Exploitdb Exploits
31,364 exploits tracked across all sources.
Dell Emc Avamar - Missing Authorization
Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials.
by SlidingWindow
CVSS 9.8
MyBB Recent threads 17.0 Persistent Cross-Site Scripting
MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can create threads with script tags in the subject parameter to execute arbitrary JavaScript in the browsers of all users viewing the index page.
by Perileos
CVSS 7.2
BuddyPress Xprofile Custom Fields Type 2.6.3 Remote Code Execution
BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attackers can modify the field_hiddenfile and field_deleteimg parameters during profile editing to unlink files from the server.
by Lenon Leite
CVSS 8.8
KYOCERA Net Admin 3.4.0906 - CSRF
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.
by LiquidWorm
CVSS 8.8
KYOCERA Net Admin 3.4.0906 - XXE Injection
KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuration data like database credentials through an out-of-band channel attack.
by LiquidWorm
CVSS 7.5
Yahei Php Prober - XSS
proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter.
by ManhNho
CVSS 6.1
WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution
by Graeme Robinson
WordPress Plugin Google Drive 2.2 - Remote Code Execution
by Lenon Leite
99robots WP Background Takeover Advertisements - Path Traversal
exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. in the filename parameter.
by Colette Chamberland
CVSS 7.5
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution
by Lenon Leite
WolfCMS 0.8.3.1 - Open Redirect
Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.
by Sureshbabu Narvaneni
CVSS 4.8
WolfCMS 0.8.3.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.
by Sureshbabu Narvaneni
CVSS 6.5
Iscripts Sonicbb - XSS
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
by ManhNho
CVSS 6.1
Western Bridge Cobub Razor 0.7.2 - Info Disclosure
An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation.
by ppb
CVSS 7.5
Apple Safari < 11.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Google Security Research
CVSS 8.8
Cyberark Password Vault < 9.7 - Information Disclosure
CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.
by RedTeam Pentesting
CVSS 5.3
Cyberark Password Vault < 9.9.5 - Insecure Deserialization
The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.
by RedTeam Pentesting
CVSS 9.8
Zldnn Dnnarticle - Information Disclosure
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.
by Esmaeil Rahimian
CVSS 9.8
Sophos Endpoint Protection 10.7 - Info Disclosure
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.
by hyp3rlinx
CVSS 7.8
Sophos Endpoint Protection - Security Feature Bypass
Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.
by hyp3rlinx
CVSS 5.5
Western Bridge Cobub Razor 0.7.2 - Stored XSS
An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.
by ppb
CVSS 8.8
Fiberhome Vdsl2 Modem HG 150-ub Firmware - Authentication Bypass
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header.
by Noman Riffat
CVSS 9.8
Android <8.0 - RCE
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.
by Marcin Kozlowski
CVSS 8.8
MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators validate the download in downloads.php.
by 0xB9
CVSS 7.2
Microsoft Exchange Server - Out-of-Bounds Write
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
by Google Security Research
CVSS 8.8
By Source