Exploitdb Exploits

4,733 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115523 EXPLOITDB python
Kodi Web Server 16.1 - Denial of Service
by Guillaume Kaddouch
EIP-2026-104364 EXPLOITDB python
ntop-ng 2.5.160805 - Username Enumeration
by Dolev Farhi
EIP-2026-115374 EXPLOITDB python
Halliburton LogView Pro 9.7.5 - '.cgm' / '.tif' / '.tiff' / '.tifh' Crash (PoC)
by Karn Ganeshen
EIP-2026-118472 EXPLOITDB python
Easy File Sharing Web Server 7.2 - Remote Overflow (Egghunter) (SEH)
by ch3rn0byl
EIP-2026-118082 EXPLOITDB python
VUPlayer 2.49 - '.pls' File Stack Buffer Overflow (DEP Bypass)
by vportal
CVE-2016-5734 EXPLOITDB CRITICAL python
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - RCE
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
by @iamsecurity
CVSS 9.8
CVE-2016-15056 EXPLOITDB HIGH python
Ubee EVW3226 <1.0.20 - Info Disclosure
Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can request 'Configuration_file.cfg' directly to obtain the backup archive. Because backup files are not encrypted, they expose sensitive information including the plaintext admin password, allowing full compromise of the device.
by Gergely Eberhardt
EIP-2026-117468 EXPLOITDB python
Mediacoder 0.8.43.5852 - '.m3u' (SEH)
by Karn Ganeshen
EIP-2026-116999 EXPLOITDB python
CoolPlayer+ Portable 2.19.6 - '.m3u' File Stack Overflow (Egghunter + ASLR Bypass)
by Karn Ganeshen
CVE-2016-5399 EXPLOITDB HIGH python VERIFIED
Php < 5.5.37 - Out-of-Bounds Write
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.
by Hans Jerry Illikainen
CVSS 7.8
EIP-2026-101559 EXPLOITDB python
Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities
by James McLean
EIP-2026-100908 EXPLOITDB python
Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities
by Gergely Eberhardt
EIP-2026-119214 EXPLOITDB python
TFTP Server 1.4 - 'WRQ' Remote Buffer Overflow (Egghunter)
by Karn Ganeshen
CVE-2016-6210 EXPLOITDB MEDIUM python
OpenSSH <7.3 - Info Disclosure
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
by 0_o
CVSS 5.9
EIP-2026-103869 EXPLOITDB python
Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String
by bashis
CVE-2016-3962 EXPLOITDB HIGH python
Meinberg IMS-LANTIME - Buffer Overflow
Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.
by b0yd
CVSS 7.3
CVE-2016-3989 EXPLOITDB HIGH python
Meinberg IMS-LANTIME - Privilege Escalation
The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root privileges for writing to unspecified scripts, and consequently obtain sensitive information or modify data, by leveraging access to the nobody account.
by b0yd
CVSS 8.1
EIP-2026-100757 EXPLOITDB python
Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass
by Gregory Smiley
EIP-2026-115759 EXPLOITDB python
Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)
by hyp3rlinx
EIP-2026-112676 EXPLOITDB python VERIFIED
Tiki Wiki 15.1 - File Upload
by Ivan Ivanovic
EIP-2026-113998 EXPLOITDB python VERIFIED
WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities
by Mukarram Khalid
EIP-2026-118393 EXPLOITDB python
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
by Rémi ROCHER
EIP-2026-115088 EXPLOITDB python VERIFIED
Core FTP LE 2.2 - Path Field Local Buffer Overflow (PoC)
by Netfairy
EIP-2026-102449 EXPLOITDB python
Untangle NGFW 12.1.0 Beta - 'execEvil()' Command Injection
by Matt Bush
CVE-2016-20045 EXPLOITDB HIGH python
HNB Organizer 1.9.18-10 Local Buffer Overflow via -rc Parameter
HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return address to overwrite the stack and achieve code execution.
by Juan Sacco
CVSS 8.4
By Source
All 4,733 Exploitdb 50,135 Writeup 46,974 Nomisec 21,281 Metasploit 3,228 Github 2,465 Vulncheck_xdb 900 Inthewild 518 Gitlab 440 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,840 c 3,571 perl 2,854 html 2,055 php 1,334 bash 459 java 361 javascript 260 c++ 247 shell 89 go 48 postscript 25 xml 24