Exploitdb Exploits
50,091 exploits tracked across all sources.
Yeswiki Cercopitheque < 2018-06-19-1 - SQL Injection via Bazar Page ID Parameter
SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.
by Mickael BROUTY
CVSS 9.8
Rukovoditel 2.3.1 - Authenticated Remote Code Execution via Malicious Background Image Upload
A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed case, such as the .pHp extension.
by AkkuS
CVSS 8.8
Artica Integria IMS 5.0.83 - Cross-Site Request Forgery in User List Management
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
by Javier Olmedo
CVSS 6.5
Artica Integria IMS 5.0.83 - Cross-Site Scripting via search_string Parameter
Artica Integria IMS 5.0.83 has XSS via the search_string parameter.
by Javier Olmedo
CVSS 6.1
Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)
by Sainadh Jamalpur
Bolt CMS < 3.6.2 - Stored Cross-Site Scripting via Title Field Preview
Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.
by Raif Berkay Dincel
CVSS 6.1
IBM Operational Decision Manager 8.6.0.0-8.6.0.2 - XML External Entity Injection
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170.
by Mohamed M.Fouad
CVSS 7.1
SUSE Linux Enterprise - Information Disclosure via Netlink Message
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
by Jinbum Park
CVSS 3.3
AnyBurn 4.3 Denial of Service Local Buffer Overflow
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image' operation to trigger a denial of service condition.
by Achilles
CVSS 6.2
Excel Password Recovery Professional 8.2.0.0 Local Buffer Overflow DoS
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail and Registrations Code' field. Attackers can paste a crafted payload containing 5000 bytes of data into the registration field to trigger a crash when the Register button is clicked.
by Achilles
CVSS 5.5
MegaPing Local Buffer Overflow Denial of Service
MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger function. Attackers can paste a crafted buffer exceeding expected input limits into the vulnerable field and trigger the Start button to cause a denial of service crash.
by Achilles
CVSS 6.2
Nsauditor 3.0.28.0 Local SEH Buffer Overflow
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
by Achilles
CVSS 8.4
minishare < 1.4.1 - Remote Code Execution via Long HTTP HEAD Request
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued.
by Rafael Pedrero
CVSS 9.8
SDL Web Content Manager 8.5.0 - XML External Entity Injection via SaveUserSettings Service
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.
by Ahmed Elhady Mohamed
CVSS 6.5
minishare < 1.4.1 - Remote Code Execution via Long HTTP POST Request
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued.
by Rafael Pedrero
CVSS 9.8
Internet Explorer < - Memory Corruption
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
by Google Security Research
CVSS 7.5
phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read
by VulnSpy
UltraISO 9.7.1.3519 Buffer Overflow via Output FileName
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash.
by Francisco Ramirez
CVSS 6.2
Angry IP Scanner 3.5.3 Denial of Service via Preferences Buffer Overflow
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailable value field in the display preferences to trigger a denial of service.
by Fernando Cruz
CVSS 6.2
Safari < 11.1.1 - Remote Code Execution via WebKit Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Metasploit
CVSS 8.8
tecrail Responsive FileManager 9.13.4 - Path Traversal via Path Parameter
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php.
by Fariskhi Vidyan
CVSS 7.5
tecrail Responsive FileManager 9.13.4 - Path Traversal and Arbitrary File Write via Image Save Action
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php.
by Fariskhi Vidyan
CVSS 7.5
tecrail Responsive FileManager 9.13.4 - Path Traversal and Arbitrary File Write via paths[0] Bypass
tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php.
by Fariskhi Vidyan
CVSS 7.5
tecrail Responsive FileManager 9.13.4 - Path Traversal via Path Parameter in get_file Action
tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php.
by Fariskhi Vidyan
CVSS 7.5
By Source