Exploitdb Exploits

4,733 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-3195 EXPLOITDB CRITICAL python
Commvault Edge - Memory Corruption
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges.
by redr2e
CVSS 9.8
CVE-2017-1002008 EXPLOITDB CRITICAL python
Membership Simplified - Unrestricted File Upload
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
by The Martian
CVSS 9.8
EIP-2026-103269 EXPLOITDB python
Cobbler 2.8.0 - (Authenticated) Remote Code Execution
by Dolev Farhi
EIP-2026-104267 EXPLOITDB python
GitHub Enterprise < 2.8.7 - Remote Code Execution
by orange
CVE-2017-6367 EXPLOITDB HIGH python
Cerberusftp FTP Server - Improper Input Validation
In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.
by Peter Baris
CVSS 7.5
CVE-2017-8367 EXPLOITDB HIGH python VERIFIED
Ether Software Easy Avi/divx/xvid TO Dvd Burner - Memory Corruption
Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner, MP3/WAV/OGG/WMA/AC3 to CD Burner, MP3 WAV to CD Burner, My Video Converter, Easy AVI DivX Converter, Easy Video to iPod Converter, Easy Video to PSP Converter, Easy Video to 3GP Converter, Easy Video to MP4 Converter, and Easy Video to iPod/MP4/PSP/3GP Converter allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long username.
by Muhann4d
CVSS 7.8
CVE-2017-6552 EXPLOITDB HIGH python
Sagemcom Livebox Firmware - Denial of Service
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition for telephone, Internet, and TV services.
by Quentin Olagne
CVSS 7.5
CVE-2017-6427 EXPLOITDB HIGH python
Evostream Media Server - Memory Corruption
A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request.
by Peter Baris
CVSS 7.5
CVE-2017-6506 EXPLOITDB CRITICAL python VERIFIED
Azure DEX Data Expert Ultimate - Memory Corruption
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
by Peter Baris
CVSS 9.8
CVE-2017-5638 EXPLOITDB CRITICAL python VERIFIED
Apache Struts < 2.3.32 - Improper Exception Handling
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
by Vex Woo
CVSS 9.8
CVE-2017-6465 EXPLOITDB CRITICAL python VERIFIED
Ftpshell Client - Memory Corruption
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
by Peter Baris
CVSS 9.8
CVE-2017-6104 EXPLOITDB HIGH python
Zen Mobile App Native < 3.0 - Authentication Bypass
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
by The Martian
CVSS 7.5
CVE-2017-1002002 EXPLOITDB CRITICAL python
WordPress Plugin Webapp-Builder v2.0 - Info Disclosure
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
by The Martian
CVSS 9.8
CVE-2017-1002001 EXPLOITDB CRITICAL python
WordPress Plugin Mobile-App-Build By Wappress <1.05 - Info Disclosure
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
by The Martian
CVSS 9.8
CVE-2017-1002000 EXPLOITDB CRITICAL python
Mobile-friendly-app-builder-by-easytouch - Unrestricted File Upload
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
by The Martian
CVSS 9.8
CVE-2017-1002003 EXPLOITDB CRITICAL python
Wp2android-turn-wp-site-into-android-app - Unrestricted File Upload
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
by The Martian
CVSS 9.8
CVE-2017-6019 EXPLOITDB HIGH python VERIFIED
Schneider-electric Conext Combox 865-1058 Firmware - Denial of Service
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.
by Mark Liapustin & Arik Kublanov
CVSS 7.5
CVE-2017-6416 EXPLOITDB CRITICAL python VERIFIED
Flexense Sysgauge - Memory Corruption
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
by Peter Baris
CVSS 9.8
CVE-2017-6371 EXPLOITDB HIGH python
Synchro Bbs - Denial of Service
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
by Peter Baris
CVSS 7.5
EIP-2026-114997 EXPLOITDB python VERIFIED
BlueIris 4.5.1.4 - Denial of Service
by Peter Baris
CVE-2017-6334 EXPLOITDB HIGH python VERIFIED
Netgear Dgn2200 Series Firmware < 10.0.0.50 - OS Command Injection
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.
by SivertPL
CVSS 8.8
CVE-2017-6187 EXPLOITDB CRITICAL python
Disksavvy Enterprise - Memory Corruption
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.
by Peter Baris
CVSS 9.8
EIP-2026-104248 EXPLOITDB python
Fibaro Home Center 2 - Remote Command Execution / Privilege Escalation
by forsec
EIP-2026-102371 EXPLOITDB python
Grails PDF Plugin 0.6 - XML External Entity Injection
by Charles Fol
CVE-2017-6077 EXPLOITDB CRITICAL python
Netgear Dgn2200 Firmware < 10.0.0.50 - OS Command Injection
ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.
by SivertPL
CVSS 9.8
By Source
All 4,733 Exploitdb 50,135 Writeup 46,968 Nomisec 21,259 Metasploit 3,228 Github 2,444 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,832 c 3,570 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 87 go 47 postscript 25 xml 24