Exploitdb Exploits
49,992 exploits tracked across all sources.
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)
by Metasploit
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)
by Metasploit
Microsoft Internet Explorer 11 - XML External Entity Injection
by hyp3rlinx
CyberArk Endpoint Privilege Manager <10.2.1.603 - Privilege Escalation
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.
by Alpcan Onaran
CVSS 7.8
ATutor <2.2.4 - Command Injection
An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase (and thus .phP is a bypass), and omits .shtml and .phtml.
by AkkuS
CVSS 8.8
Synacor Zimbra Collaboration Suite <8.7.11p10 - XXE
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.
by Metasploit
CVSS 9.8
FTP Shell Server 6.83 Buffer Overflow via Account Name
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite the return address and execute calc.exe or other commands.
by Dino Covotsos
CVSS 8.4
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
by Dino Covotsos
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
by Dino Covotsos
Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Unauthenticated Remote Code Execution
by Julien Ahrens
Dlink Di-524 Firmware - XSS
On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter.
by Semen Alexandrovich Lyhin
CVSS 4.8
Ashop Shopping Cart - SQL Injection
Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. Attackers can send POST requests to the admin/bannedcustomers.php endpoint with crafted SQL payloads using SLEEP functions to extract sensitive database information.
by Doğukan Karaciğer
CVSS 8.2
Windows AppX Deployment Service - Privilege Escalation
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
by Nabeel Ahmed
CVSS 7.8
Apache Axis < 7.3.5 - SSRF
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
by David Yesland
CVSS 7.5
TP-Link TL-WR940N - Buffer Overflow
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.
by Grzegorz Wypych
CVSS 8.8
River Past Cam Do 3.7.6 Local Buffer Overflow in Activation Code
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and SEH chain overwrite values to trigger code execution when the activation dialog processes the input.
by Chris Au
CVSS 8.4
Download Accelerator Plus DAP 10.0.6.0 SEH Buffer Overflow
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.
by Peyman Forouzan
CVSS 9.8
FlexHEX 2.71 Local Buffer Overflow via SEH Unicode
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow. Attackers can craft a malicious text file with carefully aligned shellcode and SEH chain pointers, paste the contents into the Stream Name dialog, and execute arbitrary commands like calc.exe when the exception handler is triggered.
by Chris Au
CVSS 8.4
Tradebox 5.4 - SQL Injection
Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthly_deposit endpoint with malicious symbol values using boolean-based blind, time-based blind, error-based, or union-based SQL injection techniques to extract sensitive database information.
by Abdullah Çelebi
CVSS 7.1
NCrypted Jobgator - SQL Injection
NCrypted Jobgator contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the experience parameter. Attackers can send POST requests to the agents Find-Jobs endpoint with malicious experience values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 8.2
ShoreTel Connect ONSITE <19.45.1602.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 19.45.1602.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
by Ramikan
CVSS 6.1
ShoreTel Connect ONSITE <19.49.1500.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE before 19.49.1500.0 allows remote attackers to inject arbitrary web script or HTML via the brandUrl parameter.
by Ramikan
CVSS 6.1
WordPress Plugin Limit Login Attempts Reloaded 2.7.4 - Login Limit Bypass
by isdampe
By Source