tags to the /wbce/modules/elfinder/ef/php/connector.wbce.php endpoint and execute JavaScript when victims access the uploaded file.
by Mirabbas Ağalarov
CVSS 5.4
Wondershare Filmora <12.2.1.2088 - Privilege Escalation
Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
by Thurein Soe
CVSS 7.8
By Source