Exploitdb Exploits
50,076 exploits tracked across all sources.
MantisBT < 2.24.4 - SQL Injection via API SOAP mc_project_get_users Parameter
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.
by EthicalHCOP
CVSS 5.3
ACS Advanced Comment System 1.0 - Path Traversal via ACS_path Parameter
ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623
by Francisco Javier Santiago Vázquez
CVSS 7.5
GitLab CE/EE <11.3.11-11.5.1 - CRLF Injection
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
by Norbert Hofmann
CVSS 7.5
WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting
by Park Won Seok
WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload
by spacehen
Apartment Visitors Management System 1.0 - Authentication Bypass
by Kshitiz Raj
Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection
by gx1
Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS
by Vijay Sachdeva
Online Learning Management System 1.0 - Multiple Stored XSS
by Aakash Madaan
Online Learning Management System 1.0 - Authentication Bypass
by Aakash Madaan
Online Learning Management System 1.0 - 'id' SQL Injection
by Aakash Madaan
TerraMaster Operating System <= 4.2.06 - Unauthenticated Remote Code Execution via Event Parameter in makecvs.php
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.
by AkkuS
CVSS 9.8
Victor CMS 1.0 - Authenticated Arbitrary File Upload via Profile Image Feature
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser.
by Mosaaed
CVSS 8.8
CSE Bookstore 1.0 - SQL Injection via pubid Parameter
CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database on which the web application is running.
by Musyoka Ian
CVSS 9.8
10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)
by Florian Gassner
WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit)
by SunCSR Team
Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection (Authenticated)
by Matthew Aberegg
Multi Branch School Management System 3.5 - _Create Branch_ Stored XSS
by Kislay Kumar
Library Management System 3.0 - _Add Category_ Stored XSS
by Kislay Kumar
Artworks Gallery Management System 1.0 - 'id' SQL Injection
by Vijay Sachdeva
Webmin <= 1.962 - Authenticated Remote Command Execution via Package Updates Module
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.
by AkkuS
CVSS 8.8
By Source