Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2023-53925 EXPLOITDB MEDIUM text VERIFIED
UliCMS 2023.1 - Stored Cross-Site Scripting via SVG File Upload
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users.
by Mirabbas Ağalarov
CVSS 6.1
CVE-2023-53924 EXPLOITDB HIGH text
UliCMS 2023.1-sniffing-vicuna - RCE
UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows authenticated attackers to upload PHP files with .phar extension during profile avatar upload. Attackers can trigger code execution by visiting the uploaded file's location, enabling system command execution through maliciously crafted avatar uploads.
by Mirabbas Ağalarov
CVSS 8.8
CVE-2023-53923 EXPLOITDB CRITICAL python
UliCMS 2023.1 - Privilege Escalation
UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with full system access.
by Mirabbas Ağalarov
CVSS 9.8
EIP-2026-113454 EXPLOITDB text
Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)
by Ahmet Ümit BAYRAM
EIP-2026-111360 EXPLOITDB text
pluck v4.7.18 - Stored Cross-Site Scripting (XSS)
by Mirabbas Ağalarov
CVE-2023-2246 EXPLOITDB MEDIUM python VERIFIED
Online Pizza Ordering System 1.0 - Unrestricted File Upload via admin/ajax.php img Parameter
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227236.
by URGAN
CVSS 6.3
EIP-2026-109034 EXPLOITDB text
KodExplorer v4.51.03 - Pwned-Admin File-Inclusion - Remote Code Execution (RCE)
by nu11secur1ty
CVE-2022-47875 EXPLOITDB HIGH text
Jedox Cloud - Authenticated Path Traversal and Remote Code Execution via /be/erpc.php
A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code.
by Team Syslifters
CVSS 8.8
CVE-2022-47880 EXPLOITDB MEDIUM text
Jedox 2020.2.5 - Authenticated Information Disclosure via Test Connection Function
An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function.
by Team Syslifters
CVSS 5.3
CVE-2022-47879 EXPLOITDB HIGH text
Jedox <= 22.5 - Authenticated Remote Code Execution via /be/rpc.php
A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods. NOTE: The vendor states that the vulnerability affects installations running version 22.5 or earlier. The issue was resolved with version 23.2 and later versions are not affected.
by Team Syslifters
CVSS 7.5
CVE-2022-47877 EXPLOITDB MEDIUM text
Jedox 2020.2.5 - Authenticated Stored Cross-Site Scripting via Log Module
A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'.
by Team Syslifters
CVSS 5.4
CVE-2022-47876 EXPLOITDB HIGH text
Jedox GmbH Jedox <2020.2.5 - Command Injection
The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.
by Team Syslifters
CVSS 8.8
CVE-2022-47878 EXPLOITDB HIGH text
Jedox <= 22.2 - Authenticated Remote Code Execution via Default Storage Path Misconfiguration
Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code. NOTE: The vendor states that the vulnerability affects installations running version 22.2 or earlier. The issue was resolved with the version 22.3 and later versions are not affected. Additionally, the vendor states that this vulnerability affects on-premises deployments only and that it does not impact cloud-hosted or SaaS environments.
by Team Syslifters
CVSS 8.8
CVE-2022-47874 EXPLOITDB MEDIUM text
Jedox Cloud 2020.2.5 - Authenticated Database Credential Disclosure via /tc/rpc Connections Endpoint
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.
by Team Syslifters
CVSS 6.5
CVE-2023-29809 EXPLOITDB CRITICAL text VERIFIED
companymaps 8.0 - SQL Injection
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.
by Lucas Noki (0xPrototype)
CVSS 9.8
CVE-2023-54347 EXPLOITDB HIGH python
OpenEMR 7.0.1 Authentication Brute Force Mitigation Bypass
OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and password combinations without account lockout restrictions.
by abhhi (Abhishek Birdawade)
CVSS 7.5
CVE-2023-53943 EXPLOITDB MEDIUM python
GLPI 9.5.7 - Username Enumeration via Lost Password Endpoint
GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.
by Rafael B.
CVSS 5.3
CVE-2023-53931 EXPLOITDB MEDIUM text
Revive Adserver 5.4.1 - Stored Cross-Site Scripting via Banner Advanced Settings
Revive Adserver 5.4.1 contains a cross-site scripting vulnerability in the banner advanced configuration page that allows attackers to inject malicious scripts. Attackers can craft a malicious link to the banner-advanced.php endpoint with XSS payloads in prepend and append parameters to execute arbitrary JavaScript when an admin views the page.
by Mirabbas Ağalarov
CVSS 6.1
CVE-2023-53930 EXPLOITDB HIGH text VERIFIED
ProjectSend r1605 - Info Disclosure
ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.php.
by Mirabbas Ağalarov
CVSS 7.5
CVE-2023-53929 EXPLOITDB HIGH text
phpMyFAQ 3.1.12 - Authenticated CSV Injection via User Profile Export
phpMyFAQ 3.1.12 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into their profile names. Attackers can modify their user profile name with a payload like 'calc|a!z|' to trigger code execution when an administrator exports user data as a CSV file.
by Mirabbas Ağalarov
CVSS 8.8
CVE-2023-53928 EXPLOITDB MEDIUM text
PHPFusion 9.10.30 - Stored Cross-Site Scripting via File Manager SVG Upload
PHPFusion 9.10.30 contains a stored cross-site scripting vulnerability in the file manager that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload SVG files with script tags that execute arbitrary JavaScript when viewed, potentially stealing user session information or performing client-side attacks.
by Mirabbas Ağalarov
CVSS 5.4
CVE-2023-53927 EXPLOITDB MEDIUM text
PHPJabbers Simple CMS 5.0 - Authenticated Stored Cross-Site Scripting via Section Name Parameter
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections, potentially enabling client-side code execution.
by Ahmet Ümit BAYRAM
CVSS 5.4
CVE-2023-53926 EXPLOITDB CRITICAL text
PHPJabbers Simple CMS 5.0 - SQL Injection
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database information.
by Ahmet Ümit BAYRAM
CVSS 9.8
CVE-2023-25438 EXPLOITDB HIGH text
Genomedics MilleGP5 5.9.2 - Incorrect Permission Assignment for Critical Resource
An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via modifying specific files.
by Andrea Intilangelo
CVSS 7.8
EIP-2026-116739 EXPLOITDB text
Advanced Host Monitor v12.56 - Unquoted Service Path
by Mr Empy
By Source
All 50,076 Writeup 62,525 Exploitdb 50,076 Nomisec 22,475 Github 3,710 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,612 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25