Exploitdb Exploits
50,076 exploits tracked across all sources.
OpenClinic GA 5.247.01 - Information Disclosure via AppointmentUid Parameter
An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error message.
by VB
CVSS 7.5
Jenkins cli Ampersand Replacement Arbitrary File Read
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
by Matisse Beckandt
CVSS 9.8
Savsoft Quiz 6.0 - Stored Cross-Site Scripting via Quiz Name Parameter
Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter.
by Eren Sen
CVSS 6.1
Compuware iStrobe Web 20.13 - Unauthenticated Remote Code Execution via JSP File Upload
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute arbitrary commands by sending POST requests to the uploaded JSP endpoint.
by trancap
Stock Management System 1.0 - SQL Injection via manage_bo.php id Parameter
SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file.
by blu3ming
CVSS 9.8
PHPGurukul Online Fire Reporting System 1.2 - SQL Injection via Username Input Field
A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHPGurukul Online Fire Reporting System 1.2. The vulnerability allows attackers to bypass authentication and gain unauthorized access by injecting SQL commands into the username input field during the login process.
by Diyar Saadi
CVSS 9.1
Terratec DMX_6Fire USB <1.23.0.02 - Privilege Escalation
An unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.exe component.
by Joseph Kwabena Fiagbor
CVSS 6.7
Ray < 2.8.1 - Unauthenticated Remote Code Execution via CPU Profile URL Parameter
A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023
by Fire_Wolf
CVSS 9.8
Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)
by Erdemstar
Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)
by Erdemstar
WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)
by tmrswrr
Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - _sort_ parameter
by Julio Ángel Ferrari
openeclass < 3.15 - Remote Code Execution via certbadge.php File Upload
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint.
by George Tsimpidas
CVSS 9.8
MinIO < 0.0.0-20240131185645-0ae4915a9391 - Improper Privilege Management via Access Key Permission Inheritance
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, access keys will be able to simply override their own `s3` permissions to something more permissive. The vulnerability is fixed in RELEASE.2024-01-31T20-20-33Z.
by Jenson Zhao
CVSS 8.8
WordPress Theme Travelscape 1.0.3 Arbitrary File Upload
WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.
by Milad karimi
CVSS 9.8
AnyDesk 7.0.15,9.0.1 - Code Injection
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-level system permissions.
by Milad karimi
Open Source Medicine Ordering System v1.0 - SQLi
by Onur Karasalihoğlu
Human Resource Management System v1.0 - Multiple SQLi
by nu11secur1ty
Best Student Result Management System v1.0 - Multiple SQLi
by nu11secur1ty
Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass
by LiquidWorm
By Source