Exploitdb Exploits
49,996 exploits tracked across all sources.
NovaRad NovaPACS Diagnostics Viewer <8.5.19.75 - XXE Injection
NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack.
by LiquidWorm
CVSS 9.8
Cisco Umbrella Enterprise Roaming Client < 2.1.118 - Improper Privilege Management
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper implementation of file system permissions, which could allow non-administrative users to place files within restricted directories. An attacker could exploit this vulnerability by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges.
by ParagonSec
CVSS 7.8
Cisco Umbrella Enterprise Roaming Client - Improper Input Validation
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper implementation of file system permissions, which could allow non-administrative users to place files within restricted directories. An attacker could exploit this vulnerability by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges.
by ParagonSec
CVSS 7.8
Jorani - XSS
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.
by Javier Olmedo
CVSS 5.4
Jorani - SQL Injection
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
by Javier Olmedo
CVSS 5.4
Apache Roller <5.0.3 - XXE
The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
by Marko Jokic
CVSS 9.8
Endress Wirelesshart Fieldgate Swg70 Firmware - Path Traversal
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
by Hamit CİBO
CVSS 5.3
Fuji Xerox Devices - Info Disclosure
Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands.
by vr_system
CVSS 9.8
Tenda D152 - XSS
Tenda D152 ADSL routers allow XSS via a crafted SSID.
by Sandip Dey
CVSS 5.4
Logicspice FAQ Script <2.9.7 - Command Injection
Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file.
by AkkuS
CVSS 7.2
Simple POS 4.0.24 - SQL Injection
Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.
by Renos Nikolaou
CVSS 9.8
RPi Cam Control < 6.4.25 - 'preview.php' Remote Command Execution
by Reigning Shells
Wikipedia 12.0 Denial of Service via Search
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash.
by 0xB9
CVSS 7.5
Online Quiz Maker 1.0 SQL Injection via catid Parameter
Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to extract sensitive database information or bypass authentication.
by AkkuS
CVSS 7.1
Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)
by Uriel Corral Salinas
Fspro Event Log Explorer - XXE
FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.
by hyp3rlinx
CVSS 3.3
VSAXESS V2.6.2.70 build 20171226_053 - 'Nickname' Denial of Service (PoC)
by Diego Santamaria
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)
by Ghaaf
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)
by Ghaaf
By Source