Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2023-53891 EXPLOITDB MEDIUM text
Blackcat CMS 1.4 - Authenticated Stored Cross-Site Scripting via Page Modification
Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into page content. Attackers can insert JavaScript payloads in the page modification interface that execute when other users view the compromised page.
by Mirabbas Ağalarov
CVSS 5.4
EIP-2026-112946 EXPLOITDB text VERIFIED
Vaidya-Mitra 1.0 - Multiple SQLi
by nu11secur1ty
EIP-2026-112425 EXPLOITDB text
Statamic 4.7.0 - File-Inclusion
by nu11secur1ty
CVE-2023-37629 EXPLOITDB CRITICAL bash VERIFIED
Online Piggery Management System 1.0 - Unauthenticated Arbitrary File Upload via add-pig.php
Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to "add-pig.php."
by 1337kid
CVSS 9.8
EIP-2026-106027 EXPLOITDB text
CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)
by Mirabbas Ağalarov
EIP-2026-106026 EXPLOITDB text
CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)
by Mirabbas Ağalarov
EIP-2026-106025 EXPLOITDB text
CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)
by Mirabbas Ağalarov
EIP-2026-105376 EXPLOITDB text
Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)
by Mirabbas Ağalarov
EIP-2026-102068 EXPLOITDB text
TP-Link TL-WR740N - Authenticated Directory Transversal
by Anish Feroz
CVE-2023-1258 EXPLOITDB MEDIUM python
ABB Flow-X Firmware < 4.0 - Unauthenticated Sensitive Information Exposure via Web Service
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0.
by Paul Smith
CVSS 5.3
CVE-2022-28171 EXPLOITDB HIGH python
Hikvision Hybrid SAN/Cluster Storage Firmware < 2.3.8-6 - OS Command Injection
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.
by Thurein Soe
CVSS 7.5
EIP-2026-118174 EXPLOITDB text
XAMPP 8.2.4 - Unquoted Path
by Andrey Stoykov
CVE-2023-37269 EXPLOITDB LOW text
Winter CMS < 1.2.3 - Authenticated Stored Cross-Site Scripting via SVG Logo Upload
Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Users with the `backend.manage_branding` permission can upload SVGs as the application logo. Prior to version 1.2.3, SVG uploads were not sanitized, which could have allowed a stored cross-site scripting (XSS) attack. To exploit the vulnerability, an attacker would already need to have developer or super user level permissions in Winter CMS. This means they would already have extensive access and control within the system. Additionally, to execute the XSS, the attacker would need to convince the victim to directly visit the URL of the maliciously uploaded SVG, and the application would have to be using local storage where uploaded files are served under the same domain as the application itself instead of a CDN. This is because all SVGs in Winter CMS are rendered through an `img` tag, which prevents any payloads from being executed directly. These two factors significantly limit the potential harm of this vulnerability. This issue has been patched in v1.2.3 through the inclusion of full support for SVG uploads and automatic sanitization of uploaded SVG files. As a workaround, one may apply the patches manually.
by abhishek morla
CVSS 2.0
EIP-2026-111545 EXPLOITDB text
ProjeQtOr Project Management System v10.4.1 - Multiple XSS
by Mirabbas Ağalarov
EIP-2026-111359 EXPLOITDB python
Pluck v4.7.18 - Remote Code Execution (RCE)
by Mirabbas Ağalarov
EIP-2026-109908 EXPLOITDB text VERIFIED
News Portal v4.0 - SQL Injection (Unauthorized)
by Hubert Wojciechowski
CVE-2022-24715 EXPLOITDB HIGH python
Icinga Web 2 <2.8.6-2.10 - Authenticated RCE
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration.
by Dante Corona
CVSS 8.5
EIP-2026-104956 EXPLOITDB text
Admidio v4.2.10 - Remote Code Execution (RCE)
by Mirabbas Ağalarov
CVE-2019-1937 EXPLOITDB CRITICAL text
Cisco UCS Director Unauthenticated Remote Code Execution
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing user authentication. The vulnerability is due to insufficient request header validation during the authentication process. An attacker could exploit this vulnerability by sending a series of malicious requests to an affected device. An exploit could allow the attacker to use the acquired session token to gain full administrator access to the affected device.
by Fatih Sencer
CVSS 9.8
CVE-2023-54345 EXPLOITDB HIGH text
Frappe Framework ERPNext 13.4.0 Remote Code Execution
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoint and access the gi_frame attribute to traverse the call stack and invoke os.popen to execute system commands.
by Sander Ferdinand
CVSS 8.8
CVE-2023-53893 EXPLOITDB MEDIUM text
Ateme TITAN File 3.9.12.4 - Authenticated Server-Side Request Forgery via Job Callback URL Parameter
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the application to make HTTP, DNS, or file requests to arbitrary destinations.
by LiquidWorm
CVSS 6.5
CVE-2023-38904 EXPLOITDB MEDIUM text VERIFIED
Netlify CMS 2.10.192 - Stored Cross-Site Scripting via New Post Body Parameter
A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function.
by tmrswrr
CVSS 5.4
CVE-2023-36163 EXPLOITDB MEDIUM text
IP-DOT BuildaGate <v.BuildaGate5 - XSS
Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL.
by Idan Malihi
CVSS 6.1
CVE-2022-22963 EXPLOITDB CRITICAL python
Spring Cloud Function < 3.1.6 - Remote Code Execution via SpEL Routing Expression
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
by GatoGamer1155
CVSS 9.8
CVE-2022-21907 EXPLOITDB CRITICAL text
Windows 10, 11, and Server - Remote Code Execution
HTTP Protocol Stack Remote Code Execution Vulnerability
by nu11secur1ty
CVSS 9.8
By Source
All 50,076 Writeup 62,509 Exploitdb 50,076 Nomisec 22,473 Github 3,698 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,607 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 135 go 73 postscript 25 typescript 25