Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-101399 EXPLOITDB python
Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification
by LiquidWorm
EIP-2026-101398 EXPLOITDB text
Osprey Pump Controller 1.0.1 - Administrator Backdoor Access
by LiquidWorm
EIP-2026-101397 EXPLOITDB text
Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection
by LiquidWorm
EIP-2026-101396 EXPLOITDB text
Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection
by LiquidWorm
EIP-2026-101395 EXPLOITDB text
Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection
by LiquidWorm
CVE-2023-0830 EXPLOITDB MEDIUM python
EasyNAS 1.1.0 - OS Command Injection via /backup.pl
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
by Ivan Spiridonov
CVSS 6.3
CVE-2022-45701 EXPLOITDB HIGH python
Arris TG2482A Firmware <= 9.1.103GEM9 - Remote Code Execution via Ping Utility
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
by Yerodin Richards
CVSS 8.8
CVE-2023-26609 EXPLOITDB HIGH text
ABUS TVIP 20000-21150 Firmware - Remote Code Execution via Wireless MFT AP Field
ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.
CVSS 7.2
CVE-2020-11798 EXPLOITDB MEDIUM text
Mitel MiCollab AWV < 8.1.2.4 and 9.x < 9.1.3 - Path Traversal via Crafted URL
A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an attacker to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access validation. A successful exploit could allow an attacker to access sensitive information from the restricted directories.
by Kahvi-0
CVSS 5.3
CVE-2023-53981 EXPLOITDB HIGH python
PhotoShow 3.0 - Authenticated Remote Code Execution via Exiftran Path Injection
PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a crafted video upload process.
by LSCP Responsible Disclosure Lab
CVSS 7.2
CVE-2023-53980 EXPLOITDB CRITICAL text
ProjectSend r1605 - Remote Code Execution via File Extension Manipulation
ProjectSend r1605 contains a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions through the upload.process.php endpoint to execute arbitrary commands on the server.
by Mirabbas Ağalarov
CVSS 9.8
CVE-2023-53966 EXPLOITDB CRITICAL text
SOUND4 LinkAndShare Transmitter 1.1.2 - Memory Corruption
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
by LiquidWorm
CVSS 9.8
CVE-2023-22855 EXPLOITDB CRITICAL python
Kardex Mlog MCC 5.7.12+0-a203c2a213-master - Remote Code Execution via Path Traversal and T4 Template Injection
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of including local files, as well as remote files on SMB shares. If one provides a file with the extension .t4, it is rendered with the .NET templating engine mono/t4, which can execute code.
by Patrick Hener
CVSS 9.8
EIP-2026-116629 EXPLOITDB text
XWorm Trojan 2.1 - Null Pointer Derefernce DoS
by TOUHAMI Kasbaoui
CVE-2022-4510 EXPLOITDB HIGH python
binwalk 2.1.2b-2.3.3 - Path Traversal and Remote Code Execution via Malicious PFS Filesystem
A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins. This vulnerability is associated with program files src/binwalk/plugins/unpfs.py. This issue affects binwalk from 2.1.2b through 2.3.3 included.
by Etienne Lacoche
CVSS 7.8
EIP-2026-114650 EXPLOITDB text
zstore 6.6.0 - Cross-Site Scripting (XSS)
by nu11secur1ty
CVE-2022-46604 EXPLOITDB HIGH python VERIFIED
Tecrail Responsive FileManager <9.9.5 - Code Injection
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution.
by Galoget Latorre
CVSS 8.8
EIP-2026-110100 EXPLOITDB text VERIFIED
Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated)
by Muhammad Navaid Zafar Ansari
CVE-2021-36520 EXPLOITDB HIGH text
I-Tech Trainsmart r1044 - SQL Injection
A SQL injection vulnerability in I-Tech Trainsmart r1044 exists via a evaluation/assign-evaluation?id= URI.
by Adrian Bondocea
CVSS 7.5
CVE-2023-0315 EXPLOITDB HIGH python
froxlor/froxlor <2.0.8 - Command Injection
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
by Askar
CVSS 8.8
CVE-2022-44877 EXPLOITDB CRITICAL go
CWP login.php Unauthenticated RCE
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
by Mayank Deshmukh
CVSS 9.8
CVE-2022-48110 EXPLOITDB MEDIUM text
CKEditor 5 < 36.0.0 - Cross-Site Scripting via Full Featured Widget
CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation discusses that it is the responsibility of an integrator (who is adding CKEditor 5 functionality to a website) to choose the correct security settings for their use case. Also, safe default values are established (e.g., config.htmlEmbed.showPreviews is false).
by Manish Pathak
CVSS 6.1
CVE-2022-2846 EXPLOITDB MEDIUM text
Calendar Event Multi View WP <1.4.07 - XSS
The Calendar Event Multi View WordPress plugin before 1.4.07 does not have any authorisation and CSRF checks in place when creating an event, and is also lacking sanitisation as well as escaping in some of the event fields. This could allow unauthenticated attackers to create arbitrary events and put Cross-Site Scripting payloads in it.
by Mostafa Farzaneh
CVSS 4.3
EIP-2026-105651 EXPLOITDB text VERIFIED
Bus Pass Management System 1.0 - Stored Cross-Site Scripting (XSS)
by Matteo Conti
EIP-2026-105459 EXPLOITDB text
bgERP v22.31 (Orlovets) - Cookie Session vulnerability & Cross-Site Scripting (XSS)
by nu11secur1ty
By Source
All 50,076 Writeup 62,526 Exploitdb 50,076 Nomisec 22,480 Github 3,713 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,614 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25