Exploitdb Exploits

49,989 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114162 EXPLOITDB text
WordPress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation
by Noman Riffat
CVE-2018-20526 EXPLOITDB CRITICAL text
Roxyfileman Roxy Fileman - Unrestricted File Upload
Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.
by Pongtorn Angsuchotmetee_ Vittawat Masaree
CVSS 9.8
CVE-2019-3501 EXPLOITDB MEDIUM text
Ougc Awards < 1.8.19 - XSS
The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile.
by 0xB9
CVSS 4.8
CVE-2018-17997 EXPLOITDB MEDIUM text
Layerbb - XSS
LayerBB 1.1.1 allows XSS via the titles of conversations (PMs).
by 0xB9
CVSS 6.1
EIP-2026-106849 EXPLOITDB text VERIFIED
Embed Video Scripts - Persistent Cross-Site Scripting
by Deyaa Muhammad
EIP-2026-105100 EXPLOITDB text VERIFIED
All in One Video Downloader 1.2 - (Authenticated) SQL Injection
by Deyaa Muhammad
CVE-2014-5395 EXPLOITDB python
Huawei E5180s-22 Firmware - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users for requests that (1) modify configurations, (2) send SMS messages, or have other unspecified impact via unknown vectors.
by Nathu Nandwani
CVE-2018-20326 EXPLOITDB MEDIUM text
ChinaMobile PLC Wireless Router - XSS
ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter.
by Kumar Saurav
CVSS 6.1
CVE-2018-18955 EXPLOITDB HIGH bash
Linux Nested User Namespace idmap Limit Local Privilege Escalation
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by reading /etc/shadow. This occurs because an ID transformation takes place properly for the namespaced-to-kernel direction but not for the kernel-to-namespaced direction.
by bcoles
CVSS 7.0
CVE-2018-18955 EXPLOITDB HIGH bash
Linux Nested User Namespace idmap Limit Local Privilege Escalation
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by reading /etc/shadow. This occurs because an ID transformation takes place properly for the namespaced-to-kernel direction but not for the kernel-to-namespaced direction.
by bcoles
CVSS 7.0
EIP-2026-119603 EXPLOITDB python
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)
by Luis Martínez
EIP-2026-119602 EXPLOITDB python
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)
by Luis Martínez
EIP-2026-119600 EXPLOITDB python
NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)
by Luis Martínez
EIP-2026-119599 EXPLOITDB python
NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)
by Luis Martínez
EIP-2026-119587 EXPLOITDB python
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
by Achilles
EIP-2026-119586 EXPLOITDB python
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
by Achilles
CVE-2017-15222 EXPLOITDB CRITICAL python
Nftp < 2.0 - Buffer Overflow
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
by Uday Mittal
CVSS 9.8
EIP-2026-117543 EXPLOITDB text
Microsoft Windows - Windows Error Reporting Local Privilege Escalation
by SandboxEscaper
EIP-2026-113533 EXPLOITDB text
WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection
by Kaimi
CVE-2019-5009 EXPLOITDB HIGH python
Vtiger CRM 7.1.0 - Code Injection
Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.
by AkkuS
CVSS 7.2
CVE-2018-20448 EXPLOITDB MEDIUM text
Frog Cms - XSS
Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI.
by WangDudu
CVSS 5.4
CVE-2018-4441 EXPLOITDB HIGH javascript VERIFIED
Apple Safari < 12.0.2 - Memory Corruption
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
by Google Security Research
CVSS 8.8
CVE-2018-4443 EXPLOITDB HIGH html VERIFIED
Apple Safari < 12.0.2 - Memory Corruption
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
by Google Security Research
CVSS 8.8
EIP-2026-103136 EXPLOITDB ruby VERIFIED
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
by Metasploit
EIP-2026-103135 EXPLOITDB ruby VERIFIED
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
by Metasploit
By Source
All 49,989 Writeup 59,917 Exploitdb 49,989 Nomisec 21,538 Metasploit 3,218 Github 2,548 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,930 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24