Exploitdb Exploits
49,983 exploits tracked across all sources.
Snipe-IT 4.7.5 - XSS
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users.
by Metin Yunus Kandemir
CVSS 6.4
Al-enterprise Omnivista 4760 - Insufficiently Protected Credentials
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded in a reversible format. Sessions are stored in /sessions/sess_<sessionid>.
by 0x1911
CVSS 7.5
Yachtcontrol < 2019-10-06 - OS Command Injection
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.
by Hodorsec
CVSS 9.8
Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting
by omurugur
Firefox < 66.0.1 - Buffer Overflow
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
by Axel Souchet
CVSS 8.8
Integard Pro 2.2.0.9026 - Buffer Overflow
Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI.
by purpl3f0xsecur1ty
CVSS 9.8
Trendmicro Deep Security - Symlink Following
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected.
by Peter Lapp
CVSS 7.1
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
by Jinny Ramsmark
CVSS 9.8
NETGATE Data Backup 3.0.620 - Code Injection
NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations.
by ZwX
CVSS 7.8
Amiti Antivirus <25.0.640 - Code Injection
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations.
by ZwX
CVSS 7.8
Broadcom Privileged Access Manager - Improper Privilege Management
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
by Peter Lapp
CVSS 9.8
OwnCloud 8.1.8 - Info Disclosure
OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulating the share.php endpoint. Attackers can send crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter to retrieve comprehensive user information.
by Daniel Moreno
CVSS 9.8
Microsoft Visual Basic 2010 Express - XML External Entity Injection
by ZwX
Online Clinic Management System 2.2 - HTML Injection
by Cemal Cihad ÇİFTÇİ
Cisco Wireless Lan Controller Software - Improper Input Validation
A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by authenticating with low privileges to an affected controller and submitting the crafted URL to the web interface of the affected device. Conversely, an unauthenticated attacker could exploit this vulnerability by persuading a user of the web interface to click the crafted URL. A successful exploit could allow the attacker to cause an unexpected restart of the device, resulting in a DoS condition.
by SecuNinja
CVSS 6.5
Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass
by hyp3rlinx
XML-RPC - Code Injection
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0.
by crlf
CVSS 9.8
Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting
by Cemal Cihad ÇİFTÇİ
Intelbras WRN 150 1.0.18 - CSRF
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
by Prof. Joas Antonio
CVSS 6.5
DokuWiki 2018-04-22b - Info Disclosure
DokuWiki 2018-04-22b contains a username enumeration vulnerability in its password reset functionality that allows attackers to identify valid user accounts. Attackers can submit different usernames to the password reset endpoint and distinguish between existing and non-existing accounts by analyzing the server's error response messages.
by Talha ŞEN
CVSS 5.3
SmartHouse Webapp 6.5.33 - CSRF/XSS
SmartHouse Webapp 6.5.33 contains multiple cross-site request forgery and cross-site scripting vulnerabilities that allow attackers to perform unauthorized actions. Attackers can exploit these vulnerabilities by tricking logged-in users into visiting malicious websites or injecting malicious scripts into various application parameters.
by LiquidWorm
CVSS 5.3
Visual Studio 2008 - XML External Entity Injection
by hyp3rlinx
Microsoft Excel 2016 1901 - XML External Entity Injection
by hyp3rlinx
By Source