Exploitdb Exploits
50,076 exploits tracked across all sources.
Joomla Component GMapFP <J3.5/J3.5free - Info Disclosure
In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions.
by ThelastVvV
CVSS 7.5
Setelsa Conacwin 3.7.1.2 - Local File Inclusion
by Bryan Rodriguez Martin
YATinyWinFTP >=0.0.5 <0.0.5 - Denial of Service via Malformed Command Buffer Overflow
YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecting and sending a malformed command that triggers a buffer overflow and service crash.
by strider
CVSS 9.8
Intelbras Router RF 301K <1.1.2 - Auth Bypass
Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. Attackers can send a specific HTTP GET request to /cgi-bin/DownloadCfg/RouterCfm.cfg to retrieve sensitive router configuration without authentication.
by Kaio Amaral
CVSS 7.5
ATX miniCMTS200a Broadband Gateway and Pico CMTS <= 2.0 - Unauthenticated Path Traversal
A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Successful exploitation of this vulnerability would allow an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request.
by Zagros Bingol
CVSS 7.5
Rejetto HTTP File Server <2.3c - RCE
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
by Óscar Andreu
CVSS 9.8
WordPress Theme Wibar 1.1.8 Stored Cross-Site Scripting via Brand Component
WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows authenticated users to inject malicious scripts by manipulating the Logo URL parameter. Attackers with editor, administrator, contributor, or author privileges can inject base64-encoded script payloads through the ftc_brand_url input field to execute arbitrary JavaScript when users visit the brand page.
by Ilca Lucian Florin
CVSS 6.4
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via Text Annotation Point Attribute
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.
by CrossWire
CVSS 8.8
Wordpress Theme Accesspress Social Icons 1.7.9 - SQL injection (Authenticated)
by SunCSR
WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting
by Sun* Cyber Security Research Team
FrozenNode Laravel-Administrator <5.0.12 - RCE
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued.
by Xavi Beltran
CVSS 7.2
ElkarBackup 1.3.3 - 'Policy[name]' and 'Policy[Description]' Stored Cross-site Scripting
by Vyshnav nk
Best Support System v3.0.4 - Authenticated Stored Cross-Site Scripting
An Authenticated Persistent XSS vulnerability was discovered in the Best Support System, tested version v3.0.4.
by Ex.Mi
CVSS 5.4
Acronis Cyber Backup < 12.5 - Server-Side Request Forgery via Custom Shard Header
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SSRF attacks against otherwise unreachable Acronis services that are bound to localhost such as the NotificationService on 127.0.0.1:30572.
by Julien Ahrens
CVSS 6.5
libupnp < 1.6.18 - Remote Code Execution via SSDP Unique Service Name Parsing
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
by Patrik Lantz
Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution
by Emre SUREN
Pure-FTPd 1.0.48 - Denial of Service via Connection Limit Exhaustion
Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit.
by xynmaps
CVSS 7.5
Razer Chroma SDK < 3.12.17 - Remote Code Execution via Race Condition in App Registration
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236 for a registration step.
by Loke Hui Yi
CVSS 8.1
Wondershare Driver Install Service - Privilege Escalation
Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling privilege escalation to LocalSystem account.
by Luis Sandoval
CVSS 7.8
WonderCMS 3.1.3 - Stored Cross-Site Scripting in Admin Panel Page Keywords
WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload.
by Mayur Parmar
CVSS 4.8
SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow
by Abdessalam king
osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting
by Emre Aslan
By Source