Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118783 EXPLOITDB text
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
by hyp3rlinx
EIP-2026-114855 EXPLOITDB python
Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)
by Javier Enrique Rodriguez Gutierrez
CVE-2018-1563 EXPLOITDB MEDIUM text VERIFIED
IBM Sterling B2B Integrator 5.2.0.1-5.2.6.2 and Sterling File Gateway 2.2.0-2.2.5 - Cross-Site Scripting
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.
by Vikas Khanna
CVSS 5.4
CVE-2017-14798 EXPLOITDB HIGH bash
PostgreSQL - Privilege Escalation via Race Condition in Init Script
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
by Johannes Segitz
CVSS 7.3
CVE-2018-9445 EXPLOITDB MEDIUM text VERIFIED
Android 6.0-8.1 - Path Traversal in Utils.cpp readMetadata
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.
by Google Security Research
CVSS 6.8
CVE-2018-25247 EXPLOITDB MEDIUM text
MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the viewer's browser.
by 0xB9
CVSS 6.1
EIP-2026-119638 EXPLOITDB python VERIFIED
iSmartViewPro 1.5 - 'Password' Buffer Overflow
by Javier Enrique Rodriguez Gutierrez
CVE-2016-3411 EXPLOITDB MEDIUM text
Zimbra Collaboration Suite < 8.6.0 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
by Dino Barlattani
CVSS 6.1
CVE-2018-14888 EXPLOITDB MEDIUM text
Eldenroot Thank You/Like <3.1.0 - XSS
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin before 3.1.0 for MyBB allows XSS via a post or thread subject.
by 0xB9
CVSS 6.1
CVE-2018-25361 EXPLOITDB MEDIUM
Soroush IM Desktop App 0.17.0 Authentication Bypass via Database Injection
Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption key. Attackers can inject malicious database records into the application's database files to unlock the client and access all stored data, chats, images, and files without knowing the original passcode.
by VortexNeoX64
CVSS 6.8
EIP-2026-118899 EXPLOITDB python
Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)
by Omid Shojaei
CVE-2018-12584 EXPLOITDB CRITICAL python
reSIProcate <1.10.2 - Buffer Overflow
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.
by Joachim De Zutter
CVSS 9.8
CVE-2017-18344 EXPLOITDB MEDIUM c
Linux Kernel < 4.14.8 - Out-of-bounds Read via timer_create sigev_notify Field
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).
by Andrey Konovalov
CVSS 5.5
EIP-2026-102057 EXPLOITDB ruby
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Remote Reboot)
by Wadeek
EIP-2026-102056 EXPLOITDB ruby
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
by Wadeek
CVE-2018-15138 EXPLOITDB HIGH text
Ericsson-LG iPECS NMS 30M - Path Traversal
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
by Safak Aslan
CVSS 7.5
EIP-2026-119637 EXPLOITDB python VERIFIED
iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow
by Rodrigo Eduardo Rodriguez
EIP-2026-119636 EXPLOITDB python VERIFIED
iSmartViewPro 1.5 - 'Account' Buffer Overflow
by Alan Joaquín Baeza Meza
CVE-2017-15580 EXPLOITDB CRITICAL text
osTicket 1.10.1 - Unrestricted Upload of File with Dangerous Type via tickets.php
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content.
by Rajwinder Singh
CVSS 9.8
EIP-2026-101104 EXPLOITDB text
TP-Link Wireless N Router WR840N - Denial of Service (PoC)
by Aniket Dinda
CVE-2018-15153 EXPLOITDB HIGH python VERIFIED
OpenEMR <5.0.1.4 - Command Injection
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php.
by Cody Zacharias
CVSS 8.8
EIP-2026-119611 EXPLOITDB python VERIFIED
QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)
by Rodrigo Eduardo Rodriguez
EIP-2026-117185 EXPLOITDB text
Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR & DEP Bypass)
by Manoj Ahuje
EIP-2026-109573 EXPLOITDB text
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
by Nainsi Gupta
CVE-2018-25360 EXPLOITDB HIGH python
AgataSoft Auto PingMaster 1.5 Buffer Overflow SEH
AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructions that overwrite the SEH handler pointer to achieve code execution when the file contents are pasted into the application.
by bzyo
CVSS 8.4