Exploitdb Exploits

50,091 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108076 EXPLOITDB text
Jelastic 5.4 - 'host' SQL Injection
by Procode701
EIP-2026-107045 EXPLOITDB text
Fantastic Blog CMS 1.0 - 'id' SQL Injection
by Ihsan Sencan
CVE-2018-5407 EXPLOITDB MEDIUM
Ubuntu Linux - Exposure of Sensitive Information via SMT Port Contention Timing Attack
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
by Billy Brumley
CVSS 4.7
CVE-2018-25423 EXPLOITDB MEDIUM python
Arm Whois 3.11 Denial of Service via Buffer Overflow
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition.
by Yair Rodríguez Aparicio
CVSS 6.2
CVE-2018-25233 EXPLOITDB MEDIUM python
WebDrive 18.00.5057 Denial of Service via Secure WebDAV
WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV connection setup. Attackers can input a buffer-overflow payload of 5000 bytes in the username parameter and trigger a connection test to cause the application to crash.
by Victor Mondragón
CVSS 6.2
CVE-2018-18944 EXPLOITDB HIGH python
Artha 1.0.3.0 - Buffer Overflow
Artha ~ The Open Thesaurus 1.0.3.0 has a Buffer Overflow.
by Ihsan Sencan
CVSS 7.5
CVE-2018-25234 EXPLOITDB MEDIUM python
SmartFTP Client 9.0.2615.0 Denial of Service via Host Field
SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash.
by Victor Mondragón
CVSS 6.2
EIP-2026-113799 EXPLOITDB html
WordPress Plugin GoURL.io < 1.4.14 - File Upload
by Pouya Darabi
EIP-2026-109193 EXPLOITDB python
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
by Jakub Palaczynski
CVE-2018-18776 EXPLOITDB MEDIUM text
Microstrategy Web 7 - Cross-Site Scripting via ShowAll Parameter
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.
by Rafael Pedrero
CVSS 6.1
CVE-2018-18775 EXPLOITDB MEDIUM text
Microstrategy Web 7 - Cross-Site Scripting via Login.asp Msg Parameter
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product.
by Rafael Pedrero
CVSS 6.1
EIP-2026-119648 EXPLOITDB python
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
by Charles Truscott
EIP-2026-116786 EXPLOITDB ruby
Any Sound Recorder 2.93 - Buffer Overflow Local (SEH) (Metasploit)
by d3ckx1
EIP-2026-116115 EXPLOITDB python
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)
by Yair Rodríguez Aparicio
EIP-2026-113317 EXPLOITDB text
Webiness Inventory 2.9 - Arbitrary File Upload
by Boumediene KADDOUR
EIP-2026-112904 EXPLOITDB text
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
by Ihsan Sencan
EIP-2026-112903 EXPLOITDB text
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
by Ihsan Sencan
EIP-2026-112359 EXPLOITDB text
South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection
by Ihsan Sencan
EIP-2026-111224 EXPLOITDB text
phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection
by Boumediene KADDOUR
EIP-2026-109958 EXPLOITDB text
Notes Manager 1.0 - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-109711 EXPLOITDB text
MyBB Downloads 2.0.3 - SQL Injection
by Lucian Ioan Nitescu
EIP-2026-107873 EXPLOITDB text
Instagram Clone 1.0 - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-106959 EXPLOITDB text
Expense Management 1.0 - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-106822 EXPLOITDB text
Electricks eCommerce 1.0 - 'prodid' SQL Injection
by Ihsan Sencan
EIP-2026-105850 EXPLOITDB text
CI User Login and Management 1.0 - Arbitrary File Upload
by Ihsan Sencan