Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-8718 EXPLOITDB HIGH python
Mailer Plugin 1.20 for Jenkins 2.111 - CSRF
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
by Kl3_GMjq6
CVSS 8.0
CVE-2018-11646 EXPLOITDB HIGH text
WebKitGTK+ <2.21.3 - Use After Free
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
by Dhiraj Mishra
CVSS 7.5
CVE-2018-11412 EXPLOITDB MEDIUM text
Linux Kernel 4.13-4.16.11 - Use-After-Free in ext4_read_inline_data
In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode.
by Google Security Research
CVSS 5.9
CVE-2016-4657 EXPLOITDB HIGH ruby VERIFIED
iPhone OS < 9.3.5 - Remote Code Execution via WebKit Memory Corruption
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
by Metasploit
CVSS 8.8
CVE-2018-16302 EXPLOITDB HIGH python
MediaComm Zip-n-Go < 4.95 - Buffer Overflow via Crafted File
MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file.
by Hashim Jawad
CVSS 7.8
EIP-2026-117538 EXPLOITDB ruby VERIFIED
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
by Metasploit
EIP-2026-117537 EXPLOITDB ruby VERIFIED
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
by Metasploit
CVE-2018-9842 EXPLOITDB MEDIUM python
CyberArk Password Vault < 9.7 - Exposure of Sensitive Information via Logon Message Replay
CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.
by Thomas Zuk
CVSS 5.3
CVE-2018-11586 EXPLOITDB CRITICAL text
SearchBlox 8.6.7 - Unauthenticated XML External Entity Injection via REST API Status Endpoint
XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
by Ahmet Gurel
CVSS 9.8
CVE-2018-11581 EXPLOITDB MEDIUM
Brother HL-L2340D and HL-L2380DW Firmware < 1.16 - Cross-Site Scripting via URL Parameter
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
by Huy Kha
CVSS 4.8
CVE-2018-11628 EXPLOITDB MEDIUM text
EMS Master Calendar < 8.0.0.201805210 - Cross-Site Scripting via URL Parameters
Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.
by Chris Barretto
CVSS 6.1
CVE-2018-25343 EXPLOITDB MEDIUM html
Smartshop 1 Cross-Site Request Forgery via editprofile.php
Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting editprofile.php with hidden fields for email and password parameters that execute automatically when visited by an authenticated admin user.
by L0RD
CVSS 4.3
CVE-2018-25342 EXPLOITDB HIGH text
Smartshop 1 SQL Injection via search.php
Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP commands to extract sensitive database information including product details and system data.
by L0RD
CVSS 8.2
CVE-2018-25341 EXPLOITDB HIGH text
Smartshop 1 SQL Injection via product.php id Parameter
Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id parameter to extract sensitive database information including usernames and database names.
by L0RD
CVSS 8.2
CVE-2018-25340 EXPLOITDB HIGH text
Smartshop 1 SQL Injection via category.php
Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to category.php with UNION-based SQL injection payloads in the id parameter to extract sensitive database information including usernames and other data.
by L0RD
CVSS 8.2
CVE-2018-11670 EXPLOITDB HIGH html
GreenCMS v2.3.0603 - Cross-Site Request Forgery via Media File Connect
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.
by xichao
CVSS 8.8
CVE-2018-11671 EXPLOITDB HIGH html
GreenCMS v2.3.0603 - Cross-Site Request Forgery via Admin User Addition
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle.
by xichao
CVSS 8.8
EIP-2026-103460 EXPLOITDB text
Epiphany 3.28.2.1 - Denial of Service
by Dhiraj Mishra
CVE-2018-8133 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.
by Google Security Research
CVSS 7.5
EIP-2026-110680 EXPLOITDB text
PHP Dashboards NEW 5.5 - 'email' SQL Injection
by Kağan Çapar
EIP-2026-109901 EXPLOITDB text
New STAR 2.1 - SQL Injection / Cross-Site Scripting
by Kağan Çapar
EIP-2026-107503 EXPLOITDB text
Grid Pro Big Data 1.0 - SQL Injection
by Kağan Çapar
EIP-2026-106257 EXPLOITDB text
CSV Import & Export 1.1.0 - SQL Injection / Cross-Site Scripting
by Kağan Çapar
EIP-2026-102032 EXPLOITDB text
TAC Xenta 511/911 - Directory Traversal
by Marek Cybul
CVE-2018-1123 EXPLOITDB LOW text
procps-ng < 3.3.15 - Denial of Service via mmap Buffer Overflow
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).
by Qualys Corporation
CVSS 3.9