Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-2423 EXPLOITDB
Ebay Clone 2009 - SQL Injection via cate_id Parameter
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.
CVE-2006-5016 EXPLOITDB
e-Vision CMS - Unauthenticated Arbitrary File Upload via admin/x_image.php
Unrestricted file upload vulnerability in admin/x_image.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote attackers to upload arbitrary files to the /imagebank directory.
CVE-2009-4745 EXPLOITDB
Dreamlevels DreamPoll 3.1 - SQL Injection
Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action.
CVE-2006-4656 EXPLOITDB
Web Provence SL_Site < 1.0 - Remote File Inclusion via spaw_root Parameter
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition.
CVE-2014-3991 EXPLOITDB
Dolibarr ERP/CRM 3.5.3 - Stored Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) dol_use_jmobile, (2) dol_optimize_smallscreen, (3) dol_no_mouse_hover, (4) dol_hide_topmenu, (5) dol_hide_leftmenu, (6) mainmenu, or (7) leftmenu parameter to index.php; the (8) dol_use_jmobile, (9) dol_optimize_smallscreen, (10) dol_no_mouse_hover, (11) dol_hide_topmenu, or (12) dol_hide_leftmenu parameter to user/index.php; the (13) dol_use_jmobile, (14) dol_optimize_smallscreen, (15) dol_no_mouse_hover, (16) dol_hide_topmenu, or (17) dol_hide_leftmenu parameter to user/logout.php; the (18) email, (19) firstname, (20) job, (21) lastname, or (22) login parameter in an update action in a "User Card" to user/fiche.php; or the (23) modulepart or (24) file parameter to viewimage.php.
CVE-2009-1361 EXPLOITDB
GScripts.net DNS Tools - Remote Command Execution via dig.php Host Parameter
dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-2946 EXPLOITDB perl
dmx_forum < 2.1a - Unauthenticated Sensitive Information Exposure via Web-Accessible Database Configuration
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.
CVE-2022-24627 EXPLOITDB CRITICAL python
AudioCodes Device Manager Express <7.8.20002.47752 - SQL Injection
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the process_login.php login form.
CVSS 9.8
CVE-2022-24629 EXPLOITDB CRITICAL python
AudioCodes Device Manager Express <7.8.20002.47752 - RCE
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of the file upload functionality of BrowseFiles.php. An attacker can upload a .php file to WebAdmin/admin/AudioCodes_files/ajax/.
CVSS 9.8
CVE-2022-24630 EXPLOITDB HIGH python
AudioCodes Device Manager Express <7.8.20002.47752 - Command Injection
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an ssh_command field that is executed.
CVSS 7.2
CVE-2008-0565 EXPLOITDB
DeltaScripts PHP Links < 1.3 - SQL Injection via vote.php id Parameter
SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2024-25830 EXPLOITDB CRITICAL
F-logic DataCube3 v1.0 - Unauthenticated Path Traversal via Configuration File URI
F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains the path of the configuration file. A successful exploit could allow the attacker to extract the root and admin password.
CVSS 9.8
CVE-2009-4172 EXPLOITDB
CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b - Stored Cross-Site Scripting via News Article Body
Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the body of a news article in an addnews action.
CVE-2009-4173 EXPLOITDB
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews < 8b - Cross-Site Request Forgery via Edit Users Action
Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to hijack the authentication of administrators for requests that create new users, including a new administrator, via an adduser action in the editusers module in index.php.
CVE-2009-4175 EXPLOITDB
CutePHP CuteNews <8b - Info Disclosure
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to obtain sensitive information via an invalid date value in the from_date_day parameter to search.php, which reveals the installation path in an error message.
CVE-2009-4249 EXPLOITDB
CuteNews 1.4.6 - Cross-Site Scripting via lastusername/mod Parameters and title Parameter
Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) lastusername and (2) mod parameters to index.php; and (3) the title parameter to search.php.
CVE-2020-8424 EXPLOITDB HIGH
Cups Easy (Purchase & Inventory) 1.0 - CSRF
Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php.
CVSS 8.8
CVE-2020-25538 EXPLOITDB HIGH ruby
CMSuno 1.6.2 - Authenticated Remote Code Execution via Lang Parameter
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.
CVSS 8.8
CVE-2008-0089 EXPLOITDB
ClipShare - SQL Injection via UID Parameter
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
CVE-2009-1347 EXPLOITDB
chCounter 3.1.3 - SQL Injection via Login Name or Password Parameter
Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field).
CVE-2007-2147 EXPLOITDB php
WiredPHP Chatness <2.5.3 - Info Disclosure
admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier does not check for administrative credentials, which allows remote attackers to read and modify the classes/vars.php and classes/varstuff.php configuration files via direct requests.
CVE-2007-2148 EXPLOITDB php
Chatness < 2.5.3 - Authenticated PHP Code Injection via HTML Parameter
Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, which are included and executed upon a direct request for index.php. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.
CVE-2015-1560 EXPLOITDB
Centreon < 2.5.4 - SQL Injection via sid Parameter
SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon web 2.7.0) allows remote attackers to execute arbitrary SQL commands via the sid parameter to include/common/XmlTree/GetXmlTree.php.
CVE-2014-8305 EXPLOITDB
Cart Engine < 3.0 - Open Redirect via HTTP Referer Header
Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header to (1) index.php, (2) cart.php, (3) msg.php, or (4) page.php.
CVE-2014-8306 EXPLOITDB
C97net Cart Engine < 3.0 - SQL Injection via item_id Parameter
SQL injection vulnerability in the sql_query function in cart.php in C97net Cart Engine before 4.0 allows remote attackers to execute arbitrary SQL commands via the item_id variable, as demonstrated by the (1) item_id[0] or (2) item_id[] parameter.
By Source
All 50,076 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25