Exploitdb Exploits
50,076 exploits tracked across all sources.
Wacom WTabletService 6.6.7-3 - Code Injection
Wacom WTabletService 6.6.7-3 contains an unquoted service path vulnerability that allows local attackers to execute malicious code with elevated privileges. Attackers can insert an executable file in the service path to run unauthorized code when the service restarts or the system reboots.
by Marcos Antonio León
CVSS 7.8
Smartwares HOME easy <=1.0.9 - Unauthenticated Database Backup Download and Information Disclosure
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control.
by LiquidWorm
CVSS 7.5
Smartwares HOME easy <1.0.9 - Auth Bypass
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system information.
by LiquidWorm
CVSS 9.8
QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path
by Ivan Marmolejo
Network Inventory Advisor 5.0.26.0 Unquoted Service Path Privilege Escalation
Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with LocalSystem privileges when the service starts or restarts.
by Samuel DiazL
CVSS 7.8
SD.NET RIM < 4.7.3c - SQL Injection via POST Parameters 'idtyp' and 'idgremium'
SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. Attackers can exploit this vulnerability by crafting specially formed POST requests to the /vorlagen/ endpoint, enabling unauthorized database manipulation and potential information disclosure.
by Fabian Mosch_ Nick Theisinger
CVSS 8.2
FileOptimizer 14.00.2524 - Denial of Service via TempDirectory Parameter Overwrite
FileOptimizer 14.00.2524 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the FileOptimizer32.ini configuration file. Attackers can overwrite the TempDirectory parameter with a 5000-character buffer to cause the application to crash when opening options.
by SYANiDE
CVSS 7.5
Millhouse Project 1.414 - Stored Cross-Site Scripting via Comment Content Parameter
Millhouse-Project 1.414 contains a persistent cross-site scripting vulnerability in the comment submission functionality that allows attackers to inject malicious scripts. Attackers can post comments with embedded JavaScript through the 'content' parameter in add_comment_sql.php to execute arbitrary scripts in victim browsers.
by cakes
CVSS 6.4
Globitek CMS 1.4 - SQL Injection via 'id' GET Parameter
thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.
by cakes
CVSS 7.1
RimbaLinux AhadPOS 1.11 - SQL Injection
RimbaLinux AhadPOS 1.11 contains a SQL injection vulnerability in the 'alamatCustomer' parameter that allows attackers to manipulate database queries through crafted POST requests. Attackers can exploit time-based and boolean-based blind SQL injection techniques to extract information or potentially interact with the underlying database.
by cakes
CVSS 7.1
html5_snmp 1.11 - SQL Injection via Router_ID and Router_IP Parameters
html5_snmp 1.11 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through Router_ID and Router_IP parameters. Attackers can exploit error-based, time-based, and union-based injection techniques to potentially extract or modify database information by sending crafted payloads.
by cakes
CVSS 9.1
html5_snmp 1.11 - Stored Cross-Site Scripting via Remark Parameter
html5_snmp 1.11 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through the 'Remark' parameter in add_router_operation.php. Attackers can craft a POST request with a script payload in the Remark field to execute arbitrary JavaScript in victim browsers when the page is loaded.
by cakes
CVSS 6.1
BlueStacks App Player 2.4.44.62.57 - Local Privilege Escalation
BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe to inject malicious executables and escalate privileges.
by Diego Armando Buztamante Rico
CVSS 7.8
WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive
by Google Security Research
iCloud < 7.15 - Memory Corruption via Malicious Web Content
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()
by Google Security Research
Ayukov NFTP client 1.71 - Stack-based Buffer Overflow via SYST Command
Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST command with oversized payload to trigger a buffer overflow and execute a bind shell on port 5150.
by SYANiDE
CVSS 9.8
Aida64 Engineer 6.10.5200 - Buffer Overflow
Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH (Structured Exception Handler) overwrite techniques to achieve remote code execution.
by daejinoh
CVSS 9.8
Acer Launch Manager 6.1.7600.16385 - Privilege Escalation
Acer Launch Manager 6.1.7600.16385 contains an unquoted service path vulnerability in the DsiWMIService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Launch Manager\dsiwmis.exe to insert malicious code that would execute with system-level permissions during service startup.
by Gustavo Briseño
CVSS 7.8
OpenVPN Connect 3.0.0.272 - 'agent_ovpnconnect' Unquoted Service Path
by Luis Martínez
Micro Focus Data Protector <10.50 - Privilege Escalation
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges.
by Metasploit
CVSS 7.8
DOUBLEPULSAR (x64) - Hooking 'srv!SrvTransactionNotImplemented' in 'srv!SrvTransaction2DispatchTable'
by Mumbai
ClamAV/ClamBC < 0.103.0-rc - Code Injection via ClamBC Bytecode Function Name Manipulation
ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in the ClamAV engine.
by anonymous
CVSS 8.4
TheJshen ContentManagementSystem 1.04 - SQL Injection
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.
by cakes
CVSS 7.1
By Source