Exploitdb Exploits
50,135 exploits tracked across all sources.
UDisk Monitor Z5 Phone - 'MonServiceUDisk.exe' Unquoted Service Path
by Edgar Carrillo Egea
PyScript <2022-05-04 - Info Disclosure
pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 allows a remote user to read Python source code.
by Momen Eldawakhly
CVSS 7.5
WordPress Plugin stafflist 3.1.2 - SQLi (Authenticated)
by Hassan Khan Yusufzai
Blue-admin < 21.06.01 - CSRF
The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its settings, allowing the issue to be exploited via a CSRF attack.
by Abisheik M
CVSS 8.8
Advanced Uploader < 4.2 - Unrestricted File Upload
The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE
by Roel van Beurden
CVSS 8.8
Webtareas <2.4p3 - SQL Injection
An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstage.php.
by Behrad Taher
CVSS 9.8
Phprojekt Phpsimplygest - XSS
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title.
by Andrea Intilangelo
CVSS 5.4
Naviwebs Navigate Cms - SSRF
A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.
by cheshireca7
CVSS 4.9
MyBB Admin Control Code Injection RCE
MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type `php` with PHP code, executed on on _Change Settings_ pages. This results in a Remote Code Execution (RCE) vulnerability. The vulnerable module requires Admin CP access with the `Can manage settings?` permission. MyBB's Settings module, which allows administrators to add, edit, and delete non-default settings, stores setting data in an options code string ($options_code; mybb_settings.optionscode database column) that identifies the setting type and its options, separated by a new line character (\n). In MyBB 1.2.0, support for setting type php was added, for which the remaining part of the options code is PHP code executed on Change Settings pages (reserved for plugins and internal use). MyBB 1.8.30 resolves this issue. There are no known workarounds.
by Altelus
CVSS 7.2
Microfinance Management System 1.0 - 'customer_number' SQLi
by Eren Gozaydin
Exploreit Explore Cms - SQL Injection
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request.
by Sajibe Kanti
CVSS 9.8
Anuko Time Tracker <1.20.0.5642 - SQL Injection
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin was reusing code from other places and was relying on an unsanitized date parameter in POST requests. Because the parameter was not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue has been resolved in in version 1.20.0.5642. Users unable to upgrade are advised to add their own checks to input.
by Altelus
CVSS 7.4
Cyclos < 4.14.7 - XSS
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant.
by Tin Pham
CVSS 6.1
Cyclos < 4.14.7 - XSS
A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter.
by Tin Pham
CVSS 6.1
SAP Businessobjects Business Intelligence Platform - Denial of Service
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS.
by West Shepherd
CVSS 8.1
Google Chrome <78.0.3904.87 - Use After Free
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
by Forrest Orr
CVSS 8.8
Akka HTTP Server < 10.1.15 - Denial of Service
Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.
by cxosmo
CVSS 7.5
Apache Couchdb Erlang RCE
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations.
by Konstantin Burov
CVSS 9.8
GitLab Unauthenticated Remote ExifTool Command Injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
by UNICORD
CVSS 6.8
Telesquare Tlr-2005ksh Firmware - IDOR
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
by Ahmed Alroky
CVSS 9.8
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor
by LiquidWorm
By Source