Vulnerability-Lab

343 exploits Active since Jan 2008
EIP-2026-101781 EXPLOITDB text WORKING POC
Huawei Flybox B660 - Cross-Site Request Forgery (1)
CVE-2013-1471 EXPLOITDB text WRITEUP
FortiMail < 4.3.4 - Stored Cross-Site Scripting via Black List or Personal Black/White List
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.
EIP-2026-101746 EXPLOITDB text WRITEUP
Fortigate UTM WAF Appliance - Multiple Vulnerabilities
EIP-2026-101695 EXPLOITDB text WRITEUP
eFile Wifi Transfer Manager 1.0 - Multiple Vulnerabilities
EIP-2026-102094 EXPLOITDB text WRITEUP
USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities
EIP-2026-102079 EXPLOITDB text WRITEUP
Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities
EIP-2026-102059 EXPLOITDB text WRITEUP
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
EIP-2026-102040 EXPLOITDB text WORKING POC
Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting
EIP-2026-102019 EXPLOITDB text WORKING POC
Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting (XSS)
EIP-2026-102018 EXPLOITDB text WRITEUP
SonicWALL SonicOS 5.8.1.8 WAF - Cross-Site Scripting
EIP-2026-102017 EXPLOITDB text WORKING POC
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
EIP-2026-102001 EXPLOITDB text WRITEUP
SimpleTransfer 2.2.1 - Command Injection
EIP-2026-101171 EXPLOITDB text WRITEUP
Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection
EIP-2026-101130 EXPLOITDB text WRITEUP
Sony Playstation 3 (PS3) 4.31 - Save Game Preview '.SFO' Handling Local Command Execution
EIP-2026-100753 EXPLOITDB text WRITEUP
Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting
EIP-2026-100752 EXPLOITDB text WRITEUP
Barracuda Networks Cloud Series - Filter Bypass
EIP-2026-100390 EXPLOITDB text WORKING POC
Knowledge Base Enterprise Edition 4.62.0 - SQL Injection
CVE-2012-4259 EXPLOITDB text WRITEUP
C4B XPhone Unified Communications 2011 Web 4.1.890S R1 - Cross-Site Scripting via Company Name
Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone UC Web and the (2) web frontend for XPhone Virtual Directory in C4B XPhone Unified Communications (UC) 2011 Web 4.1.890S R1 allows remote attackers to inject arbitrary web script or HTML via the company name. NOTE: some of these details are obtained from third party information.