Exploitdb Exploits

49,983 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-11080 EXPLOITDB HIGH text
Sitecore Experience Platform < 9.1.1 - Insecure Deserialization
Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via deserialization, aka TFS # 293863. An authenticated user with necessary permissions is able to remotely execute OS commands by sending a crafted serialized object.
by Jarad Kopf
CVSS 8.8
EIP-2026-107317 EXPLOITDB python
FusionPBX 4.4.3 - Remote Command Execution
by Dustin Cobb
CVE-2019-12788 EXPLOITDB HIGH python
Photodex Proshow Producer - Out-of-Bounds Write
An issue was discovered in Photodex ProShow Producer v9.0.3797 (an application that runs with Administrator privileges). It is possible to perform a buffer overflow via a crafted file.
by Yonatan_Correa
CVSS 7.8
EIP-2026-113834 EXPLOITDB text
WordPress Plugin Insert or Embed Articulate Content into WordPress - Remote Code Execution
by xulchibalraa
CVE-2019-12616 EXPLOITDB MEDIUM text
Phpmyadmin < 4.9.0 - CSRF
An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim.
by Riemann
CVSS 6.5
CVE-2019-12840 EXPLOITDB HIGH ruby VERIFIED
Webmin < 1.910 - OS Command Injection
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
by AkkuS
CVSS 8.8
CVE-2019-6588 EXPLOITDB MEDIUM text
Liferay Portal < 6.0.6 - XSS
In Liferay Portal before 7.1 CE GA4, an XSS vulnerability exists in the SimpleCaptcha API when custom code passes unsanitized input into the "url" parameter of the JSP taglib call <liferay-ui:captcha url="<%= url %>" /> or <liferay-captcha:captcha url="<%= url %>" />. Liferay Portal out-of-the-box behavior with no customizations is not vulnerable.
by Valerio Brussani
CVSS 4.7
CVE-2019-11398 EXPLOITDB MEDIUM text
UliCMS 2019.2-2019.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon.
by Unk9vvN
CVSS 6.1
EIP-2026-103025 EXPLOITDB bash
Ubuntu 18.04 - 'lxd' Privilege Escalation
by s4vitar
CVE-2019-0841 EXPLOITDB HIGH text
Windows AppX Deployment Service - Privilege Escalation
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
by SandboxEscaper
CVSS 7.8
CVE-2017-4905 EXPLOITDB MEDIUM
VMware ESXi <6.5-8.5.6 - Info Disclosure
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.
by unamer
CVSS 5.5
CVE-2019-12477 EXPLOITDB MEDIUM text
Supra Smart Cloud TV Remote File Inclusion
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
by Dhiraj Mishra
CVSS 5.5
CVE-2019-8352 EXPLOITDB CRITICAL ruby VERIFIED
BMC Patrol Agent < 11.3.01 - Hard-coded Credentials
By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use them to execute code or escalate privileges on the network.
by Metasploit
CVSS 9.8
EIP-2026-103491 EXPLOITDB html VERIFIED
Google Chrome 73.0.3683.103 - 'WasmMemoryObject::Grow' Use-After-Free
by Google Security Research
CVE-2018-20434 EXPLOITDB CRITICAL ruby VERIFIED
Librenms - OS Command Injection
LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling.
by Metasploit
CVSS 9.8
CVE-2019-10149 EXPLOITDB CRITICAL text
Exim 4.87 - 4.91 Local Privilege Escalation
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
by Qualys Corporation
CVSS 9.8
CVE-2019-9621 EXPLOITDB HIGH python
Zimbra Collaboration Suite <8.6-8.8 - SSRF
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.
by k8gege
CVSS 7.5
CVE-2019-25604 EXPLOITDB HIGH python
DVDXPlayer Pro 5.5 Local Buffer Overflow with SEH
DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges.
by Kevin Randall
CVSS 8.4
CVE-2019-12593 EXPLOITDB HIGH text
Icewarp Mail Server < 10.4.4 - Path Traversal
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
by JameelNabbo
CVSS 7.5
CVE-2019-12735 EXPLOITDB HIGH
Vim < 8.1.1365 - OS Command Injection
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
by Arminius
CVSS 8.6
CVE-2019-12541 EXPLOITDB MEDIUM text
Zohocorp Manageengine Servicedesk Plus - XSS
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter.
by Vingroup
CVSS 6.1
CVE-2019-12538 EXPLOITDB MEDIUM text
Zohocorp Manageengine Servicedesk Plus - XSS
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field.
by Vingroup
CVSS 6.1
CVE-2019-12542 EXPLOITDB MEDIUM text
Zohocorp Manageengine Servicedesk Plus - XSS
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter.
by Vingroup
CVSS 6.1
CVE-2019-12543 EXPLOITDB MEDIUM text
Zohocorp Manageengine Servicedesk Plus - XSS
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter.
by Vingroup
CVSS 6.1
CVE-2018-19864 EXPLOITDB CRITICAL python
NUUO NVRmini2 - Buffer Overflow
NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.
by @0x00string
CVSS 9.8
By Source
All 49,983 Writeup 59,698 Exploitdb 49,983 Nomisec 21,473 Metasploit 3,218 Github 2,525 Vulncheck_xdb 903 Inthewild 514 Gitlab 440 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,912 ruby 5,907 c 3,563 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24