Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2025-51401 EXPLOITDB MEDIUM text
live_helper_chat < 4.61 - Stored Cross-Site Scripting via Operator Name Parameter
A stored cross-site scripting (XSS) vulnerability in the chat transfer function of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the operator name parameter.
by Manojkumar J
CVSS 5.4
CVE-2025-51396 EXPLOITDB MEDIUM text
Live Helper Chat < 4.61 - Stored Cross-Site Scripting via Telegram Bot Username Parameter
A stored cross-site scripting (XSS) vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter.
by Manojkumar J
CVSS 5.4
CVE-2025-51400 EXPLOITDB MEDIUM text
live_helper_chat < 4.61 - Stored Cross-Site Scripting in Personal Canned Messages
A stored cross-site scripting (XSS) vulnerability in the Personal Canned Messages of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
by Manojkumar J
CVSS 5.4
CVE-2025-51397 EXPLOITDB MEDIUM text
Live Helper Chat < 4.61 - Stored Cross-Site Scripting via Facebook Chat Module Surname Parameter
A stored cross-site scripting (XSS) vulnerability in the Facebook Chat module of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Surname parameter under the Recipient' Lists.
by Manojkumar J
CVSS 5.4
CVE-2025-51398 EXPLOITDB MEDIUM text
livehelperchat < 4.61 - Stored Cross-Site Scripting via Facebook Registration Name Parameter
A stored cross-site scripting (XSS) vulnerability in the Facebook registration page of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.
by Manojkumar J
CVSS 5.4
CVE-2025-51403 EXPLOITDB MEDIUM text
Live Helper Chat < 4.61 - Stored Cross-Site Scripting via Department Alias Nick Parameter
A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter.
by Manojkumar J
CVSS 6.5
CVE-2025-49484 EXPLOITDB HIGH text
JS Jobs component for Joomla 1.0.0-1.4.1 - Authenticated SQL Injection via 'cvid' Parameter
A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.
by Adam Wallwork
CVE-2020-36847 EXPLOITDB CRITICAL python
Simple-File-List Plugin <4.2.2 - RCE
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.
by Md Amanat Ullah (xSwads)
CVSS 9.8
CVE-2025-34077 EXPLOITDB CRITICAL python
WordPress Pie Register <3.7.1.4 - Auth Bypass
An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators. Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server.
by Md Amanat Ullah (xSwads)
CVE-2023-45131 EXPLOITDB HIGH ruby
Discourse < 3.1.1 - Unauthenticated Exposure of Sensitive Information via MessageBus
Discourse is an open source platform for community discussion. New chat messages can be read by making an unauthenticated POST request to MessageBus. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.
by İbrahimsql
CVSS 7.5
CVE-2025-7795 EXPLOITDB HIGH c
Tenda FH451 1.0.0.9 - Buffer Overflow
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
by Byte Reaper
CVSS 8.8
CVE-2025-49744 EXPLOITDB HIGH text
Windows 10/11, Server 2016-2019 Local Privilege Escalation via Heap Overflow
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
by nu11secur1ty
CVSS 7.0
CVE-2025-49677 EXPLOITDB HIGH text
Windows 11 22H2 < 10.0.22621.5624 - Authenticated Use-After-Free in Brokering File System
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
by nu11secur1ty
CVSS 7.0
CVE-2025-1550 EXPLOITDB CRITICAL python
Keras 3.0.0-3.8.0 and 3.9.0 - Remote Code Execution via Malicious .keras Archive
The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.
by Mohammed Idrees Banyamer
CVSS 9.8
CVE-2025-27210 EXPLOITDB HIGH python
Node.js 20.0.0-20.19.3, 22.0.0-22.17.0, 24.0.0-24.4.0 - Path Traversal via Windows Device Names in path.join
An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. This vulnerability affects Windows users of `path.join` API.
by Abdualhadi khalifa
CVSS 7.5
CVE-2024-11605 EXPLOITDB MEDIUM text
wp-publications < 1.2 - Authenticated Stored Cross-Site Scripting via Filename Output
The wp-publications WordPress plugin through 1.2 does not escape filenames before outputting them back in the page, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
by Zeynalxan Quliyev
CVSS 4.8
CVE-2025-44177 EXPLOITDB HIGH text
White Star Software Protop 4.4.2-2024-11-27 - Unauthenticated Path Traversal via /pt3upd/ Endpoint
A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences.
by Imraan Khan (Lich-Sec)
CVSS 8.2
CVE-2024-58258 EXPLOITDB HIGH text
SugarCRM <13.0.4 and 14.x <14.0.1 - Server-Side Request Forgery via API Module Code Injection
SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.
by Egidio Romano
CVSS 7.2
CVE-2025-52367 EXPLOITDB MEDIUM text
PivotX CMS 3.0.0 RC 3 - Stored Cross-Site Scripting via Subtitle Field
Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field.
by HayToN
CVSS 5.4
CVE-2025-3248 EXPLOITDB CRITICAL python
Langflow AI - Unauthenticated Remote Code Execution
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
by Raghad Abdallah Al-syouf
CVSS 9.8
CVE-2025-6563 EXPLOITDB MEDIUM text
MikroTik RouterOS < 7.19.2 - Cross-Site Scripting via Hotspot DST Parameter
A cross-site scripting vulnerability is present in the hotspot of MikroTik's RouterOS on versions below 7.19.2. An attacker can inject the `javascript` protocol in the `dst` parameter. When the victim browses to the malicious URL and logs in, the XSS executes. The POST request used to login, can also be converted to a GET request, allowing an attacker to send a specifically crafted URL that automatically logs in the victim (into the attacker's account) and triggers the payload.
by Prak Sokchea
CVE-2025-52089 EXPLOITDB HIGH text
TOTOLINK N300RB Firmware 8.54 - Authenticated Remote Code Execution via Hidden Debug Interface
A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges.
by Skander BELABED - Magellan Sécurité
CVSS 8.8
CVE-2025-47175 EXPLOITDB HIGH python
Microsoft 365 Apps and Office - Use-After-Free in PowerPoint
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
by Mohammed Idrees Banyamer
CVSS 7.8
CVE-2025-47171 EXPLOITDB MEDIUM text
Microsoft Office Outlook - Authenticated Local Code Execution via Improper Input Validation
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
by nu11secur1ty
CVSS 6.7
CVE-2024-50477 EXPLOITDB CRITICAL text
Stacks Mobile App Builder <= 5.2.3 - Authentication Bypass
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
by stealthcopter
CVSS 9.8
By Source
All 50,076 Writeup 62,482 Exploitdb 50,076 Nomisec 22,450 Github 3,674 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,597 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25