Exploitdb Exploits
31,392 exploits tracked across all sources.
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation
by Tulpa
Contrexx CMS egov Module 1.0.0 - SQL Injection
by hamidreza borghei
Open-Xchange OX Guard < 2.4.2 - Stored Cross-Site Scripting via PGP Signature Verification
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).
by Benjamin Daniel Mussler
CVSS 6.1
Open-Xchange OX App Suite <7.8.2-rev5 - RCE
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitation workflow. This code gets executed within the context of the user's current session. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).
by Jakub A>>oczek
CVSS 6.1
Adobe Flash Player <18.0.0.366,19.x-22.x - Info Disclosure
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.
by Google Security Research
CVSS 7.5
Adobe Flash Player <22.0.0.209 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248.
by Google Security Research
CVSS 8.8
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - RCE
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
by Google Security Research
CVSS 7.8
ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation
by sh4d0wman
WordPress Plugin RB Agency 2.4.7 - Local File Disclosure
by Persian Hack Team
ZKTeco ZKBioSecurity 3.0 Local Authorization Bypass via visLogin.jsp
ZKTeco ZKBioSecurity 3.0 contains a local authorization bypass vulnerability in visLogin.jsp that allows attackers to authenticate without valid credentials by spoofing localhost requests. Attackers can exploit the EnvironmentUtil.getClientIp() method which treats IPv6 loopback address 0:0:0:0:0:0:0:1 as 127.0.0.1 and authenticates using the IP as username with hardcoded password 123456 to access sensitive information and perform unauthorized actions.
by LiquidWorm
CVSS 5.5
ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability
ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including configuration files, source code, and protected application resources.
by LiquidWorm
CVSS 6.2
ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution
ZKTeco ZKBioSecurity 3.0 contains hardcoded credentials in the bundled Apache Tomcat server that allow unauthenticated attackers to access the manager application. Attackers can authenticate with hardcoded credentials stored in tomcat-users.xml to upload malicious WAR archives containing JSP applications and execute arbitrary code with SYSTEM privileges.
by LiquidWorm
CVSS 9.8
ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.
by LiquidWorm
CVSS 8.8
ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation
ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.
by LiquidWorm
CVSS 9.8
PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service
by Yakir Wizman
Adobe Flash Player <22.0.0.209 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248.
by Google Security Research
CVSS 8.8
By Source