Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-1000049 EXPLOITDB HIGH text VERIFIED
Nanopool Claymore Dual Miner <7.3 - RCE
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled.
by ReverseBrain
CVSS 7.5
EIP-2026-112484 EXPLOITDB text
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
by L0RD
EIP-2026-112483 EXPLOITDB text
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
by L0RD
EIP-2026-109948 EXPLOITDB text
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
by L0RD
EIP-2026-109947 EXPLOITDB text
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
by L0RD
CVE-2017-9791 EXPLOITDB CRITICAL ruby VERIFIED
Apache Struts 2.1.x and 2.3.x - Remote Code Execution via ActionMessage Field Value
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
by Metasploit
CVSS 9.8
CVE-2016-5809 EXPLOITDB HIGH text
Schneider Electric IONXXXX Series - Cross-Site Request Forgery
An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. There is no CSRF Token generated to authenticate the user during a session. Successful exploitation of this vulnerability can allow unauthorized configuration changes to be made and saved.
by t4rkd3vilz
CVSS 8.8
CVE-2016-9299 EXPLOITDB CRITICAL ruby VERIFIED
Jenkins < 2.32 and LTS < 2.19.3 - Remote Code Execution via LDAP Query Injection
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
by Metasploit
CVSS 9.8
EIP-2026-102642 EXPLOITDB c VERIFIED
Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall
by Google Security Research
CVE-2018-11094 EXPLOITDB CRITICAL python
Intelbras NCLOUD 300 1.0 - Unauthenticated Information Disclosure via ExportSettings.sh
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.
by Pedro Aguiar
CVSS 9.8
CVE-2018-11096 EXPLOITDB MEDIUM text
Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery
Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely.
by L0RD
CVSS 6.5
CVE-2018-11092 EXPLOITDB MEDIUM text
Admin Notes 1.1 - Cross-Site Request Forgery via Clear Table Action
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
by 0xB9
CVSS 6.5
CVE-2015-3245 EXPLOITDB ruby VERIFIED
libuser < 0.56.13-8 and 0.60 < 0.60-7 - Denial of Service via GECOS Field Newline Injection
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
by Metasploit
CVE-2016-2279 EXPLOITDB MEDIUM text
Rockwell Automation CompactLogix 1769-L* < 28.011 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by t4rkd3vilz
CVSS 6.1
CVE-2018-8134 EXPLOITDB HIGH text VERIFIED
Windows Kernel API - Elevation of Privilege via Permission Enforcement
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
by Google Security Research
CVSS 7.0
EIP-2026-113891 EXPLOITDB html
WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery
by dxw
CVE-2018-7465 EXPLOITDB MEDIUM text
VirtueMart < 3.2.14 - Stored Cross-Site Scripting via Backend Textarea Closure
An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding </textarea> to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything after the </textarea>, leading to a possible XSS.
by Mattia Furlani
CVSS 5.4
EIP-2026-109636 EXPLOITDB text
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting
by L0RD
CVE-2015-3246 EXPLOITDB ruby VERIFIED
libuser <0.56.13-8 & 0.60 <0.60-7 - DoS
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.
by Metasploit
CVE-2018-1247 EXPLOITDB HIGH text
RSA Authentication Manager < 8.3 - XML External Entity Injection via Malicious DTD
RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability. This could potentially allow admin users to cause a denial of service or extract server data via injecting a maliciously crafted DTD in an XML file submitted to the application.
by SEC Consult
CVSS 7.1
EIP-2026-102193 EXPLOITDB python
WhatsApp 2.18.31 - Memory Corruption
by Juan Sacco
CVE-2018-10123 EXPLOITDB HIGH python
p910nd - Inteno IOPSYS 2.0-4.2.0 - Info Disclosure
p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100.
by neonsea
CVSS 8.8
CVE-2018-6563 EXPLOITDB HIGH html
totemo encryption_gateway < 6.0.0 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in totemomail Encryption Gateway before 6.0.0_Build_371 allow remote attackers to hijack the authentication of users for requests that (1) change user settings, (2) send emails, or (3) change contact information by leveraging lack of an anti-CSRF token.
by Compass Security
CVSS 8.8
CVE-2018-25300 EXPLOITDB HIGH text
XATABoost CMS 1.0.0 SQL Injection via news.php
XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers can send GET requests to news.php with malicious id values to extract sensitive database information.
by MgThuraMoeMyint
CVSS 8.2
CVE-2018-11034 EXPLOITDB HIGH c++
2345 Security Guard 3.7 - Denial of Service via IOCTL 0x8000200D
In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x8000200D.
by anhkgg
CVSS 7.8