Exploitdb Exploits
50,076 exploits tracked across all sources.
magnusbilling 6.0.0-7.2.9 - Unauthenticated OS Command Injection
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
by CodeSecLab
CVSS 9.8
Geovision GV-ASWeb <=6.1.1.0 - CSRF
A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWeb application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Administrator accounts via a crafted GET request method. This vulnerability is used in chain with CVE-2024-56903 for a successful CSRF attack.
by Giorgi Dograshvili
CVSS 8.8
Geovision GV-ASWeb <6.1.0.0 - Privilege Escalation
Broken access control vulnerability in Geovision GV-ASWeb with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts.
by Giorgi Dograshvili
CVSS 8.8
CyberPanel < 2.3.8 - Unauthenticated OS Command Injection via DNS/FTP getresetstatus Endpoint
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
by Luka Petrovic (refr4g)
CVSS 10.0
qBittorrent <5.0.1 - Info Disclosure
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
by Jordan Sharp
CVSS 8.1
ABB FLXEON <= 9.3.4 - Missing Origin Validation in WebSockets
Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through <= 9.3.4.
by LiquidWorm
CVSS 9.4
ABB FLXEON <= 9.3.4 - Sensitive Information Disclosure via Log File Insertion
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.
This issue affects FLXEON through <= 9.3.4.
by LiquidWorm
CVSS 9.4
FLXEON <9.3.4 - Privilege Escalation
Network access can be used to execute arbitrary code with elevated privileges.
This
issue affects FLXEON 9.3.4 and older.
by LiquidWorm
CVSS 10.0
FLXEON <9.3.4 - Privilege Escalation
Network access can be used to execute arbitrary code with elevated privileges.
This
issue affects FLXEON 9.3.4 and older.
by LiquidWorm
CVSS 10.0
Typecho 1.3.0 - Stored Cross-Site Scripting
A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
by cyberaz0r
CVSS 9.0
Typecho 1.3.0 - Race Condition in Post Commenting Function
Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently.
by cyberaz0r
CVSS 6.5
Pandora FMS 700-774 - Authenticated SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects Pandora FMS: from 700 through 774.
by Osama Yousef
CVSS 5.9
flatcore 1.4.7 - Authenticated Arbitrary PHP File Upload via Addons Feature
An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.
by CodeSecLab
CVSS 7.2
Feng Office 3.11.1.2 - SQL Injection via Workspaces Component
A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268752.
by Andrey Stoykov
CVSS 6.3
CodeAstro Online Railway Reservation System 1.0 - Stored Cross-Site Scripting via Update Employee Page
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_addr leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
by Raj Nandi
CVSS 2.4
Centreon 18.x < 18.10.6, 19.x < 19.04.3 - Authenticated Remote Code Execution via Monitoring Engine Binary Configuration
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
by Starry Sky
CVSS 8.8
AquilaCMS < 1.409.20 - Unauthenticated NoSQL Injection via Password Reset Feature
A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.
by Eui Chul Chung
CVSS 9.8
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419)
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users.
This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.
by Mohammed Adel
CVSS 10.0
K7 Ultimate Security <17.0.2019 - DoS
K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference.
by M. Akil Gündoğan
CVSS 5.5
ewon Cosy+ Firmware 21.x < 21.2s10 and 22.x < 22.1s3 - OS Command Injection via Parameter Blacklist Bypass
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3.
by CodeB0ss
CVSS 7.2
DocsGPT 0.8.1-0.12.0 - Remote Code Execution via /api/remote Endpoint
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
by Shreyas Malhotra
By Source