Exploitdb Exploits
50,135 exploits tracked across all sources.
Pharmacy Point of Sale System 1.0 - SQLi Authentication BYpass
by Janik Wehrli
Redragon M725-lit Firmware - Out-of-Bounds Write
Redragon Gaming Mouse driver contains a kernel-level vulnerability that allows attackers to trigger a denial of service by sending malformed IOCTL requests. Attackers can send a crafted 2000-byte buffer with specific byte patterns to the REDRAGON_MOUSE device to crash the kernel driver.
by Quadron Research Lab
CVSS 7.5
Backdrop - CSRF
A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cookie of a high-privileged authenticated user who is entitled to install arbitrary add-ons
by V1n1v131r4
CVSS 8.8
Codeinitiator Fitness Calculators < 1.9.6 - CSRF
The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers. Due to the lack of sanitisation, this could also lead to a Stored Cross-Site Scripting issue
by 0xB9
CVSS 4.3
Algolplus Advanced Order Export For Woocommerce < 3.1.8 - XSS
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
by 0xB9
CVSS 6.1
Wordpress Plugin 3DPrint Lite 1.9.1.4 - Arbitrary File Upload
by spacehen
Police Crime Record Management Project 1.0 - Time Based SQLi
by ()t/\\/\\1
Budget and Expense Tracker System 1.0 - Arbitrary File Upload
by ()t/\\/\\1
Gurock TestRail <7.2.0.3014 - Info Disclosure
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresponding file paths can be tested, and in some cases, result in the disclosure of hardcoded credentials, API keys, or other sensitive data.
by Sick Codes
CVSS 7.5
TotalAV <5.15.69 - Privilege Escalation
TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration.
by Andrea Intilangelo
CVSS 7.8
Online Reviewer System - Unrestricted File Upload
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..
by Abdullah Khawaja
CVSS 9.8
Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated)
by Mohin Paramasivam
Simple Attendance System 1.0 - Unauthenticated Blind SQLi
by ()t/\\/\\1
Opencats < 0.9.4-3 - XXE
lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. The attacker must upload a file in the docx or odt format.
by Jake Ruston
CVSS 7.5
Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)
by syntegris information solutions GmbH
e107 CMS 2.3.0 - Remote Code Execution (RCE) (Authenticated)
by Halit AKAYDIN
Cloudron 6.2 - XSS
In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.
by Akıner Kısa
CVSS 6.1
Yenkee Yms 3029 Firmware - Out-of-Bounds Write
Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash.
by Quadron Research Lab
CVSS 7.5
Websitebaker - Unrestricted File Upload
WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.
by Halit AKAYDIN
CVSS 8.8
Oretnom23 Budget And Expense Tracker System - Unrestricted File Upload
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. .
by Abdullah Khawaja
CVSS 8.8
Online Food Ordering System - Unrestricted File Upload
Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.
by Abdullah Khawaja
CVSS 9.8
Church Management System - Unrestricted File Upload
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.
by Abdullah Khawaja
CVSS 9.8
Wordpress < 5.7.1 - XXE
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
by David Utón
CVSS 7.1
Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)
by Erwin Krazek
By Source