Exploitdb Exploits
50,076 exploits tracked across all sources.
D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution
by luka
D-Link DIR-819 Firmware 1.06 - Denial of Service via sys_token Parameter
On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request.
by whokilleddb
CVSS 7.5
Password Manager for IIS 2.0 - Cross-Site Scripting via ResultURL Parameter
Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability via the /isapi/PasswordManager.dll ResultURL parameter.
by VP4TR10T
CVSS 6.1
Owlfiles File Manager 12.0.1 - Cross-Site Scripting via HTTP Server Path Parameter
Owlfiles File Manager 12.0.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the path parameter in HTTP server endpoints. Attackers can craft URLs targeting the download and list endpoints with embedded script tags to execute arbitrary JavaScript in users' browsers.
by Chokri Hammedi
CVSS 5.0
Owlfiles File Manager 12.0.1 - Path Traversal
Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting GET requests with directory traversal sequences to access restricted system directories on the device.
by Chokri Hammedi
CVSS 7.5
WorkOrder CMS 0.1.0 - SQL Injection
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters. Attackers can inject malicious SQL queries using techniques like OR '1'='1' and stacked queries to access database information or execute administrative commands.
by Chokri Hammedi
CVSS 8.2
Gralp MAN-EAM-0003 3.2.4 - XML External Entity Injection via XML File Upload
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.
by Ahmed Alroky
CVSS 7.5
Atlassian Bitbucket Server/Data Center <7.6.17/<7.17.10/<7.21.4/<8....
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
by khal4n1
CVSS 8.8
wkhtmltopdf 0.12.6 - Server-Side Request Forgery via iframe Source
wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets.
by Momen Eldawakhly
CVSS 9.8
VIAVIWEB Wallpaper Admin 1.0 - SQL Injection
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the img_id parameter. Attackers can send GET requests to edit_gallery_image.php with malicious img_id values to extract database information.
by Edd13Mora
CVSS 6.5
VIAVIWEB Wallpaper Admin 1.0 - Unauthenticated Remote Code Execution via Image Upload
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the add_gallery_image.php endpoint to execute arbitrary code on the server.
by Edd13Mora
CVSS 9.8
VIAVIWEB Wallpaper Admin 1.0 - SQL Injection
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface.
by Edd13Mora
CVSS 8.2
Linksys AX3200 1.1.00 - Command Injection
Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.
by Ahmed Alroky
CVSS 8.8
pfBlockerNG < 2.1.4_26 - Remote Code Execution via HTTP Host Header
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
by IHTeam
CVSS 9.8
IOBit IOTransfer V4 - Unquoted Service Path
IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.
by BLAY ABU SAFIAN
CVSS 7.8
CVAT < 2.0.0 - Server-Side Request Forgery
CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side request forgery (SSRF) vulnerability. Validation has been added to urls used in the affected code path in version 2.0.0. Users are advised to upgrade. There are no known workarounds for this issue.
by Emir Polat
CVSS 8.6
Open Web Analytics <1.7.4 - Info Disclosure
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter.
by Jacob Ebben
CVSS 9.8
SmartRG SR506n 2.5.15 and SR510n 2.6.13 - Remote Code Execution via Ping Host Feature
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.
by Yerodin Richards
CVSS 9.8
Mega System Technologies MSNSwitch MNT.2408 - Unauthenticated Remote Code Execution via ExportSettings.sh
An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.
by Eli Fulkerson
CVSS 9.8
AVEVA InTouch Access Anywhere <2020 R2 - Path Traversal
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
by Jens Regel
CVSS 7.5
ImageMagick Engine < 1.7.5 - Unauthenticated Remote Code Execution via cli_path Parameter
The ImageMagick Engine plugin for WordPress is vulnerable to remote code execution via the 'cli_path' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to run arbitrary commands leading to remote command execution, granted they can trick a site administrator into performing an action such as clicking on a link. This makes it possible for an attacker to create and or modify files hosted on the server which can easily grant attackers backdoor access to the affected server.
by ABDO10
CVSS 8.8
Zephyr Project Manager <3.2.5 - SQL Injection
The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections
by Rizacan Tufan
CVSS 9.8
WordPress 3dady Real-Time Web Stats 1.0 Stored XSS
WordPress 3dady Real-Time Web Stats plugin 1.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by exploiting unsanitized input fields. Attackers can insert JavaScript payloads in the dady_input_text or dady2_input_text fields via the plugin options panel to execute arbitrary code when the page is viewed.
by UnD3sc0n0c1d0
CVSS 6.4
Testa 3.5.1 - Reflected Cross-Site Scripting via Login Redirect Parameter
Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context.
by Ashkan Moghaddas
CVSS 6.1
By Source