Exploitdb Exploits
50,076 exploits tracked across all sources.
Simple Subscription Website 1.0 - SQL Injection via Login
SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.
by Daniel Haro
CVSS 9.8
Laravel Framework <8.70.2 - Code Injection
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.
by Hosein Vita
CVSS 9.8
WordPress Plugin WP Symposium Pro 2021.10 Stored XSS via wps_admin_forum_add_name
WordPress Plugin WP Symposium Pro 2021.10 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting insufficient sanitization of the forum name parameter. Attackers can submit POST requests to the admin setup page with JavaScript payloads in the wps_admin_forum_add_name parameter, which are stored and executed when the forum is accessed.
by Murat DEMİRCİ
CVSS 6.4
WordPress Plugin AccessPress Social Icons 1.8.2 Stored XSS
AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon title' field. Attackers can store XSS payloads like image tags with onerror event handlers that execute when the plugin page is viewed, affecting all users who access the plugin interface.
by Murat DEMİRCİ
CVSS 6.4
Mumara Classic <2.93 - SQL Injection
A SQL injection vulnerability in license_update.php in Mumara Classic through 2.93 allows a remote unauthenticated attacker to execute arbitrary SQL commands via the license parameter.
by Shain Lakin
CVSS 9.8
Windows MultiPoint Server 2011 SP1 - RpcEptMapper and Dnschade Local Privilege Escalation
by Marcio Mendes
YeaLinkSIP-T19P-E2 <v.53.84.0.15 - RCE
An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component.
by tahaafarooq
CVSS 8.8
AbsoluteTelnet 11.24 - Denial of Service via Username or Email Field Overflow
AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields. Attackers can trigger the crash by inserting 1000 characters into the username or email address fields, causing the application to become unresponsive.
by Yehia Elghaly
CVSS 5.5
AbsoluteTelnet 11.24 - Denial of Service via DialUp Connection and License Name Fields
AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating DialUp connection and license name fields. Attackers can generate a 1000-character payload and paste it into specific input fields to trigger application crashes and force unexpected termination.
by Yehia Elghaly
CVSS 5.5
FormaLMS <= 2.4.4 - Authentication Bypass via Hard-coded Credentials
An authentication bypass issue in FormaLMS <= 2.4.4 allows an attacker to bypass the authentication mechanism and obtain a valid access to the platform.
by Cristian \'void\' Giustini
CVSS 9.8
Apache HTTP Server 2.4.49-2.4.50 - Path Traversal and Remote Code Execution via Alias-like Directives
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
by Valentin Lobstein
CVSS 9.8
Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting (XSS)
by Ragavender A G
Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting (XSS)
by İlhami Selamet
WordPress Plugin Backup and Restore 1.0.3 Arbitrary File Deletion
WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted file_name and folder_name parameters to delete arbitrary files from the WordPress installation directory.
by Murat DEMİRCİ
CVSS 8.8
Kmaleon 1.1.0.205 - Authenticated SQL Injection via tipocomb Parameter
Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb' parameter of kmaleonW.php that allows attackers to manipulate database queries. Attackers can exploit this vulnerability using boolean-based, error-based, and time-based blind SQL injection techniques to potentially extract or manipulate database information.
by Amel BOUZIANE-LEBLOND
CVSS 7.1
Simple Client Management System 1.0 - SQLi (Authentication Bypass)
by Sentinal920
Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)
by Sentinal920
Money Transfer Management System 1.0 - Authentication Bypass
by Aryan Chehreghani
FusionPBX <4.5.30 - Info Disclosure
An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).
by Luska
CVSS 8.8
froxlor < 0.10.30 - SQL Injection via Custom DB Name
Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.
by Martin Cernac
CVSS 9.8
ImportExportTools NG 10.0.4 - Stored Cross-Site Scripting in Email Export Module
ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads. Attackers can send emails with crafted HTML in the subject that execute during HTML export, potentially compromising user data or session credentials.
by Vulnerability-Lab
CVSS 6.1
10-Strike Network Inventory Explorer Pro 9.31 - Unquoted Service Path Privilege Escalation via srvInventoryWebServer
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions.
by Brian Rodriguez
CVSS 7.8
Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting (XSS)
by Vulnerability-Lab
By Source