strider

6 exploits Active since Jan 2026
CVE-2019-25611 EXPLOITDB HIGH text WORKING POC
MiniFtp parseconf_load_setting Buffer Overflow via Configuration
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite the return address, enabling code execution with root privileges.
CVSS 8.4
CVE-2020-36964 EXPLOITDB CRITICAL python WORKING POC
YATinyWinFTP - DoS
YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecting and sending a malformed command that triggers a buffer overflow and service crash.
CVSS 9.8
CVE-2019-25315 EXPLOITDB MEDIUM text WORKING POC
WordPress Server Log Viewer 1.0 - XSS
WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface.
CVSS 6.4
CVE-2019-25312 EXPLOITDB MEDIUM text WORKING POC
InoERP 0.7.2 - XSS
InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to inject malicious scripts. Attackers can submit comments with JavaScript payloads that execute in other users' browsers, potentially stealing cookies and session information.
CVSS 5.4
EIP-2026-111911 EXPLOITDB text WORKING POC
Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting
EIP-2026-102669 EXPLOITDB text WORKING POC
MariaDB Client 10.1.26 - Denial of Service (PoC)