Exploitdb Exploits
50,076 exploits tracked across all sources.
Textpattern CMS 4.8.4 - Stored Cross-Site Scripting via Comments Parameter
A cross-site scripting vulnerability was discovered in the Comments parameter in Textpattern CMS 4.8.4 which allows remote attackers to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting https://site.com/articles/welcome-to-your-site#comments-head.
by Tushar Vaidya
CVSS 5.4
Online Ordering System 1.0 - SQL Injection
Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure.
by Suraj Bhosale
CVSS 7.5
Online Ordering System 1.0 - Unrestricted File Upload via initiateorder.php
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE).
by Suraj Bhosale
CVSS 9.8
Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)
by Deepak Kumar Bharti
e107 < 2.3.0 - Cross-Site Request Forgery via usersettings.php
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
by Tadjmen
CVSS 8.8
Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)
by Tushar Vaidya
Local Services Search Engine Management System (LSSMES) 1.0 - 'name' Persistent Cross-Site Scripting (XSS)
by Tushar Vaidya
AnyDesk < 5.5.3 - Remote Code Execution via Format String Vulnerability
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution.
by scryh
CVSS 9.8
Web Based Quiz System 1.0 - Cross-Site Scripting via Name Parameter
Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in register.php through the name parameter.
by P.Naveen Kumar
CVSS 6.1
Web Based Quiz System 1.0 - Cross-Site Scripting via options Parameter
Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in admin.php through the options parameter.
by Praharsh Kumar Singh
CVSS 6.1
Zen Cart 1.5.7b - Command Injection
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
by Mücahit Saratar
CVSS 7.2
Tiny Tiny RSS < 2020-09-16 - Server-Side Request Forgery via URL Validation Bypass
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.
by Daniel Neagaru
CVSS 9.8
Necta WiFi Mouse Server - Remote Code Execution via Client-Side Authentication Bypass
Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.
by H4rk3nz0
CVSS 9.8
Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated)
by Christian Vierschilling
Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated)
by Christian Vierschilling
VMware vCenter Server and Cloud Foundation - Remote Code Execution via vSphere Client Plugin
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
by Photubias
CVSS 9.8
FortiLogger < 5.2.0 - Arbitrary File Upload via Hotspot Logo Upload
FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp.
by Berkan Er
CVSS 9.8
Employee Records System 1.0 - Unauthenticated Unrestricted File Upload via uploadID.php
Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper server-side validation. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC.
by sml
CVSS 9.8
Triconsole Datepicker Calendar <3.77 - XSS
Triconsole Datepicker Calendar <3.77 is affected by cross-site scripting (XSS) in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents.
by Akash Chathoth
CVSS 6.1
Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)
by Matthew Dunn
LightCMS 1.3.4 - Stored Cross-Site Scripting in Title Field to /admin/SensitiveWords
A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords.
by Peithon
CVSS 5.4
Vehicle Parking Management System 1.0 - XSS
A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field.
by Tushar Vaidya
CVSS 4.8
LayerBB 1.1.4 SQL Injection via search_query Parameter
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send POST requests to /search.php with malicious search_query values using CASE WHEN statements to extract sensitive database information.
by Görkem Haşin
CVSS 8.2
python jsonpickle 2.0.0 Remote Code Execution via py/repr
python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during deserialization to execute arbitrary code.
by Adi Malyanker
CVSS 9.8
By Source