Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-5941 EXPLOITDB CRITICAL javascript
node-serialize < 0.0.4 - Remote Code Execution via Unserialize Function
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
by Beren Kuday GÖRÜN
CVSS 9.8
EIP-2026-101255 EXPLOITDB text
Dlink DSL2750U - 'Reboot' Command Injection
by Mohammed Hadi
CVE-2021-47974 EXPLOITDB HIGH text
VX Search 13.5.28 Unquoted Service Path Privilege Escalation
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute arbitrary code with LocalSystem privileges when services restart.
by Brian Rodriguez
CVSS 7.8
CVE-2023-38890 EXPLOITDB HIGH python
Online Shopping Portal Project 3.1 - SQL Injection
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.
by Tagoletta
CVSS 8.8
CVE-2021-47807 EXPLOITDB HIGH text
Sync Breeze 13.6.18 - Code Injection
Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2021-47806 EXPLOITDB HIGH text
Dup Scout 13.5.28 - Unquoted Service Path Privilege Escalation via Windows Service Configuration
Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2021-47805 EXPLOITDB HIGH text
Disk Savvy 13.6.14 - Code Injection
Disk Savvy 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries to inject malicious executables that will be run with elevated LocalSystem privileges.
by Brian Rodriguez
CVSS 7.8
EIP-2026-118167 EXPLOITDB text
Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path
by Ismael Nava
EIP-2026-112899 EXPLOITDB text
Unified Office Total Connect Now 1.0 - 'data' SQL Injection
by Ajaikumar Nadar
CVE-2021-31159 EXPLOITDB MEDIUM python
Zoho ManageEngine ServiceDesk Plus MSP <10519 - Info Disclosure
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.
by Ricardo Ruiz
CVSS 5.3
CVE-2021-47847 EXPLOITDB HIGH text
Disk Sorter Server 13.6.12 - Code Injection
Disk Sorter Server 13.6.12 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Server\bin\disksrs.exe' to inject malicious executables and escalate privileges.
by BRushiran
CVSS 7.8
CVE-2021-47809 EXPLOITDB HIGH text
Disk Sorter Enterprise 13.6.12 - Code Injection
Disk Sorter Enterprise 13.6.12 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Enterprise\bin\disksrs.exe' to inject malicious executables and escalate privileges.
by BRushiran
CVSS 7.8
CVE-2021-47808 EXPLOITDB MEDIUM text
Cotonti Siena 0.9.19 - Stored Cross-Site Scripting via Maintitle Parameter
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page.
by Fatih İLGİN
CVSS 5.4
CVE-2021-28424 EXPLOITDB MEDIUM text
Teachers Record Management System 1.0 - XSS
A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php.
by nhattruong
CVSS 5.4
CVE-2021-28423 EXPLOITDB HIGH text
Teachers Record Management System <2.1 - SQL Injection
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the 'searchdata' POST parameter in search.php.
by nhattruong
CVSS 8.8
CVE-2020-36927 EXPLOITDB HIGH text
DiskPulse Enterprise 13.6.14 - Code Injection
DiskPulse Enterprise 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Pulse Enterprise\bin\diskpls.exe' to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2018-15152 EXPLOITDB CRITICAL python
OpenEMR < 5.0.1.4 - Unauthenticated Authentication Bypass via Patient Portal Registration
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5) portal/get_lab_results.php, (6) portal/get_medications.php, (7) portal/get_patient_documents.php, (8) portal/get_problems.php, (9) portal/get_profile.php, (10) portal/portal_payment.php, (11) portal/messaging/messages.php, (12) portal/messaging/secure_chat.php, (13) portal/report/pat_ledger.php, (14) portal/report/portal_custom_report.php, or (15) portal/report/portal_patient_report.php without authenticating as a patient.
by Ron Jost
CVSS 9.1
EIP-2026-105866 EXPLOITDB text
CKEditor 3 - Server-Side Request Forgery (SSRF)
by ahmed
CVE-2020-36930 EXPLOITDB HIGH text
SysGauge Server 7.9.18 - Code Injection
SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2020-36929 EXPLOITDB HIGH text
Brother BRPrint Auditor 3.0.7 - Code Injection
Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPA_Agent services to inject malicious executables and escalate privileges on the system.
by Brian Rodriguez
CVSS 7.8
CVE-2020-36928 EXPLOITDB HIGH text
Brother BRAgent 1.38 - Code Injection
Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBA_Agent_Client service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions.
by Brian Rodriguez
CVSS 7.8
EIP-2026-114746 EXPLOITDB text
Client Management System 1.1 - 'Search' SQL Injection
by BHAVESH KAUL
EIP-2026-105916 EXPLOITDB text
Client Management System 1.1 - 'username' Stored Cross-Site Scripting (XSS)
by BHAVESH KAUL
CVE-2021-3560 EXPLOITDB HIGH bash VERIFIED
polkit < 0.119 - Unauthenticated Privilege Escalation via D-Bus Request
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
by J Smith
CVSS 7.8
CVE-2021-47943 EXPLOITDB HIGH text
TextPattern CMS 4.8.7 Remote Code Execution via File Upload
TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute commands by accessing the uploaded file at /textpattern/files/ with GET parameters passed to the system function.
by Mert Daş
CVSS 8.8