Exploitdb Exploits
49,989 exploits tracked across all sources.
Cisco Rv110w Firmware < 1.2.0.9 - Credentials Management
The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
by RySh
Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)
by Manpreet Singh Kheberi
Facebook And Google Reviews System For Businesses 1.1 - SQL Injection
by Ihsan Sencan
Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution
by Ihsan Sencan
Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)
by Veyselxan
Double Your Bitcoin Script Automatic - Authentication Bypass
by Veyselxan
Micro Focus Fortify SSC <18.10 - RCE
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
by alt3kx
CVSS 6.5
Micro Focus Fortify SSC <18.10 - RCE
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
by alt3kx
CVSS 6.5
Safari Proxy Object Type Confusion
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.
by Metasploit
CVSS 8.8
Huawei Hg532e - Path Traversal
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.
by Rebellion
Cisco Rv110w Wireless-n VPN Firewall Firmware - OS Command Injection
The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567.
by RySh
CVSS 7.8
CyberLink LabelPrint 2.5 - RCE
Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in an lpp project file.
by Metasploit
CVSS 7.8
Apple Safari < 12.0.2 - Memory Corruption
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
by Google Security Research
CVSS 8.8
Linux - 'userfaultfd' Bypasses tmpfs File Permissions
by Google Security Research
LanSpy 2.0.1.159 Local Buffer Overflow via Scan Field
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payload with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or potentially achieve code execution.
by Gionathan Reale
CVSS 8.4
ThinkPHP 5.0.23 Remote Code Execution via invokefunction
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system commands with application privileges.
by VulnSpy
CVSS 9.8
McAfee True Key <5.1.230.7 - Privilege Escalation
Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.
by Google Security Research
CVSS 7.8
Mcafee True Key < 5.1.230.7 - Incorrect Permission Assignment
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
by Google Security Research
CVSS 7.2
Juniper Junos - Out-of-Bounds Write
Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S11, 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2.
by Hacker Fantastic
CVSS 7.8
ZTE Zxhn H168n Firmware - Missing Authentication
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access.
by Usman Saeed
CVSS 6.5
HotelDruid HotelDruid <2.3.0 - SQL Injection
HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in "id_utente_mod" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the "id_utente_mod=1" parameter.
by Sainadh Jamalpur
CVSS 9.8
PrinterOn Enterprise 4.1.4 - Info Disclosure
PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion.
by bzyo
CVSS 6.5
PrestaShop <1.6.1.23, <1.7.4.4 - Path Traversal
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.
by Fariskhi Vidyan
CVSS 7.5
Mcafee True Key < 5.1.230.7 - Privilege Escalation
Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
by Google Security Research
CVSS 7.5
SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)
by Alejandra Sánchez
By Source