Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-112621 EXPLOITDB text
TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS)
by Mert Daş
EIP-2026-112457 EXPLOITDB text
Student Result Management System 1.0 - 'class' SQL Injection
by Riadh Benlamine
EIP-2026-102175 EXPLOITDB python
n+otes 1.6.2 - Denial of Service (PoC)
by Geovanni Ruiz
CVE-2021-47953 EXPLOITDB MEDIUM html
OpenCart 3.0.3.7 Cross-Site Request Forgery via account/password
OpenCart 3.0.3.7 contains a cross-site request forgery vulnerability that allows attackers to change user passwords by sending crafted requests to the account/password endpoint. Attackers can trick authenticated users into submitting hidden forms with new password values in the 'password' and 'confirm' parameters to hijack accounts.
by Mert Daş
CVSS 4.3
CVE-2021-47812 EXPLOITDB CRITICAL python VERIFIED
GravCMS 1.10.7 - Unauthenticated Arbitrary YAML Write and PHP Execution via Scheduler Endpoint
GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with system command execution.
by legend
CVSS 9.8
EIP-2026-114178 EXPLOITDB text
WordPress Plugin visitors-app 0.3 - 'user-agent' Stored Cross-Site Scripting (XSS)
by Mesut Cetin
EIP-2026-110270 EXPLOITDB text
OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting
by Mert Daş
CVE-2021-32403 EXPLOITDB HIGH html
Intelbras RF 301K Firmware 1.1.2 - Cross-Site Request Forgery
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules.
by Rodolfo Mariano
CVSS 8.8
CVE-2021-47815 EXPLOITDB HIGH python
Nsauditor 3.2.3 - Denial of Service via Registration Key Input Buffer Overflow
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.
by Erick Galindo
CVSS 7.5
CVE-2021-47814 EXPLOITDB HIGH python
NBMonitor 1.6.8 - Denial of Service via Registration Code Input Overflow
NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential system instability.
by Erick Galindo
CVSS 7.5
CVE-2021-47813 EXPLOITDB HIGH python
Backup Key Recovery 2.2.7 - Denial of Service via Registration Code Input Overflow
Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a large buffer of 256 repeated characters into the registration key field to trigger application instability and potential crash.
by Erick Galindo
CVSS 7.5
CVE-2020-24186 EXPLOITDB CRITICAL python
wpDiscuz 7.0-7.0.4 - Unauthenticated Remote Code Execution via File Upload
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.
by Fellipe Oliveira
CVSS 10.0
CVE-2021-47972 EXPLOITDB HIGH python
Sticky Notes & Color Widgets 1.4.2 Denial of Service
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and make the application stop responding.
by Geovanni Ruiz
CVSS 7.5
CVE-2025-34049 EXPLOITDB CRITICAL python
OptiLink ONT1GEW GPON <V2.1.11_X101 Build 1127.190306 - Command Inj...
An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.
by SecNigma
CVE-2013-4988 EXPLOITDB python
IcoFX < 2.5 - Remote Code Execution via Long idCount in ICONDIR Structure
Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. NOTE: some of these details are obtained from third party information.
by Austin Babcock
CVE-2020-24186 EXPLOITDB CRITICAL bash
wpDiscuz 7.0-7.0.4 - Unauthenticated Remote Code Execution via File Upload
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.
by UnD3sc0n0c1d0
CVSS 10.0
EIP-2026-114069 EXPLOITDB text
WordPress Plugin Smart Slider-3 3.5.0.8 - 'name' Stored Cross-Site Scripting (XSS)
by Hardik Solanki
CVE-2021-29440 EXPLOITDB HIGH python
Grav < 1.7.11 - Authenticated Remote Code Execution via Twig Template Injection
Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11.
by enox
CVSS 8.4
CVE-2021-22911 EXPLOITDB CRITICAL python VERIFIED
Rocket.Chat 3.11-3.13 - Unauthenticated NoSQL Injection and Remote Code Execution
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
by enox
CVSS 9.8
CVE-2021-47971 EXPLOITDB HIGH python
My Notes Safe 5.3 Denial of Service via Buffer Overflow
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an application crash.
by Geovanni Ruiz
CVSS 7.5
CVE-2021-47970 EXPLOITDB HIGH python
Macaron Notes 5.5 Denial of Service via Buffer Overflow
Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload containing 350000 repeated characters and paste it into a note field to trigger application crash and stop functionality.
by Geovanni Ruiz
CVSS 7.5
CVE-2021-47969 EXPLOITDB HIGH python
Color Notes 1.4 Denial of Service via Long Character String
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350,000 repeated characters and paste it twice into a new note to cause the application to stop responding.
by Geovanni Ruiz
CVSS 7.5
EIP-2026-114699 EXPLOITDB python
Gitlab 13.10.2 - Remote Code Execution (Authenticated)
by enox
CVE-2018-6383 EXPLOITDB HIGH python
Monstra CMS < 3.0.4 - Authenticated Remote Code Execution via .pht or .phar File Upload
Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-18048.
by Ron Jost
CVSS 8.8
EIP-2026-114700 EXPLOITDB python VERIFIED
Gitlab 13.9.3 - Remote Code Execution (Authenticated)
by enox