Exploitdb Exploits

50,083 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-25379 EXPLOITDB HIGH text
Smoothwall Express 3.1-SP4 XSS via urlfilter.cgi REDIRECT_PAGE/CHILDREN
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilter.cgi endpoint that allow attackers to inject malicious scripts. Attackers can submit POST requests with script payloads in the REDIRECT_PAGE or CHILDREN parameters to execute arbitrary JavaScript in user browsers.
by Ozer Goker
CVSS 7.2
CVE-2019-25378 EXPLOITDB MEDIUM text
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Stored and Reflected Cross-Site Scripting via proxy.cgi Parameters
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple cross-site scripting vulnerabilities in the proxy.cgi endpoint that allow attackers to inject malicious scripts through parameters including CACHE_SIZE, MAX_SIZE, MIN_SIZE, MAX_OUTGOING_SIZE, and MAX_INCOMING_SIZE. Attackers can submit POST requests with script payloads to store or reflect arbitrary JavaScript code that executes in users' browsers when the proxy configuration page is accessed.
by Ozer Goker
CVSS 6.1
CVE-2018-14724 EXPLOITDB MEDIUM text
MyBB Ban List Plugin 1.0 - Stored Cross-Site Scripting via Ban Reason Field
In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.
by 0xB9
CVSS 5.4
EIP-2026-117348 EXPLOITDB python
IP-Tools 2.5 - 'Log to file' Local Buffer Overflow (SEH) (Egghunter)
by Juan Prescotto
EIP-2026-117347 EXPLOITDB python
IP-Tools 2.5 - 'Log to file' Local Buffer Overflow (SEH) (Egghunter)
by Juan Prescotto
EIP-2026-116853 EXPLOITDB python
Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure
by Nathu Nandwani
EIP-2026-115319 EXPLOITDB python
FutureDj Pro 1.7.2.0 - Denial of Service
by Achilles
EIP-2026-115318 EXPLOITDB python
FutureDj Pro 1.7.2.0 - Denial of Service
by Achilles
EIP-2026-113314 EXPLOITDB text
Webiness Inventory 2.3 - 'email' SQL Injection
by Mehmet EMIROGLU
CVE-2018-14933 EXPLOITDB CRITICAL ruby VERIFIED
NUUO NVRmini Firmware - Remote Command Execution via uploaddir Parameter
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
by Metasploit
CVSS 9.8
CVE-2016-4117 EXPLOITDB CRITICAL ruby VERIFIED
Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
by Metasploit
CVSS 9.8
CVE-2019-6545 EXPLOITDB HIGH python
AVEVA Software, LLC InduSoft Web Studio <8.1 SP3 & InTouch Edge HMI...
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server machine.
by Jacob Baines
CVSS 7.5
CVE-2019-7646 EXPLOITDB MEDIUM text
CentOS-WebPanel.com <0.9.8.763 - XSS
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.763 is vulnerable to Stored/Persistent XSS for the "Package Name" field via the add_package module parameter.
by DKM
CVSS 4.8
CVE-2017-1000083 EXPLOITDB HIGH ruby VERIFIED
Evince CBT File Command Injection
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
by Metasploit
CVSS 7.8
EIP-2026-101610 EXPLOITDB html
Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset
by Adithyan AK
CVE-2019-9599 EXPLOITDB HIGH bash
AirDroid < 4.2.1.6 - Denial of Service via sdctl/comm/lite_auth Requests
The AirDroid application through 4.2.1.6 for Android allows remote attackers to cause a denial of service (service crash) via many simultaneous sdctl/comm/lite_auth/ requests.
by s4vitar
CVSS 7.5
CVE-2019-25497 EXPLOITDB HIGH text
osCommerce < 2.3.4.1 - Unauthenticated SQL Injection via Currency Parameter
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the currency parameter. Attackers can send GET requests to shopping_cart.php with malicious currency values using boolean-based SQL injection payloads to extract sensitive database information.
by Mehmet EMIROGLU
CVSS 8.2
CVE-2019-25496 EXPLOITDB HIGH text
osCommerce 2.3.4.1 - Unauthenticated SQL Injection via products_id Parameter
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the products_id parameter. Attackers can modify the products_id value in product_info.php requests and append boolean-based SQL injection payloads to extract sensitive database information.
by Mehmet EMIROGLU
CVSS 8.2
CVE-2019-25495 EXPLOITDB HIGH text
osCommerce 2.3.4.1 - Unauthenticated SQL Injection via reviews_id Parameter
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews_id parameter. Attackers can send GET requests to product_reviews_write.php with malicious reviews_id values using boolean-based SQL injection payloads to extract sensitive database information.
by Mehmet EMIROGLU
CVSS 8.2
EIP-2026-117859 EXPLOITDB python
River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)
by Matteo Malvica
EIP-2026-117858 EXPLOITDB python
River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)
by Matteo Malvica
EIP-2026-103651 EXPLOITDB text VERIFIED
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows
by Google Security Research
CVE-2019-25655 EXPLOITDB MEDIUM python
Device Monitoring Studio 8.10.00.8925 Denial of Service
Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing repeated characters through the Tools menu Connect to New Server interface.
by Victor Mondragón
CVSS 6.2
CVE-2019-25649 EXPLOITDB MEDIUM python
River Past Audio Converter 7.7.16 Local Buffer Overflow DoS
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a large payload of repeated characters into the 'E-Mail and Activation Code' field and click 'Activate' to trigger a denial of service condition.
by Achilles
CVSS 5.5
CVE-2019-25250 EXPLOITDB MEDIUM text
Devolo dLAN 500 AV Wireless+ <3.1.0-1 - CSRF
Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that trigger unauthorized configuration changes by exploiting predictable URL actions when a logged-in user visits the site.
by sm
CVSS 5.3