Exploitdb Exploits
31,341 exploits tracked across all sources.
WordPress Plugin IP2Location Country Blocker 2.26.7 - Stored Cross Site Scripting (XSS) (Authenticated)
by Ahmet Serkan Ari
CONTPAQi AdminPAQ 14.0.0 - Code Injection
CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malicious code in the service binary path, potentially executing arbitrary code with elevated system privileges during service startup.
by Angel Canseco
CVSS 8.4
Ametys CMS <4.4.1 - XSS
Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links. Attackers can inject malicious script code in link text and descriptions to execute persistent attacks that compromise user sessions and manipulate application modules.
by Vulnerability-Lab
CVSS 6.1
Mozilla Firefox < 60.7.1 - Type Confusion
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
by Forrest Orr
CVSS 8.8
Pickplugins Product Slider For Woocommerce < 1.13.22 - XSS
The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue
by 0xB9
CVSS 6.1
Pickplugins Post Grid < 2.1.8 - XSS
The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues
by 0xB9
CVSS 6.1
LearnPress <4.1.5 - Info Disclosure
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request, the name of the user-supplied image is changed with a MD5 value. This process can be conducted only when type of the image is JPG or PNG. An attacker can use this vulnerability in order to rename an arbitrary image file. By doing this, they could destroy the design of the web site.
by Ceylan BOZOĞULLARINDAN
CVSS 4.3
Domain Check WP <1.0.17 - XSS
The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue
by Ceylan BOZOĞULLARINDAN
CVSS 6.1
Mooveagency Contact Form Check Tester < 1.0.2 - XSS
The Contact Form Check Tester WordPress plugin through 1.0.2 settings are visible to all registered users in the dashboard and are lacking any sanitisation. As a result, any registered user, such as subscriber, can leave an XSS payload in the plugin settings, which will be triggered by any user visiting them, and could allow for privilege escalation. The vendor decided to close the plugin.
by 0xB9
CVSS 5.4
uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)
by Vulnerability-Lab
Moodle <3.11.4 - SQL Injection
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
by lavclash75
CVSS 9.8
Chamilo Lms < 1.11.14 - XSS
A user without privileges in Chamilo LMS 1.11.14 can send an invitation message to another user, e.g., the administrator, through main/social/search.php, main/inc/lib/social.lib.php and steal cookies or execute arbitrary code on the administration side via a stored XSS vulnerability via social network the send invitation feature.
by sirpedrotavares
CVSS 5.4
Huawei DG8045 Router 1.0 - Credential Disclosure
by Abdalrahman Gamal
Oracle Weblogic Server - Path Traversal
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
by Jonah Tan
CVSS 7.5
Mortgage Calculators WP <1.56 - XSS
The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
by Ceylan BOZOĞULLARINDAN
CVSS 4.8
Local Privilege Escalation in polkits pkexec
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
by Lance Biggerstaff
CVSS 7.8
Online Project Time Management System v1.0 - XSS
A stored cross-site scripting (XSS) vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field.
by Felipe Alcantara
CVSS 5.4
Online Project Time Management System v1.0 - SQL Injection
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function save_employee at /ptms/classes/Users.php.
by Felipe Alcantara
CVSS 9.8
Landa Driving School Management System 2.0.1 - Arbitrary File Upload
by Sohel Yousef
uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting (XSS)
by Vulnerability-Lab
Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)
by Vulnerability-Lab
Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting (XSS)
by Vulnerability-Lab
Nyron 1.0 - SQL Injection
Nyron 1.0 is affected by a SQL injection vulnerability through Nyron/Library/Catalog/winlibsrch.aspx. To exploit this vulnerability, an attacker must inject '"> on the thes1 parameter.
by Miguel Santareno
CVSS 9.8
Archeevo <5.0 - Local File Inclusion
Archeevo below 5.0 is affected by local file inclusion through file=~/web.config to allow an attacker to retrieve local files.
by Miguel Santareno
CVSS 7.5
By Source