Exploitdb Exploits
50,135 exploits tracked across all sources.
VestaCP <0.9.8-25 - XSS
VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'v_interface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload.
by numan türle
CVSS 7.2
SEO Panel <4.9.0 - SQL Injection
SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authenticated attackers to manipulate database queries through the 'order_col' parameter. Attackers can use sqlmap to exploit the vulnerability and extract database information by injecting malicious SQL code into the order column parameter.
by Piyush Patil
CVSS 7.1
Hestia Control Panel 1.3.2 - File Write
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the server.
by numan türle
CVSS 8.8
rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
by Murat ŞEKER
Wowonder < 3.1 - SQL Injection
In WoWonder < 3.1, remote attackers can gain access to the database by exploiting a requests.php?f=search-my-followers SQL Injection vulnerability via the event_id parameter.
by securityforeveryone.com
CVSS 7.5
Faststone Image Viewer < 7.5 - Out-of-Bounds Write
FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this issue to achieve code execution when a user opens or views a malformed/specially crafted CUR file.
by Paolo Stagno
CVSS 7.8
Vesta Control Panel <0.9.8-27 - Open Redirect
web/upload/UploadHandler.php in Vesta Control Panel (aka VestaCP) through 0.9.8-27 and myVesta through 0.9.8-26-39 allows uploads from a different origin.
by Fady Mohammed Osman
CVSS 8.8
GeoGebra Graphing Calculator <6.0.631.0 - DoS
GeoGebra Graphing Calculator 6.0.631.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer. Attackers can generate a payload of 8000 repeated characters to overwhelm the input field and cause the application to become unresponsive.
by Brian Rodriguez
CVSS 7.5
GeoGebra Classic <5.0.631.0-d - DoS
GeoGebra Classic 5.0.631.0-d contains a denial of service vulnerability in the input field that allows attackers to crash the application by sending oversized buffer content. Attackers can generate a large buffer of 800,000 repeated characters and paste it into the 'Entrada:' input field to trigger an application crash.
by Brian Rodriguez
CVSS 7.5
GeoGebra CAS Calculator <6.0.631.0 - DoS
GeoGebra CAS Calculator 6.0.631.0 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a payload with 8000 repeated characters and paste it into the calculator's input field to trigger an application crash.
by Brian Rodriguez
CVSS 9.8
Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)
by Christian Vierschilling
MagpieRSS 0.72 - Command Injection
Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpie_debug.php and /scripts/magpie_simple.php page that if you send a specific https url in the RSS URL field, you are able to execute arbitrary commands.
by bl4ckh4ck5
CVSS 9.8
Realtek Wireless LAN Utility 700.1631 - Privilege Escalation
Realtek Wireless LAN Utility 700.1631 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path by inserting malicious code in the system root path that would execute during application startup or system reboot.
by Luis Martínez
CVSS 7.8
eBeam Interactive Suite 3.6 - Privilege Escalation
eBeam Interactive Suite 3.6 contains an unquoted service path vulnerability in the eBeam Stylus Driver service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Luidia\eBeam Stylus Driver\ to inject malicious executables that would run with LocalSystem permissions.
by Luis Martínez
CVSS 7.8
eBeam Education Suite 2.5.0.9 - Code Injection
eBeam Education Suite 2.5.0.9 contains an unquoted service path vulnerability in the eBeam Device Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem privileges during service startup.
by Luis Martínez
CVSS 7.8
QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path
by Luis Martínez
Tribalsystems Zenario < 8.8.53370 - SQL Injection
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.
by Balaji Ayyasamy
CVSS 9.1
rConfig 3.9.6 - 'path' Local File Inclusion (Authenticated)
by Murat ŞEKER
SonLogger - Arbitrary File Upload
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file.
by Berkan Er
CVSS 9.8
Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure
by Berkan Er
openMAINT <3.3-b - XSS
Multiple stored cross-site scripting (XSS) vulnerabilities in openMAINT 2.1-3.3-b allow remote attackers to inject arbitrary web script or HTML via any "Add" sections, such as Add Card Building & Floor, or others in the Name and Code Parameters.
by Hosein Vita
CVSS 6.1
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by F5
CVSS 9.1
Vembu BDR 4.2.0.1 - Unquoted Service Path
An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths.
by Mohammed Alshehri
CVSS 7.8
Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)
by Richard Jones
Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection
by Richard Jones
By Source