Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103380 EXPLOITDB
VMWare Fusion - Local Privilege Escalation
by Grimm
CVE-2020-10220 EXPLOITDB CRITICAL ruby VERIFIED
Rconfig 3.x Chained Remote Code Execution
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.
by Metasploit
CVSS 9.8
CVE-2020-10389 EXPLOITDB HIGH python
Chadha PHPKB Standard Multi-Language 9 - Authenticated Remote Code Execution via Global Settings POST Parameters
admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.
by Antonio Cannito
CVSS 7.2
CVE-2020-10387 EXPLOITDB MEDIUM python
Chadha PHPKB Standard Multi-Language 9 - Authenticated Path Traversal via Download Parameter
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
by Antonio Cannito
CVSS 4.9
CVE-2020-10386 EXPLOITDB HIGH python
Chadha PHPKB Standard Multi-Language 9 - Unauthenticated Remote Code Execution via Image Upload
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory.
by Antonio Cannito
CVSS 7.2
EIP-2026-109467 EXPLOITDB text
MiladWorkShop VIP System 1.0 - 'lang' SQL Injection
by AYADI Mohamed
EIP-2026-100308 EXPLOITDB text
Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)
by Miguel Mendez Z
CVE-2020-0796 EXPLOITDB CRITICAL
Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
by eerykitty
CVSS 10.0
EIP-2026-116789 EXPLOITDB python
AnyBurn 4.8 - Buffer Overflow (SEH)
by Richard Davy
EIP-2026-113676 EXPLOITDB text
WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification
by Nawaf Alkeraithe
CVE-2020-10230 EXPLOITDB CRITICAL text
Webpanel - SQL Injection
CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) allows SQL Injection via the /cwp_{SESSION_HASH}/admin/loader_ajax.php term parameter.
by Berke YILMAZ
CVSS 9.8
EIP-2026-101257 EXPLOITDB python
Drobo 5N2 4.1.1 - Remote Command Injection
by Ian Sindermann
CVE-2020-37145 EXPLOITDB MEDIUM text
HRSALE 1.1.8 - Cross-Site Request Forgery via Employee Registration Form
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user accounts with elevated privileges.
by Ismail Akıcı
CVSS 4.3
EIP-2026-116818 EXPLOITDB text
ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path
by Roberto Piña
CVE-2020-9372 EXPLOITDB HIGH text
Appointment Booking Calendar < 1.3.35 - CSV Injection via Booking Form Fields
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name) in any booking form to be any formula, which then could be exported via the Bookings list tab in /wp-admin/admin.php?page=cpabc_appointments.php. The attacker could achieve remote code execution via CSV injection.
by Daniel Monzón
CVSS 7.8
CVE-2020-10221 EXPLOITDB HIGH python
rconfig < 3.9.4 - Authenticated Remote Code Execution via fileName POST Parameter
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.
by Engin Demirbilek
CVSS 8.8
CVE-2020-10220 EXPLOITDB CRITICAL python
Rconfig 3.x Chained Remote Code Execution
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.
by vikingfr
CVSS 9.8
EIP-2026-108455 EXPLOITDB text
Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection
by Milad karimi
EIP-2026-102432 EXPLOITDB text
WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure
by RedTeam Pentesting GmbH
CVE-2020-37079 EXPLOITDB MEDIUM text
Wing FTP Server < 6.2.7 - Cross-Site Request Forgery in Web Administration Interface
Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user account without proper authorization.
by Dhiraj Mishra
CVSS 4.3
CVE-2020-11548 EXPLOITDB CRITICAL text
Search Meter < 2.13.2 - Remote Code Execution via CSV Injection in Search Export
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
by Daniel Monzón
CVSS 9.8
EIP-2026-118391 EXPLOITDB text
CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)
by Kevin Randall
EIP-2026-118390 EXPLOITDB text
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
by Kevin Randall
EIP-2026-116819 EXPLOITDB text
ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path
by Roberto Piña
EIP-2026-112578 EXPLOITDB python
TeamCity Agent XML-RPC 10.0 - Remote Code Execution
by 1F98D