Exploitdb Exploits
49,996 exploits tracked across all sources.
Ecessa Edge EV150 10.7.4 - CSRF
Ecessa Edge EV150 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web page with a form that submits requests to the /cgi-bin/pl_web.cgi/util_configlogin_act endpoint to add superuser accounts with arbitrary credentials.
by LiquidWorm
CVSS 5.3
Ecessa WANWorx WVR-30 <10.7.4 - CSRF
Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an authenticated administrator into loading the page.
by LiquidWorm
CVSS 4.3
Ecessa ShieldLink SL175EHQ 10.7.4 - CSRF
Ecessa ShieldLink SL175EHQ 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web page with a hidden form to add a superuser account by tricking a logged-in administrator into loading the page.
by LiquidWorm
CVSS 5.3
Intex N150 - CSRF
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.
by Samrat Das
CVSS 8.8
Intex N150 - CSRF
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.
by Samrat Das
CVSS 8.8
Intex N150 - Info Disclosure
An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability, an attacker can upload any malicious file and force reboot the router with it.
by Samrat Das
CVSS 8.1
Foxitsoftware Foxit Reader < 9.0.1.1049 - Use After Free
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.
by mr_me
CVSS 8.8
iThemes Security <7.0.3 - SQL Injection
The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.
by Çlirim Emini
CVSS 7.2
WordPress Comments Import & Export <2.0.4 - Code Injection
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
by Bhushan B. Patil
CVSS 7.8
WordPress <1.5.4 - Code Injection
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.
by Bhushan B. Patil
CVSS 7.8
Linux Kernel < 4.17.2 - Denial of Service
In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.
by Google Security Research
CVSS 4.9
Ecessa Shieldlink Sl175ehq Firmware - CSRF
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
by LiquidWorm
CVSS 8.8
Digisol DG- BR4000NG - XSS
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
by Adipta Basu
CVSS 6.1
AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)
by Wadeek
DIGISOL DG-BR4000NG - Buffer Overflow
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
by Adipta Basu
CVSS 9.8
phpLDAPadmin 1.2.2 - SQL Injection
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.
by Berk Dusunur
CVSS 9.8
phpMyAdmin 4.8.x <4.8.2 - Code Injection
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
by VulnSpy
CVSS 8.8
GreenCMS 2.3.0603 - Info Disclosure
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.
by vr_system
CVSS 7.5
QEMU Guest Agent <2.12.50 - Memory Corruption
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
by Fakhri Zulkifli
CVSS 7.5
phpMyAdmin 4.8.x <4.8.2 - Code Injection
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
by ChaMd5
CVSS 8.8
LFCMS 3.7.0 - CSRF
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily.
by bay0net
CVSS 8.8
LFCMS 3.7.0 - CSRF
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114.
by bay0net
CVSS 8.8
Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution
by Paul Taylor
Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution
by Paul Taylor
By Source