Exploitdb Exploits
49,989 exploits tracked across all sources.
GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection
by Ihsan Sencan
Malicious Git HTTP Server For CVE-2018-17456
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
by joernchen
CVSS 9.8
Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket
Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu to achieve code execution through SEH chain exploitation.
by Abdullah Alıç
CVSS 8.4
Coderpixel Advanced Hrm - Unrestricted File Upload
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
by Renos Nikolaou
CVSS 8.8
Webpanel - Path Traversal
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.
by seccops
CVSS 7.5
Webpanel - OS Command Injection
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
by seccops
CVSS 9.8
Alchemy-cms Alchemy Cms - XSS
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field. NOTE: the vendor's position is that this is not a valid report: "The researcher used an authorized cookie to perform the request to a password-protected route. Without that session cookie, the request would have been rejected as unauthorized."
by Ismail Tasdelen
CVSS 6.1
FLIR AX8 Thermal Camera <1.32.16 - Info Disclosure
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage.
by LiquidWorm
CVSS 7.5
FLIR Brickstream 3D+ <2.1.742.1842 - Info Disclosure
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially enabling authentication bypass and privilege escalation.
by LiquidWorm
CVSS 7.5
FLIR Brickstream 3D+ <2.1.742.1842 - Info Disclosure
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can retrieve video stream images by directly accessing multiple image endpoints like middleImage.jpg, rightimage.jpg, and leftimage.jpg.
by LiquidWorm
CVSS 7.5
Nomachine < 5.3.27 - Untrusted Search Path
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).
by hyp3rlinx
CVSS 7.8
College Notes Management System 1.0 - 'user' SQL Injection
by Ihsan Sencan
Webpanel - XSS
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.
by seccops
CVSS 6.1
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
by Ihsan Sencan
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
by Ihsan Sencan
Academic Timetable Final Build 7.0 - Information Disclosure
by Ihsan Sencan
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
by LiquidWorm
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
by LiquidWorm
Phoenix Contact ILC PLCs - Info Disclosure
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
by Photubias
CVSS 7.3
By Source