Exploitdb Exploits
49,992 exploits tracked across all sources.
Homey BNB V4 - SQL Injection
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'val' parameter. Attackers can send GET requests to the admin/getrecord.php endpoint with malicious 'val' values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
Homey BNB V4 - SQL Injection
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
Homey BNB V4 - SQL Injection
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to the admin/cms_getpagetitle.php endpoint with malicious catid values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
Homey BNB V4 - SQL Injection
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' parameter. Attackers can send GET requests to the admin/edit.php endpoint with time-based SQL injection payloads to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
Homey BNB V4 - SQL Injection
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the hosting_id parameter. Attackers can send GET requests to the rooms/ajax_refresh_subtotal endpoint with malicious hosting_id values to extract sensitive database information or cause denial of service.
by Ahmet Ümit BAYRAM
CVSS 8.2
Thomsonreuters Concourse Matter Room < 2.13.0098 - Path Traversal
An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. An unauthenticated directory traversal and local file inclusion vulnerability in the ThomsonReuters.Desktop.Service.exe and ThomsonReuters.Desktop.exe allows a remote attacker to list or enumerate sensitive contents of files via a \.. to port 6677. Additionally, this could allow for privilege escalation by dumping the affected machine's SAM and SYSTEM database files, as well as remote code execution.
by 0v3rride
CVSS 9.8
Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of Service
by César Adrián Coronado Llanos
Fat Free CRM v0.19.0 - HTML Injection
HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is a XSS protection mechanism.
by Ismail Tasdelen
CVSS 5.4
WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion
by Ali S. Ahmad
WordPress Plugin Anti-Malware Security and Brute-Force Firewall 4.18.63 - Local File Inclusion (PoC)
by Ali S. Ahmad
i-doit Open <1.12 - XSS
An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter.
by BlackFog Team
CVSS 6.1
CMSMS <2.2.10 - Info Disclosure
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG).
by Metasploit
CVSS 6.5
Oracle Virtual Desktop Infrastructure - Insecure Deserialization
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
by Metasploit
CVSS 9.8
gnutls 3.6.6 - 'verify_crt()' Use-After-Free
by Google Security Research
Jettweb Hazir Rent A Car Scripti V4 - SQL Injection
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php endpoint to extract sensitive database information or cause denial of service.
by Ahmet Ümit BAYRAM
CVSS 8.2
XooGallery Latest - SQL Injection
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data, or modify database contents.
by Ahmet Ümit BAYRAM
CVSS 8.2
XooGallery Latest - SQL Injection
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to cat.php with malicious cat_id values to bypass authentication, extract sensitive data, or modify database contents.
by Ahmet Ümit BAYRAM
CVSS 8.2
XooGallery Latest - SQL Injection
XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photo_id parameter. Attackers can send GET requests to photo.php with malicious photo_id values to extract sensitive data, bypass authentication, or modify database contents.
by Ahmet Ümit BAYRAM
CVSS 8.2
XooGallery Latest - SQL Injection
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gal_id parameter. Attackers can send GET requests to gal.php with malicious gal_id values to extract sensitive database information or modify database contents.
by Ahmet Ümit BAYRAM
CVSS 8.2
XooDigital Latest - SQL Injection
XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
Jettweb Php Hazir Ilan Sitesi Scripti V2 - SQL Injection
Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious 'kat' values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
Simple Job Script - XSS
Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the job_type_value parameter in the jobs endpoint. Attackers can craft requests with SVG payload injection to execute arbitrary JavaScript in victim browsers and steal session cookies or perform unauthorized actions.
by Ahmet Ümit BAYRAM
CVSS 6.1
Simple Job Script - SQL Injection
Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the app_id parameter. Attackers can send POST requests to delete_application_ajax.php with crafted payloads to extract sensitive data, bypass authentication, or modify database contents.
by Ahmet Ümit BAYRAM
CVSS 8.2
By Source