Exploitdb Exploits

49,983 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-2725 EXPLOITDB CRITICAL python
Oracle Agile Plm < 5.2.36 - Injection
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
by Avinash Kumar Thapa
CVSS 9.8
EIP-2026-118579 EXPLOITDB python
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
by Kevin Randall
EIP-2026-118578 EXPLOITDB python
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
by Kevin Randall
CVE-2019-10123 EXPLOITDB CRITICAL ruby VERIFIED
AIS ESEL-Server 67 - SQL Injection
SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS logistics mobile app) allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the 'sa' user.
by Metasploit
CVSS 9.8
EIP-2026-108725 EXPLOITDB text
Joomla! Component JiFile 2.3.1 - Arbitrary File Download
by Mr Winst0n
EIP-2026-108211 EXPLOITDB text
Joomla! Component ARI Quiz 3.7.4 - SQL Injection
by Mr Winst0n
EIP-2026-107689 EXPLOITDB text
Hyvikk Fleet Manager - Shell Upload
by saxgy1331
CVE-2019-11564 EXPLOITDB MEDIUM text
HumHub 1.3.12 - XSS
A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request.
by Kağan EĞLENCE
CVSS 6.1
EIP-2026-105023 EXPLOITDB text
Agent Tesla Botnet - Information Disclosure
by n4pst3r
CVE-2019-10867 EXPLOITDB HIGH ruby VERIFIED
Pimcore < 5.7.1 - Insecure Deserialization
An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php.
by Metasploit
CVSS 8.8
CVE-2019-10678 EXPLOITDB HIGH python VERIFIED
Domoticz <4.10579 - Info Disclosure
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
by Fabio Carretto
CVSS 7.5
CVE-2019-11599 EXPLOITDB HIGH text VERIFIED
Linux kernel <5.0.10 - Info Disclosure
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.
by Google Security Research
CVSS 7.0
CVE-2019-3799 EXPLOITDB MEDIUM ruby
Vmware Spring Cloud Config < 1.4.6 - Path Traversal
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
by Dhiraj Mishra
CVSS 6.5
EIP-2026-101860 EXPLOITDB bash
Netgear DGN2200 / DGND3700 - Admin Password Disclosure
by Social Engineering Neo
CVE-2019-11416 EXPLOITDB HIGH html
Intelbras IWR 3000N 1.5.0 - CSRF
A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
by Social Engineering Neo
CVSS 8.8
CVE-2019-11415 EXPLOITDB HIGH bash
Intelbras IWR 3000N <1.5.0 - DoS
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.
by Social Engineering Neo
CVSS 7.5
CVE-2019-11569 EXPLOITDB HIGH text
Veeam ONE Reporter <9.5.0.3201 - CSRF
Veeam ONE Reporter 9.5.0.3201 allows CSRF.
by Seyed Sadegh Khatami
CVSS 8.8
CVE-2019-25597 EXPLOITDB MEDIUM python
NSauditor 3.1.2.0 Denial of Service via Community Field
NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function to cause a denial of service condition.
by Victor Mondragón
CVSS 6.2
EIP-2026-115973 EXPLOITDB python
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115972 EXPLOITDB python
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
by Victor Mondragón
CVE-2019-3844 EXPLOITDB HIGH text VERIFIED
Systemd - Privilege Escalation
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
by Google Security Research
CVSS 7.8
CVE-2019-0186 EXPLOITDB MEDIUM text
Apache Pluto < 3.1.0 - XSS
The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) attacks. Mitigation: * Uninstall the ChatRoomDemo war file - or - * migrate to version 3.1.0 of the chat-room-demo war file
by Dhiraj Mishra
CVSS 6.1
CVE-2019-25616 EXPLOITDB MEDIUM python
AnMing MP3 CD Burner 2.0 Local Denial of Service
AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition.
by Achilles
CVSS 6.2
CVE-2019-25615 EXPLOITDB HIGH python
Lavavo CD Ripper 4.20 Local SEH Buffer Overflow
Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump instructions, and SEH handler addresses to trigger code execution and establish a bind shell on port 3110.
by Achilles
CVSS 8.4
CVE-2019-25599 EXPLOITDB MEDIUM python
Backup Key Recovery 2.2.4 Denial of Service via Name Field
Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to trigger a crash when submitting the form.
by Victor Mondragón
CVSS 6.2
By Source
All 49,983 Writeup 59,763 Exploitdb 49,983 Nomisec 21,484 Metasploit 3,218 Github 2,526 Vulncheck_xdb 903 Inthewild 514 Gitlab 440 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,913 ruby 5,907 c 3,563 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24