Exploitdb Exploits
50,076 exploits tracked across all sources.
FlatCore CMS 2.1.1 - Stored Cross-Site Scripting (XSS)
by Sinem Şahin
Clansphere CMS 2011.4 - Stored Cross-Site Scripting (XSS)
by Sinem Şahin
Fortinet Fortiproxy < 7.0.7 - Authentication Bypass
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
by Felipe Alcantara
CVSS 9.8
GuppY CMS 6.00.10 - Unrestricted File Upload and Remote Code Execution via PHP File Upload
GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file.
by Chokri Hammedi
CVSS 9.8
iolo System Shield 5.0.0.136 - Arbitrary Write via amp.sys IOCtl 0x00226003
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
by Brandon Marshall
CVSS 9.8
camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.
by Elias Hohl
CVSS 9.8
NVFLARE < 2.1.4 - Remote Code Execution via Pickle Deserialization
NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.
by Elias Hohl
CVSS 9.8
Yoga Class Registration System v1.0 - Multiple SQLi
by Abdulhakim Öner
TranslatePress < 2.3.3 - Authenticated SQL Injection via Language Addition
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language (via the settings page) containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected.
by Elias Hohl
CVSS 8.8
SimpleMachinesForum <2.1.1 - Authenticated RCE
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to have the ability to modify themes, and can thus choose any PHP code that they wish to have executed on the server.
by Sarang Tumne
CVSS 7.2
PHPGurukul Online Birth Certificate System V 1.2 - Blind XSS
by Prasheek Kamble
Online Diagnostic Lab Management System v1.0 - Remote Code Execution (RCE) (Unauthenticated)
by yousef alraddadi
NEX-Forms < 7.9.7 - Authenticated SQL Injection via Forms Statistics Chart
The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. The attack can be executed by anyone who is permitted to view the forms statistics chart, by default administrators, however can be configured otherwise via the plugin settings.
by Elias Hohl
CVSS 8.8
MODX Revolution <2.8.3-pl - Authenticated RCE
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.
by Sarang Tumne
CVSS 7.2
Lavalite v9.0.0 - XSRF-TOKEN cookie File path traversal
by nu11secur1ty
ImpressCMS < 1.4.3 - SQL Injection
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to compromise the entire system.
by Sarang Tumne
CVSS 7.2
Human Resources Management System v1.0 - Multiple SQLi
by Abdulhakim Öner
Employee Performance Evaluation System v1.0 - File Inclusion and RCE
by nu11secur1ty
Composr-CMS <10.0.39 - Authenticated RCE
Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.
by Sarang Tumne
CVSS 8.8
Bus Pass Management System 1.0 - Reflected Cross-Site Scripting via Searchdata Parameter
Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.
by Ali Alipour
CVSS 6.1
Abantecart <= 1.3.2 - Authenticated Remote Code Execution via Media Manager Image Upload
Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image file type).
by Sarang Tumne
CVSS 7.2
By Source