Exploitdb Exploits
50,130 exploits tracked across all sources.
Surveysparrow Enterprise Survey Software - XSS
Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter.
by Pankaj Kumar Thakur
CVSS 5.4
SolarView Compact 6.00 - Command Injection
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.
by Ahmed Alroky
CVSS 9.8
Telesquare SDT-CW3B1 1.1.0 - Command Injection
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.
by Ahmed Alroky
CVSS 9.8
Event Management System - SQL Injection
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter.
by Eren Gozaydin
CVSS 8.8
College Management System - SQL Injection
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.
by Eren Gozaydin
CVSS 8.8
F5 BIG-IP iControl RCE via REST Authentication Bypass
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
by Yesith Alvarez
CVSS 9.8
Telesquare TLR-2005KSH 1.0.0 - File Deletion
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
by Ahmed Alroky
CVSS 9.1
e107 CMS <3.2.1 - Path Traversal
e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality (image.php) where the upload_caption parameter is not properly sanitized. An attacker with administrative privileges can use directory traversal sequences (../../../) in the upload_caption field to overwrite critical system files outside the intended upload directory. This can lead to complete compromise of the web application by overwriting configuration files, executable scripts, or other critical system components. The vulnerability was discovered by Hubert Wojciechowski and affects the image.php component in the admin interface.
by Hubert Wojciechowski
CVSS 7.2
e107 CMS <3.2.1 - File Upload
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing files like top.php in the web application directory.
by Hubert Wojciechowski
CVSS 7.2
ITEC ITeCProteccioAppServer - Code Injection
ITeC ITeCProteccioAppServer contains an unquoted service path vulnerability that allows local attackers to execute code with elevated system privileges. Attackers can insert a malicious executable in the service path to gain elevated access during service restart or system reboot.
by Edgar Carrillo Egea
CVSS 8.4
ImpressCMS 1.4.4 - Code Injection
ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the server.
by Ünsal Furkan Harani
CVSS 9.8
e107 CMS <3.2.1 - Authenticated RCE
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote code execution through the Media Manager import feature.
by Hubert Wojciechowski
CVSS 7.2
e107 CMS 3.2.1 - XSS
e107 CMS 3.2.1 contains an upload restriction bypass vulnerability that allows authenticated administrators to upload malicious SVG files through the media manager. Attackers with admin privileges can exploit this vulnerability to upload SVG files with embedded cross-site scripting (XSS) payloads that can execute arbitrary scripts when viewed.
by Hubert Wojciechowski
CVSS 4.8
e107 CMS 3.2.1 - XSS
e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code through the URL parameter that gets executed when users click outside the comment field after typing content. The second vulnerability involves an upload restriction bypass for authenticated administrators, allowing them to upload SVG files containing malicious code through the media manager's remote URL upload feature. This results in stored XSS when the uploaded SVG files are accessed. These vulnerabilities were discovered by Hubert Wojciechowski and affect the news.php and image.php components of the CMS.
by Hubert Wojciechowski
CVSS 9.8
Beehive Forum 1.5.2 - Host Header Injection
Beehive Forum 1.5.2 contains a host header injection vulnerability in the forgot password functionality that allows attackers to manipulate password reset requests. Attackers can inject a malicious host header to intercept password reset tokens and change victim account passwords without direct authentication.
by Pablo Santiago
CVSS 9.8
Wondershare Dr.fone - Remote Code Execution
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to execute malicious executable without any validation from a remote location and gain SYSTEM privileges
by Netanel Cohen
CVSS 9.8
Prime95 Version 30.7 build 9 - Remote Code Execution (RCE)
by Yehia Elghaly
Zohocorp ManageEngine ADAudit Plus - NTLM Hash Disclosure
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
by Metin Yunus Kandemir
CVSS 8.8
Wondershare Dr.fone - Missing Authorization
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
by Netanel Cohen
CVSS 8.8
Wondershare Dr.Fone 11.4.10 - Insecure File Permissions
by AkuCyberSec
UDisk Monitor Z5 Phone - 'MonServiceUDisk.exe' Unquoted Service Path
by Edgar Carrillo Egea
PyScript <2022-05-04 - Info Disclosure
pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code.
by Momen Eldawakhly
CVSS 7.5
WordPress Plugin stafflist 3.1.2 - SQLi (Authenticated)
by Hassan Khan Yusufzai
Blue-admin < 21.06.01 - CSRF
The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its settings, allowing the issue to be exploited via a CSRF attack.
by Abisheik M
CVSS 8.8
Advanced Uploader < 4.2 - Unrestricted File Upload
The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE
by Roel van Beurden
CVSS 8.8
By Source