Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-25096 EXPLOITDB CRITICAL text
Home Owners Collection Management System 1.0 - SQL Injection via id Parameter
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /members/view_member.php.
by Saud Alenazi
CVSS 9.8
CVE-2022-25095 EXPLOITDB CRITICAL text
Home Owners Collection Management System v1.0 - Info Disclosure
Home Owners Collection Management System v1.0 allows unauthenticated attackers to compromise user accounts via a crafted POST request.
by Saud Alenazi
CVSS 9.8
CVE-2022-25094 EXPLOITDB HIGH text
Home Owners Collection Management System v1.0 - Remote Code Execution via SystemSettings.php Cover Parameter
Home Owners Collection Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the parameter "cover" in SystemSettings.php.
by Saud Alenazi
CVSS 8.8
CVE-2021-24931 EXPLOITDB CRITICAL python
Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection.
by Ron Jost
CVSS 9.8
CVE-2022-23366 EXPLOITDB CRITICAL text
HMS v1.0 - SQL Injection via patientlogin.php
HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php.
by nu11secur1ty
CVSS 9.8
CVE-2022-40878 EXPLOITDB HIGH text
Exam Reviewer Management System 1.0 - Authenticated RCE
In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).
by Juli Agarwal
CVSS 8.8
CVE-2022-40877 EXPLOITDB CRITICAL text
Exam Reviewer Management System 1.0 - SQL Injection
Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter.
by Juli Agarwal
CVSS 9.8
CVE-2022-24223 EXPLOITDB CRITICAL text
AtomCMS 2.0 - SQL Injection via Admin Login Endpoint
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
by Luca Cuzzolin
CVSS 9.8
CVE-2022-50960 EXPLOITDB MEDIUM text
WordPress International Sms Contact Form 7 Integration 1.2 XSS
WordPress International SMS for Contact Form 7 Integration version 1.2 contains a reflected cross-site scripting vulnerability in the page parameter of the admin settings interface. Attackers can inject malicious scripts through the page parameter in class-sms-log-display.php to execute arbitrary JavaScript in administrator browsers.
by Milad karimi
CVSS 6.1
EIP-2026-119283 EXPLOITDB python
Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)
by notcos
CVE-2020-35749 EXPLOITDB HIGH python
Simple Board Job < 2.9.3 - Authenticated Path Traversal via sjb_file Parameter
Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.
by Ven3xy
CVSS 7.7
CVE-2021-24901 EXPLOITDB MEDIUM text
Security Audit WordPress Plugin < 1.0.0 - Authenticated Stored Cross-Site Scripting via Data Id Setting
The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
by Shweta Mahajan
CVSS 4.8
CVE-2022-0448 EXPLOITDB MEDIUM text
CP Blocks < 1.0.15 - Authenticated Stored Cross-Site Scripting via License ID Setting
The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.
by Shweta Mahajan
CVSS 4.8
EIP-2026-107653 EXPLOITDB text
Hotel Reservation System 1.0 - SQLi (Unauthenticated)
by Nefrit ID
CVE-2022-24263 EXPLOITDB CRITICAL text
Hospital Management System v4.0 - SQL Injection
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.
by nu11secur1ty
CVSS 9.8
CVE-2019-18818 EXPLOITDB CRITICAL ruby
Strapi CMS Unauthenticated Password Reset
strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.
by WackyH4cker
CVSS 9.8
CVE-2021-46398 EXPLOITDB HIGH text
FileBrowser < 2.18.0 - Cross-Site Request Forgery via Malicious HTML Webpage
A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE.
by FEBIN MON SAJI
CVSS 8.8
CVE-2022-50961 EXPLOITDB MEDIUM text
WordPress Plugin IP2Location Country Blocker 2.26.7 Stored XSS
WordPress Plugin IP2Location Country Blocker 2.26.7 contains a stored cross-site scripting vulnerability that allows authenticated users to inject arbitrary JavaScript code through the Frontend Settings interface. Attackers can inject malicious scripts in the URL field of the Display page settings that execute when administrators or other authenticated users visit the plugin settings page.
by Ahmet Serkan Ari
CVSS 6.4
CVE-2022-50936 EXPLOITDB HIGH python
WBCE CMS 1.5.2 - Authenticated Remote Code Execution via Droplet Upload
WBCE CMS version 1.5.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious droplets through the admin panel. Authenticated attackers can exploit the droplet upload functionality in the admin tools to create and execute arbitrary PHP code by crafting a specially designed zip file payload.
by Antonio Cuomo
CVSS 8.8
CVE-2022-50935 EXPLOITDB CRITICAL text
Flame II HSPA USB Modem - Privilege Escalation
Flame II HSPA USB Modem contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Internet Telcel\ApplicationController.exe' to execute arbitrary code with elevated system privileges.
by Ismael Nava
CVSS 9.8
CVE-2022-22833 EXPLOITDB HIGH ruby
Servisnet Tessa 0.0.2 - Info Disclosure
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
by AkkuS
CVSS 7.5
CVE-2022-22832 EXPLOITDB CRITICAL ruby
Servisnet Tessa 0.0.2 - Unauthenticated Authorization Bypass via User Data Endpoint
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
by AkkuS
CVSS 9.8
CVE-2022-22833 EXPLOITDB HIGH ruby
Servisnet Tessa 0.0.2 - Info Disclosure
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
by AkkuS
CVSS 7.5
CVE-2022-22832 EXPLOITDB CRITICAL ruby
Servisnet Tessa 0.0.2 - Unauthenticated Authorization Bypass via User Data Endpoint
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
by AkkuS
CVSS 9.8
CVE-2022-22831 EXPLOITDB CRITICAL ruby
Servisnet Tessa 0.0.2 - Unauthenticated User Addition via Authorization Header Manipulation
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.
by AkkuS
CVSS 9.8
By Source
All 50,076 Writeup 62,573 Exploitdb 50,076 Nomisec 22,496 Github 3,735 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,630 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25