Exploitdb Exploits

50,135 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-37593 EXPLOITDB CRITICAL text
Peel Shopping - SQL Injection
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the database and possibly modify database data.
by faisalfs10x
CVSS 9.1
CVE-2022-25012 EXPLOITDB MEDIUM python VERIFIED
Argussurveillance Dvr - Weak Encryption
Argus Surveillance DVR v4.0 employs weak password encryption.
by Salman Asad
CVSS 5.5
CVE-2021-35464 EXPLOITDB CRITICAL python
ForgeRock AM <7.0 - Code Injection
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier
by Photubias
CVSS 9.8
EIP-2026-101972 EXPLOITDB python
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
by Metin Yunus Kandemir
CVE-2021-25155 EXPLOITDB MEDIUM python
Aruba Instant <6.4.4.8-4.2.4.17 <6.5.4.18 <8.3.0.14 <8.5.0.11 - Remote Arbitrary File Modification
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
by Gr33nh4t
CVSS 6.5
CVE-2021-42362 EXPLOITDB HIGH python
Wordpress Popular Posts < 5.3.2 - Unrestricted File Upload
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
by Simone Cristofaro
CVSS 8.8
EIP-2026-110380 EXPLOITDB python
osCommerce 2.3.4.1 - Remote Code Execution (2)
by Bryan Leong
CVE-2021-22555 EXPLOITDB HIGH c VERIFIED
Netfilter x_tables Heap OOB Write Privilege Escalation
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
by TheFloW
CVSS 8.3
CVE-2021-25162 EXPLOITDB HIGH python
Arubanetworks Instant < 6.4.4.8-4.2.4.18 - OS Command Injection
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
by Aleph Security
CVSS 8.1
EIP-2026-113672 EXPLOITDB text
WordPress Plugin Current Book 1.0.1 - 'Book Title' Persistent Cross-Site Scripting
by Vikas Srivastava
CVE-2021-31762 EXPLOITDB HIGH python
Webmin - CSRF
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
by Mesh3l_911
CVSS 8.8
EIP-2026-114276 EXPLOITDB text
WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)
by Swapnil Subhash Bodekar
CVE-2018-15139 EXPLOITDB HIGH ruby
OpenEMR <5.0.1.4 - Code Injection
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
by Alexandre ZANNI
CVSS 8.8
EIP-2026-107941 EXPLOITDB text
Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
by Subhadip Nag
EIP-2026-107347 EXPLOITDB python
Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload
by Luca Bernardi
CVE-2018-11784 EXPLOITDB MEDIUM text
Apache Tomcat < 7.0.90 - Open Redirect
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.
by Central InfoSec
CVSS 4.3
CVE-2019-0221 EXPLOITDB MEDIUM text
Apache Tomcat < 7.0.93 - XSS
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
by Central InfoSec
CVSS 6.1
EIP-2026-114644 EXPLOITDB text
Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)
by Subhadip Nag
EIP-2026-105846 EXPLOITDB python
Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE
by Eleonora Guardini
CVE-2021-36622 EXPLOITDB CRITICAL python
Online Covid Vaccination Scheduler System - Unrestricted File Upload
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the Content-Type: image/png. Then, the attacker have to visit the uploaded profile photo to access the shell.
by faisalfs10x
CVSS 9.8
CVE-2021-33353 EXPLOITDB CRITICAL text
Wyomind Help Desk Magento 2 <1.3.7 - Path Traversal
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting.
by Patrik Lantz
CVSS 9.8
CVE-2021-33352 EXPLOITDB CRITICAL text
Wyomind Help Desk Magento 2 <1.3.7 - RCE
An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar file upload in the ticket message field.
by Patrik Lantz
CVSS 9.8
CVE-2021-33351 EXPLOITDB CRITICAL text
Wyomind Help Desk Magento 2 <1.3.7 - XSS
Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows attackers to escalte privileges via a crafted payload in the ticket message field.
by Patrik Lantz
CVSS 9.0
EIP-2026-114078 EXPLOITDB python
Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)
by Ron Jost
EIP-2026-106952 EXPLOITDB python
Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthenticated)
by Davide \'yth1n\' Bianchin
By Source
All 50,135 Exploitdb 50,135 Writeup 49,930 Nomisec 21,368 Metasploit 3,228 Github 2,568 Vulncheck_xdb 901 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,908 c 3,575 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 52 postscript 25 xml 24