Exploit Database

146,780 exploits tracked across all sources.

Sort: Activity Stars
CVE-2026-37100 WRITEUP MEDIUM
Yamaha SR-B30A 2.40 - Unauthenticated Bluetooth Low Energy Connection via Sound Bar Remote Protocol
An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol
CVSS 6.5
CVE-2026-37336 WRITEUP HIGH
Simple Music Cloud Community System 1.0 - SQL Injection
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.
CVSS 7.3
CVE-2026-37337 WRITEUP HIGH
Simple Music Cloud Community System 1.0 - SQL Injection
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.
CVSS 7.3
CVE-2026-37338 WRITEUP CRITICAL
Simple Music Cloud Community System 1.0 - SQL Injection
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php.
CVSS 9.4
CVE-2026-37339 WRITEUP CRITICAL
Simple Music Cloud Community System 1.0 - SQL Injection
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_genre.php.
CVSS 9.8
CVE-2026-37340 WRITEUP CRITICAL
Simple Music Cloud Community System 1.0 - SQL Injection
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/edit_music.php.
CVSS 9.8
CVE-2026-37341 WRITEUP HIGH
SourceCodester Vehicle Parking Area Management System 1.0 - SQL Injection
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php.
CVSS 7.2
CVE-2026-37342 WRITEUP HIGH
SourceCodester Vehicle Parking Area Management System 1.0 - SQL Injection
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php.
CVSS 7.2
CVE-2026-37343 WRITEUP HIGH
SourceCodester Vehicle Parking Area Management System 1.0 - SQL Injection
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php.
CVSS 7.2
CVE-2026-37344 WRITEUP HIGH
SourceCodester Vehicle Parking Area Management System 1.0 - SQL Injection
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.
CVSS 7.2
CVE-2026-37345 WRITEUP CRITICAL
SourceCodester Vehicle Parking Area Management System 1.0 - SQL Injection
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.
CVSS 9.8
CVE-2026-37346 WRITEUP MEDIUM
SourceCodester Payroll Management and Information System 1.0 - SQL Injection
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_account.php?emp_id=.
CVSS 4.7
CVE-2026-37347 WRITEUP CRITICAL
SourceCodester Payroll Management and Information System 1.0 - SQL Injection
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php.
CVSS 9.1
CVE-2026-5426 WRITEUP CRITICAL
KnowledgeDeliver deployments before February 24, 2026 use a static ASP.NET/IIS machineKey value
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks
CVSS 9.1
CVE-2024-42009 NOMISEC CRITICAL
Roundcube Webmail <= 1.5.7 and 1.6.x <= 1.6.7 - Cross-Site Scripting via Desanitization in message_body()
A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.
by ZaidArif47
1 stars
CVSS 9.3
CVE-2025-15602 NOMISEC HIGH
Snipe-IT <8.3.7 - Privilege Escalation
Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently protected against mass assignment. An authenticated, low-privileged user can craft a malicious API request to modify restricted fields of another user account, including the Super Admin account. By changing the email address of the Super Admin and triggering a password reset, an attacker can fully take over the Super Admin account, resulting in complete administrative control of the Snipe-IT instance.
by Nxvh1337
CVSS 8.8
CVE-2026-33824 NOMISEC CRITICAL
Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
by z3r0h3ro
CVSS 9.8
CVE-2026-22679 NOMISEC CRITICAL
Weaver E-cology 10.0 Unauthenticated RCE via dubboApi Debug Endpoint
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft POST requests with attacker-controlled interfaceName and methodName parameters to reach command-execution helpers and achieve arbitrary command execution on the system. Exploitation evidence was first observed by the Shadowserver Foundation on 2026-03-31 (UTC).
by keraattin
CVSS 9.8
CVE-2026-41030 WRITEUP MEDIUM
ONLYOFFICE DesktopEditors <9.3.0 - Privilege Escalation
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.
CVSS 6.2
CVE-2026-41034 WRITEUP MEDIUM
ONLYOFFICE DocumentServer < 9.3.0 - Out-of-bounds Read in XLS Processing
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and ASLR bypass.
CVSS 5.0
CVE-2025-59528 VULNCHECK_XDB CRITICAL
Flowise 3.0.5 - Remote Code Execution via CustomMCP Node Configuration Parsing
Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.
CVSS 10.0
CVE-2021-26855 METASPLOIT CRITICAL ruby
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by Orange Tsai, mekhalleh (RAMELLA Sébastien)
CVSS 9.1
CVE-2020-11651 METASPLOIT CRITICAL ruby
SaltStack Salt <2019.2.4,3000.2 - RCE
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
by F-Secure, wvu
CVSS 9.8
CVE-2019-7192 METASPLOIT CRITICAL ruby
QNAP Photo Station - Info Disclosure
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.
by Henry Huang
CVSS 9.8
CVE-2019-7195 METASPLOIT CRITICAL ruby
QNAP Photo Station - Path Traversal
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
by Henry Huang
CVSS 9.8