Exploitdb Exploits

49,989 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-8391 EXPLOITDB MEDIUM text
Qdpm - XSS
qdPM 9.1 suffers from Cross-site Scripting (XSS) via configuration?type=[XSS] parameter.
by Mehmet EMIROGLU
CVSS 6.1
CVE-2019-8390 EXPLOITDB MEDIUM text
Qdpm - XSS
qdPM 9.1 suffers from Cross-site Scripting (XSS) in the search[keywords] parameter.
by Mehmet EMIROGLU
CVSS 6.1
CVE-2018-19908 EXPLOITDB HIGH python
MISP <2.4.99 - Command Injection
An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filename of the STIX import.
by Tm9jdGlz
CVSS 8.8
EIP-2026-104160 EXPLOITDB text
Apache CouchDB 2.3.0 - Cross-Site Scripting
by Ozer Goker
CVE-2019-8394 EXPLOITDB MEDIUM text
Zohocorp Manageengine Servicedesk Plus - Unrestricted File Upload
Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.
by Dao Duy Hung
CVSS 6.5
EIP-2026-102333 EXPLOITDB text VERIFIED
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions
by Google Security Research
EIP-2026-102332 EXPLOITDB text VERIFIED
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass
by Google Security Research
EIP-2026-102331 EXPLOITDB text VERIFIED
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process
by Google Security Research
EIP-2026-102330 EXPLOITDB text VERIFIED
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour
by Google Security Research
CVE-2019-8387 EXPLOITDB CRITICAL python
MASTER IPCAMERA01 <3.3.4.2103 - RCE
MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component.
by Raffaele Sabato
CVSS 9.8
CVE-2019-25673 EXPLOITDB HIGH python
UniSharp Laravel File Manager v2.0.0-alpha7 Arbitrary File Upload
UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to Files and execute arbitrary code by accessing the uploaded file through the working directory path.
by Mohammad Danish
CVSS 8.8
CVE-2019-25669 EXPLOITDB HIGH text
qdPM 9.1 SQL Injection via search_by_extrafields Parameter
qdPM 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the search_by_extrafields[] parameter. Attackers can send POST requests to the users endpoint with malicious search_by_extrafields[] values to trigger SQL syntax errors and extract database information.
by Mehmet EMIROGLU
CVSS 8.2
CVE-2018-25238 EXPLOITDB MEDIUM python
VSCO 1.1.1.0 Denial of Service via Search
VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.
by 0xB9
CVSS 6.2
CVE-2018-25230 EXPLOITDB MEDIUM python
Free IP Switcher 3.1 Denial of Service via Computer Name
Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Attackers can paste a malicious payload into the Computer Name input field and click Activate to trigger a denial of service condition that crashes the application.
by Victor Mondragón
CVSS 5.5
CVE-2019-25653 EXPLOITDB MEDIUM python
Navicat for Oracle 12.1.15 Password Field Denial of Service
Navicat for Oracle 12.1.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer of 550 repeated characters into the password parameter during Oracle connection configuration to trigger an application crash.
by Victor Mondragón
CVSS 6.2
CVE-2019-8341 EXPLOITDB CRITICAL python
Pocoo Jinja2 - Code Injection
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing
by JameelNabbo
CVSS 9.8
CVE-2018-14575 EXPLOITDB HIGH text
Trash Bin plugin 1.1.3 for MyBB - XSS/CSRF
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.
by 0xB9
CVSS 8.8
CVE-2019-6974 EXPLOITDB HIGH text VERIFIED
Linux kernel <4.20.8 - Use After Free
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
by Google Security Research
CVSS 8.1
CVE-2019-9831 EXPLOITDB HIGH python VERIFIED
AirMore <1.6.1 - DoS
The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests.
by s4vitar
CVSS 7.5
CVE-2019-25654 EXPLOITDB HIGH python
Core FTP/SFTP Server 1.2 Denial of Service via Buffer Overflow
Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Attackers can paste a malicious payload containing 7000 bytes of data into the domain configuration to trigger an application crash and deny service.
by Victor Mondragón
CVSS 7.5
CVE-2019-25571 EXPLOITDB MEDIUM python
MediaMonkey 4.1.23 Denial of Service via Malformed URL
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a URL, which causes the application to crash when the file is opened through the File > Open URL dialog.
by Alejandra Sánchez
CVSS 6.2
EIP-2026-117145 EXPLOITDB text
exacqVision ESM 5.12.2 - Privilege Escalation
by bzyo
CVE-2018-20556 EXPLOITDB HIGH text
Booking Calendar - SQL Injection
SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.
by B0UG
CVSS 8.8
CVE-2018-17996 EXPLOITDB MEDIUM text
Layerbb - CSRF
LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
by 0xB9
CVSS 6.5
CVE-2018-20009 EXPLOITDB MEDIUM text VERIFIED
DomainMOD 4.11.01 - XSS
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field.
by Mohammed Abdul Raheem
CVSS 4.8
By Source
All 49,989 Writeup 59,870 Exploitdb 49,989 Nomisec 21,514 Metasploit 3,218 Github 2,540 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,922 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24