Exploitdb Exploits
50,186 exploits tracked across all sources.
WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification
by Nawaf Alkeraithe
Webpanel - SQL Injection
CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) allows SQL Injection via the /cwp_{SESSION_HASH}/admin/loader_ajax.php term parameter.
by Berke YILMAZ
CVSS 9.8
HRSALE 1.1.8 - CSRF
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user accounts with elevated privileges.
by Ismail Akıcı
CVSS 4.3
ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path
by Roberto Piña
Codepeople Appointment Booking Calendar - Remote Code Execution
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name) in any booking form to be any formula, which then could be exported via the Bookings list tab in /wp-admin/admin.php?page=cpabc_appointments.php. The attacker could achieve remote code execution via CSV injection.
by Daniel Monzón
CVSS 7.8
Rconfig < 3.9.4 - OS Command Injection
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.
by Engin Demirbilek
CVSS 8.8
Rconfig 3.x Chained Remote Code Execution
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.
by vikingfr
CVSS 9.8
Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection
by Milad karimi
WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure
by RedTeam Pentesting GmbH
Wing FTP Server <6.2.7 - CSRF
Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user account without proper authorization.
by Dhiraj Mishra
CVSS 4.3
Search Meter < 2.13.2 - Remote Code Execution
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
by Daniel Monzón
CVSS 9.8
CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)
by Kevin Randall
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
by Kevin Randall
PlaySMS 1.4.3 - Template Injection / Remote Code Execution
by Touhid M.Shaikh
Joomla! <3.9.7 - Code Injection
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable to CSV injection.
by i4bdullah
CVSS 9.8
Horde Groupware Webmail Edition 5.2.22 - RCE
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125.
by Andrea Cardaci
CVSS 6.5
Horde Groupware Webmail Edition 5.2.22 - RCE
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125.
by Andrea Cardaci
CVSS 6.5
BT CTROMS Terminal OS Port Portal CT-464 - Info Disclosure
An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp request, this token is transmitted not only to the registered phone number of the user account, but is also transmitted to the unauthenticated HTTP client.
by AkkuS
CVSS 8.1
Persian Vip Download Script - SQL Injection
Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit.php active parameter.
by Amir Hossein Vafifar
CVSS 9.8
Horde Groupware Webmail Edition <5.2.22 - Code Injection
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
by Andrea Cardaci
CVSS 9.8
By Source