Exploitdb Exploits
50,186 exploits tracked across all sources.
aSc TimeTables 2020.11.4 - DoS
aSc TimeTables 2020.11.4 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Subject title field with a large buffer. Attackers can generate a 1000-character buffer and paste it into the Subject title to trigger an application crash and potential instability.
by Ismael Nava
CVSS 7.5
Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)
by berat isler
CardGate Payments <3.1.15 - Auth Bypass
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
by GeekHack
CVSS 8.1
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
by GeekHack
eLection 2.0 - Authenticated SQL Injection
eLection 2.0 contains an authenticated SQL injection vulnerability in the candidate management endpoint that allows attackers to manipulate database queries through the 'id' parameter. Attackers can leverage SQLMap to exploit the vulnerability, potentially gaining remote code execution by uploading backdoor files to the web application directory.
by J3rryBl4nks
CVSS 7.1
ATutor 2.2.4 - SQL Injection
ATutor 2.2.4 contains a SQL injection vulnerability in the admin user deletion page that allows authenticated attackers to manipulate database queries through the 'id' parameter. Attackers can exploit the vulnerability by injecting malicious SQL code into the 'id' parameter of the admin_delete.php script to potentially extract or modify database information.
by Andrey Stoykov
CVSS 7.1
ACE Security WiP-90113 HD Camera - Info Disclosure
ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /config_backup.bin endpoint, exposing credentials and system settings.
by Todor Donev
CVSS 7.5
AMSS++ 4.31 - SQL Injection
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents.
by indoushka
CVSS 8.2
AMSS++ 4.7 - Auth Bypass
AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system.
by indoushka
CVSS 7.5
DotNetNuke 9.5 - XSS
DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users to upload malicious XML files with executable scripts through journal tools. Attackers can upload XML files with XHTML namespace scripts to execute arbitrary JavaScript in users' browsers, potentially bypassing CSRF protections and performing more damaging attacks.
by Sajjad Pourali
CVSS 6.4
ESCAM QD-900 WIFI HD - Info Disclosure
ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup can include administrative credentials and other sensitive device settings, enabling an unauthenticated remote attacker to obtain information that may facilitate further compromise of the camera or connected network.
by Todor Donev
Pablosoftwaresolutions Quick 'N Easy Web Server - Out-of-Bounds Write
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.
by Cody Winkler
CVSS 7.5
GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection
by emaragkos
CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)
by J3rryBl4nks
Real Web Pentesting Tutorial Step by Step - [Persian]
by Meisam Monsef
Apache James Server 2.3.2 - RCE
Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors.
by Metasploit
CVSS 8.1
Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)
by Metasploit
Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)
by Metasploit
Golang Package SSH - Signature Verification Bypass
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.
by Mark Adams
CVSS 7.5
Zoho ManageEngine EventLog Analyzer <10.0 SP1 Build 12110 - Information Disclosure
An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewing credential data stored in the database, and recover the MD5 hashes of the accounts used to authenticate the ManageEngine platform to the managed machines on the network (most often administrative accounts). Specifically, this bypasses these restrictions: a query cannot mention password, and a query result cannot have a password column.
by Scott Goodwin
CVSS 8.8
SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure
by Todor Donev
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
by Todor Donev
I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure
by Todor Donev
IP Office App Server <11 - XSS
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported versions, were not evaluated.
by Scott Goodwin
CVSS 5.4
By Source