Exploitdb Exploits
31,392 exploits tracked across all sources.
Adobe Flash Player <=21.0.0.242 - Second Exploit-Referenced Impact Unknown
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
by Google Security Research
CVSS 8.8
Adobe Flash Player <=21.0.0.242 - Exploit-Referenced Impact Unknown
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
by Google Security Research
CVSS 8.8
Adobe Flash Player <=21.0.0.242 - Fourth Exploit-Referenced Impact Unknown
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
by Google Security Research
CVSS 9.8
WordPress Lazy Content Slider Plugin 3.4 CSRF
WordPress Lazy Content Slider Plugin 3.4 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into submitting POST requests to the plugin settings page via lzcs_admin.php to modify plugin configuration parameters like lzcs_color and lzcs_count.
by Persian Hack Team
CVSS 4.3
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval
by LiquidWorm
Streamo Online Radio And TV Streaming CMS - SQL Injection
by N4TuraL
Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities
by Bikramaditya Guha
GNU wget < 1.18 - Arbitrary File Write via HTTP-to-FTP Redirect
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
by Dawid Golunski
CVSS 8.8
PaKnPost Pro 1.14 - Multiple Vulnerabilities
by Edvin Rustemagic_ Grega Preseren
Samsung Android JACK - Local Privilege Escalation
by Google Security Research
XpoLog Center 6 - Remote Command Execution / Cross-Site Request Forgery
by LiquidWorm
CPython <3.4.5-2.7.12 - Info Disclosure
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
by tintinweb
CVSS 6.5
Phoenix Exploit Kit - Remote Code Execution
by CrashBandicot
Ktools.net Photostore <4.7.5 - SQL Injection
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
by Gal Goldshtein & Viktor Minin
CVSS 9.8
Symantec Endpoint Protection Manager < 12.1.6 - Authenticated Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
by hyp3rlinx
CVSS 8.0
Symantec Endpoint Protection Manager <12.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
by hyp3rlinx
CVSS 5.4
By Source