Exploitdb Exploits
50,193 exploits tracked across all sources.
SAntivirus IC <10.0.21.61 - Code Injection
SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling privilege escalation to system-level permissions.
by Mara Ramirez
CVSS 7.8
IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path
by Isabel Lopez
DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path
by Teresa Q
Journal < 3.1.0 - Error Information Exposure
The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors.
by Jinson Varghese Behanan
CVSS 7.5
OctoberCMS <1.0.466 - Info Disclosure
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).
by Sivanesh Ashok
CVSS 4.8
Bludit 3.9.2 - Authentication Bruteforce Bypass (Metasploit)
by Aporlorxl23
Touchbase.ai < 2.0 - Basic XSS
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious webpage/website etc. The issue is patched in version 2.0.
by Simran Sankhala
CVSS 8.0
Apache Geode < 7.0.100 - Remote Code Execution
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
by SunCSR
CVSS 9.8
Citrix ADC NetScaler - Local File Inclusion (Metasploit)
by RAMELLA Sebastien
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)
by b1ack0wl
Nidesoft 3GP Video Converter <2.6.18 - Buffer Overflow
Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system.
by Felipe Winsnes
CVSS 8.4
Water Billing System - SQL Injection
SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php.
by Sarang Tumne
CVSS 9.8
Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection
by Abdulazeez Alaseeri
Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
by Synacktiv
Customer Support System 1.0 - Cross-Site Request Forgery
by Ahmed Abbas
Customer Support System 1.0 - 'username' Authentication Bypass
by Ahmed Abbas
Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel
by Ahmed Abbas
CMSUno 1.6.2 - 'user' Remote Code Execution (Authenticated)
by Fatih Çelik
Mitel Shoretel Firmware - XSS
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING& page.
by Joe Helle
CVSS 6.1
Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload
by Fortunato Lodari
Anuko Time Tracker <1.19.23.5325 - Info Disclosure
In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign). This is fixed in version 1.19.23.5325.
by Mufaddal Masalawala
CVSS 8.7
Microvirt MEMU Play 3.7.0 - Code Injection
Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem privileges.
by SamAlucard
CVSS 7.8
Magic Mouse 2 Utilities <2.20 - Privilege Escalation
Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path.
by SamAlucard
CVSS 7.8
KMSpico 17.1.0.0 - Code Injection
KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\Service_KMS.exe to inject malicious executables and escalate privileges.
by SamAlucard
CVSS 7.8
By Source