Exploitdb Exploits
50,121 exploits tracked across all sources.
flatCore <1.5 - CSRF
A CSRF vulnerability was found in flatCore before 1.5, leading to the upload of arbitrary .php files via acp/core/files.upload-script.php.
by CodeSecLab
CVSS 8.8
WebFileSys <2.31.0 - Path Traversal
An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers can manipulate file paths and gain unauthorized access to sensitive files, potentially exposing data outside the intended directory.
by Korn Chaisuwan_ Charanin Thongudom_ Pongtorn Angsuchotmetee
CVSS 5.3
Magnussolution Magnusbilling < 7.3.0 - Command Injection
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
by CodeSecLab
CVSS 9.8
Geovision GV-ASWeb <=6.1.1.0 - CSRF
A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWeb application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Administrator accounts via a crafted GET request method. This vulnerability is used in chain with CVE-2024-56903 for a successful CSRF attack.
by Giorgi Dograshvili
CVSS 8.8
Geovision GV-ASWeb <6.1.0.0 - Privilege Escalation
Broken access control vulnerability in Geovision GV-ASWeb with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts.
by Giorgi Dograshvili
CVSS 8.8
Cyberpanel < 2.3.8 - OS Command Injection
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
by Luka Petrovic (refr4g)
CVSS 10.0
qBittorrent <5.0.1 - Info Disclosure
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
by Jordan Sharp
CVSS 8.1
Netman 204 - Remote command without authentication
by Parsa Rezaie Khiabanloo
FLXEON <= 9.3.4 - Info Disclosure
Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through <= 9.3.4.
by LiquidWorm
CVSS 9.4
FLEXON <9.3.4 - Info Disclosure
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.
This issue affects FLXEON through <= 9.3.4.
by LiquidWorm
CVSS 9.4
FLXEON <9.3.4 - Privilege Escalation
Network access can be used to execute arbitrary code with elevated privileges.
This
issue affects FLXEON 9.3.4 and older.
by LiquidWorm
CVSS 10.0
FLXEON <9.3.4 - Privilege Escalation
Network access can be used to execute arbitrary code with elevated privileges.
This
issue affects FLXEON 9.3.4 and older.
by LiquidWorm
CVSS 10.0
Typecho < 1.2.1 - XSS
A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
by cyberaz0r
CVSS 9.0
Typecho - Authentication Bypass by Spoofing
Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently.
by cyberaz0r
CVSS 6.5
Pandora FMS <774 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects Pandora FMS: from 700 through 774.
by Osama Yousef
CVSS 5.9
Flatcore - Unrestricted File Upload
An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.
by CodeSecLab
CVSS 7.2
Fengoffice Feng Office - SQL Injection
A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268752.
by Andrey Stoykov
CVSS 6.3
Online Railway Reservation System - XSS
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_addr leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
by Raj Nandi
CVSS 2.4
Centreon - Command Injection
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
by Starry Sky
CVSS 8.8
Aquila-cms Aquilacms < 1.409.20 - SQL Injection
A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.
by Eui Chul Chung
CVSS 9.8
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419)
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users.
This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user.
by Mohammed Adel
CVSS 10.0
By Source