Exploitdb Exploits
50,076 exploits tracked across all sources.
Flexsense DiskBoss 7.7.14 - Unauthenticated Arbitrary File Upload via Search Files Directory Field
Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application.
by Paras Bhatia
CVSS 7.5
10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)
by Hodorsec
.NET Framework - Remote Code Execution via XML Injection
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
by Metasploit
CVSS 9.8
FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)
by Paras Bhatia
IBM Planning Analytics <2.0.9 - Privilege Escalation
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.
by Metasploit
CVSS 9.8
Redis - Replication Code Execution (Metasploit)
by Metasploit
Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection
by Jacob Baines
Grandstream UCM6200 <1.0.20.22 - SQL Injection
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords.
by Jacob Baines
CVSS 7.5
D-Link DWL-2600AP < 4.2.0.15 - Authenticated OS Command Injection via Config Restore
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.
by Metasploit
CVSS 7.8
Joomla com_fabrik 3.9.11 Directory Traversal via image.php
Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax_files method with path traversal sequences to enumerate files in system directories outside the intended web root.
by qw3rTyTy
CVSS 7.5
Odin Secure FTP Expert 7.6.3 - Buffer Overflow
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. Attackers can generate a buffer overflow by pasting 108 bytes of repeated characters into connection fields, causing the application to crash.
by Ivan Marmolejo
CVSS 8.4
10-Strike Network Inventory Explorer 9.03 - Buffer Overflow
10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to trigger a stack-based buffer overflow and bypass data execution prevention through a ROP chain.
by Hodorsec
CVSS 9.8
Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
by Daniel García Gutiérrez
CVSS 10.0
DrayTek Vigor2960/Vigor3900/Vigor300B Beta - Unauthenticated Remote Code Execution via mainfunction.cgi
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
by 0xsha
CVSS 9.8
Everest 5.50.2100 - Denial of Service via File Open Dialog Buffer Overflow
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash.
by Ivan Marmolejo
CVSS 5.5
Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)
by Felipe Winsnes
rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution
by vikingfr
ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin)
by Mustafa Emre Gül
Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal
by hongphukt
Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution
by Engin Demirbilek
TP-Link Archer C50 V3 - Denial of Service via Crafted HTTP Referer Header
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
by thewhiteh4t
CVSS 7.5
10-Strike Network Inventory Explorer 8.54 - Buffer Overflow
10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. Attackers can craft a malicious payload targeting the 'Computer' parameter during the 'Add' function to trigger remote code execution.
by Felipe Winsnes
CVSS 8.4
Avast SecureLine 5.5.522.0 - Code Injection
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup.
by Roberto Piña
CVSS 7.8
10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path
by Felipe Winsnes
By Source