Exploitdb Exploits
50,135 exploits tracked across all sources.
Small CRM 3.0 - 'Authentication Bypass' SQL Injection
by BHAVESH KAUL
OpenEMR <5.0.1.4 - Code Injection
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
by Ron Jost
CVSS 8.8
GLPI <9.4.6 - Command Injection
In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account having Maintenance privileges and the right to add WIFI networks. This is fixed in version 9.4.6.
by Brian Peters
CVSS 7.4
COVID19 Testing Management System 1.0 - 'State' Stored Cross-Site-Scripting (XSS)
by BHAVESH KAUL
Accela Civic Platform < 20.1 - XSS
Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information.
by Abdulazeez Alaseeri
CVSS 6.1
Accela Civic Platform <20.1 - Info Disclosure
portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the vendor states "the information that is being queried is authorized for an authenticated user of that application, so we consider this not applicable.
by Abdulazeez Alaseeri
CVSS 6.5
Secure Notepad Private Notes 3.0.3 - Denial of Service (PoC)
by Geovanni Ruiz
Notex the best notes 6.4 - Denial of Service (PoC)
by Geovanni Ruiz
Grocerycrud Grocery Crud < 2.0.1 - SQL Injection
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order_by[] parameter in POST requests to the ajax_list endpoint to potentially extract or modify database information.
by TonyShavez
CVSS 9.1
BKW Solar-log 500 Firmware < 2.8.1 - Cleartext Storage
An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.
by Luca.Chiou
CVSS 6.5
BKW Solar-log 500 Firmware < 2.8.1 - Missing Authentication
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.
by Luca.Chiou
CVSS 7.5
WoWonder 3.0.4 - Code Injection
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.
by securityforeveryone.com
CVSS 9.8
Microsoft Sharepoint Foundation - SSRF
Microsoft SharePoint Server Spoofing Vulnerability
by Alex Birnberg
CVSS 7.6
Tribal Systems Zenario CMS <8.8.52729 - XSS
Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "cID" parameter when creating a new HTML component.
by Avinash R
CVSS 4.8
Database-backups < 1.2.2.6 - CSRF
The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups.
by 0xB9
CVSS 8.1
OpenEMR <5.0.0 - Code Injection
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
by Ron Jost
CVSS 8.8
Cerberus FTP Server <10.0.19, <11.0.4 - XSS
The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11.x before 11.0.4 allows XSS via an SVG document.
by Mohammad Hossein Kaviyany
CVSS 6.1
Accela Civic Platform < 21.1 - XSS
In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information.
by Abdulazeez Alaseeri
CVSS 6.1
TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS)
by Mert Daş
Student Result Management System 1.0 - 'class' SQL Injection
by Riadh Benlamine
memono Notepad Version 4.2 - Denial of Service (PoC)
by Geovanni Ruiz
Sticky Notes Widget Version 3.0.6 - Denial of Service (PoC)
by Geovanni Ruiz
Grav - Missing Authorization
GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with system command execution.
by legend
CVSS 9.8
By Source