Exploitdb Exploits
50,076 exploits tracked across all sources.
Webmin 1.973 - Reflected Cross-Site Scripting to Remote Command Execution via Running Process Feature
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
by Mesh3l_911
CVSS 9.6
WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting (XSS)
by Vikas Srivastava
WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation
by nhattruong
LearnPress <3.2.6.7 - SQL Injection
LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection
by nhattruong
CVSS 8.8
PEEL Shopping 9.4.0 - Unauthenticated SQL Injection
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the database and possibly modify database data.
by faisalfs10x
CVSS 9.1
Argus Surveillance DVR 4.0 - Inadequate Encryption Strength
Argus Surveillance DVR v4.0 employs weak password encryption.
by Salman Asad
CVSS 5.5
ForgeRock Access Management < 6.5.4 & OpenAM 9.0.0-14.6.3 - RCE via Jato PageSession Deserialization
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier
by Photubias
CVSS 9.8
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
by Metin Yunus Kandemir
Aruba Instant <6.4.4.8-4.2.4.17 <6.5.4.18 <8.3.0.14 <8.5.0.11 - Remote Arbitrary File Modification
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
by Gr33nh4t
CVSS 6.5
WordPress Popular Posts <= 5.3.2 - Authenticated Arbitrary File Upload in Image.php
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
by Simone Cristofaro
CVSS 8.8
Netfilter x_tables Heap OOB Write Privilege Escalation
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
by TheFloW
CVSS 8.3
Aruba Instant <=8.7.1.1 Remote Code Execution
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
by Aleph Security
CVSS 8.1
WordPress Plugin Current Book 1.0.1 - 'Book Title' Persistent Cross-Site Scripting
by Vikas Srivastava
Webmin 1.973 - Cross-Site Request Forgery via User Addition Feature
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
by Mesh3l_911
CVSS 8.8
WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)
by Swapnil Subhash Bodekar
OpenEMR < 5.0.1.4 - Authenticated Arbitrary PHP File Upload via Site Files Manager
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
by Alexandre ZANNI
CVSS 8.8
Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
by Subhadip Nag
Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload
by Luca Bernardi
Apache Tomcat 7.0.23-7.0.90, 8.5.0-8.5.33, 9.0.0.M1-9.0.11 - Open Redirect via Default Servlet
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.
by Central InfoSec
CVSS 4.3
Apache Tomcat 7.0.0-7.0.93 and 8.5.0-8.5.39 and 9.0.0.M1-9.0.0.17 - Cross-Site Scripting via SSI printenv Command
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
by Central InfoSec
CVSS 6.1
Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)
by Subhadip Nag
Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE
by Eleonora Guardini
Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload via Admin Profile Photo
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the Content-Type: image/png. Then, the attacker have to visit the uploaded profile photo to access the shell.
by faisalfs10x
CVSS 9.8
Wyomind Help Desk Magento 2 <1.3.7 - Path Traversal
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting.
by Patrik Lantz
CVSS 9.8
By Source