Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103677 EXPLOITDB ruby
Tautulli 2.1.9 - Denial of Service (Metasploit)
by Ismail Tasdelen
CVE-2020-2096 EXPLOITDB MEDIUM text
Jenkins Gitlab Hook Plugin < 1.4.2 - Reflected Cross-Site Scripting via Build Now Endpoint
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
by Ai Ho
CVSS 6.1
CVE-2020-0601 EXPLOITDB HIGH ruby
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
by Oliver Lyak
CVSS 8.1
EIP-2026-110060 EXPLOITDB text
Online Book Store 1.0 - 'bookisbn' SQL Injection
by Ertebat Gostar Co
CVE-2019-3929 EXPLOITDB CRITICAL ruby VERIFIED
Crestron Am-100 Firmware < 2.4.1.19 - OS Command Injection
The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
by Metasploit
CVSS 9.8
EIP-2026-101783 EXPLOITDB ruby
Huawei HG255 - Directory Traversal (Metasploit)
by Ismail Tasdelen
EIP-2026-101430 EXPLOITDB javascript
Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem - 'Cable Haunt' Remote Code Execution
by Lyrebirds
CVE-2020-37182 EXPLOITDB HIGH text
Redir 3.3 - Denial of Service via Stack Overflow in doproxyconnect()
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in program termination.
by hieubl
CVSS 7.5
CVE-2020-37101 EXPLOITDB HIGH text VERIFIED
VPN Unlimited 6.1 - Unquoted Service Path Privilege Escalation via Service Binary Path Injection
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\VPN Unlimited\' to replace the service executable and gain elevated system privileges.
by Amin Rawah
CVSS 7.8
EIP-2026-101798 EXPLOITDB text
IBM RICOH InfoPrint 6500 Printer - HTML Injection
by Ismail Tasdelen
EIP-2026-101796 EXPLOITDB text
IBM RICOH 6400 Printer - HTML Injection
by Ismail Tasdelen
EIP-2026-100048 EXPLOITDB text VERIFIED
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM
by Google Security Research
CVE-2020-0009 EXPLOITDB MEDIUM text VERIFIED
Android - Incorrect Default Permissions in ashmem.c
In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932
by Google Security Research
CVSS 5.5
CVE-2020-37191 EXPLOITDB HIGH python
Top Password Software Dialup Password Recovery <1.30 - DoS
Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code input fields.
by antonio
CVSS 7.5
CVE-2020-37190 EXPLOITDB HIGH python
Top Password Firefox Password Recovery <2.8 - DoS
Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.
by antonio
CVSS 7.5
CVE-2020-37189 EXPLOITDB HIGH python
TaskCanvas 1.4.0 - Denial of Service via Registration Code Input Field
TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37188 EXPLOITDB HIGH python VERIFIED
SpotOutlook 1.2.6 - Denial of Service via Registration Name Input Buffer Overflow
SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37187 EXPLOITDB HIGH python VERIFIED
SpotDialup 1.6.7 - Denial of Service via Registration Name Input Field
SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37186 EXPLOITDB CRITICAL python
Chevereto 3.13.4 - Remote Code Execution via Database Table Prefix Manipulation
Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database table prefix parameter to write a PHP shell file and execute arbitrary system commands through a crafted POST request.
by Jinny Ramsmark
CVSS 9.8
CVE-2020-37185 EXPLOITDB HIGH python
Nsasoft Nsauditor Backup Key Recovery 2.2.5 - Denial of Service via Name Input Field Overflow
Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.
by Ismail Tasdelen
CVSS 7.5
CVE-2020-37184 EXPLOITDB CRITICAL python
Allok Video Converter <4.6.1217 - RCE
Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite SEH handlers and execute system commands by injecting malicious bytecode into the input field.
by antonio
CVSS 9.8
CVE-2020-37183 EXPLOITDB CRITICAL python
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Buffer Overflow
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload in the License Name input field to trigger a buffer overflow and execute system commands like calc.exe.
by antonio
CVSS 9.8
EIP-2026-117557 EXPLOITDB python
Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass)
by Nassim Asrir
EIP-2026-116741 EXPLOITDB text VERIFIED
Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions
by ZwX
CVE-2019-18859 EXPLOITDB MEDIUM text
Digi AnywhereUSB 14 Firmware - Cross-Site Scripting via Digi Page Link
Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.
by Raspina Net Pars Group
CVSS 6.1