Exploitdb Exploits
50,186 exploits tracked across all sources.
LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting
by Matthew Aberegg
Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting
by China Banking and Insurance Information Technology Management Co.
StreamRipper32 <2.6 - Buffer Overflow
StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the application.
by Andy Bowden
CVSS 9.8
WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution
by Austin Martin
Opmantek Open-audit - XSS
Open-AudIT 3.3.0 allows an XSS attack after login.
by Kamaljeet Kumar
CVSS 5.4
Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion (Authenticated)
by Mehmet Kelepçe
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
by Photubias
CVSS 8.8
GoldWave 5.70 - Buffer Overflow
GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow and execute commands when the file is opened.
by Andy Bowden
CVSS 9.8
Victor CMS 1.0 - XSS
Victor CMS 1.0 has Persistent XSS in admin/users.php?source=add_user via the user_name, user_firstname, or user_lastname parameter.
by Nitya Nand
CVSS 6.1
MyLittleAdmin 3.8 - RCE
The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code.
by Metasploit
CVSS 9.8
WordPress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)
by SunCSR
Synology Diskstation Manager < 5.2-5967-5 - Command Injection
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.
by Metasploit
CVSS 8.8
Konica Minolta FTP Utility 1.0 - Buffer Overflow
Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code.
by Socket_0x03
CVSS 9.8
Konica Minolta FTP Utility 1.0 - Buffer Overflow
Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the LIST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code.
by Socket_0x03
CVSS 9.8
Filetto 1.0 - DoS
Filetto 1.0 FTP server contains a denial of service vulnerability in the FEAT command processing that allows attackers to crash the service. Attackers can send an oversized FEAT command with 11,008 bytes of repeated characters to trigger a buffer overflow and terminate the FTP service.
by Socket_0x03
CVSS 9.8
Dolibarr 11.0.3 - XSS
Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary JavaScript and potentially steal user cookie information.
by Mehmet Kelepçe
CVSS 6.4
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP_ASLR)
by Gobinathan
Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
by Matteo Malvica
CVSS 7.8
Gym Management System 1.0 - Unauthenticated Remote Code Execution
by boku
Oracle Coherence 3.7.1.0/12.1.3.0.0/12.2.1.3-4 - RCE
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
by Metasploit
CVSS 9.8
CloudMe 1.11.2 - RCE
CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code execution.
by Xenofon Vassilakopoulos
CVSS 9.8
PHPFusion 9.03.50 - XSS
PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script execution in victim browsers.
by coiffeur
CVSS 6.4
forma.lms 2.3.0.2 - CSRF
forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover.
by Daniel Ortiz
CVSS 8.8
By Source