Exploitdb Exploits
49,989 exploits tracked across all sources.
Phoenix Contact ILC PLCs - Info Disclosure
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
by Photubias
CVSS 7.3
SugarCRM Community Edition 6.5.26 - XSS
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.
by Purplemet Security
CVSS 6.1
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)
by Ihsan Sencan
Dlink Dwr-116 Firmware < 1.06 - Path Traversal
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access.
by Blazej Adamczyk
CVSS 9.8
Dlink Dwr-116 Firmware < 1.06 - Path Traversal
Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary files via a /.. or // after "GET /uir" in an HTTP request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-6190.
by Blazej Adamczyk
CVSS 7.5
Dlink Dwr-116 Firmware < 1.06 - OS Command Injection
An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. An authenticated attacker may execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.
by Blazej Adamczyk
CVSS 8.8
Wago 750-362 Firmware < 05 - XSS
WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field.
by SecuNinja
CVSS 6.1
Microsoft SQL Server Management Studio <18 - Info Disclosure
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8527, CVE-2018-8532.
by hyp3rlinx
CVSS 5.5
Microsoft SQL Server Management Studio <18.0 - Info Disclosure
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8527, CVE-2018-8533.
by hyp3rlinx
CVSS 5.5
Microsoft SQL Server Management Studio <18.0 - Info Disclosure
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8532, CVE-2018-8533.
by hyp3rlinx
CVSS 5.5
Blueimp jQuery-File-Upload <=9.22.0 - File Upload
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
by Larry W. Cashdollar
CVSS 9.8
E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection
by Ihsan Sencan
Phoenix Contact ILC PLC - Info Disclosure
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text.
by Photubias
CVSS 7.3
MikroTik RouterOS <6.42 - Path Traversal
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
by Jacob Baines
CVSS 9.1
Episerver Ektron Cms - Improper Privilege Management
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins).
by alt3kx
CVSS 9.8
WhatsApp - RTP Processing Heap Corruption
by Google Security Research
Wikidforum - SQL Injection
WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter.
by seccops
CVSS 9.8
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
by Matteo Malvica
By Source