Exploitdb Exploits

50,193 exploits tracked across all sources.

Sort: Activity Stars
CVE-2020-25988 EXPLOITDB MEDIUM python
Genexis Platinum 4410 Firmware - Cleartext Transmission
UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent.
by Nitesh Surana
CVSS 6.5
CVE-2020-24365 EXPLOITDB HIGH python
Gemtek WRTM-127ACN/WRTM-127x9 - Command Injection
An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on the target machine. Commands are executed as the root user (uid 0). (Even if a login is required, most routers are left with default credentials.)
by Gabriele Zuddas
CVSS 8.8
CVE-2020-1472 EXPLOITDB MEDIUM python
Netlogon Weak Cryptographic Authentication
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
by West Shepherd
CVSS 5.5
EIP-2026-114275 EXPLOITDB text
Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting (Authenticated)
by ZwX
CVE-2020-25820 EXPLOITDB MEDIUM text
Bigbluebutton < 2.2.27 - SSRF
BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF attacks via an uploaded Office document that has a crafted URL in an ODF xlink field.
by RedTeam Pentesting GmbH
CVSS 6.5
CVE-2020-36978 EXPLOITDB MEDIUM text
Froxlor Server Management Panel <0.10.16 - XSS
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules.
by Vulnerability-Lab
CVSS 6.4
CVE-2020-35263 EXPLOITDB CRITICAL text
Egavilanmedia User Registration And L... - SQL Injection
EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution.
by Kislay Kumar
CVSS 9.8
CVE-2020-29168 EXPLOITDB CRITICAL text
Online Doctor Appointment Booking System Php And Mysql - SQL Injection
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint.
by Ramil Mustafayev
CVSS 9.8
CVE-2020-0674 EXPLOITDB HIGH text
Microsoft Internet Explorer - Use After Free
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
by maxpl0it
CVSS 7.5
EIP-2026-117406 EXPLOITDB text
LCD_Service 1.0.1.0 - 'LCD_Service' Unquote Service Path
by Gerardo González
EIP-2026-113609 EXPLOITDB text
WordPress Plugin Buddypress 6.2.0 - Persistent Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-112472 EXPLOITDB text
SugarCRM 6.5.18 - Persistent Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-108130 EXPLOITDB text
Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 - Multiple Vulnerabilities
by Vulnerability-Lab
CVE-2019-0230 EXPLOITDB CRITICAL python
Apache Struts < 2.5.20 - Prototype Pollution
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
by West Shepherd
CVSS 9.8
CVE-2020-13151 EXPLOITDB CRITICAL python
Aerospike Database UDF Lua Code Execution
Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.
by Matt S
CVSS 9.8
CVE-2020-36979 EXPLOITDB HIGH text
Atheros Coex Service App 8.0.0.255 - Privilege Escalation
Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup.
by Isabel Lopez
CVSS 7.8
CVE-2020-36970 EXPLOITDB HIGH text
PMB 5.6 - Info Disclosure
PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the getgif.php endpoint.
by 41-trk
CVSS 8.4
CVE-2020-25952 EXPLOITDB CRITICAL text
Phpgurukul User Registration & Login ... - SQL Injection
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
by Mayur Parmar
CVSS 9.8
CVE-2020-29287 EXPLOITDB CRITICAL text
Car Rental Management System <1.0 - SQL Injection
An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.
by Mehmet Kelepçe
CVSS 9.8
EIP-2026-117423 EXPLOITDB text
Logitech Solar Keyboard Service - 'L4301_Solar' Unquoted Service Path
by Jair Amezcua
EIP-2026-117385 EXPLOITDB text
KiteService 1.2020.1113.1 - 'KiteService.exe' Unquoted Service Path
by IRVIN GIL
EIP-2026-116740 EXPLOITDB text
Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path
by Jair Amezcua
EIP-2026-113182 EXPLOITDB text
Water Billing System 1.0 - 'id' SQL Injection (Authenticated)
by Mehmet Kelepçe
EIP-2026-110460 EXPLOITDB text
Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection (Authenticated)
by Matthew Aberegg
EIP-2026-105716 EXPLOITDB text
Car Rental Management System 1.0 - Remote Code Execution (Authenticated)
by Mehmet Kelepçe
By Source
All 50,193 Writeup 54,084 Exploitdb 50,193 Nomisec 21,431 Metasploit 3,228 Github 2,586 Vulncheck_xdb 904 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,368 ruby 5,960 python 5,951 c 3,580 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 55 postscript 25 xml 24