Suggest Exploit

Explore Vulnerabilities


Explore all Exploits:

Backdrop CMS 1.27.1 – Authenticated Remote Command Execution (RCE)

The Backdrop CMS version 1.27.1 is vulnerable to authenticated remote command execution. An attacker can exploit this vulnerability to execute arbitrary commands on the target system. This could lead to unauthorized access, data theft, and further compromise of the system. This exploit was authored by Ahmet Ümit BAYRAM.

Stored Cross-Site Scripting in Backdrop CMS 1.23.0 – Post Body Field

An attacker can exploit a stored Cross-Site Scripting vulnerability in Backdrop CMS 1.23.0 by inserting malicious scripts into the body of a post. By crafting a specific payload and saving the post, the attacker can execute arbitrary scripts in the context of other users' browsers.

Backdrop Cms v1.25.1 – Stored Cross-Site Scripting (XSS)

The vulnerability allows an attacker to inject malicious code that will be stored and executed in the context of the affected website. In this case, the vulnerability exists in the Backdrop CMS v1.25.1 version. The attacker can upload a specially crafted SVG file containing malicious JavaScript code. When the file is accessed, the code is executed, leading to a cross-site scripting attack.

Recent Exploits: