Exploitdb Exploits
50,076 exploits tracked across all sources.
EnterpriseDT CompleteFTP Server <12.1.3 - Info Disclosure
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash.
by 1F98D
CVSS 4.3
Supermicro X10DRH-iT BIOS 2.0a and IPMI Firmware 03.40 - Cross-Site Request Forgery via cgi/config_user.cgi
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. The fixed versions are BIOS 3.2 and firmware 03.88.
by Metin Yunus Kandemir
CVSS 8.8
Global RADAR BSA Radar <1.6.7234.24750 - Privilege Escalation
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable functions are exposed: ChangePassword, SaveUserProfile, and GetUser.
by William Summerhill
CVSS 9.8
Joomla J2 JOBS 1.3.0 Authenticated SQL Injection via sortby
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract sensitive database information.
by Mehmet Kelepçe
CVSS 7.1
Sickbeard alpha - Command Injection
Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the vulnerable Sickbeard installation.
by bdrake
CVSS 9.8
Microsoft Windows mshta.exe 2019 - XML External Entity Injection
by hyp3rlinx
Global RADAR BSA Radar <1.6.7234.24750 - Privilege Escalation
A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.
by William Summerhill
CVSS 8.8
Exhibitor Web UI <1.7.1 - Command Injection
An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker can execute any command as the user running the Exhibitor process.
by Logan Sanderson
CVSS 9.8
Fire Web Server 0.1 - Remote Denial of Service (PoC)
by Saeed reza Zamanian
RiteCMS 2.2.1 - Authenticated OS Command Execution via Filemanager PHP Upload
An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section.
by Enes Özeser
CVSS 8.8
Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution
by Basim Alabdullah
File Management System 1.1 - Persistent Cross-Site Scripting
by KeopssGroup0day_Inc
RSA Identity Governance and Lifecycle < 7.1.0 P08 - Authenticated Code Injection via Groovy Script Execution
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to view or modify information on the Workflow system.
by Jakub Palaczynski
CVSS 6.4
BIG-IP 11.6.1-11.6.5.1 - Remote Code Execution via TMUI Undisclosed Pages
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
by Critical Start
CVSS 9.8
Grafana 3.0.1-7.0.1 - Unauthenticated Server-Side Request Forgery via Avatar Feature
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
by mostwanted002
CVSS 8.2
BIG-IP 11.6.1-11.6.5.1 - Remote Code Execution via TMUI Undisclosed Pages
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
by Budi Khoirudin
CVSS 9.8
OCS Inventory NG 2.7 - Remote Code Execution via Shell Metacharacters in SNMP MIB File Handling
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.
by Askar
CVSS 8.8
RM Downloader 2.50.60 - Buffer Overflow
RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching calc.exe.
by Paras Bhatia
CVSS 8.4
e-Learning PHP Script 0.1.0 - SQL Injection
e-Learning PHP Script 0.1.0 contains a SQL injection vulnerability in the search functionality that allows attackers to manipulate database queries through unvalidated user input. Attackers can inject malicious SQL code in the 'search' parameter to potentially extract, modify, or access sensitive database information.
by KeopssGroup0day_Inc
CVSS 8.2
By Source