Exploitdb Exploits
50,076 exploits tracked across all sources.
Screen SFT DAB 600/C 1.9.3 - Auth Bypass
Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password to directly modify the admin account's authentication.
by LiquidWorm
CVSS 7.5
Hubstaff 1.6.14 - DLL Search Order Hijacking
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application startup.
by Ahsan Azad
CVSS 7.8
Cameleon CMS 2.7.4 - Authenticated Stored Cross-Site Scripting via Post Title
Cameleon CMS 2.7.4 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts into post titles. Attackers can create posts with embedded SVG scripts that execute when other users mouse over the post title, potentially stealing session cookies and executing arbitrary JavaScript.
by Yasin Gergin
CVSS 4.8
WBiz Desk 1.2 - SQL Injection via Ticket PHP tk Parameter
WBiz Desk 1.2 contains a SQL injection vulnerability that allows non-admin users to manipulate database queries through the 'tk' parameter in ticket.php. Attackers can inject crafted SQL statements using UNION-based techniques to extract sensitive database information by sending malformed requests to the ticket endpoint.
by h4ck3r
CVSS 5.4
TinyWebGallery 2.5 - Unauthenticated Remote Code Execution via Malicious PHAR File Upload
TinyWebGallery v2.5 contains a remote code execution vulnerability in the admin upload functionality that allows unauthenticated attackers to upload malicious PHP files. Attackers can upload .phar files with embedded system commands to execute arbitrary code on the server by accessing the uploaded file's URL.
by Mirabbas Ağalarov
CVSS 9.8
SitemagicCMS 4.4.3 - PHP File Upload Command Execution
SitemagicCMS 4.4.3 contains a remote code execution vulnerability that allows attackers to upload malicious PHP files to the files/images directory. Attackers can upload a .phar file with system command execution payload to compromise the web application and execute arbitrary system commands.
by Mirabbas Ağalarov
CVSS 9.8
PodcastGenerator 3.2.9 - Stored Cross-Site Scripting via Podcast Title Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface (podcast_details.php). Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page.
by Mirabbas Ağalarov
CVSS 5.4
PodcastGenerator 3.2.9 - Stored Cross-Site Scripting in Freebox Content Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the Freebox content field accessible through the theme customization interface (theme_freebox.php). Malicious JavaScript payloads injected into the Freebox content execute when users visit the application's home page.
by Mirabbas Ağalarov
CVSS 5.4
PodcastGenerator 3.2.9 - Stored Cross-Site Scripting in Episode Title Field
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the episode title field accessible through the episodes upload interface (episodes_upload.php). Malicious JavaScript payloads injected into episode titles execute when administrators view the episodes list page (episodes_list.php).
by Mirabbas Ağalarov
CVSS 6.1
Affiliate Me <5.0.1 - SQL Injection
Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames and password hashes.
by h4ck3r
CVSS 6.5
Screen SFT DAB 1.9.3 - Authentication Bypass via Session Fixation
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
by LiquidWorm
CVSS 8.8
Screen SFT DAB 1.9.3 - Unauthenticated Authentication Bypass via Session Fixation
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by exploiting weak session management controls. Attackers can reuse IP-bound session identifiers to issue unauthorized requests to the userManager API and modify user credentials without proper authentication.
by LiquidWorm
CVSS 6.5
Screen SFT DAB Series - Compact Radio DAB Transmitter 1.9.3 - Authentication Bypass via IP Session Reuse
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
by LiquidWorm
CVSS 8.1
Screen SFT DAB Series 1.9.3 - Unauthenticated Authentication Bypass via userManager.cgx Endpoint
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.
by LiquidWorm
CVSS 9.8
Millhouse-Project 1.414 - Remote Code Execution via /add_post_sql.php
Millhouse-Project v1.414 was discovered to contain a remote code execution (RCE) vulnerability via the component /add_post_sql.php.
by Chokri Hammedi
CVSS 9.8
e107 2.3.2 - Cross-Site Scripting via SEO Project Description Function
Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to execute arbitrary code via the description function in the SEO project.
by Hubert Wojciechowski
CVSS 5.4
Screen SFT DAB 600/C Firmware <= 1.9.3 - Unauthenticated Information Disclosure via User Management API
Screen SFT DAB 600/C firmware versions up to and including 1.9.3 contain an improper access control on the user management API allows unauthenticated requests to retrieve structured user data, including account names and connection metadata such as client IP and timeout values.
by LiquidWorm
CVSS 5.3
MicroWorld eScan Management Console <14.0.1400.2281 - SQL Injection
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1.
by Sahil Ojha
CVSS 7.2
Microworld Technologies eScan <14.0.1400.2281 - XSS
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.
by Sahil Ojha
CVSS 9.0
MobileTrans <4.0.11 - Privilege Escalation
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file.
by Thurein Soe
CVSS 7.8
QloApps 1.5.2 - Cross-Site Scripting via AuthController Parameters
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.
by Astik Rawat
CVSS 6.1
Stackposts Social Marketing Tool v1.0 - SQL Injection
by Ahmet Ümit BAYRAM
By Source