Exploitdb Exploits
50,076 exploits tracked across all sources.
Cobian Backup 0.9 - Privilege Escalation
Cobian Backup 0.9 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CobianReflectorService to inject malicious code that will execute with LocalSystem permissions during service startup.
by Hejap Zairy Al-Sharif
CVSS 7.8
Audio Conversion Wizard v2.01 - Buffer Overflow
Audio Conversion Wizard v2.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory with a specially crafted registration code. Attackers can generate a payload that overwrites the application's memory stack, potentially enabling remote code execution through a carefully constructed input buffer.
by Hejap Zairy Al-Sharif
CVSS 9.8
Wondershare Dr.Fone 12.0.18 - Code Injection
Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup.
by Mohamed Alzhrani
CVSS 8.4
Printix < 1.3.1106.0 - Privilege Escalation via Insecure Temporary File Permissions
Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.
by Logan Latvala
CVSS 8.1
webmin < 1.990 - Improper Access Control to Remote Code Execution
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
by faisalfs10x
CVSS 8.8
Dirty Pipe Local Privilege Escalation via CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
by Lance Biggerstaff
CVSS 7.8
Malwarebytes 4.5 Unquoted Service Path Privilege Escalation
Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root path. Attackers can place executable files in unquoted path directories that execute with LocalSystem privileges during service startup or system reboot.
by Hejap Zairy Al-Sharif
CVSS 7.8
Private Internet Access <3.3 - Code Injection
Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem permissions during service startup.
by Saud Alenazi
CVSS 8.4
Sourcecodester Attendance and Payroll System 1.0 - SQL Injection via Login Parameters
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.
by pr0z
CVSS 9.8
Sourcecodester Attendance and Payroll System 1.0 - Unauthenticated Remote Code Execution via Photo Upload
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.
by pr0z
CVSS 9.8
Foxit PDF Reader 11.0 - Unquoted Service Path
by Hejap Zairy Al-Sharif
part-db < 0.5.11 - OS Command Injection
OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11.
by Chetanya Sharma
CVSS 9.8
Spring Cloud Gateway Remote Code Execution
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
by Carlos E. Vieira
CVSS 10.0
Prowise Reflect <1.0.9 - Code Injection
Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attackers to send keyboard events through an exposed WebSocket on port 8082. Attackers can craft malicious web pages to inject keystrokes, opening applications and typing arbitrary text by sending specific WebSocket messages.
by Rik Lutz
CVSS 9.8
Printix < 1.3.1106.0 - Privilege Escalation via UITasks.PersistentRegistryData
Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData.
by Logan Latvala
CVSS 9.8
Xerte < 3.9 - Authenticated Remote Code Execution via Language File Upload
An Authenticated Remote Code Exection (RCE) vulnerability exists in Xerte through 3.9 in website_code/php/import/fileupload.php by uploading a maliciously crafted PHP file though the project interface disguised as a language file to bypasses the upload filters. Attackers can manipulate the files destination by abusing path traversal in the 'mediapath' variable.
by Rik Lutz
CVSS 8.8
Xerte < 3.10.3 - Path Traversal via Project File Download
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php.
by Rik Lutz
CVSS 6.5
ZyXEL ZyWALL 2 Plus Internet Security Appliance Firmware - Cross-Site Scripting via Insecure URI Handling
ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard hijacking and session hijacking.
by Momen Eldawakhly
CVSS 6.1
WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation
WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.
by Momen Eldawakhly
CVSS 9.8
Cobian Reflector 0.9.93 RC1 - Denial of Service via Password Field Buffer Overflow
Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration.
by Luis Martínez
CVSS 6.2
Cobian Backup Gravity 11.2.0.582 - Code Injection
Cobian Backup Gravity 11.2.0.582 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the CobianBackup11 service to inject malicious code that would execute with LocalSystem privileges during service startup.
by Luis Martínez
CVSS 8.4
Cobian Backup 11 Gravity 11.2.0.582 - DoS
Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash.
by Luis Martínez
CVSS 5.5
Cipi 3.1.15 - Stored Cross-Site Scripting via Server Name Field
Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field.
by Ghuliev
CVSS 5.4
By Source