Exploitdb Exploits

31,364 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-10580 EXPLOITDB MEDIUM text
MyBB Latest Posts on Profile 1.1 - XSS
The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field.
by 0xB9
CVSS 5.4
CVE-2018-10832 EXPLOITDB MEDIUM text
Modbuspal - XXE
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp files and automations can be exported as .xmpa files, both XML-based, which are vulnerable to XXE injection. Sending a crafted .xmpp or .xmpa file to a user, when opened/imported in ModbusPal, will return the contents of any local files to a remote attacker.
by Trent Gordon
CVSS 5.5
EIP-2026-117568 EXPLOITDB text
Microsoft Windows FxCop 10/12 - XML External Entity Injection
by hyp3rlinx
CVE-2018-10655 EXPLOITDB HIGH text
DeviceLock Plug and Play Auditor <5.72 - Buffer Overflow
DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH).
by hyp3rlinx
CVSS 7.8
CVE-2018-10757 EXPLOITDB CRITICAL text
Csp Mysql User Manager - SQL Injection
CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt.
by Youssef Mami
CVSS 9.8
CVE-2018-0494 EXPLOITDB MEDIUM text
GNU Wget < 1.19.5 - Improper Input Validation
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
by Harry Sintonen
CVSS 6.5
CVE-2018-10371 EXPLOITDB MEDIUM text
WF Cookie Consent <1.1.3 - XSS
An issue was discovered in the wunderfarm WF Cookie Consent plugin 1.1.3 for WordPress. A persistent cross-site scripting vulnerability has been identified in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in a victim's web browser via a page title.
by B0UG
CVSS 6.1
CVE-2015-1503 EXPLOITDB HIGH text
IceWarp Mail Server <11.2 - Path Traversal
Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php.
by Trustwave's SpiderLabs
CVSS 7.5
CVE-2018-6065 EXPLOITDB HIGH text VERIFIED
Google Chrome <65.0.3325.146 - Heap Corruption
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
by Google Security Research
CVSS 8.8
CVE-2018-5430 EXPLOITDB HIGH text
TIBCO JasperReports Server - Info Disclosure
The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files. Affected releases include TIBCO Software Inc.'s TIBCO JasperReports Server: versions up to and including 6.2.4; 6.3.0; 6.3.2; 6.3.3;6.4.0; 6.4.2, TIBCO JasperReports Server Community Edition: versions up to and including 6.4.2, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO Jaspersoft for AWS with Multi-Tenancy: versions up to and including 6.4.2, TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 6.4.2.
by Hector Monsegur
CVSS 8.8
EIP-2026-118345 EXPLOITDB text
Call of Duty Modern Warefare 2 - Buffer Overflow
by momo5502
EIP-2026-116728 EXPLOITDB text
Adobe Reader PDF - Client Side Request Injection
by Alex Inführ
EIP-2026-116224 EXPLOITDB text
Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service
by Tenable NS
CVE-2018-9302 EXPLOITDB CRITICAL text
Cockpit < 0.5.5 - SSRF
SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpit 0.4.4 through 0.5.5 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14611, which was about version 0.13.0, which (surprisingly) is an earlier version than 0.4.4.
by Qian Wu_ Bo Wang_ Jiawang Zhang
CVSS 9.1
CVE-2018-5234 EXPLOITDB HIGH text
Norton Core <v237 - Command Injection
The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.
by embedi
CVSS 8.0
CVE-2018-10309 EXPLOITDB MEDIUM text
Responsive Cookie Consent <1.8 - XSS
The Responsive Cookie Consent plugin before 1.8 for WordPress mishandles number fields, leading to XSS.
by B0UG
CVSS 5.4
CVE-2018-10504 EXPLOITDB HIGH text VERIFIED
WebDorado Form Maker by WD <1.12.24 - Code Injection
The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
by Sairam Jetty
CVSS 7.8
CVE-2018-4139 EXPLOITDB HIGH text VERIFIED
Apple Mac OS X < 10.13.4 - Memory Corruption
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2018-10366 EXPLOITDB MEDIUM text
October CMS Users <1.4.5 - XSS
An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.
by 0xB9
CVSS 6.1
CVE-2018-10365 EXPLOITDB MEDIUM text
Threads to Link plugin 1.3 - MyBB - XSS
An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized.
by 0xB9
CVSS 5.4
CVE-2018-10321 EXPLOITDB MEDIUM text
Frog CMS 0.9.5 - XSS
Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.
by Wenming Jiang
CVSS 4.8
CVE-2016-10036 EXPLOITDB CRITICAL text
JFrog Artifactory <4.16 - RCE
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file.
by Alessio Sergi
CVSS 9.8
EIP-2026-102064 EXPLOITDB text
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot
by Wadeek
CVE-2018-10258 EXPLOITDB HIGH text
Shopy Point of Sale <1.0 - Code Injection
A CSV Injection vulnerability was discovered in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
by 8bitsec
CVSS 8.8
CVE-2018-10260 EXPLOITDB HIGH text
HRSALE The Ultimate HRM 1.0.2 - LFI
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
by 8bitsec
CVSS 8.8
By Source
All 31,364 Writeup 54,687 Exploitdb 50,186 Nomisec 21,443 Metasploit 3,228 Github 2,587 Vulncheck_xdb 904 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,364 ruby 5,960 python 5,949 c 3,580 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 55 postscript 25 xml 24