Exploitdb Exploits
49,989 exploits tracked across all sources.
Artica Integria IMS 5.0.83 - XSS
Artica Integria IMS 5.0.83 has XSS via the search_string parameter.
by Javier Olmedo
CVSS 6.1
Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)
by Sainadh Jamalpur
Bolt CMS <3.6.2 - XSS
Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.
by Raif Berkay Dincel
CVSS 6.1
IBM Operational Decision Manager < 8.6.0.3 - XXE
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170.
by Mohamed M.Fouad
CVSS 7.1
Novell Suse Linux Enterprise Software... - Information Disclosure
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
by Jinbum Park
CVSS 3.3
AnyBurn 4.3 Denial of Service Local Buffer Overflow
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image' operation to trigger a denial of service condition.
by Achilles
CVSS 6.2
Excel Password Recovery Professional 8.2.0.0 Local Buffer Overflow DoS
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail and Registrations Code' field. Attackers can paste a crafted payload containing 5000 bytes of data into the registration field to trigger a crash when the Register button is clicked.
by Achilles
CVSS 5.5
MegaPing Local Buffer Overflow Denial of Service
MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger function. Attackers can paste a crafted buffer exceeding expected input limits into the vulnerable field and trigger the Start button to cause a denial of service crash.
by Achilles
CVSS 6.2
Nsauditor 3.0.28.0 Local SEH Buffer Overflow
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
by Achilles
CVSS 8.4
MiniShare <1.4.1 - RCE
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued.
by Rafael Pedrero
CVSS 9.8
SDL Web 8.5.0 - Info Disclosure
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.
by Ahmed Elhady Mohamed
CVSS 6.5
MiniShare <1.4.1 - RCE
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued.
by Rafael Pedrero
CVSS 9.8
Internet Explorer < - Memory Corruption
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
by Google Security Research
CVSS 7.5
phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read
by VulnSpy
UltraISO 9.7.1.3519 Buffer Overflow via Output FileName
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash.
by Francisco Ramirez
CVSS 6.2
Angry IP Scanner 3.5.3 Denial of Service via Preferences Buffer Overflow
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailable value field in the display preferences to trigger a denial of service.
by Fernando Cruz
CVSS 6.2
Apple Safari < 11.1.1 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Metasploit
CVSS 8.8
Tecrail Responsive Filemanager - Path Traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php.
by Fariskhi Vidyan
CVSS 7.5
Tecrail Responsive Filemanager - Path Traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php.
by Fariskhi Vidyan
CVSS 7.5
Tecrail Responsive Filemanager - Path Traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php.
by Fariskhi Vidyan
CVSS 7.5
Tecrail Responsive Filemanager - Path Traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php.
by Fariskhi Vidyan
CVSS 7.5
Tecrail Responsive Filemanager - XSS
tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action.
by Fariskhi Vidyan
CVSS 6.1
Tecrail Responsive Filemanager - Path Traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php.
by Fariskhi Vidyan
CVSS 7.5
Tecrail Responsive Filemanager - Path Traversal
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php.
by Fariskhi Vidyan
CVSS 7.5
By Source