Vulncheck_xdb Exploits

927 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-25076 VULNCHECK_XDB HIGH
WP User Frontend <3.5.26 - SQL Injection
The WP User Frontend WordPress plugin before 3.5.26 does not validate and escape the status parameter before using it in a SQL statement in the Subscribers dashboard, leading to an SQL injection. Due to the lack of sanitisation and escaping, this could also lead to Reflected Cross-Site Scripting
CVSS 8.8
CVE-2022-31706 VULNCHECK_XDB CRITICAL
VMware vRealize Log Insight 3.0-4.8 - Unauthenticated Path Traversal and Remote Code Execution
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
CVSS 9.8
By Source
All 927 Writeup 62,043 Exploitdb 50,076 Nomisec 22,336 Github 3,517 Metasploit 3,299 Vulncheck_xdb 927 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,515 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25