Exploitdb Exploits
4,724 exploits tracked across all sources.
F-Secure Internet Gatekeeper 5.40 - Heap Overflow (PoC)
by Kevin Joensen
P2PWIFICAM2 for iOS 10.4.1 - DoS
P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.
by Ivan Marmolejo
CVSS 7.5
Cacti 1.2.8 - Command Injection
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
by Askar
CVSS 8.8
Cacti 1.2.8 - Command Injection
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
by Askar
CVSS 8.8
Atlassian Jira < 8.4.0 - Missing Authentication
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
by Mufeed VH
CVSS 5.3
Schneider Electric U.motion Builder <1.3.4 - RCE
The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server.
by Cosmin Craciun
CVSS 8.8
rConfig <3.9.3 - Command Injection
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
by vikingfr
CVSS 8.8
Openbsd Opensmtpd - Improper Exception Handling
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
by 1F98D
CVSS 9.8
Intellian Aptus Web <1.24 - RCE
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
by Xh4H
CVSS 9.8
Torrent 3GP Converter <1.51 - RCE
Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open the calculator through carefully constructed buffer overflow techniques.
by boku
CVSS 9.8
BOOTP Turbo 2.0 - DoS
BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH chain.
by boku
CVSS 7.5
Qdpm < 9.1 - Path Traversal
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
by Rishal Dwivedi
CVSS 8.8
Citrix XenMobile Server <10.8 - XSS
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
by Jonas Lejon
CVSS 9.8
Microsoft SharePoint - RCE
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
by Voulnet
CVSS 9.8
Sysax Multi Server 5.50 - Denial of Service (PoC)
by Shailesh Kumavat
Torrent FLV Converter <1.51 Build 117 - Buffer Overflow
Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnerability that allows attackers to overwrite Structured Exception Handler (SEH) through a malicious registration code input. Attackers can craft a payload with specific offsets and partial SEH overwrite techniques to potentially execute arbitrary code on vulnerable Windows 32-bit systems.
by antonio
CVSS 9.8
GTalk Password Finder 2.2.1 - DoS
GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
APKF Product Key Finder <2.5.8.0 - DoS
APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass
by B. Canavate
WordPress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass
by Raphael Karger
Top Password Software Dialup Password Recovery <1.30 - DoS
Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code input fields.
by antonio
CVSS 7.5
Top Password Firefox Password Recovery <2.8 - DoS
Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.
by antonio
CVSS 7.5
TaskCanvas 1.4.0 - DoS
TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
SpotOutlook 1.2.6 - DoS
SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.
by Ismail Tasdelen
CVSS 7.5
By Source