Exploitdb Exploits

EIP-2026-101681 EXPLOITDB text

ECOA Building Automation System - Cookie Poisoning Authentication Bypass

by Neurogenesia

View

EIP-2026-101680 EXPLOITDB text

ECOA Building Automation System - Configuration Download Information Disclosure

by Neurogenesia

View

EIP-2026-101679 EXPLOITDB text

ECOA Building Automation System - Arbitrary File Deletion

by Neurogenesia

View

EIP-2026-101678 EXPLOITDB text

ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)

by Neurogenesia

View

EIP-2026-101261 EXPLOITDB text

ECOA Building Automation System - Hard-coded Credentials SSH Access

by Neurogenesia

View

EIP-2026-101123 EXPLOITDB text

ECOA Building Automation System - Missing Encryption Of Sensitive Information

by Neurogenesia

View

EIP-2026-105652 EXPLOITDB text VERIFIED

Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)

by Emre Aslan

View

EIP-2026-114106 EXPLOITDB text

WordPress Plugin TablePress 1.14 - CSV Injection

by Nikhil Kapoor

View

CVE-2021-47941 EXPLOITDB HIGH python

WordPress Plugin Survey & Poll 1.5.7.3 SQL Injection via sss_params

WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap cookie parameter. Attackers can craft SQL payloads in the cookie to extract sensitive database information including usernames, passwords, and other confidential data from the WordPress database.

by Mohin Paramasivam

CVSS 8.2

View

EIP-2026-114233 EXPLOITDB text

WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting (XSS)

by Nikhil Kapoor

View

CVE-2021-47945 EXPLOITDB HIGH text

Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation

Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.

by Salman Asad

CVSS 7.8

View

CVE-2022-29008 EXPLOITDB MEDIUM text VERIFIED

Bus Pass Management System v1.0 - Info Disclosure

An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.

by sudoninja

CVSS 6.5

View

CVE-2021-47791 EXPLOITDB HIGH python

SmartFTP Client 10.0.2909.0 - Denial of Service via Malformed Paths or Invalid IP Addresses

SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.

by Eric Salario

CVSS 7.5

View

CVE-2021-40903 EXPLOITDB CRITICAL text

antminer_monitor 0.50.0 - Use of Hard-coded Credentials in Flask Settings File

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static.

by Vulnz

CVSS 9.8

View

EIP-2026-110492 EXPLOITDB python

Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload

by a-rey

View

EIP-2026-110491 EXPLOITDB python

Patient Appointment Scheduler System 1.0 - Persistent Cross-Site Scripting

by a-rey

View

CVE-2021-40352 EXPLOITDB MEDIUM text

OpenEMR 6.0.0 - Unauthenticated Insecure Direct Object Reference via pnotes_print.php noteid Parameter

OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages of all users.

by Allen Enosh Upputori

CVSS 6.5

View

CVE-2021-39608 EXPLOITDB HIGH python

FlatCore-CMS 2.0.7 - Remote Code Execution via Upload Addon Plugin

Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code.

by Mason Soroka-Gill

CVSS 7.2

View

CVE-2021-47792 EXPLOITDB HIGH text

Remote Mouse 4.002 - Privilege Escalation

Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access.

by Salman Asad

CVSS 7.8

View

CVE-2021-40651 EXPLOITDB MEDIUM text

OS4Ed OpenSIS Community 8.0 - Info Disclosure

OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.

by Eric Salario

CVSS 6.5

View

CVE-2022-43138 EXPLOITDB CRITICAL text

Dolibarr Open Source ERP & CRM <14.0.1 - Privilege Escalation

Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.

by Vishwaraj Bhattrai

CVSS 9.8

View

CVE-2021-40309 EXPLOITDB HIGH text

OpenSIS 8.0 - Authenticated SQL Injection via cp_id_miss_attn Parameter

A SQL injection vulnerability exists in the Take Attendance functionality of OS4Ed's OpenSIS 8.0. allows an attacker to inject their own SQL query. The cp_id_miss_attn parameter from TakeAttendance.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request as a user with access to "Take Attendance" functionality to trigger this vulnerability.

by Eric Salario

CVSS 8.8

View

EIP-2026-113694 EXPLOITDB text VERIFIED

WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)

by Nikhil Kapoor

View

EIP-2026-104505 EXPLOITDB text

WPanel 4.3.1 - Remote Code Execution (RCE) (Authenticated)

by Sentinal920

View

CVE-2021-40379 EXPLOITDB HIGH text

Compro IP70, IP570, IP60, TN540 Firmware - Unauthenticated RTSP Stream Access

An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. rstp://.../medias2 does not require authorization.

by icekam

CVSS 7.5

View