Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2024-4956 EXPLOITDB HIGH python
Sonatype Nexus Repository <3.68.1 - Path Traversal
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.
by VeryLazyTech
CVSS 7.5
CVE-2024-4358 EXPLOITDB CRITICAL python
Telerik Report Server Auth Bypass and Deserialization RCE
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
by VeryLazyTech
CVSS 9.8
CVE-2024-48120 EXPLOITDB MEDIUM
X2CRM 8.5 - Authenticated Stored Cross-Site Scripting in Opportunities Module Name Field
X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list.
by Okan Kurtulus
CVSS 5.4
CVE-2024-44871 EXPLOITDB HIGH
moziloCMS 3.0 - Unauthenticated Arbitrary File Upload via Admin Index
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file.
by Olakojo Olaoluwa Joshua
CVSS 7.2
CVE-2024-46528 EXPLOITDB MEDIUM
KubeSphere 3.x-3.4.1, 3.x-3.5.0, 4.x<4.1.3 - Authenticated Insecure Direct Object Reference
An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks.
by Okan Kurtulus
CVSS 4.3
CVE-2024-0132 EXPLOITDB CRITICAL text
NVIDIA Container Toolkit < 1.16.2 - Time-of-check Time-of-use Race Condition
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
by r0binak
CVSS 9.0
CVE-2025-56241 EXPLOITDB HIGH text
Aztech DSL5005EN - Privilege Escalation
Aztech DSL5005EN firmware 1.00.AZ_2013-05-10 and possibly other versions allows unauthenticated attackers to change the administrator password via a crafted POST request to sysAccess.asp. This allows full administrative control of the router without authentication.
by Amir Hossein Jamshidi
CVSS 7.5
CVE-2024-21320 EXPLOITDB MEDIUM text
Windows 10/11, Server 2012-2022 - Sensitive Info Exposure via Theme Spoofing
Windows Themes Spoofing Vulnerability
by Abinesh kamal K U
CVSS 6.5
CVE-2023-1545 EXPLOITDB HIGH python
nilsteampassnet/teampass <3.0.0.23 - SQL Injection
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
by Max Meyer - Rivendell
CVSS 7.5
EIP-2026-108044 EXPLOITDB text
Jasmin Ransomware - SQL Injection Login Bypass
by Buğra Enis Dönmez
CVE-2025-2126 EXPLOITDB MEDIUM text
JoomlaUX JUX Real Estate 3.4.0 - SQL Injection
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties of the component GET Parameter Handler. The manipulation of the argument title leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
by CraCkEr
CVSS 6.3
EIP-2026-107159 EXPLOITDB text
FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)
by Chokri Hammedi
CVE-2025-66575 EXPLOITDB HIGH text
VeeVPN 1.6.1 - Unquoted Service Path Remote Code Execution via VeePNService
VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with escalated privileges. Attackers can exploit this by providing a malicious service name, allowing them to inject commands and run as LocalSystem.
by Doğukan Orhan
CVSS 7.8
CVE-2025-66574 EXPLOITDB MEDIUM text
TranzAxis 3.2.41.10.26 - Authenticated Stored Cross-Site Scripting via Open Object in Tree Endpoint
TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges.
by ABABANK REDTEAM
CVSS 5.4
CVE-2025-66572 EXPLOITDB MEDIUM text
Loaded Commerce 6.6 - Unauthenticated Remote Code Execution via Search Parameter
Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL.
by tmrswrr
CVE-2023-0159 EXPLOITDB HIGH python
Extensive VC Addons for WPBakery <1.9.1 - Info Disclosure
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may be escalated to RCE using PHP filter chains.
by Ravina
CVSS 7.5
EIP-2026-104265 EXPLOITDB text
Gitea 1.24.0 - HTML Injection
by Mikail KOCADAĞ
CVE-2023-4220 EXPLOITDB HIGH python
Chamilo v1.11.24 Unrestricted File Upload PHP Webshell
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
by Mohamed Kamel BOUZEKRIA
CVSS 8.1
EIP-2026-112350 EXPLOITDB python
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
by cybersploit
CVE-2024-58287 EXPLOITDB HIGH text
reNgine 2.2.0 - Authenticated Remote Code Execution via Nmap Command Parameter Injection
reNgine 2.2.0 contains a command injection vulnerability in the nmap_cmd parameter of scan engine configuration that allows authenticated attackers to execute arbitrary commands. Attackers can modify the nmap_cmd parameter with malicious base64-encoded payloads to achieve remote code execution during scan engine configuration.
by Caner Tercan
CVSS 8.8
CVE-2024-58286 EXPLOITDB CRITICAL text
dizqueTV 1.5.3 - Remote Code Execution via FFMPEG Executable Path
dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path with shell commands to read system files like /etc/passwd by exploiting improper input validation.
by Ahmed Said Saud Al-Busaidi
CVE-2024-46626 EXPLOITDB HIGH text
OS4ED openSIS-Classic 9.1 - SQL Injection via Crafted Payload
OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload.
by Devrim Dıragumandan
CVSS 8.8
EIP-2026-116551 EXPLOITDB python
Windows TCP/IP - RCE Checker and Denial of Service
by Photubias
EIP-2026-114681 EXPLOITDB python
Invesalius3 - Remote Code Execution
by Alessio Romano (sfoffo)_ Riccardo Degli Esposti (partywave)
EIP-2026-104362 EXPLOITDB text
NoteMark < 0.13.0 - Stored XSS
by Alessio Romano (sfoffo)
By Source
All 50,076 Writeup 62,507 Exploitdb 50,076 Nomisec 22,463 Github 3,681 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,602 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25