Exploitdb Exploits
50,076 exploits tracked across all sources.
Sourcecodester Online Food Ordering System 2.0 - Remote Code Execution via PHP File Upload Bypass
Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.
by Abdullah Khawaja
CVSS 9.8
Church Management System 1.0 - Remote Code Execution via Image Upload Field
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.
by Abdullah Khawaja
CVSS 9.8
WordPress 5.6.0-5.7.0 - Authenticated XML External Entity Injection via Media Library File Upload
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
by David Utón
CVSS 7.1
Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)
by Erwin Krazek
Budget and Expense Tracker System 1.0 - Authenticated Bypass
by Prunier Charles-Yves
T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)
by Alperen Ergel
Booster for WooCommerce <= 5.4.3 - Authentication Bypass via Email Verification Token Weakness
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.
by 0xB455
CVSS 9.8
Simple Attendance System 1.0 - Authenticated bypass
by Abdullah Khawaja
Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)
by boku
ImpressCMS 1.4.2 Remote Code Execution via Autotasks
ImpressCMS 1.4.2 contains a remote code execution vulnerability in the autotasks administrative interface that allows authenticated attackers to execute arbitrary PHP code by injecting malicious code into the sat_code parameter. Attackers can authenticate, submit a POST request to /modules/system/admin.php?fct=autotasks&op=mod with crafted sat_code containing PHP commands, which creates an executable file that accepts arbitrary commands via GET parameters.
by Halit AKAYDIN
CVSS 8.8
Evolution CMS 3.1.6 Authenticated Remote Code Execution via Module Creation
Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in the 'post' parameter to create modules that execute arbitrary commands when invoked.
by Halit AKAYDIN
CVSS 8.8
Seowon 130-SLC Firmware < 2021-09-15 - Remote Code Execution via queriesCnt Parameter
Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.
by Aryan Chehreghani
CVSS 9.8
Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
by John Jefferson Li
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
by Ricardo Ruiz
Purchase Order Management System 1.0 - Remote File Upload
by Aryan Chehreghani
WordPress Download From Files 1.48 Arbitrary File Upload
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the download_from_files_617_fileupload action, manipulating the allowExt parameter to bypass file type restrictions and upload executable files like PHP shells to the web root.
by spacehen
CVSS 9.8
PHPGurukul AVMS <1.0 - SQL Injection
SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. 1.0 allows attackers to execute arbitrary SQL statements and to gain RCE.
by mari0x00
CVSS 9.8
Active WebCam 11.5 - Code Injection
Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative access.
by Salman Asad
CVSS 7.8
ParlAI < 1.1.0 - Remote Code Execution via Unsafe YAML Deserialization
Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.
by Abhiram V
CVSS 9.8
Men Salon Management System 1.0 - Multiple Vulnerabilities
by Aryan Chehreghani
ECOA Building Automation System - Weak Default Credentials
by Neurogenesia
ECOA Building Automation System - Remote Privilege Escalation
by Neurogenesia
ECOA Building Automation System - Path Traversal Arbitrary File Upload
by Neurogenesia
ECOA Building Automation System - Local File Disclosure
by Neurogenesia
ECOA Building Automation System - Directory Traversal Content Disclosure
by Neurogenesia
By Source