Exploitdb Exploits
31,341 exploits tracked across all sources.
Chiyu-tech Semac S2 Firmware - Integer Overflow
A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on the page parameter that will crash the web portal and making it unavailable until a reboot of the device.
by sirpedrotavares
CVSS 6.5
Intel(R) Audio Service x64 01.00.1080.0 - 'IntelAudioService' Unquoted Service Path
by Geovanni Ruiz
Zope Products.pluggableauthservice < 2.6.1 - Open Redirect
Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the browser to a different website. The problem has been fixed in version 2.6.1. Depending on how you have installed Products.PluggableAuthService, you should change the buildout version pin to `2.6.1` and re-run the buildout, or if you used `pip` simply do `pip install "Products.PluggableAuthService>=2.6.1".
by Piyush Patil
CVSS 5.7
Seo Panel 4.8.0 - XSS
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter.
by Piyush Patil
CVSS 4.8
Seo Panel 4.8.0 - XSS
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.
by Piyush Patil
CVSS 4.8
ProjeQtOr Project Management 9.1.4 - RCE
ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment section and execute system commands by accessing the uploaded file with a specially crafted request parameter.
by Temel Demir
CVSS 9.8
Veyon Service <4.4.2 - Privilege Escalation
On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don't have administrative privileges, this vulnerability is only dangerous in anyway unsafe setups. The problem has been fixed in version 4.4.2. As a workaround, the exploitation of the vulnerability can be prevented by revoking administrative privileges from all potentially untrustworthy users.
by Víctor García
CVSS 8.0
WordPress Plugin WP Prayer version 1.6.1 - 'prayer_messages' Stored Cross-Site Scripting (XSS) (Authenticated)
by Bastijn Ouwendijk
CHIYU IoT devices - 'Multiple' Cross-Site Scripting (XSS)
by sirpedrotavares
Lifterlms < 4.21.1 - XSS
The 'State' field of the Edit profile page of the LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.1 is not properly sanitised when output in the About section of the profile page, leading to a stored Cross-Site Scripting issue. This could allow low privilege users (such as students) to elevate their privilege via an XSS attack when an admin will view their profile.
by Captain_hook
CVSS 5.4
Gadget Works Online Ordering System - XSS
A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php.
by Vinay H C
CVSS 5.4
WordPress Plugin Cookie Law Bar 1.2.1 - 'clb_bar_msg' Stored Cross-Site Scripting (XSS)
by Mesut Cetin
Shopizer <2.17.0 - XSS
A reflected cross-site scripting (XSS) vulnerability in Shopizer before 2.17.0 allows remote attackers to inject arbitrary web script or HTML via the ref parameter to a page about an arbitrary product, e.g., a product/insert-product-name-here.html/ref= URL.
by Marek Toth
CVSS 4.8
iDailyDiary 4.30 - DoS
iDailyDiary 4.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the preferences tab name field. Attackers can paste a 2,000,000 character buffer into the default diary tab name to trigger an application crash.
by Ismael Nava
CVSS 7.5
Acer ePowerSvc 6.0.3008.0 - Privilege Escalation
Acer ePowerSvc 6.0.3008.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem permissions during service startup.
by Emmanuel Lujan
CVSS 7.8
DiskBoss Service 12.2.18 - Privilege Escalation
DiskBoss Service 12.2.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path locations to gain system-level access during service startup.
by Erick Galindo
CVSS 7.8
Catzsoft Redi Restaurant Reservation < 21.0426 - XSS
The ReDi Restaurant Reservation WordPress plugin before 21.0426 provides the functionality to let users make restaurant reservations. These reservations are stored and can be listed on an 'Upcoming' page provided by the plugin. An unauthenticated user can fill in the form to make a restaurant reservation. The form to make a restaurant reservation field called 'Comment' does not use proper input validation and can be used to store XSS payloads. The XSS payloads will be executed when the plugin user goes to the 'Upcoming' page, which is an external website https://upcoming.reservationdiary.eu/ loaded in an iframe, and the stored reservation with XSS payload is loaded.
by Bastijn Ouwendijk
CVSS 6.1
Schlix CMS 2.2.6-6 - Arbitary File Upload (Authenticated)
by Emir Polat
Shopizer <2.17.0 - XSS
A stored cross-site scripting (XSS) vulnerability in Shopizer before 2.17.0 allows remote attackers to inject arbitrary web script or HTML via customer_name in various forms of store administration. It is saved in the database. The code is executed for any user of store administration when information is fetched from the backend, e.g., in admin/customers/list.html.
by Marek Toth
CVSS 4.8
Acer Backup Manager 3.0.0.99 - Code Injection
Acer Backup Manager 3.0.0.99 contains an unquoted service path vulnerability in the NTI IScheduleSvc service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\NTI\Acer Backup Manager\ to inject malicious executables that would run with elevated LocalSystem privileges.
by Emmanuel Lujan
CVSS 7.8
Acer Updater Service 1.2.3500.0 - Privilege Escalation
Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files\Acer\Acer Updater\ to inject malicious executables that will run with LocalSystem permissions during service startup.
by Emmanuel Lujan
CVSS 7.8
ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path
by Alejandra Sánchez
COVID19 Testing Management System 1.0 - SQL Injection
COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel.
by Rohit Burke
CVSS 9.8
By Source