Exploitdb Exploits
50,135 exploits tracked across all sources.
Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE)
by LiquidWorm
b2evolution 7.2.2 - CSRF
b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit unauthorized changes to user profiles by tricking victims into loading a specially crafted webpage.
by Alperen Ergel
CVSS 5.3
Nica Winwaste.net - Incorrect Permission Assignment
WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges.
by Andrea Intilangelo
CVSS 7.8
Webnus Modern Events Calendar Lite < 5.16.5 - Unrestricted File Upload
Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the 'text/csv' content-type in the request.
by Ron Jost
CVSS 7.2
Webnus Modern Events Calendar Lite < 5.16.5 - Improper Access Control
Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example.
by Ron Jost
CVSS 7.5
Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)
by ircashem
MIT Scratch-svg-renderer - XSS
This affects the package scratch-svg-renderer before 0.2.0-prerelease.20201019174008. The loadString function does not escape SVG properly, which can be used to inject arbitrary elements into the DOM via the _transformMeasurements function.
by Stig Magnus Baugstø
CVSS 9.6
AKCP sensorProbe <SP480-20210624 - XSS
Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email (from/to/cc), System Name, and System Location fields.
by Tyler Butler
CVSS 5.4
Vianeos OctoPUS 5 - SQL Injection
Vianeos OctoPUS 5 contains a time-based blind SQL injection vulnerability in the 'login_user' parameter during authentication requests. Attackers can exploit this vulnerability by crafting malicious POST requests with specially constructed SQL payloads that trigger database sleep functions to extract information.
by Audencia Business SCHOOL Red Team
CVSS 8.2
Xcloner < 4.2.13 - Incorrect Authorization
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xcloner_restore.php write_file_action could overwrite wp-config.php, for example. Alternatively, an attacker could create an exploit chain to obtain a database dump.
by Ron Jost
CVSS 9.9
Online Voting System 1.0 - Remote Code Execution (Authenticated)
by Salman Asad
Online Voting System 1.0 - Authentication Bypass (SQLi)
by Salman Asad
Phpabook - SQL Injection
phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.
by Alejandro Perez
CVSS 9.8
Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)
by Murat DEMİRCİ
Simple Traffic Offense System 1.0 - Stored Cross Site Scripting (XSS)
by Barış Yıldızoğlu
Apache Superset 1.1.0 - Time-Based Account Enumeration
by Dolev Farhi
Estrongs ES File Explorer File Manager - Missing Authentication
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
by Nehal Zaman
CVSS 8.1
WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting (XSS)
by Toby Jackson
Atlassian Data Center < 8.5.14 - XSS
The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before version 8.13.6, and from version 8.14.0 before version 8.16.1 allows remote attackers inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
by Captain_hook
CVSS 6.1
Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthenticated)
by Bryan Leong
SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path
by Brian Rodriguez
Simple Client Management System 1.0 - 'uemail' SQL Injection (Unauthenticated)
by Barış Yıldızoğlu
Seeddms < 5.1.11 - Unrestricted File Upload
SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.
by Bryan Leong
CVSS 7.5
Lightweight facebook-styled blog 1.3 - Remote Code Execution (RCE) (Authenticated) (Metasploit)
by Maide Ilkay Aydogdu
Vmware Cloud Foundation < 3.10.1.2 - Path Traversal
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
by CHackA0101
CVSS 9.8
By Source