Exploitdb Exploits
50,076 exploits tracked across all sources.
docPrint Pro 8.0 - Stack-based Buffer Overflow via Add URL Input Field
docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler (SEH) overwrite to execute shellcode and gain remote system access.
by MasterVlad
CVSS 8.4
OpenCart 3.0.3.6 - Stored Cross-Site Scripting in Mail Subject Field
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail. This vulnerability can allow an attacker to inject the XSS payload in the Subject field of the mail and each time any user will open that mail of the website, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 4.8
OpenCart 3.0.3.6 - Stored Cross-Site Scripting via Profile Image Upload
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image. An admin can upload a profile image as a malicious code using JavaScript. Whenever anyone will see the profile picture, the code will execute and XSS will trigger.
by Hemant Patidar
CVSS 4.8
nopCommerce Store 4.30 - Stored Cross-Site Scripting in Schedule Tasks Name Field
nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in the Schedule tasks name field. This vulnerability can allow an attacker to inject the XSS payload in Schedule tasks and each time any user will go to that page of the website, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 4.8
Apache OpenMeetings 4.0.0-5.0.0 - Denial of Service via NetTest Web Service
Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack.
by SunCSR
CVSS 7.5
ZeroShell 3.9.0 - Unauthenticated Remote Command Execution via HTTP Parameter Injection
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
by Giuseppe Fuggiano
CVSS 9.8
Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)
by maj0rmil4d
Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH)
by Luis Martínez
Liferay Portal 7.1.0-7.2.1 GA2 - Stored Cross-Site Scripting in User Account Name Fields
In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload will then be rendered when a user utilizes the search feature to search for other users (i.e., if a user with modified fields occurs in the search results). This issue was fixed in Liferay Portal CE version 7.3.0 GA1.
by 3ndG4me
CVSS 5.4
TP-Link TL-WA855RE V5 - Privilege Escalation
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.
by malwrforensics
CVSS 8.8
Zortam Mp3 Media Studio 27.60 - RCE
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system.
by Vincent Wolterman
CVSS 9.8
IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow
by Paolo Stagno
Free MP3 CD Ripper 2.8 - Multiple File Buffer Overflow (Metasploit)
by ZwX
Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit
by stresser
WonderCMS 3.1.3 - Stored Cross-Site Scripting in Page Description
WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Page description component. This vulnerability can allow an attacker to inject the XSS payload in the Page description and each time any user will visits the website, the XSS triggers and attacker can steal the cookie according to the crafted payload.
by Hemant Patidar
CVSS 5.4
Internet Download Manager 6.38.12 Scheduler Buffer Overflow
Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data exceeding 5000 bytes into the 'Open the following file when done' field to trigger a denial of service condition.
by Vincent Wolterman
CVSS 6.2
M/Monit 3.7.4 - Privilege Escalation
M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standard user account.
by Dolev Farhi
CVSS 8.8
M/Monit 3.7.4 - Authenticated Password Hash Exposure via Admin API Endpoints
M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.
by Dolev Farhi
CVSS 6.5
Ortus TestBox 2.4.0-4.1.0 - Remote Code Execution via HTMLRunner.cfm Query Parameters
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution.
by Darren King
CVSS 9.8
Ortus TestBox 2.4.0-4.1.0 - Path Traversal via test-browser/index.cfm Query Parameters
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal.
by Darren King
CVSS 5.3
Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
by Jasper Rasenberg
cxuucms v3 - SQL Injection via search.php Keywords Parameter
cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php.
by icekam
CVSS 7.5
PESCMS Team 2.3.2 - Reflected Cross-Site Scripting via ID Parameter
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=
by icekam
CVSS 6.1
Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
by Emre ÖVÜNÇ
By Source