Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2020-8656 EXPLOITDB CRITICAL text
EyesOfNetwork 5.3 - Unauthenticated SQL Injection via Username Field in getApiKey
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.
by Clément Billac
CVSS 9.8
EIP-2026-104269 EXPLOITDB text
Google Invisible RECAPTCHA 3 - Spoof Bypass
by Matamorphosis
CVE-2020-37168 EXPLOITDB CRITICAL php
Ecommerce Systempay 1.0 Production Key Brute Force
Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment signature generation. Attackers can extract payment form data and signatures from POST requests to the payment endpoint, then use SHA1 hash comparison to iteratively test key candidates until discovering the correct production key, enabling them to forge valid payment signatures and manipulate transaction amounts.
by live3
CVSS 9.8
CVE-2020-37171 EXPLOITDB MEDIUM python
TapinRadio < 2.12.3 - Denial of Service via Username Field Buffer Overflow
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.
by chuyreds
CVSS 6.2
CVE-2020-37170 EXPLOITDB MEDIUM python
TapinRadio < 2.12.3 - Denial of Service via Proxy Address Configuration Overwrite
TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program functionality.
by chuyreds
CVSS 6.2
CVE-2020-37166 EXPLOITDB MEDIUM python
AbsoluteTelnet 11.12 - Denial of Service via SSH2 Username Buffer Overflow
AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate.
by chuyreds
CVSS 6.2
CVE-2020-37165 EXPLOITDB MEDIUM python
AbsoluteTelnet < 11.12 - Denial of Service via Oversized License Name
AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license name field to trigger an application crash.
by chuyreds
CVSS 6.2
CVE-2020-37164 EXPLOITDB MEDIUM python
AbsoluteTelnet < 11.12 - Denial of Service via Oversized License Name
AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license entry field to trigger an application crash.
by chuyreds
CVSS 6.2
EIP-2026-117120 EXPLOITDB text
ELAN Smart-Pad 11.10.15.1 - 'ETDService' Unquoted Service Path
by ZwX
EIP-2026-116152 EXPLOITDB python
RarmaRadio 2.72.4 - 'username' Denial of Service (PoC)
by chuyreds
EIP-2026-116151 EXPLOITDB python
RarmaRadio 2.72.4 - 'server' Denial of Service (PoC)
by chuyreds
EIP-2026-110130 EXPLOITDB text
Online Job Portal 1.0 - Remote Code Execution
by Ihsan Sencan
EIP-2026-110128 EXPLOITDB text
Online Job Portal 1.0 - Cross Site Request Forgery (Add User)
by Ihsan Sencan
EIP-2026-110127 EXPLOITDB text
Online Job Portal 1.0 - 'user_email' SQL Injection
by Ihsan Sencan
CVE-2019-18634 EXPLOITDB HIGH bash
sudo 1.7.1-1.8.25 - Stack-based Buffer Overflow via pwfeedback
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
by Dylan Katz
CVSS 7.8
EIP-2026-102758 EXPLOITDB text
VIM 8.2 - Denial of Service (PoC)
by Dhiraj Mishra
CVE-2019-15978 EXPLOITDB HIGH python VERIFIED
Cisco Data Center Network Manager < 11.3(1) - Authenticated OS Command Injection via REST and SOAP API
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one.
by mr_me
CVSS 7.2
CVE-2019-15984 EXPLOITDB HIGH python VERIFIED
Cisco Data Center Network Manager < 11.3(1) - Authenticated SQL Injection via REST and SOAP API
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. For more information about these vulnerabilities, see the Details section of this advisory. Note: The severity of these vulnerabilities is aggravated by the vulnerabilities described in the Cisco Data Center Network Manager Authentication Bypass Vulnerabilities advisory, published simultaneously with this one.
by mr_me
CVSS 7.2
CVE-2019-15975 EXPLOITDB CRITICAL python VERIFIED
Cisco Data Center Network Manager < 11.3(1) - Unauthenticated Remote Code Execution via Authentication Bypass
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
by mr_me
CVSS 9.8
CVE-2020-37173 EXPLOITDB HIGH text
AVideo Platform 8.1 - Info Disclosure
AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the users_id parameter.
by Ihsan Sencan
CVSS 7.5
CVE-2020-37172 EXPLOITDB MEDIUM text
AVideo Platform 8.1 - Cross-Site Request Forgery in Password Recovery Mechanism
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
by Ihsan Sencan
CVSS 5.3
CVE-2020-37158 EXPLOITDB MEDIUM text
AVideo Platform 8.1 - Cross-Site Request Forgery via Password Recovery Mechanism
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
by Ihsan Sencan
CVSS 5.3
CVE-2014-2630 EXPLOITDB bash
HP Performance Monitoring xglance Priv Esc
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.
by redtimmysec
EIP-2026-103006 EXPLOITDB text
Socat 1.7.3.4 - Heap-Based Overflow (PoC)
by hieubl
CVE-2019-10716 EXPLOITDB HIGH python
Verodin Director < 3.5.3.1 - Information Disclosure via /integrations.json API
An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request.
by nxkennedy
CVSS 7.7