Exploitdb Exploits
49,983 exploits tracked across all sources.
Vbulletin < 5.5.4 - Code Injection
vBulletin through 5.5.4 mishandles custom avatars.
by EgiX
CVSS 9.8
Intelliants Subrion - XSS
Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue.
by Creatigon
CVSS 5.4
Joomla! 3.4.6 - 'configuration.php' Remote Code Execution
by Alessandro Groppo
IBM Bigfix Platform < 9.5.11 - Unrestricted File Upload
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
by Jakub Palaczynski
CVSS 9.0
LabCollector 5.423 - SQL Injection
LabCollector 5.423 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through POST parameters. Attackers can submit crafted SQL payloads in the login parameter of login.php or the user_name parameter of retrieve_password.php to extract sensitive database information without authentication.
by Carlos Avila
CVSS 7.5
Android Binder Use-After-Free Exploit
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
by Google Security Research
CVSS 7.8
Anchor < 0.12.7 - Information Disclosure
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
by Tijme Gommers
CVSS 9.8
Linuxmint Mintinstall - Insecure Deserialization
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports.
by İbrahim Hakan Şeker
CVSS 7.8
Microsoft Server Message Block < 4.0e - Improper Input Validation
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
by Metasploit
CVSS 8.1
DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH)
by Xavi Beltran
DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH)
by Xavi Beltran
Dnnsoftware Dotnetnuke < 9.4.0 - XSS
Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting.
by MaYaSeVeN
CVSS 6.1
WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads
by Google Security Research
WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment
by Google Security Research
WebKit - Universal XSS Using Cached Pages
by Google Security Research
WebKit - Universal XSS in WebCore::command
by Google Security Research
thesystem 1.0 - Command Injection
thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the run_command endpoint. Attackers can send POST requests with shell commands in the command parameter to execute arbitrary code on the server without authentication.
by Sadik Cetin
CVSS 9.8
thesystem 1.0 - XSS
thesystem version 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple server data input fields. Attackers can submit crafted script payloads in operating_system, system_owner, system_username, system_password, system_description, and server_name parameters to execute arbitrary JavaScript in victim browsers.
by Anıl Baran Yelken
CVSS 6.4
Reputeinfosystems Arforms - Path Traversal
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname.
by Ahmad Almorabea
CVSS 7.5
vBulletin 5.x /ajax/render/widget_tabbedcontainer_tab_panel PHP remote code execution.
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
by r00tpgp
CVSS 9.8
By Source