Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-26855 EXPLOITDB CRITICAL python
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by F5
CVSS 9.1
CVE-2021-43458 EXPLOITDB HIGH text
Vembu BDR 4.2.0.1 - Unquoted Service Path
An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths.
by Mohammed Alshehri
CVSS 7.8
EIP-2026-109557 EXPLOITDB python
Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)
by Richard Jones
EIP-2026-109556 EXPLOITDB text
Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection
by Richard Jones
CVE-2021-47955 EXPLOITDB MEDIUM text
CouchCMS 2.2.1 Cross-Site Scripting via SVG File Upload
CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which are then executed in users' browsers when the files are accessed or previewed.
by xxcdd
CVSS 5.4
CVE-2021-47726 EXPLOITDB HIGH text
NuCom 11N Wireless Router 5.07.90 - Privilege Escalation
NuCom 11N Wireless Router 5.07.90 contains a privilege escalation vulnerability that allows non-privileged users to access administrative credentials through the configuration backup endpoint. Attackers can send a crafted HTTP GET request to the backup configuration page with a specific cookie to retrieve and decode the admin password in Base64 format.
by LiquidWorm
CVSS 7.5
CVE-2021-27722 EXPLOITDB MEDIUM python
Nsasoft US LLC SpotAuditor <5.3.5 - Buffer Overflow
An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.
by Enes Özeser
CVSS 5.5
CVE-2021-27065 EXPLOITDB HIGH python
Microsoft Exchange Server - Remote Code Execution via ProxyLogon
Microsoft Exchange Server Remote Code Execution Vulnerability
by testanull
CVSS 7.8
EIP-2026-109727 EXPLOITDB text
MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting
by 0xB9
CVE-2020-14181 EXPLOITDB MEDIUM python
Atlassian Jira Server/Data Center <7.13.6, 8.0.0-8.5.7 - User Enumeration via ViewUserHover.jspa
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.
by Dolev Farhi
CVSS 5.3
CVE-2021-43457 EXPLOITDB HIGH text
bVPN 2.5.1 - Unquoted Service Path in waselvpnserv
An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path.
by Mohammed Alshehri
CVSS 7.8
CVE-2021-43455 EXPLOITDB HIGH text
freelan 2.2 - Unquoted Service Path
An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via a specially crafted file in the FreeLAN Service path.
by Mohammed Alshehri
CVSS 7.8
CVE-2021-47883 EXPLOITDB HIGH text
Sandboxie Plus 0.7.2 - Privilege Escalation
Sandboxie Plus 0.7.2 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup.
by Mohammed Alshehri
CVSS 7.8
CVE-2021-47882 EXPLOITDB HIGH text
FreeLAN 2.2 - Unquoted Service Path Privilege Escalation
FreeLAN 2.2 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges during service startup.
by Mohammed Alshehri
CVSS 7.8
CVE-2006-6576 EXPLOITDB python VERIFIED
Golden FTP Server <1.92 - Buffer Overflow
Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector is already covered by CVE-2005-0634.
by 1F98D
CVE-2021-47887 EXPLOITDB HIGH text
OKI Print Job Accounting 4.4.10 - Local Privilege Escalation
OKI Print Job Accounting 4.4.10 contains an unquoted service path vulnerability in the OkiJaSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Print Job Accounting\' to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2021-47886 EXPLOITDB HIGH text
Pingzapper 2.3.1 - Unquoted Service Path Privilege Escalation in PingzapperSvc
Pingzapper 2.3.1 contains an unquoted service path vulnerability in the PingzapperSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Pingzapper\PZService.exe' to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2021-47884 EXPLOITDB HIGH text
OKI Configuration Tool 1.6.53 - Code Injection
OKI Configuration Tool 1.6.53 contains an unquoted service path vulnerability in the OKI Local Port Manager service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Common\extend3\portmgrsrv.exe' to inject malicious executables and escalate privileges.
by Brian Rodriguez
CVSS 7.8
CVE-2018-17254 EXPLOITDB CRITICAL php
JCK Editor 6.4.4 - SQL Injection via jtreelink Parent Parameter
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
by Nicholas Ferreira
CVSS 9.8
EIP-2026-107645 EXPLOITDB python
Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)
by Christian Vierschilling
EIP-2026-107436 EXPLOITDB text
GLPI 9.5.3 - 'fromtype' Unsafe Reflection
by Vadym Soroka
CVE-2021-26705 EXPLOITDB CRITICAL java
SquareBox CatDV < 9.2 - Unauthenticated Sensitive RMI Method Invocation
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive RMI methods such as getConnections without authentication, the results of which can be used to generate valid authentication tokens. These tokens can then be used to invoke administrative tasks within the application, such as disclosing password hashes.
by Christopher Ellis
CVSS 9.1
CVE-2020-29134 EXPLOITDB HIGH bash
TOTVS Fluig - Path Traversal via Base64-Encoded File Parameter
The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4
by Lucas Souza
CVSS 8.6
CVE-2021-47888 EXPLOITDB HIGH python
Textpattern <4.8.3 - Authenticated RCE
Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the uploaded file through a specific URL parameter.
by Ricardo Ruiz
CVSS 8.8
CVE-2021-28002 EXPLOITDB MEDIUM text
Textpattern 4.9.0 - Stored Cross-Site Scripting via Excerpt Parameter
A persistent cross-site scripting vulnerability was discovered in the Excerpt parameter in Textpattern CMS 4.9.0 which allows remote attackers to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting the 'Articles' page.
by Tushar Vaidya
CVSS 5.4