Exploitdb Exploits
49,989 exploits tracked across all sources.
WebDrive 18.00.5057 Denial of Service via Secure WebDAV
WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV connection setup. Attackers can input a buffer-overflow payload of 5000 bytes in the username parameter and trigger a connection test to cause the application to crash.
by Victor Mondragón
CVSS 6.2
Artha - Memory Corruption
Artha ~ The Open Thesaurus 1.0.3.0 has a Buffer Overflow.
by Ihsan Sencan
CVSS 7.5
Arm Whois 3.11 - Denial of Service (PoC)
by Yair Rodríguez Aparicio
SmartFTP Client 9.0.2615.0 Denial of Service via Host Field
SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash.
by Victor Mondragón
CVSS 6.2
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
by Jakub Palaczynski
Microstrategy Web - XSS
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.
by Rafael Pedrero
CVSS 6.1
Microstrategy Web - XSS
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product.
by Rafael Pedrero
CVSS 6.1
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
by Charles Truscott
Any Sound Recorder 2.93 - Buffer Overflow Local (SEH) (Metasploit)
by d3ckx1
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)
by Yair Rodríguez Aparicio
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
by Ihsan Sencan
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
by Ihsan Sencan
South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection
by Ihsan Sencan
phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection
by Boumediene KADDOUR
CI User Login and Management 1.0 - Arbitrary File Upload
by Ihsan Sencan
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection
by Ihsan Sencan
xorg-x11-server <1.20.3 - Privilege Escalation
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
by Marco Ivaldi
CVSS 6.6
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
by Adam Brown
By Source