Exploitdb Exploits
50,186 exploits tracked across all sources.
AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)
by Xenofon Vassilakopoulos
Composr CMS 10.0.30 - Persistent Cross-Site Scripting
by Manuel García Cárdenas
Open edX Ironwood 2.5 - RCE
Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated code" screen, edit the problem, and execute Python code. This leads to arbitrary code execution.
by Daniel Monzón
CVSS 8.8
CraftCMS 3 vCard Plugin 1.0.0 - Code Injection
CraftCMS 3 vCard Plugin 1.0.0 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary PHP code through a crafted payload. Attackers can generate a malicious serialized payload that triggers remote code execution by exploiting the plugin's vCard download functionality with a specially crafted request.
by Wade Guest
CVSS 9.8
BIND - DoS
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.
by Teppei Fukuda
CVSS 7.5
Victor CMS 1.0 - Authenticated RCE
Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the user_image parameter. Attackers can upload a malicious PHP shell to the /img/ directory and execute system commands by accessing the uploaded file with a 'cmd' parameter.
by Kishan Lal Choudhary
CVSS 8.8
Victor CMS 1.0 - XSS
Victor CMS 1.0 contains a stored cross-site scripting vulnerability in the 'comment_author' POST parameter that allows attackers to inject malicious scripts. Attackers can submit crafted JavaScript payloads through the comment submission form to execute arbitrary code in victim browsers.
by Kishan Lal Choudhary
CVSS 7.2
PHP-Fusion 9.03.50 - SQL Injection
A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,
by SunCSR
CVSS 7.2
NukeViet 4.4 - CSRF
modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed.
by JEBARAJ
CVSS 6.5
NukeViet 4.4 - CSRF
modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI.
by JEBARAJ
CVSS 6.5
NukeViet 4.4 - CSRF
clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.
by JEBARAJ
CVSS 8.8
Submitty <20.04.01 - XSS
Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow.
by humblelad
CVSS 5.4
qdPM 9.1 - 'cfg[app_app_name]' Persistent Cross-Site Scripting
by Kishan Lal Choudhary
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
by Metasploit
CVSS 8.8
Forma.lms The E-Learning Suite 2.3.0.2 - XSS
Forma.lms The E-Learning Suite 2.3.0.2 contains a persistent cross-site scripting vulnerability in multiple course and profile parameters. Attackers can inject malicious scripts in course code, name, description fields, and email parameter to execute arbitrary JavaScript without proper input sanitization.
by Daniel Ortiz
CVSS 6.4
Monstra CMS 3.0.4 - Code Injection
Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.
by Kishan Lal Choudhary
CVSS 8.8
WordPress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection
by Nguyen Khang
Online Healthcare Patient Record Management System 1.0 - Authentication Bypass
by Daniel Monzón
Online Healthcare management system 1.0 - Authentication Bypass
by BKpatron
HP Linuxki < 6.0-2 - Remote Code Execution
LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.
by Cody Winkler
CVSS 9.8
Oracle Food and Beverage Apps <5.7 - RCE
Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Food and Beverage Applications. The supported version that is affected is 5.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality RES 3700. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
by Walid Faour
CVSS 9.0
Mikrotik Router Monitoring System <2018-10-22 - SQL Injection
An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in check_community.php via the parameter community.
by jul10l1r4
CVSS 9.8
By Source