Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2020-36882 EXPLOITDB HIGH python
Flexsense DiskBoss 7.7.14 - Unauthenticated Arbitrary File Upload via Search Files Directory Field
Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application.
by Paras Bhatia
CVSS 7.5
EIP-2026-116689 EXPLOITDB python
10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)
by Hodorsec
CVE-2020-0646 EXPLOITDB CRITICAL ruby VERIFIED
.NET Framework - Remote Code Execution via XML Injection
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
by Metasploit
CVSS 9.8
EIP-2026-115256 EXPLOITDB python
FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)
by Paras Bhatia
CVE-2019-4716 EXPLOITDB CRITICAL ruby VERIFIED
IBM Planning Analytics <2.0.9 - Privilege Escalation
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
by Metasploit
CVSS 9.8
EIP-2026-103211 EXPLOITDB ruby VERIFIED
Redis - Replication Code Execution (Metasploit)
by Metasploit
EIP-2026-101763 EXPLOITDB python
Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection
by Jacob Baines
CVE-2020-5726 EXPLOITDB HIGH python
Grandstream UCM6200 <1.0.20.22 - SQL Injection
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords.
by Jacob Baines
CVSS 7.5
CVE-2019-20499 EXPLOITDB HIGH ruby VERIFIED
D-Link DWL-2600AP < 4.2.0.15 - Authenticated OS Command Injection via Config Restore
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.
by Metasploit
CVSS 7.8
CVE-2020-37219 EXPLOITDB HIGH text
Joomla com_fabrik 3.9.11 Directory Traversal via image.php
Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files in system directories outside the intended web root.
by qw3rTyTy
CVSS 7.5
CVE-2020-37139 EXPLOITDB HIGH python
Odin Secure FTP Expert 7.6.3 - Buffer Overflow
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. Attackers can generate a buffer overflow by pasting 108 bytes of repeated characters into connection fields, causing the application to crash.
by Ivan Marmolejo
CVSS 8.4
CVE-2020-37138 EXPLOITDB CRITICAL python
10-Strike Network Inventory Explorer 9.03 - Buffer Overflow
10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to trigger a stack-based buffer overflow and bypass data execution prevention through a ROP chain.
by Hodorsec
CVSS 9.8
CVE-2020-0796 EXPLOITDB CRITICAL text
Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
by Daniel García Gutiérrez
CVSS 10.0
CVE-2020-8515 EXPLOITDB CRITICAL go
DrayTek Vigor2960/Vigor3900/Vigor300B Beta - Unauthenticated Remote Code Execution via mainfunction.cgi
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
by 0xsha
CVSS 9.8
EIP-2026-100945 EXPLOITDB python
Zen Load Balancer 3.10.1 - Remote Code Execution
by Cody Sixteen
CVE-2020-37140 EXPLOITDB MEDIUM python
Everest 5.50.2100 - Denial of Service via File Open Dialog Buffer Overflow
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash.
by Ivan Marmolejo
CVSS 5.5
EIP-2026-117106 EXPLOITDB python
Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)
by Felipe Winsnes
EIP-2026-111691 EXPLOITDB python
rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution
by vikingfr
EIP-2026-106752 EXPLOITDB text
ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin)
by Mustafa Emre Gül
EIP-2026-102386 EXPLOITDB python
Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal
by hongphukt
EIP-2026-105777 EXPLOITDB python
Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution
by Engin Demirbilek
CVE-2020-9375 EXPLOITDB HIGH python
TP-Link Archer C50 V3 - Denial of Service via Crafted HTTP Referer Header
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
by thewhiteh4t
CVSS 7.5
CVE-2020-37142 EXPLOITDB HIGH python
10-Strike Network Inventory Explorer 8.54 - Buffer Overflow
10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. Attackers can craft a malicious payload targeting the 'Computer' parameter during the 'Add' function to trigger remote code execution.
by Felipe Winsnes
CVSS 8.4
CVE-2020-37037 EXPLOITDB HIGH text
Avast SecureLine 5.5.522.0 - Code Injection
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup.
by Roberto Piña
CVSS 7.8
EIP-2026-116680 EXPLOITDB text
10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path
by Felipe Winsnes