Exploitdb Exploits
50,135 exploits tracked across all sources.
Cobian Backup 11 Gravity 11.2.0.582 - DoS
Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash.
by Luis Martínez
CVSS 5.5
Cipi 3.1.15 - XSS
Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field.
by Ghuliev
CVSS 5.4
Casdoor <1.13.1 - SQL Injection
The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations.
by Mayank Deshmukh
CVSS 7.5
Wondershare MirrorGo 2.0.11.346 - Privilege Escalation
Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges.
by Luis Martínez
CVSS 8.4
aaPanel v6.8.21 - Path Traversal
aaPanel v6.8.21 was discovered to be vulnerable to directory traversal. This vulnerability allows attackers to obtain the root user private SSH key(id_rsa).
by Ghuliev
CVSS 6.5
Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution (RCE)
by Amel BOUZIANE-LEBLOND
WebHMI 4.1.1 - Remote Code Execution (RCE) (Authenticated)
by Antonio Cuomo
WebHMI 4.1 - Stored Cross Site Scripting (XSS) (Authenticated)
by Antonio Cuomo
Student Record System 1.0 - 'cid' SQLi (Authenticated)
by Mohd. Anees
Microweber CMS 1.2.10 - Local File Inclusion (Authenticated) (Metasploit)
by Talha Karakumru
Iclinks Scadaflex II Firmware - Missing Authentication
On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.
by LiquidWorm
CVSS 9.1
Cyclades Serial Console Server 3.3.0 - Privilege Escalation
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricted sudo permissions.
by ibby
CVSS 6.2
DBLTek GoIP-1 <GHSFVT-1.1-67-5 - Local File Inclusion
DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC.
by Valtteri Lehtinen
HMA VPN <5.3.5913.0 - Privilege Escalation
HMA VPN v5.3.5913.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.
by Saud Alenazi
CVSS 7.8
Microsoft Gaming Services 2.52.13001.0 - Unquoted Service Path
by Johto Robbie
WP User Frontend <3.5.26 - SQL Injection
The WP User Frontend WordPress plugin before 3.5.26 does not validate and escape the status parameter before using it in a SQL statement in the Subscribers dashboard, leading to an SQL injection. Due to the lack of sanitisation and escaping, this could also lead to Reflected Cross-Site Scripting
by Ron Jost
CVSS 8.8
The Perfect Survey WP <1.5.2 - SQL Injection
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.
by Ron Jost
CVSS 9.8
Packagist microweber/microweber <1.2.11 - Command Injection
OS Command Injection in Packagist microweber/microweber prior to 1.2.11.
by Chetanya Sharma
CVSS 7.2
Filecloud < 21.3.0.18447 - CSRF
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF).
by Masashi Fujiwara
CVSS 8.8
Cab Management System 1.0 - Remote Code Execution (RCE) (Authenticated)
by Alperen Ergel
Cab Management System 1.0 - 'id' SQLi (Authenticated)
by Alperen Ergel
Thinfinity VirtualUI <3.0 - Code Injection
Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter.
by Daniel Morales
CVSS 9.8
Thinfinity VirtualUI <3.0 - Info Disclosure
Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter "Addr" in cmd site. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the web server or increase the attack surface.
by Daniel Morales
CVSS 7.5
By Source