Exploitdb Exploits
50,095 exploits tracked across all sources.
Mailer Plugin 1.20 for Jenkins 2.111 - CSRF
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
by Kl3_GMjq6
CVSS 8.0
WebKitGTK+ <2.21.3 - Use After Free
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
by Dhiraj Mishra
CVSS 7.5
Linux Kernel 4.13-4.16.11 - Use-After-Free in ext4_read_inline_data
In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode.
by Google Security Research
CVSS 5.9
iPhone OS < 9.3.5 - Remote Code Execution via WebKit Memory Corruption
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
by Metasploit
CVSS 8.8
MediaComm Zip-n-Go < 4.95 - Buffer Overflow via Crafted File
MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file.
by Hashim Jawad
CVSS 7.8
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
by Metasploit
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
by Metasploit
CyberArk Password Vault < 9.7 - Exposure of Sensitive Information via Logon Message Replay
CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.
by Thomas Zuk
CVSS 5.3
SearchBlox 8.6.7 - Unauthenticated XML External Entity Injection via REST API Status Endpoint
XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
by Ahmet Gurel
CVSS 9.8
Brother HL-L2340D and HL-L2380DW Firmware < 1.16 - Cross-Site Scripting via URL Parameter
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
by Huy Kha
CVSS 4.8
EMS Master Calendar < 8.0.0.201805210 - Cross-Site Scripting via URL Parameters
Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.
by Chris Barretto
CVSS 6.1
Smartshop 1 Cross-Site Request Forgery via editprofile.php
Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting editprofile.php with hidden fields for email and password parameters that execute automatically when visited by an authenticated admin user.
by L0RD
CVSS 4.3
Smartshop 1 SQL Injection via search.php
Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP commands to extract sensitive database information including product details and system data.
by L0RD
CVSS 8.2
Smartshop 1 SQL Injection via product.php id Parameter
Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id parameter to extract sensitive database information including usernames and database names.
by L0RD
CVSS 8.2
Smartshop 1 SQL Injection via category.php
Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to category.php with UNION-based SQL injection payloads in the id parameter to extract sensitive database information including usernames and other data.
by L0RD
CVSS 8.2
GreenCMS v2.3.0603 - Cross-Site Request Forgery via Media File Connect
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.
by xichao
CVSS 8.8
GreenCMS v2.3.0603 - Cross-Site Request Forgery via Admin User Addition
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle.
by xichao
CVSS 8.8
Microsoft Edge and ChakraCore - Remote Code Execution via Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.
by Google Security Research
CVSS 7.5
CSV Import & Export 1.1.0 - SQL Injection / Cross-Site Scripting
by Kağan Çapar
procps-ng < 3.3.15 - Denial of Service via mmap Buffer Overflow
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).
by Qualys Corporation
CVSS 3.9
By Source