Exploitdb Exploits
50,076 exploits tracked across all sources.
Microsoft Exchange Server - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
by Metasploit
CVSS 8.8
EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.
by Metasploit
CVSS 9.8
UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read
by NgoAnhDuc
GUnet OpenEclass 1.7.3 - Improper Access Control via phpMyAdmin Remote Login
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise.
by emaragkos
CVSS 8.8
GUnet OpenEclass 1.7.3 - Info Disclosure
GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access.
by emaragkos
CVSS 6.5
GUnet OpenEclass 1.7.3 - Info Disclosure
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can retrieve system info, version info, and view or download other users' files without proper authorization.
by emaragkos
CVSS 4.3
GUnet OpenEclass 1.7.3 - Auth Bypass
GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploading files. By renaming a PHP file to .php3 or .PhP, an attacker can upload a web shell and execute arbitrary code on the server. This vulnerability enables remote code execution by bypassing the intended file type checks in the exercise submission feature.
by emaragkos
CVSS 8.8
GUnet OpenEclass 1.7.3 - SQL Injection
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. Attackers can exploit the 'month' parameter in the agenda module and other endpoints to extract sensitive database information using error-based or time-based injection techniques.
by emaragkos
CVSS 7.1
Windows Win32k - Privilege Escalation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
by piotrflorczyk
CVSS 7.8
Alfresco < 5.2.7 and < 6.2.0 - Authenticated Stored Cross-Site Scripting via Uploaded Document
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
by Alexandre ZANNI
CVSS 5.4
RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection
by Olga Villagran
RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection
by Paulina Girón
Cyberoam Authentication Client <2.1.2.7 - RCE
Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) memory. Attackers can craft a malicious input in the 'Cyberoam Server Address' field to trigger a bind TCP shell on port 1337 with system-level access.
by Andrey Stoykov
CVSS 9.8
Microsoft Exchange Server - Remote Code Execution via Memory Corruption
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
by Photubias
CVSS 8.8
Broadcom Unified Infrastructure Management < 9.20 - Remote Code Execution via Buffer Overflow in Robot Component
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
by wetw0rk
CVSS 9.8
Tutor LMS < 1.5.3 - Cross-Site Request Forgery
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
by Jinson Varghese Behanan
CVSS 6.5
Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)
by Lucas Amorim
Joplin < 1.0.184 - Stored Cross-Site Scripting and Arbitrary File Read
Joplin through 1.0.184 allows Arbitrary File Read via XSS.
by Javier Olmedo
CVSS 5.4
netkit-telnet-0.17 telnetd (Fedora 31) - 'BraveStarr' Remote Code Execution
by Immunity
TP-Link TL-WR849N 0.9.1 4.16 - Remote Code Execution via Traceroute Shell Metacharacter Injection
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
by Elber Tavares
CVSS 9.8
TP-LINK TL-WR849N 0.9.1 4.16 - Unauthenticated Firmware Replacement via cgi/softup POST Request
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.
by Elber Tavares
CVSS 6.1
Intelbras WRN 240 Firmware - Unauthenticated Firmware Replacement via Firmware.cfg URI
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI.
by Elber Tavares
CVSS 7.5
By Source