Exploit Database

147,250 exploits tracked across all sources.

Sort: Activity Stars
CVE-2026-5676 WRITEUP HIGH
Totolink A8000R cstecgi.cgi setLanguageCfg missing authentication
A vulnerability was identified in Totolink A8000R 5.9c.681_B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available and might be used.
CVSS 7.3
CVE-2026-5677 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi CsteSystem os command injection
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
CVSS 7.3
CVE-2026-5678 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi setScheduleCfg os command injection
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
CVSS 7.3
CVE-2026-5679 WRITEUP MEDIUM
Totolink A3300R cstecgi.cgi vsetTr069Cfg os command injection
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_B20221024. The impacted element is the function vsetTr069Cfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument stun_pass leads to os command injection. The exploit has been disclosed publicly and may be used.
CVSS 5.5
CVE-2026-5682 WRITEUP LOW
Meesho Online Shopping App com.meesho.supply endpoint risky encryption
A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVSS 3.7
CVE-2026-5688 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi setDdnsCfg os command injection
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
CVSS 7.3
CVE-2026-5689 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi setNtpCfg os command injection
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
CVSS 7.3
CVE-2026-5690 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi setRemoteCfg os command injection
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used.
CVSS 7.3
CVE-2026-5691 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi setFirewallType os command injection
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2026-5692 WRITEUP HIGH
Totolink A7100RU cstecgi.cgi setGameSpeedCfg os command injection
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVSS 7.3
CVE-2026-5705 WRITEUP MEDIUM
code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting
A vulnerability was identified in code-projects Online Hotel Booking 1.0. Affected by this vulnerability is an unknown functionality of the file /booknow.php of the component Booking Endpoint. Such manipulation of the argument roomname leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
CVSS 4.3
CVE-2024-49019 METASPLOIT HIGH ruby
Active Directory Certificate Services - Privilege Escalation
Active Directory Certificate Services Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2023-27997 NOMISEC CRITICAL
FortiOS/FortiProxy SSL-VPN Heap-based Buffer Overflow
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
by george1-adel
CVSS 9.8
CVE-2026-35616 NOMISEC CRITICAL
Fortinet FortiClientEMS 7.4.5-7.4.6 - Command Injection
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
by BishopFox
CVSS 9.8
CVE-2026-20637 NOMISEC MEDIUM
iOS and iPadOS < 18.7.7 - Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination.
by zeroxjf
49 stars
CVSS 6.2
CVE-2026-20687 NOMISEC HIGH
iOS and iPadOS < 18.7.7 - Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or write kernel memory.
by zeroxjf
14 stars
CVSS 7.1
CVE-2023-6246 NOMISEC HIGH
glibc >=2.36 - Heap-based Buffer Overflow in __vsyslog_internal
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
by SimoesCTT
CVSS 8.4
CVE-2024-3400 GITHUB CRITICAL python
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
by SimoesCTT
CVSS 10.0
CVE-2024-29988 NOMISEC HIGH
SmartScreen Prompt - Privilege Escalation
SmartScreen Prompt Security Feature Bypass Vulnerability
by avitoriagomes
CVSS 8.8
CVE-2025-56212 WRITEUP CRITICAL
phpgurukul Hospital Management System 4.0 - SQL Injection via add-doctor.php docname Parameter
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.
CVSS 9.8
CVE-2025-56214 WRITEUP CRITICAL
phpgurukul Hospital Management System 4.0 - SQL Injection via Username Parameter
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
CVSS 9.8
CVE-2025-56215 WRITEUP MEDIUM
phpgurukul Hospital Management System 4.0 - SQL Injection via contact.php pagetitle Parameter
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter.
CVSS 6.5
CVE-2025-56216 WRITEUP HIGH
phpgurukul Hospital Management System 4.0 - SQL Injection via about-us.php pagetitle Parameter
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.
CVSS 8.5
CVE-2025-57146 WRITEUP HIGH
phpgurukul Complaint Management System 2.0 - SQL Injection via mobileno Parameter
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.
CVSS 8.1
CVE-2025-57147 WRITEUP HIGH
phpgurukul Complaint Management System 2.0 - SQL Injection via User Registration Parameters
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.
CVSS 7.5