Exploitdb Exploits
50,186 exploits tracked across all sources.
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
by Nick Frichette
CVSS 8.8
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
by Nick Frichette
CVSS 8.8
Aerohive HiveOS - DoS
Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthenticated attackers to render the web interface unusable. Attackers can send a crafted HTTP request to the action.php5 script with specific parameters to trigger a 5-minute service disruption.
by LiquidWorm
CVSS 7.5
Online Clothing Store - Unrestricted File Upload
SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php.
by Sushant Kamble
CVSS 9.8
Sourcecodester Pisay Online E-Learning System 1.0 - SQL Injection
Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution (RCE) via the user_email, user_pass, and id parameters on the admin login-portal and the edit-lessons webpages.
by boku
CVSS 9.8
School File Management System 1.0 - 'username' SQL Injection
by Tarun Sehgal
Online AgroCulture Farm Management System 1.0 - 'pid' SQL Injection
by BKpatron
Car Park Management System 1.0 - Authentication Bypass
by Tarun Sehgal
Draytek VigorAP 1000C - Persistent Cross-Site Scripting
by Vulnerability-Lab
webTareas 2.0.p8 - Privilege Escalation
webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through an unauthenticated file deletion mechanism.
by Besim
CVSS 9.8
i-doit Open Source CMDB 1.14.1 - File Deletion
i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the delete_import parameter. Attackers can send a POST request to the import module with a crafted filename to remove files from the server's filesystem.
by Besim
CVSS 8.8
Booked Scheduler 2.7.7 - Path Traversal
Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating directory path traversal techniques.
by Besim
CVSS 6.5
Online Clothing Store - XSS
SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php.
by Sushant Kamble
CVSS 6.1
Online Clothing Store - SQL Injection
SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php.
by Sushant Kamble
CVSS 9.8
webERP 4.15.1 - Info Disclosure
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup_[timestamp].sql.gz file.
by Besim
CVSS 9.8
Fishing Reservation System 7.5 - SQL Injection
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database management system and web application without user interaction.
by Vulnerability-Lab
CVSS 7.1
BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection
by Daniel Martinez Adan
Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path
by Nguyen Khang
By Source