Exploitdb Exploits
50,076 exploits tracked across all sources.
WordPress Theme Zoner Real Estate 4.1.1 Persistent XSS
WordPress Theme Zoner Real Estate 4.1.1 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through the Address input field when creating properties. Attackers can inject JavaScript payloads in the property creation form that execute when administrators view the property for approval, enabling cookie theft and session hijacking.
by m0ze
CVSS 5.4
Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File
Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the vulnerability when imported and executed, enabling reverse shell execution with user privileges.
by Xavi Beltran
CVSS 9.8
thesystem App 1.0 - SQL Injection
thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts.
by Anıl Baran Yelken
CVSS 7.5
TheSystem 1.0 - SQL Injection
TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'server_name' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information.
by Sadik Cetin
CVSS 7.5
InoERP 0.7.2 - Unauthenticated Stored Cross-Site Scripting in Comment Section
InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to inject malicious scripts. Attackers can submit comments with JavaScript payloads that execute in other users' browsers, potentially stealing cookies and session information.
by strider
CVSS 5.4
V-SOL GPON/EPON OLT Platform 2.03 - Info Disclosure
V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability that allows attackers to download configuration files via direct object reference. Attackers can retrieve sensitive configuration data by sending HTTP GET requests to the usrcfg.conf endpoint, potentially enabling authentication bypass and system access.
by LiquidWorm
CVSS 7.5
V-SOL GPON/EPON OLT Platform 2.03 - CSRF
V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to create admin users, enable SSH, or modify system settings by tricking authenticated administrators into loading a specially crafted page.
by LiquidWorm
CVSS 4.3
V-SOL GPON/EPON OLT Platform v2.03 - Privilege Escalation
V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod' set to integer value '1' to elevate their privileges.
by LiquidWorm
CVSS 9.8
Chamilo LMS 1.11.8 - Authenticated RCE
Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute arbitrary code by accessing the uploaded files.
by Sohel Yousef
CVSS 8.8
Yoast Duplicate-Post WP <3.2.3 - XSS
Yoast Duplicate-Post WordPress Plugin 3.2.3 contains a persistent cross-site scripting vulnerability in plugin settings parameters. Attackers can inject malicious scripts into title prefix, suffix, menu order, and blacklist fields to execute arbitrary JavaScript in admin interfaces.
by Unk9vvN
CVSS 5.5
inoERP 4.15 - SQL Injection via Insecure Deserialization in download.php
download.php in inoERP 4.15 allows SQL injection through insecure deserialization.
by Semen Alexandrovich Lyhin
CVSS 9.8
citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection
by cakes
all-in-one-seo-pack 3.2.7 - Persistent Cross-Site Scripting
by Unk9vvN
WordPress Server Log Viewer 1.0 - XSS
WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface.
by strider
CVSS 6.4
YzmCMS V5.3 - HTTP Host Header Injection
An HTTP Host header injection vulnerability exists in YzmCMS V5.3. A malicious user can poison a web cache or trigger redirections.
by Debashis Pal
CVSS 6.1
SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service
by Emilio Revelo
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by Metasploit
gitlabhook 0.0.17 - OS Command Injection via Repository Name
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.
by Semen Alexandrovich Lyhin
CVSS 10.0
Microsoft SharePoint Foundation - Cross-Site Scripting
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
by Davide Cioccia
CVSS 5.4
Easy File Sharing Web Server 7.2 - Buffer Overflow
Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of padding followed by a nseh value and seh pointer to trigger the overflow when adding a new user account.
by x00pwn
CVSS 8.4
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
by Metasploit
CVSS 9.8
File Sharing Wizard 1.5.0 - Buffer Overflow
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331.
by x00pwn
CVSS 9.8
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service
by Google Security Research
DeviceViewer 3.12.0.1 - 'creating user' Denial of Service
by x00pwn
By Source