Exploitdb Exploits
50,130 exploits tracked across all sources.
Schneider Electric v1.0 - Directory traversal & Broken Authentication
by Parsa Rezaie Khiabanloo
Franklin Fueling Systems TS-550 - Exploit and Default Password
by Parsa Rezaie Khiabanloo
Unifiedremote Unified Remote - XXE
Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint.
by H4rk3nz0
CVSS 9.8
FileZilla Client 3.63.1 - Code Injection
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.
by Bilal Qureshi
CVSS 9.8
LDAP Tool Box Self Service Password 1.5.2 - SSRF
LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.
by Tahar BENNACEF
CVSS 7.5
Kimai <1.30.10 - XSS
Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.
by nu11secur1ty
CVSS 9.8
Flatnux 2021-03.25 - RCE
Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root directory, enabling remote code execution on the server.
by Ömer Hasan Durmuş
CVSS 8.8
Southrivertech Titan FTP Server < 1.94.1205 - Path Traversal
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
by Andreas Finstad
CVSS 8.8
Pdfkit < 0.8.7.2 - Command Injection
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
by UNICORD
CVSS 7.3
Modoboa < 2.0.4 - Authentication Bypass
Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.
by 7h3h4ckv157
CVSS 9.8
Simple Task Managing System - SQL Injection
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.
by Hamdi Sevben
CVSS 9.8
Simple Food Ordering System - XSS
A vulnerability was found in SourceCodester Simple Food Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file process_order.php. The manipulation of the argument order leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221451.
by Muhammad Navaid Zafar Ansari
CVSS 3.5
Purchase Order Management-1.0 - Local File Inclusion
by nu11secur1ty
Polr <2.3.0 - Privilege Escalation
Polr is an open source URL shortener. in Polr before version 2.3.0, a vulnerability in the setup process allows attackers to gain admin access to site instances, even if they do not possess an existing account. This vulnerability exists regardless of users' settings. If an attacker crafts a request with specific cookie headers to the /setup/finish endpoint, they may be able to obtain admin privileges on the instance. This is caused by a loose comparison (==) in SetupController that is susceptible to attack. The project has been patched to ensure that a strict comparison (===) is used to verify the setup key, and that /setup/finish verifies that no users table exists before performing any migrations or provisioning any new accounts. This is fixed in version 2.3.0. Users can patch this vulnerability without upgrading by adding abort(404) to the very first line of finishSetup in SetupController.php.
by p4kl0nc4t
CVSS 9.3
Music Gallery Site - SQL Injection
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file view_music_details.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221631.
by Muhammad Navaid Zafar Ansari
CVSS 6.3
Music Gallery Site - SQL Injection
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221632.
by Muhammad Navaid Zafar Ansari
CVSS 6.3
Music Gallery Site - SQL Injection
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file music_list.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221553 was assigned to this vulnerability.
by Muhammad Navaid Zafar Ansari
CVSS 6.3
Music Gallery Site - Improper Access Control
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221633 was assigned to this vulnerability.
by Muhammad Navaid Zafar Ansari
CVSS 7.3
Intern Record System - SQL Injection
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.
by Hamdi Sevben
CVSS 9.8
Simple Food Ordering System - XSS
A vulnerability was found in SourceCodester Simple Food Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file process_order.php. The manipulation of the argument order leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221451.
by Muhammad Navaid Zafar Ansari
CVSS 3.5
Employee Task Management System - SQL Injection
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221453 was assigned to this vulnerability.
by Muhammad Navaid Zafar Ansari
CVSS 6.3
Employee Task Management System - Authentication Bypass
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221454 is the identifier assigned to this vulnerability.
by Muhammad Navaid Zafar Ansari
CVSS 7.3
Dompdf 1.2.1 - RCE
Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).
by Ravindu Wickramasinghe
CVSS 9.8
By Source