Exploitdb Exploits
50,193 exploits tracked across all sources.
OpenCart 3.0.3.6 - XSS
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail. This vulnerability can allow an attacker to inject the XSS payload in the Subject field of the mail and each time any user will open that mail of the website, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 4.8
OpenCart 3.0.3.6 - XSS
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image. An admin can upload a profile image as a malicious code using JavaScript. Whenever anyone will see the profile picture, the code will execute and XSS will trigger.
by Hemant Patidar
CVSS 4.8
nopCommerce Store 4.30 - XSS
nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in the Schedule tasks name field. This vulnerability can allow an attacker to inject the XSS payload in Schedule tasks and each time any user will go to that page of the website, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 4.8
Apache Openmeetings < 5.0.0 - Denial of Service
Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack.
by SunCSR
CVSS 7.5
Zeroshell - OS Command Injection
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
by Giuseppe Fuggiano
CVSS 9.8
Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)
by maj0rmil4d
Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH)
by Luis Martínez
LifeRay Portal CE <7.2.1 GA2 - XSS
In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload will then be rendered when a user utilizes the search feature to search for other users (i.e., if a user with modified fields occurs in the search results). This issue was fixed in Liferay Portal CE version 7.3.0 GA1.
by 3ndG4me
CVSS 5.4
TP-Link TL-WA855RE V5 - Privilege Escalation
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.
by malwrforensics
CVSS 8.8
Zortam Mp3 Media Studio 27.60 - RCE
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system.
by Vincent Wolterman
CVSS 9.8
IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow
by Paolo Stagno
Free MP3 CD Ripper 2.8 - Multiple File Buffer Overflow (Metasploit)
by ZwX
Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit
by stresser
WonderCMS 3.1.3 - XSS
WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Page description component. This vulnerability can allow an attacker to inject the XSS payload in the Page description and each time any user will visits the website, the XSS triggers and attacker can steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 5.4
M/Monit 3.7.4 - Privilege Escalation
M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standard user account.
by Dolev Farhi
CVSS 8.8
M/Monit 3.7.4 - Auth Bypass
M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.
by Dolev Farhi
CVSS 6.5
Ortussolutions Testbox < 4.1.0 - Path Traversal
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution.
by Darren King
CVSS 9.8
Ortussolutions Testbox < 4.1.0 - Path Traversal
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal.
by Darren King
CVSS 5.3
Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)
by Vincent Wolterman
Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
by Jasper Rasenberg
Cxuucms - SQL Injection
cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php.
by icekam
CVSS 7.5
Pescms Team - XSS
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=
by icekam
CVSS 6.1
Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
by Emre ÖVÜNÇ
Fortinet Fortiproxy < 1.2.9 - Incorrect Authorization
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
by Ricardo Longatto
CVSS 9.1
By Source