Exploitdb Exploits

50,091 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-25752 EXPLOITDB HIGH text
Joomla! Component J-BusinessDirectory 4.9.7 SQL Injection
Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type parameter. Attackers can send GET requests to index.php with the option=com_jbusinessdirectory&task=categories.getCategories parameters and inject UNION-based SQL statements in the type parameter to extract database information including schema names and sensitive data.
by Ihsan Sencan
CVSS 8.2
CVE-2019-25751 EXPLOITDB HIGH text
Joomla J-ClassifiedsManager 3.0.5 SQL Injection
Joomla Component J-ClassifiedsManager 3.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can submit crafted SQL payloads in the categorySearch, adType, and citySearch parameters to the displayads component to extract sensitive database information including usernames, databases, and version details.
by Ihsan Sencan
CVSS 8.2
CVE-2019-25750 EXPLOITDB HIGH text
Joomla J-MultipleHotelReservation 6.0.7 SQL Injection
Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hotel_id parameter. Attackers can send POST requests to the search-hotels endpoint with crafted SQL UNION SELECT statements to extract sensitive database information including table names and column data.
by Ihsan Sencan
CVSS 8.2
CVE-2018-15708 EXPLOITDB CRITICAL python
Nagios XI Magpie_debug.php Root Remote Code Execution
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP request.
by Chris Lyne
CVSS 9.8
EIP-2026-117562 EXPLOITDB text VERIFIED
Microsoft Windows CONTACT - HTML Injection / Remote Code Execution
by hyp3rlinx
CVE-2018-15710 EXPLOITDB HIGH python
Nagios XI 5.5.6 - Authenticated Privilege Escalation via Autodiscover_new.php
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.
by Chris Lyne
CVSS 7.8
CVE-2019-25760 EXPLOITDB MEDIUM text
Joomla! Component Easy Shop 1.2.3 Local File Inclusion
Joomla! Component Easy Shop 1.2.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by supplying base64-encoded file paths. Attackers can send GET requests to index.php with the option parameter set to com_easyshop, task set to ajax.loadImage, and a base64-encoded file path in the file parameter to retrieve sensitive files like configuration.php and system files.
by Ihsan Sencan
CVSS 6.2
EIP-2026-118890 EXPLOITDB text
Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution
by Eduardo Braun Prado
EIP-2026-118372 EXPLOITDB python
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
by T3jv1l
EIP-2026-118371 EXPLOITDB python
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
by T3jv1l
CVE-2019-25705 EXPLOITDB HIGH python
Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries and paste it into the action field through the Rules dialog to trigger the overflow and overwrite the return address.
by InitD Community
CVSS 8.4
CVE-2018-25257 EXPLOITDB HIGH text
Adianti Framework 5.5.0 and 5.6.0 SQL Injection via Profile
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to modify user credentials and gain administrative access.
by Joner de Mello Assolin
CVSS 7.1
CVE-2019-25576 EXPLOITDB HIGH text VERIFIED
Kepler Wallpaper Script 1.1 SQL Injection via category
Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to extract database information including usernames, database names, and MySQL version details.
by Ihsan Sencan
CVSS 8.2
EIP-2026-111739 EXPLOITDB text VERIFIED
Reservic 1.0 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-110777 EXPLOITDB text
PHP Uber-style GeoTracking 1.1 - SQL Injection
by Ihsan Sencan
EIP-2026-110682 EXPLOITDB text
PHP Dashboards NEW 5.8 - Local File Inclusion
by Ihsan Sencan
EIP-2026-110681 EXPLOITDB text VERIFIED
PHP Dashboards NEW 5.8 - 'dashID' SQL Injection
by Ihsan Sencan
EIP-2026-109554 EXPLOITDB text VERIFIED
MoneyFlux 1.0 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-106068 EXPLOITDB text VERIFIED
Coman 1.0 - 'id' SQL Injection
by Ihsan Sencan
CVE-2019-6498 EXPLOITDB HIGH ruby
GattLib 0.2 - Stack-Based Buffer Over-Read in gattlib_connect
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
by Dhiraj Mishra
CVSS 8.8
CVE-2018-11508 EXPLOITDB MEDIUM c
Linux Kernel < 4.16.9 - Unauthorized Memory Read via adjtimex
The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.
by wally0813
CVSS 5.5
CVE-2018-25245 EXPLOITDB HIGH python
7 Tik 1.0.1.0 Denial of Service via Search
7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash.
by 0xB9
CVSS 7.5
CVE-2018-25244 EXPLOITDB MEDIUM python
Eco Search 1.0.2.0 Denial of Service
Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiating a search operation.
by 0xB9
CVSS 6.2
CVE-2018-25243 EXPLOITDB MEDIUM python
FastTube 1.0.1.0 Denial of Service via Search
FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the search operation is executed.
by 0xB9
CVSS 6.2
CVE-2018-25242 EXPLOITDB MEDIUM python
One Search 1.1.0.0 Denial of Service
One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception that crashes the application.
by 0xB9
CVSS 6.2