Exploitdb Exploits
50,091 exploits tracked across all sources.
Media File Manager 1.4.2 - Directory Listing via Path Traversal in dir Parameter
The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
by Pasquale Turi
CVSS 5.3
TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration File Disclosure)
by Wadeek
D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery
by hyp3rlinx
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass)
by Tenable NS
PlayJoom 0.10.1 - Unauthenticated SQL Injection via catid Parameter
PlayJoom 0.10.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. Attackers can send GET requests to index.php with option=com_playjoom&view=genre&catid=[SQL] to extract sensitive database information including usernames, databases, and version details.
by Ihsan Sencan
CVSS 8.2
OpenSLP 2.0 - Buffer Overflow in SLPFoldWhiteSpace
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
by Magnus Klaaborg Stubman
CVSS 9.8
Arm Whois 3.11 - Stack-based Buffer Overflow via Oversized IP/Domain Input
Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception handler and gain command execution when the application processes the input.
by Semen Alexandrovich Lyhin
CVSS 9.8
OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter
OpenBiz Cubi Lite 3.0.8 contains a SQL injection vulnerability in the login form that allows unauthenticated attackers to manipulate database queries through the username parameter. Attackers can submit POST requests to /bin/controller.php with malicious SQL code in the username field to extract sensitive database information or bypass authentication.
by AkkuS
CVSS 8.2
OOP CMS BLOG 1.0 - Unauthenticated Cross-Site Request Forgery via addUser.php
OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by crafting malicious POST requests. Attackers can submit forms to the addUser.php endpoint with parameters including userName, password, email, and role set to administrative privileges to gain unauthorized access.
by Ihsan Sencan
CVSS 5.3
OOP CMS BLOG 1.0 - Unauthenticated SQL Injection via Search Parameter
OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id parameter in posts.php to extract database information including table names, schema names, and database credentials.
by Ihsan Sencan
CVSS 8.2
eToolz 3.4.8.0 - Denial of Service via Oversized Input Buffer
eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application.
by Ihsan Sencan
CVSS 6.2
VSAXESS V2.6.2.70 build20171226_053 - 'organization' Denial of Service (PoC)
by Diego Santamaria
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
by Metasploit
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
by Metasploit
LibreHealth 2.0.0 - (Authenticated) Arbitrary File Actions
by Carlos Avila
Grocery crud 1.6.1 - 'search_field' SQL Injection
by Loading Kura Kura
CMS Made Simple < 2.2.7 - Authenticated Remote Code Execution via Module Import XML Package
In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.
by Lucian Ioan Nitescu
CVSS 7.2
Blueimp jQuery-File-Upload <=9.22.0 - File Upload
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
by Metasploit
CVSS 9.8
iPhone OS < 12.1 - Memory Corruption via Improved Input Validation
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.
by Google Security Research
CVSS 7.5
iPhone OS < 12.1 - Memory Corruption via Improved Input Validation
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.
by Google Security Research
CVSS 9.8
libiec61850 1.3 - Stack-based Buffer Overflow in prepareGooseBuffer
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
by Dhiraj Mishra
CVSS 9.8
iPhone OS < 12.1 and watchOS < 5.1 - Memory Corruption
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.
by Google Security Research
CVSS 7.8
By Source