Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-8690 EXPLOITDB MEDIUM text VERIFIED
iCloud < 7.13 - Universal Cross-Site Scripting via Malicious Web Content
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
by Google Security Research
CVSS 6.1
CVE-2019-15107 EXPLOITDB CRITICAL ruby VERIFIED
Webmin <= 1.920 - OS Command Injection via password_change.cgi Old Parameter
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
by AkkuS
CVSS 9.8
CVE-2019-13623 EXPLOITDB HIGH python VERIFIED
NSA Ghidra < 9.1 - Path Traversal and Arbitrary File Write via Archive Filename
In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.
by Etienne Lacoche
CVSS 7.8
EIP-2026-102639 EXPLOITDB c VERIFIED
Linux - Use-After-Free Reads in show_numa_stats()
by Google Security Research
CVE-2018-0296 EXPLOITDB HIGH ruby
Cisco ASA & FTD - Unauthenticated DoS & Info Disclosure via HTTP URL
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
by Angelo Ruwantha
CVSS 7.5
CVE-2019-14696 EXPLOITDB MEDIUM text
Open-School 3.0 and Community Edition 2.3 - Cross-Site Scripting via Guardians Create ID Parameter
Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.
by Greg.Priest
CVSS 6.1
EIP-2026-108761 EXPLOITDB text
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - SQL Injection
by qw3rTyTy
EIP-2026-108760 EXPLOITDB text
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - Arbitrary File Download
by qw3rTyTy
EIP-2026-106340 EXPLOITDB text
Daily Expense Manager 1.0 - Cross-Site Request Forgery (Delete Income)
by Mr Winst0n
CVE-2019-14346 EXPLOITDB HIGH text
Schben Adive 2.0.7 - Cross-Site Request Forgery in Admin Config
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.
by Pablo Santiago
CVSS 8.8
EIP-2026-104715 EXPLOITDB ruby
Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)
by Ege Balci
CVE-2019-14312 EXPLOITDB MEDIUM text
Aptana Jaxer 1.0.3.4547 - Info Disclosure
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
by Steph Jensen
CVSS 6.5
CVE-2019-14348 EXPLOITDB CRITICAL text
BearDev JoomSport <3.3 - SQL Injection
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.
by Pablo Santiago
CVSS 9.8
EIP-2026-103494 EXPLOITDB html VERIFIED
Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability
by Google Security Research
CVE-2019-25480 EXPLOITDB HIGH python
ARMBot - Unauthenticated Arbitrary File Upload and Remote Code Execution via upload.php Path Traversal
ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../public_html/ to write executable code to the web root and achieve remote code execution.
by prsecurity
CVSS 7.5
CVE-2018-1335 EXPLOITDB HIGH ruby VERIFIED
Apache Tika <1.18 - Command Injection
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.
by Metasploit
CVSS 8.1
CVE-2019-8661 EXPLOITDB CRITICAL text VERIFIED
macOS < 10.14.6 - Remote Code Execution via Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.
by Google Security Research
CVSS 9.8
CVE-2025-34030 EXPLOITDB CRITICAL text
sar2html <3.2.2 - Command Injection
An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to the plot parameter (e.g., ?plot=;id) in a crafted GET request. The output of the command is displayed in the application's interface after interacting with the host selection UI. Successful exploitation leads to arbitrary command execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.
by Cemal Cihad ÇİFTÇİ
EIP-2026-111754 EXPLOITDB text
Rest - Cafe and Restaurant Website CMS - 'slug' SQL Injection
by n1x_
CVE-2019-14221 EXPLOITDB MEDIUM text
1CRM On-Premise Software 8.5.7 - XSS
1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.
by Kusol Watchara-Apanukorn
CVSS 5.4
CVE-2019-25440 EXPLOITDB HIGH text
WebIncorp ERP - Unauthenticated SQL Injection via prod_id Parameter
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. Attackers can send GET requests to product_detail.php with malicious prod_id values to extract sensitive database information.
by n1x_
CVSS 8.2
CVE-2019-14427 EXPLOITDB MEDIUM text
WEB STUDIO Ultimate Loan Manager 2.0 - XSS
XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.
by Metin Yunus Kandemir
CVSS 6.1
CVE-2019-13069 EXPLOITDB HIGH ruby
extenua SilverSHielD 6.x < 6.1.14.144 - Local Privilege Escalation via ProgramData Folder Manipulation
extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service.
by Ian Bredemeyer
CVSS 7.8
EIP-2026-101586 EXPLOITDB html
Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery
by Alperen Soydan
CVE-2019-2861 EXPLOITDB MEDIUM text VERIFIED
Oracle Hyperion Planning 11.1.2.4 - XML External Entity Injection
Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion Planning. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hyperion Planning accessible data. CVSS 3.0 Base Score 4.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N).
by Lucas Dinucci
CVSS 4.2