Exploitdb Exploits
49,983 exploits tracked across all sources.
Outlook Password Recovery 2.10 - Buffer Overflow
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to trigger a denial of service condition.
by Velayutham Selvaraj_ Praveen Thiyagarayam
CVSS 6.2
Jobberbase - SQL Injection
Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endpoint.
by Suvadip Kar
CVSS 9.8
Sqlitemanager - SQL Injection
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued.
by Rafael Pedrero
CVSS 9.8
Tableau Server < 10.5.18 - XXE
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.
by Jarad Kopf
CVSS 8.1
Lsoft Listserv < 16.5-2018a - XSS
Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter.
by MTK
CVSS 6.1
Windows - Privilege Escalation
An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.
To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.
The security update addresses the vulnerability by preventing sandboxed processes from creating reparse points targeting inaccessible files.
by Google Security Research
CVSS 7.9
cosenary Instagram-PHP-API <4.9.32 - XSS
cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php error_description parameter.
by Damian Ebelties
CVSS 6.1
Webtoffee WordPress Users & WooCommerce Customers Import Export <1....
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.
by Javier Olmedo
CVSS 7.3
openITCOCKPIT <3.7.1 - XSS
openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component.
by Julian Rittweger
CVSS 6.1
Exim 4.87 - 4.91 Local Privilege Escalation
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
by Metasploit
CVSS 9.8
Softvelum Nimble Streamer < 3.5.4-9 - Path Traversal
Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server.
by MaYaSeVeN
CVSS 6.5
Nagios XI 5.6.5 - Remote Code Execution / Root Privilege Escalation
by Jak Gibb
Pulse Secure PCS <9.0R3.4 - Info Disclosure
In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .
by Alyssa Herrera
CVSS 10.0
LibreOffice - Code Injection
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
by LoadLow
CVSS 9.8
Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities
by Pedro Ribeiro
WordPress Plugin Add Mime Types 2.2.1 - Cross-Site Request Forgery
by Princy Edward
libslirp 4.0.0 - Buffer Overflow
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
by vishnudevtj
CVSS 8.8
RAR Password Recovery 1.80 - Buffer Overflow
RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration Code field to trigger an application crash.
by Achilles
CVSS 6.2
Kimai 2 - XSS
Kimai 2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into timesheet descriptions. Attackers can insert SVG-based XSS payloads in the description field to execute arbitrary JavaScript when the page is loaded and viewed by other users.
by osamaalaa
CVSS 6.4
YouPHPTube <7.2 - SQL Injection
plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection.
by Fabian Mosch
CVSS 5.3
UltimateKode Neo Billing <3.5 - XSS
Cross Site Scripting (XSS) vulnerability in UltimateKode Neo Billing - Accounting, Invoicing And CRM Software up to version 3.5 which allows remote attackers to inject arbitrary web script or HTML.
by n1x_
CVSS 5.4
Webmin < 1.920 - OS Command Injection
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
by Fernando A. Lagos B
CVSS 9.8
Fortinet Fortiproxy < 1.2.9 - Path Traversal
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
by Carlos E. Vieira
CVSS 9.1
Fortinet Fortiproxy < 1.2.9 - Path Traversal
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
by Carlos E. Vieira
CVSS 9.1
GetGo Download Manager 6.2.2.3300 - Buffer Overflow
GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make it unavailable.
by Malav Vyas
CVSS 7.5
By Source