Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-50895 EXPLOITDB CRITICAL text
Aero CMS 0.0.1 - SQL Injection
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the system.
by nu11secur1ty
CVSS 9.8
CVE-2022-2941 EXPLOITDB MEDIUM text VERIFIED
WP-UserOnline <= 2.88.0 - Authenticated Stored Cross-Site Scripting in Naming Conventions
The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions up to, and including 2.88.0. This is due to the fact that all fields in the "Naming Conventions" section do not properly sanitize user input, nor escape it on output. This makes it possible for authenticated attackers, with administrative privileges, to inject JavaScript code into the setting that will execute whenever a user accesses the injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
by UnD3sc0n0c1d0
CVSS 5.5
CVE-2022-34140 EXPLOITDB MEDIUM text
Feehi CMS 2.1.1 - Stored Cross-Site Scripting via Username Field
A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field.
by yuyudhn
CVSS 5.4
CVE-2022-36633 EXPLOITDB HIGH text
Teleport < 10.1.2 and < 8.3.17 - Unauthenticated Remote Code Execution via SSH Agent Installation Link
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.
by Brandon Roach
CVSS 8.8
CVE-2021-4045 EXPLOITDB CRITICAL python
TP-Link Tapo C200 Firmware < 1.1.15 - Unauthenticated Remote Code Execution
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
by hacefresko
CVSS 9.8
CVE-2023-31904 EXPLOITDB HIGH text
savysoda Wifi HD Wireless Disk Drive 11 - Local File Inclusion
savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion.
by Chokri Hammedi
CVSS 7.5
EIP-2026-119275 EXPLOITDB bash
WiFiMouse 1.8.3.4 - Remote Code Execution (RCE)
by FEBIN MON SAJI
CVE-2023-31902 EXPLOITDB CRITICAL python
RPA Technology Mobile Mouse 3.6.0.4 - RCE
RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE).
by Chokri Hammedi
CVSS 9.8
CVE-2022-2651 EXPLOITDB CRITICAL text VERIFIED
bookwyrm-social/bookwyrm <0.4.5 - Auth Bypass
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.
by Akshay Ravi
CVSS 9.8
CVE-2022-35513 EXPLOITDB HIGH javascript
Blink1Control2 <= 2.2.7 - Weak Password Encryption
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
by p1ckzi
CVSS 7.5
CVE-2022-36267 EXPLOITDB CRITICAL python
Airspan AirSpot 5410 <0.3.4.1-4 - Command Injection
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device.
by Samy Younsi
CVSS 9.8
EIP-2026-101577 EXPLOITDB text
Buffalo TeraStation Network Attached Storage (NAS) 1.66 - Authentication Bypass
by Jordan Glover
CVE-2022-30781 EXPLOITDB HIGH ruby VERIFIED
Gitea < 1.16.7 - Remote Code Execution via Git Fetch Remote
Gitea before 1.16.7 does not escape git fetch remote.
by samguy
CVSS 7.5
CVE-2022-50947 EXPLOITDB MEDIUM text
WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS
WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the post_title parameter. Attackers with editor privileges can inject JavaScript payloads through the testimonial title field that execute in the browsers of users viewing the draft post, enabling cookie theft and session hijacking.
by Luqman Hakim Zahari
CVSS 6.4
CVE-2022-50946 EXPLOITDB MEDIUM text
WordPress Plugin Netroics Blog Posts Grid 1.0 Stored XSS
WordPress Plugin Netroics Blog Posts Grid 1.0 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the post_title parameter. Attackers with editor privileges can inject script payloads through the testimonial title field that execute in the browsers of other users viewing the draft post, enabling cookie theft and session hijacking.
by Luqman Hakim Zahari
CVSS 6.4
CVE-2022-1040 EXPLOITDB CRITICAL text
Sophos Firewall < 18.5.3 - Unauthenticated Remote Code Execution
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
by Aryan Chehreghani
CVSS 9.8
CVE-2022-31101 EXPLOITDB HIGH python
PrestaShop blockwishlist < 2.1.1 - Authenticated SQL Injection
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
by Karthik UJ
CVSS 8.1
CVE-2022-34140 EXPLOITDB MEDIUM text
Feehi CMS 2.1.1 - Stored Cross-Site Scripting via Username Field
A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field.
by Shivam Singh
CVSS 5.4
CVE-2021-42750 EXPLOITDB MEDIUM text
ThingsBoard 3.3.1 - Authenticated Stored Cross-Site Scripting in Rule Engine Node Title
A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the title of a rule node.
by Steffen Langenfeld
CVSS 4.8
CVE-2021-42751 EXPLOITDB MEDIUM text
ThingsBoard 3.3.1 - Authenticated Stored Cross-Site Scripting in Rule Engine Description
A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the description of a rule node.
by Steffen Langenfeld
CVSS 4.8
CVE-2020-2038 EXPLOITDB HIGH python
Palo Alto Networks Authenticated Remote Code Execution
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.
by UnD3sc0n0c1d0
CVSS 7.2
CVE-2020-20277 EXPLOITDB CRITICAL text
uftpd 2.7-2.10 - Unauthenticated Directory Traversal via FTP Command Chroot Bypass
There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's compose_abspath function that can be abused to read or write to arbitrary files on the filesystem, leak process memory, or potentially lead to remote code execution.
by Aaron Esau
CVSS 9.8
CVE-2022-36642 EXPLOITDB CRITICAL text
Omnia MPX Node Firmware < 1.5.0 - Unauthenticated Local File Disclosure via /appConfig/userDB.json
A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive information which can be unlatched by exploiting the LFD vulnerability.
by Momen Eldawakhly
CVSS 9.8
CVE-2022-50898 EXPLOITDB HIGH python
NanoCMS 0.4 - Remote Code Execution
NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper input sanitization.
by p1ckzi
CVSS 8.8
CVE-2022-50897 EXPLOITDB MEDIUM python
mPDF 7.0 - Local File Inclusion via Annotation File Parameters
mPDF 7.0 contains a local file inclusion vulnerability that allows attackers to read arbitrary system files by manipulating annotation file parameters. Attackers can generate URL-encoded or base64 payloads to include local files through crafted annotation content with file path specifications.
by Musyoka Ian
CVSS 5.5
By Source
All 50,076 Writeup 62,533 Exploitdb 50,076 Nomisec 22,490 Github 3,720 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,618 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25