Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-113011 EXPLOITDB text
vBulletin 5.6.3 - 'group' Cross Site Scripting
by Vincent666
CVE-2020-37238 EXPLOITDB MEDIUM text
CMS Made Simple 2.2.15 Stored XSS via SVG File Upload
CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers can upload SVG files containing embedded JavaScript to the file manager, which executes when other authenticated users access the uploaded file, enabling cookie theft and session hijacking.
by Eshan Singh
CVSS 6.4
CVE-2020-37237 EXPLOITDB MEDIUM text
Composr CMS 10.0.34 Persistent Cross-Site Scripting via banners
Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner functionality, which execute for all website visitors when they access the home page.
by Parshwa Bhavsar
CVSS 6.4
CVE-2021-47902 EXPLOITDB HIGH text
Testa Online Test Management System <3.4.7 - SQL Injection
Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user or system data.
by Ultra Security Team
CVSS 8.2
CVE-2020-36960 EXPLOITDB MEDIUM text
Forma LMS < 2.3 - Stored Cross-Site Scripting via User Profile First and Last Name Fields
Forma LMS 2.3 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into user profile first and last name fields. Attackers can craft scripts like '<script>alert(document.cookie)</script>' to execute arbitrary JavaScript when the profile is viewed by other users.
by Hemant Patidar
CVSS 6.4
CVE-2020-36959 EXPLOITDB HIGH text
IDT PC Audio 1.0.6499.0 - Privilege Escalation
IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the STacSV service to inject malicious code that would execute with LocalSystem account permissions during service startup.
by Diego Cañada
CVSS 7.8
CVE-2020-36951 EXPLOITDB HIGH text
Phpscript-sgh 0.1.0 - SQL Injection
Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the 'id' parameter. Attackers can exploit this vulnerability by crafting malicious payloads that trigger time delays, enabling them to extract sensitive database information through conditional sleep techniques.
by KeopssGroup0day_Inc
CVSS 8.2
CVE-2020-36950 EXPLOITDB MEDIUM text
Laravel Nova 3.7.0 - Authenticated Denial of Service via Range Parameter
Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to crash the application by manipulating the 'range' parameter. Attackers can send simultaneous requests with an extremely high range value to overwhelm and crash the server.
by iqzer0
CVSS 6.5
CVE-2020-35349 EXPLOITDB MEDIUM text
Savsoft Quiz 5 - Stored Cross-Site Scripting via Custom Field Title Parameter
Savsoft Quiz 5 is affected by: Cross Site Scripting (XSS) via field_title (aka a title on the custom fields page).
by Dhruv Patel
CVSS 4.8
EIP-2026-114568 EXPLOITDB text
Zabbix 5.0.0 - Stored XSS via URL Widget Iframe
by Shwetabh Vishnoi
EIP-2026-109485 EXPLOITDB text
MiniCMS 1.10 - 'content box' Stored XSS
by yudp
CVE-2020-28976 EXPLOITDB MEDIUM text
WordPress Canto Plugin 1.3.0 - Blind Server-Side Request Forgery via detail.php
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF.
by Pankaj Verma
CVSS 5.3
CVE-2020-6519 EXPLOITDB MEDIUM javascript
Google Chrome <84.0.4147.89 - Auth Bypass
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
by Gal Weizman
CVSS 6.5
CVE-2020-36924 EXPLOITDB MEDIUM text
Sony BRAVIA Digital Signage 1.7.8 - RCE
Sony BRAVIA Digital Signage 1.7.8 contains a remote file inclusion vulnerability that allows attackers to inject arbitrary client-side scripts through the content material URL parameter. Attackers can exploit this vulnerability to hijack user sessions, execute cross-site scripting code, and modify display content by manipulating the input material type.
by LiquidWorm
CVSS 6.1
CVE-2020-36922 EXPLOITDB HIGH text
Sony BRAVIA Digital Signage <1.7.8 - Info Disclosure
Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive system details through API endpoints. Attackers can retrieve network interface information, server configurations, and system metadata by sending requests to the exposed system API.
by LiquidWorm
CVSS 7.5
CVE-2020-35275 EXPLOITDB MEDIUM text
Coastercms v5.8.18 - Cross-Site Scripting
Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user can steal a cookie and make the user redirect to any malicious website because it is trigged on the main home page of the product/application.
by Hardik Solanki
CVSS 5.4
CVE-2020-26766 EXPLOITDB HIGH text
PHPGurukul User Registration & Login and User Management System Wit...
A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1.
by Dipak Panchal
CVSS 8.8
CVE-2020-29474 EXPLOITDB CRITICAL text
EGavilan Media EGM Address Book 1.0 - SQL Injection
EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
by Mayur Parmar
CVSS 9.8
EIP-2026-110144 EXPLOITDB python VERIFIED
Online Matrimonial Project 1.0 - Authenticated Remote Code Execution
by Valerio Alessandroni
EIP-2026-104343 EXPLOITDB text
mojoPortal forums 2.7.0.0 - 'Title' Persistent Cross-Site Scripting
by Sagar Banwa
CVE-2020-29477 EXPLOITDB MEDIUM text
Invision Community 4.5.4 - Stored Cross-Site Scripting in Field Name
Invision Community 4.5.4 is affected by cross-site scripting (XSS) in the Field Name field. This vulnerability can allow an attacker to inject the XSS payload in Field Name and each time any user will open that, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 4.8
CVE-2020-37236 EXPLOITDB MEDIUM text
NewsLister Authenticated Persistent Cross-Site Scripting via Admin Panel
NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that execute when news items are viewed by other users.
by Emre Aslan
CVSS 6.4
CVE-2021-27289 EXPLOITDB CRITICAL bash
Ksix Zigbee Smart Home Kit <1.0.3 <1.0.7 - Replay Attack via Frame Counter
A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix (Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12), where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attacker within wireless range can resend captured packets with a higher sequence number, which the devices incorrectly accept as legitimate messages. This allows spoofed commands to be injected without authentication, triggering false alerts and misleading the user through notifications in the mobile application used to monitor the network.
by Alejandro Vazquez Vazquez
CVSS 9.1
CVE-2020-36974 EXPLOITDB HIGH text
Realtek Andrea RT Filters 1.0.64.7 - Code Injection
Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in 'C:\Program Files\IDT\WDM\AESTSr64.exe' to inject malicious code that would execute during service startup or system reboot.
by Manuel Alvarez
CVSS 7.8
CVE-2020-36945 EXPLOITDB HIGH text
WebDamn User Registration Login System - SQL Injection
WebDamn User Registration Login System contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating email credentials. Attackers can inject the payload '<email>' OR '1'='1' in both username and password fields to gain unauthorized access to the user panel.
by Aakash Madaan
CVSS 8.2