Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-17026 EXPLOITDB HIGH javascript
Firefox < 72.0.1 and Firefox ESR < 68.4.1 - Type Confusion in IonMonkey JIT Compiler
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
by Forrest Orr
CVSS 8.8
EIP-2026-106419 EXPLOITDB text
Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)
by Mesut Cetin
EIP-2026-106417 EXPLOITDB text
Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection (Authenticated)
by Mesut Cetin
CVE-2019-12725 EXPLOITDB CRITICAL python
ZeroShell 3.9.0 - Unauthenticated Remote Command Execution via HTTP Parameter Injection
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
by Fellipe Oliveira
CVSS 9.8
CVE-2021-31721 EXPLOITDB MEDIUM text
Chevereto < 3.17.1 - Cross-Site Scripting via Image Title Upload
Chevereto before 3.17.1 allows Cross Site Scripting (XSS) via an image title at the image upload stage.
by Akıner Kısa
CVSS 6.1
EIP-2026-117716 EXPLOITDB text
Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path
by 1F98D
CVE-2020-37250 EXPLOITDB HIGH text
TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation
TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during service startup or system reboot with LocalSystem privileges.
by Erick Galindo
CVSS 7.8
CVE-2021-47967 EXPLOITDB MEDIUM text
PHP Timeclock 1.04 Multiple Cross-Site Scripting via Parameters
PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can append malicious payloads to login.php, timeclock.php, audit.php, and timerpt.php endpoints, or inject code through from_date and to_date parameters in report requests to execute scripts in user browsers.
by Tyler Butler
CVSS 6.1
CVE-2021-47829 EXPLOITDB HIGH text
DHCP Broadband 4.1.0.1503 - Code Injection
DHCP Broadband 4.1.0.1503 contains an unquoted service path vulnerability in its service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path in 'C:\Program Files\DHCP Broadband 4\dhcpt.exe' to inject malicious code that will execute during service startup with LocalSystem permissions.
by Erick Galindo
CVSS 7.8
CVE-2021-47828 EXPLOITDB HIGH text
BOOTP Turbo <2.0.0.1253 - Code Injection
BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot.
by Erick Galindo
CVSS 7.8
CVE-2020-28337 EXPLOITDB HIGH python
Microweber < 1.1.20 - Authenticated Remote Code Execution via Backup Restore Path Traversal
A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload a maliciously constructed ZIP file with file paths including relative paths (i.e., ../../), move this file into the backup directory, and execute a restore on this file.
by sl1nki
CVSS 7.2
EIP-2026-107673 EXPLOITDB text
Human Resource Information System 0.1 - 'First Name' Persistent Cross-Site Scripting (Authenticated)
by Reza Afsahi
CVE-2021-47966 EXPLOITDB HIGH text
PHP Timeclock 1.04 SQL Injection via login.php
PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid parameter of login.php that allows unauthenticated attackers to extract database contents. Attackers can submit crafted POST requests with SQL payloads using SLEEP functions or RLIKE conditional statements to dump sensitive database information including employee names and credentials.
by Tyler Butler
CVSS 8.2
CVE-2021-47833 EXPLOITDB HIGH text
WifiHotSpot 1.0.0.0 - Code Injection
WifiHotSpot 1.0.0.0 contains an unquoted service path vulnerability in its WifiHotSpotService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
by Erick Galindo
CVSS 7.8
CVE-2021-47831 EXPLOITDB HIGH python
Sandboxie 5.49.7 - Denial of Service via Container Folder Input Overflow
Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an application crash.
by Erick Galindo
CVSS 7.5
CVE-2021-47739 EXPLOITDB HIGH text
Epic Games Easy Anti-Cheat 4.0 - Code Injection
Epic Games Easy Anti-Cheat 4.0 contains an unquoted service path vulnerability that allows local non-privileged users to execute arbitrary code with elevated system privileges. Attackers can exploit the service configuration by inserting malicious code in the system root path that would execute with LocalSystem privileges during application startup.
by LiquidWorm
CVSS 8.4
EIP-2026-117890 EXPLOITDB text
Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path
by Erick Galindo
EIP-2026-117133 EXPLOITDB text
Epic Games Rocket League 1.95 - Stack Buffer Overrun
by LiquidWorm
EIP-2026-113148 EXPLOITDB text
Voting System 1.0 - Remote Code Execution (Unauthenticated)
by secure77
EIP-2026-113146 EXPLOITDB text
Voting System 1.0 - Authentication Bypass (SQLI)
by secure77
EIP-2026-107674 EXPLOITDB python
Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)
by Reza Afsahi
CVE-2021-47965 EXPLOITDB CRITICAL text
WordPress Plugin WP Super Edit 2.5.4 Unrestricted File Upload
WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote code execution and complete system compromise.
by h4shur
CVSS 9.8
CVE-2021-47964 EXPLOITDB HIGH text
Schlix CMS 2.2.6-6 Remote Code Execution via core.blockmanager
Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager. Attackers can upload a crafted ZIP file containing PHP code in the packageinfo.inc file and trigger execution by accessing the About tab of the installed extension.
by Eren Saraç
CVSS 8.8
CVE-2021-47834 EXPLOITDB MEDIUM text
Schlix CMS 2.2.6-6 - Authenticated Stored Cross-Site Scripting in Category Title
Schlix CMS 2.2.6-6 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into category titles. Attackers can create a new contact category with a script payload that will execute when the page is viewed by other users.
by Emircan Baş
CVSS 6.4
CVE-2021-28242 EXPLOITDB HIGH python
b2evolution <7.2.2-stable - SQL Injection
SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" tab.
by nu11secur1ty
CVSS 8.8