Exploitdb Exploits
50,121 exploits tracked across all sources.
ABB Aspect-ent-2 Firmware < 3.08.03 - Code Injection
Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 10.0
Webmin Usermin <2.100 - Info Disclosure
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts.
by Kjesper
CVSS 5.3
compop.ca ONLINE MALL <3.5.3 - RCE
An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.
by dmlino
CVSS 9.8
Phpgurukul Blood Bank & Donor Managem... - Missing Authorization
A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as problematic. This vulnerability affects unknown code of the file /logout.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
by Kwangyun Keum
CVSS 4.3
angular-base64-upload <v0.1.21 - RCE
angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
by Ravindu Wickramasinghe
CVSS 9.8
TP-Link VN020 F3v(T) TT_V6.2.1021 - DoS
A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.
by Mohamed Maatallah
CVSS 6.5
Tp-link Vn020 F3v Firmware - Out-of-Bounds Write
A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by Mohamed Maatallah
CVSS 6.3
Kodcloud Kodexplorer - Open Redirect
KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.
by Rahad Chowdhury
CVSS 6.1
Software AG webMethods <10.15.0 - Info Disclosure
The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remote attackers to reach the administration panel and discover hostname and version information by sending an arbitrary username and a blank password to the /WmAdmin/#/login/ URI.
by Rasime Ekici
CVSS 7.5
Fortinet Fortiproxy < 7.0.7 - Authentication Bypass
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
by ub3rsick
CVSS 9.8
Hugging Face Transformers MobileViTV2 - Deserialization
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.
by The Kernel Panic
CVSS 8.8
Zabbix < 6.0.32 - SQL Injection
A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.
by m4nb4
CVSS 9.9
Smart Manager WP <8.28.0 - SQL Injection
The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
by Ivan Spiridonov
CVSS 7.2
phpMyFAQ <3.2.10 - XSS
phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an <iframe> element without user interaction or explicit consent. Version 3.2.10 fixes the issue.
by Geo
CVSS 4.9
Phpmyfaq < 3.1.9 - XSS
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
by CodeSecLab
CVSS 6.1
Nagvis <1.9.34 - Info Disclosure
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.
by xerosec
CVSS 9.1
PHPGurukul Car Rental Project v1.0 - RCE
PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image.
by ub3rsick
CVSS 7.2
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
by LiquidWorm
ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS
by LiquidWorm
ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS
by LiquidWorm
Vanquish Woocommerce Customers Manager < 29.7 - SQL Injection
The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role.
by Ivan Spiridonov
CVSS 8.1
Sismics Teedy - XSS
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.
by Ayato Shitomi @ Fore-Z co.ltd
CVSS 8.4
Proconf < 6.1 - IDOR
In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).
by ub3rsick
CVSS 6.5
Garage Management System v1.0 - XSS
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.
by ub3rsick
CVSS 5.4
Ethercreative Logs < 3.0.4 - Path Traversal
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.
by ub3rsick
CVSS 4.9
By Source