Exploitdb Exploits

4,724 exploits tracked across all sources.

Sort: Activity Stars
CVE-2020-37202 EXPLOITDB HIGH python VERIFIED
NetworkSleuth 3.0.0.0 - DoS
NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37201 EXPLOITDB HIGH python VERIFIED
NetShareWatcher 1.5.8.0 - Buffer Overflow
NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37200 EXPLOITDB HIGH python VERIFIED
NetShareWatcher 1.5.8.0 - Buffer Overflow
NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37199 EXPLOITDB HIGH python VERIFIED
NBMonitor 1.6.6.0 - DoS
NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37198 EXPLOITDB HIGH python VERIFIED
Duplicate Cleaner Pro 4.1.3 - DoS
Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application crash.
by stresser
CVSS 7.5
CVE-2020-37197 EXPLOITDB HIGH python VERIFIED
Dnss - DoS
Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37196 EXPLOITDB HIGH python VERIFIED
Dnss - DoS
Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37195 EXPLOITDB HIGH python VERIFIED
BlueAuditor <1.7.2.0 - DoS
BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37194 EXPLOITDB HIGH python VERIFIED
Backup Key Recovery <2.2.5 - DoS
Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-character payload file and paste it into the registration key field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37207 EXPLOITDB HIGH python
SpotDialup 1.6.7 - DoS
SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37215 EXPLOITDB HIGH python VERIFIED
MSN Password Recovery <1.30 - DoS
MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and Registration Code' field to trigger an application crash.
by Gokkulraj
CVSS 7.5
EIP-2026-112030 EXPLOITDB python VERIFIED
Shopping Portal ProVersion 3.0 - Authentication Bypass
by Metin Yunus Kandemir
EIP-2026-107621 EXPLOITDB python VERIFIED
Hospital Management System 4.0 - Authentication Bypass
by Metin Yunus Kandemir
CVE-2019-16278 EXPLOITDB CRITICAL python VERIFIED
Nostromo nhttpd <1.9.6 - RCE
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
by Kr0ff
CVSS 9.8
EIP-2026-114133 EXPLOITDB python
WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass
by Raphael Karger
CVE-2019-25321 EXPLOITDB CRITICAL python
FTP Navigator 8.03 - RCE
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
by boku
CVSS 9.8
CVE-2019-25319 EXPLOITDB CRITICAL python
Domain Quester Pro 6.02 - RCE
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation and execute a bind shell on port 9999.
by boku
CVSS 9.8
CVE-2019-25318 EXPLOITDB HIGH python
AVS Audio Converter <9.1.2.600 - Code Injection
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button is clicked.
by boku
CVSS 8.8
CVE-2019-25328 EXPLOITDB HIGH python
XnConvert 1.82 - DoS
XnConvert 1.82 contains a denial of service vulnerability in its registration code input field that allows attackers to crash the application. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the registration code field to trigger an application crash.
by Gokkulraj
CVSS 7.5
CVE-2019-25327 EXPLOITDB CRITICAL python
Prime95 <29.8 build 6 - RCE
Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110.
by stresser
CVSS 9.8
CVE-2019-25330 EXPLOITDB HIGH python
SurfOffline Professional 2.2.0.103 - Buffer Overflow
SurfOffline Professional 2.2.0.103 contains a structured exception handler (SEH) overflow vulnerability that allows attackers to crash the application by manipulating the project name input. Attackers can generate a malicious payload of 382 'A' characters followed by specific byte sequences to trigger a denial of service condition and overwrite SEH registers.
by Chris Inzinga
CVSS 7.5
CVE-2019-25329 EXPLOITDB HIGH python
FTP Navigator 8.03 - DoS
FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler (SEH) with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger a program crash when pasted into the custom command input.
by Chris Inzinga
CVSS 7.5
CVE-2019-25321 EXPLOITDB CRITICAL python
FTP Navigator 8.03 - RCE
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
by Chris Inzinga
CVSS 9.8
CVE-2019-25331 EXPLOITDB HIGH python
AVS Audio Converter 9.1 - Buffer Overflow
AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. Attackers can craft a specially designed text file with 264 bytes of padding followed by register overwrite values to compromise the application and potentially execute arbitrary code.
by ZwX
CVSS 8.4
CVE-2019-25318 EXPLOITDB HIGH python
AVS Audio Converter <9.1.2.600 - Code Injection
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button is clicked.
by ZwX
CVSS 8.8
By Source
All 4,724 Exploitdb 50,121 Writeup 46,751 Nomisec 21,199 Metasploit 3,189 Github 2,250 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,738 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24