Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105780 EXPLOITDB text
Centreon 19.10.5 - 'Pollers' Remote Command Execution
by Omri Baso
EIP-2026-105778 EXPLOITDB text
Centreon 19.10.5 - 'centreontrapd' Remote Command Execution
by Fabien AUNAY
EIP-2026-102391 EXPLOITDB text
Liferay CE Portal 6.0.2 - Remote Command Execution
by Berk Dusunur
CVE-2020-7980 EXPLOITDB CRITICAL python
Intellian Aptus Web 1.24 - OS Command Injection via Q Field in JSON Data
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
by Xh4H
CVSS 9.8
EIP-2026-101733 EXPLOITDB text
Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting
by LiquidWorm
CVE-2019-19740 EXPLOITDB CRITICAL text
Octeth Oempro 4.7-4.8 - SQL Injection via CampaignID Parameter
Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.
by Bruno de Barros Bulle
CVSS 9.8
EIP-2026-105783 EXPLOITDB text
Centreon 19.10.5 - Remote Command Execution
by Fabien AUNAY
EIP-2026-105782 EXPLOITDB text
Centreon 19.10.5 - Database Credentials Disclosure
by Fabien AUNAY
CVE-2020-7991 EXPLOITDB HIGH text VERIFIED
Adive Framework 2.0.8 - Cross-Site Request Forgery in Admin Config
Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password.
by Sarthak Saini
CVSS 8.8
EIP-2026-103541 EXPLOITDB text VERIFIED
macOS/iOS ImageIO - Heap Corruption when Processing Malformed TIFF Image
by Google Security Research
CVE-2020-37176 EXPLOITDB CRITICAL python
Torrent 3GP Converter 1.51 - Stack-based Buffer Overflow via Registration Dialog
Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open the calculator through carefully constructed buffer overflow techniques.
by boku
CVSS 9.8
CVE-2019-1125 EXPLOITDB MEDIUM
CPU Speculative Access - Info Disclosure
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125. Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM.
by Bitdefender
CVSS 5.6
CVE-2020-6845 EXPLOITDB MEDIUM text
TopManage OLK 2020 - DOM-Based Cross-Site Scripting via Session Cookie
An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack.
by Joel Aviad Ossi
CVSS 6.1
CVE-2020-6844 EXPLOITDB HIGH text
TopManage OLK 2020 - Cross-Site Request Forgery in Login
In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.
by Joel Aviad Ossi
CVSS 8.8
EIP-2026-113372 EXPLOITDB text
Webtareas 2.0 - 'id' SQL Injection
by Greg.Priest
CVE-2019-16893 EXPLOITDB HIGH text
TP-Link TP-SG105E V4 1.0.0 Build 20181120 - Unauthenticated Device Reboot via reboot.cgi
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
by PCEumel
CVSS 7.5
CVE-2020-6170 EXPLOITDB CRITICAL text
Genexis Platinum-4410 <2.1 - Auth Bypass
An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI.
by Husinul Sanub
CVSS 9.8
CVE-2020-37177 EXPLOITDB HIGH python
BOOTP Turbo 2.0 - Denial of Service via SEH Overwrite
BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH chain.
by boku
CVSS 7.5
CVE-2020-0610 EXPLOITDB CRITICAL c++
Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
by ollypwn
CVSS 9.8
CVE-2020-0610 EXPLOITDB CRITICAL c++
Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
by ollypwn
CVSS 9.8
CVE-2020-7246 EXPLOITDB HIGH python
qdPM < 9.1 - Authenticated Remote Code Execution via Profile Photo Path Traversal
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
by Rishal Dwivedi
CVSS 8.8
EIP-2026-103186 EXPLOITDB python VERIFIED
Pachev FTP Server 1.0 - Path Traversal
by 1F98D
CVE-2019-9213 EXPLOITDB MEDIUM ruby VERIFIED
Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
by Metasploit
CVSS 5.5
CVE-2020-37178 EXPLOITDB HIGH text
KeePass Password Safe < 2.44 - Denial of Service via Malicious HTML File in Help System
KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.
by Mustafa Emre Gül
CVSS 7.5
CVE-2018-10653 EXPLOITDB CRITICAL python
Citrix XenMobile Server <10.8 - XSS
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
by Jonas Lejon
CVSS 9.8