Exploitdb Exploits
50,130 exploits tracked across all sources.
Wavlink WN530HG4 M30HG4.V5030.191116 - Info Disclosure
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
by Ahmed Alroky
CVSS 7.5
Geonetwork 3.10-4.2.0 - SSRF
Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files through the baseURL parameter in PDF creation requests.
by Amel BOUZIANE-LEBLOND
CVSS 6.5
Wp-useronline < 2.87.6 - XSS
The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘templates[browsingpage][text]' parameter in versions up to, and including, 2.87.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative capabilities and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The only affects multi-site installations and installations where unfiltered_html is disabled.
by Steffin Stanly
CVSS 5.5
ASUSTeK Aura Ready Game SDK <1.0.0.4 - Privilege Escalation
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.
by Angelo Pio Amirante
CVSS 7.8
Rpc.py < 0.6.0 - Insufficiently Protected Credentials
rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.
by Elias Hohl
CVSS 9.8
Dingtian DT-R002 - RCE
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
by Victor Hanna
CVSS 5.9
Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Directory Traversal
by LiquidWorm
Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) - Remote Code Execution
by LiquidWorm
WordPress Plugin Visual Slide Box Builder 3.2.9 - SQLi
by nu11secur1ty
IOBit IOTransfer 4.3.1.1561 - RCE
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.
by Tomer Peled
CVSS 9.8
Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path
by Esant1490
Magnolia CMS <6.2.19 - XSS
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
by Giulio Garzia Ozozuz
CVSS 6.1
Codologic Codoforum - Unrestricted File Upload
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.
by Krish Pandey
CVSS 7.2
Octobot < 0.4.4 - Unrestricted File Upload
WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.
by Samy Younsi
CVSS 9.8
nginx - Memory Corruption
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
by Mohammed Alshehri
CVSS 7.7
WiFi Mouse - RCE
Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.
by RedHatAugust
CVSS 9.8
Mailhog 1.0.1 - XSS
Mailhog 1.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through email attachments. Attackers can send crafted emails with XSS payloads to execute arbitrary API calls, including message deletion and browser manipulation.
by Vulnz
CVSS 7.2
Wso2 API Manager - XSS
A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0.
by cxosmo
CVSS 4.6
Algo 8028 Control Panel <3.3.3 - Command Injection
Algo 8028 Control Panel version 3.3.3 contains a command injection vulnerability in the fm-data.lua endpoint that allows authenticated attackers to execute arbitrary commands. Attackers can exploit the insecure 'source' parameter by injecting commands that are executed with root privileges, enabling remote code execution through a crafted POST request.
by Filip Carlsson
CVSS 8.8
Virtuasoftware Cobranca < 12r - SQL Injection
Virtua Cobranca before 12R allows SQL Injection on the login page.
by Luca Regne
CVSS 7.5
Marvalglobal Marval Msm - OS Command Injection
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts.
by Momen Eldawakhly
CVSS 9.8
Marvalglobal Marval Msm - CSRF
Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can disable the 2FA by sending the user a malicious form.
by Momen Eldawakhly
CVSS 6.5
Real Player v.20.0.8.310 G2 Control - 'DoGoToURL()' Remote Code Execution (RCE)
by Eduardo Braun Prado
By Source