Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Exploits - exploit.company
header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Backdrop CMS 1.27.1 – Authenticated Remote Command Execution (RCE)

The Backdrop CMS version 1.27.1 is vulnerable to authenticated remote command execution. An attacker can exploit this vulnerability to execute arbitrary commands on the target system. This could lead to unauthorized access, data theft, and further compromise of the system. This exploit was authored by Ahmet Ümit BAYRAM.

Stored Cross-Site Scripting in Backdrop CMS 1.23.0 – Post Body Field

An attacker can exploit a stored Cross-Site Scripting vulnerability in Backdrop CMS 1.23.0 by inserting malicious scripts into the body of a post. By crafting a specific payload and saving the post, the attacker can execute arbitrary scripts in the context of other users' browsers.

Backdrop Cms v1.25.1 – Stored Cross-Site Scripting (XSS)

The vulnerability allows an attacker to inject malicious code that will be stored and executed in the context of the affected website. In this case, the vulnerability exists in the Backdrop CMS v1.25.1 version. The attacker can upload a specially crafted SVG file containing malicious JavaScript code. When the file is accessed, the code is executed, leading to a cross-site scripting attack.

Recent Exploits: