Exploitdb Exploits
49,983 exploits tracked across all sources.
Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 - XSS
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
by Angelo Ruwantha
Zohocorp Manageengine Opmanager < 12.4.034 - Missing Authentication
An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. One can bypass the user password requirement and execute commands on the server. The "username+'@opm' string is used for the password. For example, if the username is admin, the password is admin@opm.
by AkkuS
CVSS 9.8
Zohocorp Manageengine Applications Manager < 14.0 - SQL Injection
An issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature.
by AkkuS
CVSS 8.8
Zohocorp Manageengine Applications Manager < 14.2 - SQL Injection
An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature.
by AkkuS
CVSS 8.8
Apple Icloud < 7.13 - XSS
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
by Google Security Research
CVSS 6.1
Webmin < 1.920 - OS Command Injection
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
by AkkuS
CVSS 9.8
NSA Ghidra <9.1 - Path Traversal
In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.
by Etienne Lacoche
CVSS 7.8
Linux - Use-After-Free Reads in show_numa_stats()
by Google Security Research
Cisco Adaptive Security Appliance Software < 9.1.7.29 - Path Traversal
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
by Angelo Ruwantha
CVSS 7.5
Open-School <3.0-2.3 - XSS
Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.
by Greg.Priest
CVSS 6.1
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - SQL Injection
by qw3rTyTy
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - Arbitrary File Download
by qw3rTyTy
Daily Expense Manager 1.0 - Cross-Site Request Forgery (Delete Income)
by Mr Winst0n
Schben Adive 2.0.7 - CSRF
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.
by Pablo Santiago
CVSS 8.8
Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)
by Ege Balci
Aptana Jaxer 1.0.3.4547 - Info Disclosure
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
by Steph Jensen
CVSS 6.5
BearDev JoomSport <3.3 - SQL Injection
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.
by Pablo Santiago
CVSS 9.8
Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability
by Google Security Research
ARMBot - Unrestricted File Upload
ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../public_html/ to write executable code to the web root and achieve remote code execution.
by prsecurity
CVSS 7.5
Apache Tika <1.18 - Command Injection
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.
by Metasploit
CVSS 8.1
Apple Mac OS X < 10.14.6 - Use After Free
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.
by Google Security Research
CVSS 9.8
sar2html <3.2.2 - Command Injection
An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to the plot parameter (e.g., ?plot=;id) in a crafted GET request. The output of the command is displayed in the application's interface after interacting with the host selection UI. Successful exploitation leads to arbitrary command execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.
by Cemal Cihad ÇİFTÇİ
Rest - Cafe and Restaurant Website CMS - 'slug' SQL Injection
by n1x_
1CRM On-Premise Software 8.5.7 - XSS
1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.
by Kusol Watchara-Apanukorn
CVSS 5.4
WebIncorp ERP - SQL Injection
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. Attackers can send GET requests to product_detail.php with malicious prod_id values to extract sensitive database information.
by n1x_
CVSS 8.2
By Source