Exploitdb Exploits
49,983 exploits tracked across all sources.
RICOH Web Image Monitor 1.09 - XSS
RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. Attackers can exploit the entryNameIn and entryDisplayNameIn parameters to insert arbitrary HTML content, potentially enabling cross-site scripting attacks.
by Ismail Tasdelen
CVSS 6.1
Heatmiser Netmonitor v3.03 - XSS
Heatmiser Netmonitor v3.03 contains an HTML injection vulnerability in the outputSetup.htm page that allows attackers to inject malicious HTML code through the outputtitle parameter. Attackers can craft specially formatted POST requests to the outputtitle parameter to execute arbitrary HTML and potentially manipulate the web interface's displayed content.
by Ismail Tasdelen
CVSS 6.1
Heatmiser Netmonitor 3.03 - Hardcoded Credentials
Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable admin login credentials. Attackers can access the device by using the hard-coded username 'admin' and password 'admin' in the hidden form input fields.
by Ismail Tasdelen
CVSS 7.5
FTP Navigator 8.03 - RCE
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
by boku
CVSS 9.8
E Learning Script 1.0 - Auth Bypass
E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain unauthorized access to the system.
by riamloo
CVSS 6.5
Domain Quester Pro 6.02 - RCE
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation and execute a bind shell on port 9999.
by boku
CVSS 9.8
AVS Audio Converter <9.1.2.600 - Code Injection
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button is clicked.
by boku
CVSS 8.8
Homeautomation - Authentication Bypass by Spoofing
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution.
by LiquidWorm
CVSS 9.8
Homeautomation - CSRF
HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'set_command_on' and 'set_command_off' POST parameters in '/system/systemplugins/customcommand/customcommand.plugin.php' by using an unsanitized PHP exec() function.
by LiquidWorm
CVSS 8.0
AVE Dominaplus < 1.10.77 - Missing Authentication
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can exploit this issue to cause a denial of service scenario.
by LiquidWorm
CVSS 7.5
AVE Dominaplus < 1.10.77 - Insufficiently Protected Credentials
AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.
by LiquidWorm
CVSS 9.8
AVE Dominaplus < 1.10.77 - Authentication Bypass
AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication security control and access the management interface with admin privileges without providing credentials.
by LiquidWorm
CVSS 9.8
Domoticz Mydomoathome - Incorrect Authorization
Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.
by LiquidWorm
CVSS 7.5
Homeautomation - CSRF
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
by LiquidWorm
CVSS 8.8
Homeautomation - XSS
HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session.
by LiquidWorm
CVSS 6.1
Wing FTP Server 6.0.7 - Privilege Escalation
Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.
by Nawaf Alkeraithe
CVSS 7.8
AVE DOMINAplus <1.10.x - XSS, CSRF
AVE DOMINAplus 1.10.x contains cross-site request forgery and cross-site scripting vulnerabilities that allow attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to exploit login.php parameters and execute arbitrary scripts in user browser sessions.
by LiquidWorm
CVSS 5.3
Microsoft Windows 10 1507 - Improper Privilege Management
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.
by Metasploit
CVSS 7.8
OpenBSD Dynamic Loader chpass Privilege Escalation
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries to strip LD_LIBRARY_PATH from the environment, but fails when it cannot allocate memory. Thus, the attacker is able to execute their own library code as root.
by Metasploit
CVSS 7.8
Reptile Rootkit - reptile_cmd Privilege Escalation (Metasploit)
by Metasploit
XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin)
by Ismail Tasdelen
XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin)
by Ismail Tasdelen
XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery (Add Admin)
by Ismail Tasdelen
By Source