Exploitdb Exploits
50,076 exploits tracked across all sources.
Simple Image Gallery System 1.0 - 'id' SQL Injection
by Azumah Foresight Xorlali
Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
by Ömer Hasan Durmuş
Police Crime Record Management System 1.0 - 'casedetails' SQL Injection
by Ömer Hasan Durmuş
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
by Andrey Stoykov
COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
by Ashish Upsham
Altova MobileTogether Server < 7.3 SP1 - XML External Entity Injection via Workflow Management Endpoint
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.
by RedTeam Pentesting GmbH
CVSS 9.1
WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in the database and executed when the functionality is triggered, enabling session hijacking or credential theft.
by Aryan Chehreghani
CVSS 6.4
IPCop <= 2.1.9 - Authenticated Remote Code Execution via Email Configuration
IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. The email configuration component inserts user-controlled values, including the EMAIL_PW parameter, directly into system-level operations without proper input sanitation. By modifying the email password field to include shell metacharacters and issuing a save-and-test-mail action, an authenticated attacker can execute arbitrary operating system commands with the privileges of the web interface, resulting in full system compromise.
by Mücahit Saratar
CIR 2000 / Gestionale Amica Prodigy v1.7 - Privilege Escalation
A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges.
by Andrea Intilangelo
CVSS 7.8
Simple Library Management System 1.0 - 'rollno' SQL Injection
by Halit AKAYDIN
Agentejo Cockpit < 0.11.2 - NoSQL Injection via Auth Controller New Password Function
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function.
by Brian Ombongi
CVSS 9.8
Xiaomi Stock Browser 10.2.4.g - Unauthenticated Information Disclosure via Content Provider Injection
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.
by Vishwaraj Bhattrai
CVSS 5.3
GFI Archiver <= 15.1 - Unauthenticated Arbitrary File Upload via Telerik Web UI Plugin
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.
by Amin Bohio
CVSS 9.8
CMSuno 1.7 - Authenticated Stored Cross-Site Scripting via Theme Filename Parameter
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter (tgo) while updating the theme.
by splint3rsec
CVSS 5.4
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
by Aryan Chehreghani
qdPM < 9.1 - Authenticated Remote Code Execution via Profile Photo Path Traversal
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
by Leon Trappett
CVSS 8.8
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
by Mohammad Koochaki
Apache OFBiz 17.12.03 - Deserialization of Untrusted Data and Cross-Site Scripting via XML-RPC Requests
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
by Adrián Díaz
CVSS 6.1
Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
by Merbin Russel
Neo4j < 3.4.18 and 3.5.0 - Remote Code Execution via RMI Deserialization
Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains.
by Christopher Ellis
CVSS 9.8
Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
by Mohammad Koochaki
By Source