Exploitdb Exploits
50,130 exploits tracked across all sources.
Sophos Web Appliance <4.3.10.4 - Command Injection
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
by Behnam Abasi Vanda
CVSS 9.8
Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution
by Or4nG.M4N
Kodcloud Kodexplorer < 4.49 - CSRF
A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.50 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227000.
by Mr Empy
CVSS 4.3
Papercut MF < 20.1.7 - Improper Access Control
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
by MaanVader
CVSS 9.8
AspEmail 5.6.0.2 - Privilege Escalation
AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access.
by Zer0FauLT
CVSS 8.4
Lilac-Reloaded for Nagios 2.0.8 - RCE
Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmap_binary parameter to execute a reverse shell by sending a crafted POST request to the autodiscovery endpoint.
by max / Zoltan Padanyi
CVSS 9.8
Serendipity 2.4.0 - RCE
Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.
by Mirabbas Ağalarov
CVSS 8.8
Serendipity 2.4.0 - XSS
Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post.
by Mirabbas Ağalarov
CVSS 5.4
Diasoft File Replication Pro 7.5.0 - Privilege Escalation
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.
by Andrea Intilangelo
CVSS 9.8
FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)
by Rodolfo Mariano
ProjeQtOr Project Management System 10.3.2 - Remote Code Execution (RCE)
by Mirabbas Ağalarov
Piwigo 13.6.0 - Stored Cross-Site Scripting (XSS)
by Mirabbas Ağalarov
GDidees CMS <3.9.1 - Info Disclosure
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.
by Hadi Mene
CVSS 7.5
Chitor-CMS <1.1.2 - SQL Injection
Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities.
by msd0pe
CVSS 9.8
Hockeycomputindo Bang Resto - XSS
Bang Resto 1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the itemName parameter in the admin/menu.php Add New Menu function.
by Rahad Chowdhury
CVSS 4.8
Hockeycomputindo Bang Resto - SQL Injection
Bang Resto 1.0 was discovered to contain multiple SQL injection vulnerabilities via the btnMenuItemID, itemID, itemPrice, menuID, staffID, or itemqty parameter.
by Rahad Chowdhury
CVSS 8.8
Microsoft 365 Apps - Heap Buffer Overflow
Microsoft Word Remote Code Execution Vulnerability
by nu11secur1ty
CVSS 7.8
Linux Kernel - Info Disclosure
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.
This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.
by nu11secur1ty
CVSS 5.6
Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information
by Rafael Cintra Lopes
Franklin Fueling Systems TS-550 - Default Password
by Parsa Rezaie Khiabanloo
InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload
InnovaStudio WYSIWYG Editor 5.4 contains an unrestricted file upload vulnerability that allows attackers to bypass file extension restrictions through filename manipulation. Attackers can upload malicious ASP shells by using null byte techniques and alternate file extensions to circumvent upload controls in the asset manager.
by Zer0FauLT
CVSS 9.8
Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)
by LiquidWorm
Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure
by LiquidWorm
By Source