Exploitdb Exploits
31,341 exploits tracked across all sources.
Openbmcs - Information Disclosure
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system information.
by LiquidWorm
CVSS 7.5
Openbmcs - SQL Injection
OpenBMCS 2.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting arbitrary SQL code. Attackers can send GET requests to /debug/obix_test.php with malicious 'id' values to extract database information.
by LiquidWorm
CVSS 6.5
Openbmcs - SSRF
OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip' parameter to force the application to make an HTTP request to an arbitrary destination host.
by LiquidWorm
CVSS 7.2
Openbmcs - CSRF
OpenBMCS 2.4 contains a CSRF vulnerability that allows attackers to perform actions with administrative privileges by exploiting the sendFeedback.php endpoint. Attackers can submit malicious requests to trigger unintended actions, such as sending emails or modifying system settings.
by LiquidWorm
CVSS 4.3
Openbmcs - Missing Authorization
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the update_user_permissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory.
by LiquidWorm
CVSS 8.8
Sourcecodester Simple Chatbot App <1.0 - RCE
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.
by Saud Alenazi
CVSS 9.8
Sourcecodester Simple Chatbot App 1.0 - SQL Injection
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
by Saud Alenazi
CVSS 9.8
Online Resort Management System 1.0 - SQLi (Authenticated)
by Gaurav Grover
Crestron Hd-md4x2-4k-e Firmware - Authentication Bypass
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.
by RedTeam Pentesting GmbH
CVSS 9.8
Online Diagnostic Lab Management System 1.0 - RCE
An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters.
by Himash
CVSS 6.3
Salonerp - SQL Injection
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password.
by Betul Denizler
CVSS 8.8
Wordpress < 3.7.37 - SQL Injection
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
by Aryan Chehreghani
CVSS 8.0
Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)
by Himash
Online Diagnostic Lab Management System 1.0 - SQL Injection (Unauthenticated)
by Himash
Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)
by Sant268
Hospitals Patient Records Management System 1.0 - 'room_list' Stored Cross Site Scripting (XSS)
by Sant268
Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting (XSS)
by Sant268
Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass
by hyp3rlinx
Frontend Uploader < 1.3.2 - XSS
The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly
by Veshraj Ghimire
CVSS 6.1
Element-IT HTTP Commander 3.1.9 - XSS
A cross-site scripting (XSS) vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames.
by Oscar Sandén
CVSS 5.4
Coreftp Core FTP < 1.2 - Path Traversal
CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.
by LiamInfosec
CVSS 6.5
Opmantek Open-audit < 4.2.0 - XSS
Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser.
by Dominic Clark
CVSS 6.1
Online Railway Reservation System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Zachary Asher
By Source