Exploitdb Exploits
50,076 exploits tracked across all sources.
Xeroneit Library Management System 3.0 - 'category' SQL Injection
by Sohel Yousef
SeedDMS 5.1.18 - Persistent Cross-Site Scripting
by Vulnerability-Lab
Macs Framework 1.14f CMS - Persistent Cross-Site Scripting
by Vulnerability-Lab
DedeCMS 7.5 SP2 - Persistent Cross-Site Scripting
by Vulnerability Research Laboratory
SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting
by Vulnerability-Lab
AirDisk Pro 5.5.3 for iOS - Persistent Cross-Site Scripting
by Vulnerability-Lab
Edimax EW-7438RPn-v3 Mini 1.27 - Info Disclosure
Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizard_reboot.asp page in unsetup mode, which discloses the Wi-Fi SSID and security key. Attackers can retrieve the wireless password by sending a GET request to this endpoint, exposing sensitive information without authentication.
by Wadeek
CVSS 7.5
Edimax EW-7438RPn-v3 Mini 1.27 - CSRF
Edimax EW-7438RPn-v3 Mini 1.27 is vulnerable to cross-site request forgery (CSRF) that can lead to command execution. An attacker can trick an authenticated user into submitting a crafted form to the /goform/mp endpoint, resulting in arbitrary command execution on the device with the user's privileges.
by Wadeek
CVSS 8.1
Edimax EW-7438RPn-v3 Mini 1.27 - RCE
Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download and execute malicious scripts on the device.
by Wadeek
CVSS 9.8
B64dec 1.1.2 - Stack-based Buffer Overflow via Crafted Base64 Input
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during base64 decoding process.
by Andy Bowden
CVSS 9.8
Oracle Coherence 3.7.1.0/12.1.3.0.0/12.2.1.3-4 - RCE
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
by nu11secur1ty
CVSS 9.8
Huawei HG630 V2 Router Authentication Bypass via Serial Number
Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, then use the last 8 characters as the default password to log in to the router.
by Eslam Medhat
CVSS 7.5
Free Desktop Clock 3.0 - Buffer Overflow
Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode input that triggers an access violation and potentially execute arbitrary code.
by boku
CVSS 9.8
webTareas 2.0 - Path Traversal via extpath Parameter in general_serv.php
Path Traversal vulneraility exists in webTareas 2.0 via the extpath parameter in general_serv.php, which could let a malicious user read arbitrary files.
by China Banking and Insurance Information Technology Management Co.
CVSS 6.5
WordPress Plugin Media Library Assistant 2.81 - Local File Inclusion
by Daniel Monzón
Progress MOVEit Transfer <11.1.1 - SQL Injection
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, or may be able to alter the database via the REST API, aka SQL Injection.
by Aviv Beniash
CVSS 9.4
TVT NVMS-1000 Firmware - Path Traversal via GET Request
TVT NVMS-1000 devices allow GET /.. Directory Traversal
by Mohin Paramasivam
CVSS 7.5
Windscribe <v1.83 Build 20 - Privilege Escalation
In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.
by MgThuraMoeMyint
CVSS 7.8
AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)
by chuyreds
Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal
by Basim Alabdullah
By Source