Exploitdb Exploits
50,135 exploits tracked across all sources.
Phpgurukul Bus Pass Management System - SQL Injection
Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..
by Abhijeet Singh
CVSS 9.8
Wordpress Plugin WP Guppy 1.1 - WP-JSON API Sensitive Information Disclosure
by Keyvan Hardani
WebRun 3.6.0.42 - SQL Injection
WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process.
by Vinicius Alves
CVSS 9.8
GNU gdbserver 9.2 - Remote Command Execution (RCE)
by Roberto Gesteira Miñarro
Linux Polkit pkexec helper PTRACE_TRACEME local root exploit
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
by Ujas Dhami
CVSS 7.8
Aimeos-laravel - SQL Injection
Aimeos 2021.10 LTS contains a SQL injection vulnerability in the json api 'sort' parameter that allows attackers to inject malicious database queries. Attackers can manipulate the sort parameter to reveal table and column names by sending crafted GET requests to the jsonapi/review endpoint.
by Ilker Burak ADIYAMAN
CVSS 8.2
Ipuptime Pinkie - Buffer Overflow
Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1.
by Yehia Elghaly
CVSS 7.5
Smart Product Review <1.0.4 - RCE
The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
by Keyvan Hardani
CVSS 9.8
Gitlab < 13.8.8 - Code Injection
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
by Jacob Baines
CVSS 10.0
Salesagility Suitecrm < 7.11.19 - Unrestricted File Upload
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were blocked. NOTE: this issue exists because of an incomplete fix for CVE-2020-28328.
by M. Cory Billington
CVSS 8.8
Quick.CMS 6.7 - Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)
by Rahad Chowdhury
Bludit <3-13-1 - XSS
Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.
by Vasu
CVSS 6.1
Oretnom23 Online Learning System - SQL Injection
Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.
by djebbaranon
CVSS 9.8
CMDBuild 3.3.2 - 'Multiple' Cross Site Scripting (XSS)
by Hosein Vita
Konga - Incorrect Authorization
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.
by Fabricio Salomao
CVSS 8.8
Igexsolutions Wpschoolpress < 2.1.17 - XSS
The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Stored Cross-Site Scripting issues.
by Davide Taraschi
CVSS 4.8
WordPress Plugin Contact Form to Email 1.3.24 - Stored Cross Site Scripting (XSS) (Authenticated)
by Mohammed Aadhil Ashfaq
Sourcecodester 1.0 - SQL Injection
SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.
by Daniel Haro
CVSS 9.8
Laravel Framework <8.70.2 - Code Injection
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload.
by Hosein Vita
CVSS 9.8
Fuel CMS 1.4.13 - 'col' Blind SQL Injection (Authenticated)
by Rahad Chowdhury
Mumara Classic <2.93 - SQL Injection
A SQL injection vulnerability in license_update.php in Mumara Classic through 2.93 allows a remote unauthenticated attacker to execute arbitrary SQL commands via the license parameter.
by Shain Lakin
CVSS 9.8
Windows MultiPoint Server 2011 SP1 - RpcEptMapper and Dnschade Local Privilege Escalation
by Marcio Mendes
By Source