Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-100666 EXPLOITDB python
Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated)
by Alexandre ZANNI
CVE-2021-47724 EXPLOITDB MEDIUM text
STVS ProVision 5.9.10 - Authenticated Path Traversal via Archive Download Files Parameter
STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers to access arbitrary files by manipulating the files parameter in the archive download functionality. Attackers can send GET requests to /archive/download with directory traversal sequences to read sensitive system files like /etc/passwd.
by LiquidWorm
CVSS 6.5
CVE-2021-47723 EXPLOITDB HIGH html
STVS ProVision 5.9.10 - Cross-Site Request Forgery
STVS ProVision 5.9.10 contains a cross-site request forgery vulnerability that allows attackers to perform actions with administrative privileges by exploiting unvalidated HTTP requests. Attackers can visit malicious web sites to trigger the forge request, allowing them to create new admin users.
by LiquidWorm
CVSS 8.8
EIP-2026-104372 EXPLOITDB text VERIFIED
Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1)
by SunCSR
EIP-2026-112079 EXPLOITDB text
Simple College Website 1.0 - 'name' Sql Injection (Authentication Bypass)
by Marco Catalano
EIP-2026-112078 EXPLOITDB text
Simple College Website 1.0 - 'full' Stored Cross Site Scripting
by Marco Catalano
EIP-2026-105772 EXPLOITDB text
Cemetry Mapping and Information System 1.0 - 'user_email' Sql Injection (Authentication Bypass)
by Marco Catalano
CVE-2020-14882 EXPLOITDB CRITICAL python
Oracle WebLogic Server <14.1.1.0.0 - RCE
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
by CHackA0101
CVSS 9.8
CVE-2021-3186 EXPLOITDB MEDIUM text
Tenda AC5 AC1200 V15.03.06.47_multi - Stored Cross-Site Scripting via Wifi Name Parameter
A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote attackers to inject arbitrary web script or HTML via the Wifi Name parameter.
by Chiragh Arora
CVSS 5.4
CVE-2021-47934 EXPLOITDB MEDIUM text
MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php profile action to change a user's cover picture by crafting malicious forms that execute when victims visit affected profiles.
by 0xB9
CVSS 5.3
CVE-2021-27129 EXPLOITDB MEDIUM text
CASAP Automated Enrollment System 1.0 - Cross-Site Scripting via ROUTE Parameter
CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter.
by Richard Jones
CVSS 5.4
EIP-2026-109112 EXPLOITDB text
Library System 1.0 - 'category' SQL Injection
by Aitor Herrero
CVE-2020-35729 EXPLOITDB CRITICAL ruby VERIFIED
klog_server 2.4.1 - OS Command Injection via User Parameter
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
by Metin Yunus Kandemir
CVSS 9.8
CVE-2021-3298 EXPLOITDB MEDIUM text
Collabtive 3.1 - Authenticated Stored Cross-Site Scripting via Profile Address Field
Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter.
by Deha Berkin Bir
CVSS 5.4
CVE-2021-3294 EXPLOITDB MEDIUM text
CASAP Automated Enrollment System 1.0 - XSS
CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.
by Anita Gaud
CVSS 5.4
CVE-2025-34022 EXPLOITDB CRITICAL text
Selea Targa IP OCR-ANPR - Path Traversal
A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.
by LiquidWorm
CVE-2025-34021 EXPLOITDB HIGH text
Selea Targa IP OCR-ANPR Camera - Server-Side Request Forgery via JSON POST Parameters
A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON POST parameters such as ipnotify_address and url, which are used by internal mechanisms to perform image fetch and DNS lookups. This allows remote unauthenticated attackers to induce the system to make arbitrary HTTP requests to internal or external systems, potentially bypassing firewall policies or conducting internal service enumeration. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-25 UTC.
by LiquidWorm
CVE-2024-33485 EXPLOITDB CRITICAL python
CASAP Automated Enrollment System <V1.0 - SQL Injection
SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component
by Himanshu Shukla
CVSS 9.8
CVE-2021-26201 EXPLOITDB CRITICAL python
CASAP Automated Enrollment System 1.0 - SQL Injection Authentication Bypass via Login Username Field
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.
by Himanshu Shukla
CVSS 9.8
CVE-2021-26200 EXPLOITDB CRITICAL python
Library System 1.0 - SQL Injection
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.
by Himanshu Shukla
CVSS 9.8
CVE-2021-47731 EXPLOITDB CRITICAL text
Selea Targa IP OCR-ANPR Camera - Info Disclosure
Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.
by LiquidWorm
CVSS 9.8
CVE-2021-47730 EXPLOITDB HIGH html
Selea Targa IP OCR-ANPR Camera - CSRF
Selea Targa IP OCR-ANPR Camera contains a cross-site request forgery vulnerability that allows attackers to create administrative users without authentication. Attackers can craft a malicious web page that submits a form to add a new admin user with full system privileges when a logged-in user visits the page.
by LiquidWorm
CVSS 8.8
CVE-2021-47729 EXPLOITDB MEDIUM text
Selea Targa IP OCR-ANPR Camera - XSS
Selea Targa IP OCR-ANPR Camera contains a stored cross-site scripting vulnerability in the 'files_list' parameter that allows attackers to inject malicious HTML and script code. Attackers can send a POST request to /cgi-bin/get_file.php with crafted payload to execute arbitrary scripts in victim's browser session.
by LiquidWorm
CVSS 5.4
CVE-2021-47728 EXPLOITDB CRITICAL bash
Selea Targa IP OCR-ANPR Camera - Command Injection
Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local file inclusion techniques.
by LiquidWorm
CVSS 9.8
CVE-2021-47727 EXPLOITDB MEDIUM text
Selea Targa IP OCR-ANPR Camera - Info Disclosure
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage.
by LiquidWorm
CVSS 5.3