Exploitdb Exploits
50,076 exploits tracked across all sources.
YouPHPTube <= 7.8 - Unauthenticated Path Traversal via Lang Parameter
YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. Attackers can exploit the path traversal flaw in locale/function.php to include and view PHP files outside the intended directory by using directory traversal sequences.
by Rafael Pedrero
CVSS 5.5
SugarSync 4.1.3 - 'SugarSync Service' Unquoted Service Path
by Jorge Manuel Lozano Gómez
HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path
by Jorge Manuel Lozano Gómez
Heartex - Label Studio Community Edition <1.5.0 - SSRF
A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these versions of Label Studio enabling a remote attacker to create a new account and then exploit the SSRF.
by Ryan Smith
CVSS 6.5
Senayan Library Management System v9.5.0 - SQL Injection
by nu11secur1ty
Online shopping system advanced 1.0 - Multiple Vulnerabilities
by Rafael Pedrero
Boxbilling < 0.0.1 - Unrestricted Upload of File with Dangerous Type
Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.
by zetc0de
CVSS 7.2
Pega Infinity 8.1.0-8.7.3 - Remote Code Execution via JMX Interface Deserialization
If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture.
by Marcin Wolak
CVSS 9.8
OPSWAT MetaDefender Core < 5.1.2 - Privilege Escalation via Incorrect Access Control
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
by Ulascan Yildirim
CVSS 9.8
Zalando Skipper < 0.13.237 - Server-Side Request Forgery
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
by Hosein Vita
CVSS 9.8
Hashicorp Consul v1.0 - Remote Command Execution (RCE)
by GatoGamer1155
ZKTeco ZEM and ZMM Firmware - Unauthenticated Sensitive Information Exposure via Direct Request
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210).
by RedTeam Pentesting GmbH
CVSS 7.5
TP-Link Tapo C310 1.3.0 - Unauthenticated Video Feed Access via Hard-coded RTSP Credentials
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User --- and Password TPL075526460603.
by dsclee1
CVSS 7.5
reqlogic 11.3 - Cross-Site Scripting via POBatch and WaitDuration Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters.
by Okan Kurtulus
CVSS 6.1
Aero CMS 0.0.1 PHP Code Injection via posts.php
Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=add_post parameter, and the uploaded files are executed by the server.
by Hubert Wojciechowski
CVSS 8.8
Atom CMS 2.0 - SQL Injection
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
by Hubert Wojciechowski
CVSS 7.5
WebTareas 2.4 - Unauthenticated SQL Injection via webTareasSID Cookie Parameter
WebTareas 2.4 contains a SQL injection vulnerability in the webTareasSID cookie parameter that allows unauthenticated attackers to manipulate database queries. Attackers can exploit error-based and time-based blind SQL injection techniques to extract database information and potentially access sensitive system data.
by Hubert Wojciechowski
CVSS 7.5
WebTareas 2.4 - Authenticated Remote Code Execution via Chat Photo Upload
WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and execute it directly through the generated file path.
by Hubert Wojciechowski
CVSS 8.8
By Source