Exploitdb Exploits

49,996 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-9148 EXPLOITDB CRITICAL python
Westerndigital MY Cloud Firmware - Authentication Bypass
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud.
by Sven Fassbender
CVSS 9.8
CVE-2018-0878 EXPLOITDB LOW text VERIFIED
Microsoft Windows 10 - XXE
Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability".
by Nabeel Ahmed
CVSS 3.1
CVE-2018-8903 EXPLOITDB MEDIUM text
Open-audit - XSS
Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen.
by Nilesh Sapariya
CVSS 5.4
CVE-2018-7203 EXPLOITDB MEDIUM text
Lynxtechnology Twonky Server < 8.5 - XSS
Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all.
by Sven Fassbender
CVSS 6.1
CVE-2018-7171 EXPLOITDB HIGH python
Lynxtechnology Twonky Server < 8.5 - Path Traversal
Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all.
by Sven Fassbender
CVSS 7.5
EIP-2026-104100 EXPLOITDB javascript
TeamCity < 9.0.2 - Disabled Registration Bypass
by allyshka
EIP-2026-102038 EXPLOITDB bash
Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change
by Todor Donev
EIP-2026-105929 EXPLOITDB ruby VERIFIED
ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit)
by Metasploit
EIP-2026-105928 EXPLOITDB ruby VERIFIED
ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit)
by Metasploit
CVE-2017-17020 EXPLOITDB HIGH text
Dlink Dcs-5009 Firmware < 1.08.11 - OS Command Injection
On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system.
by Fidus InfoSecurity
CVSS 8.8
CVE-2017-0263 EXPLOITDB HIGH c++
Microsoft Windows 8.1 - Use After Free
The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
by xiaodaozhi
CVSS 7.8
CVE-2018-7719 EXPLOITDB HIGH text
Acrolinx Server <5.2.5 - Path Traversal
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
by Berk Dusunur
CVSS 7.5
EIP-2026-117393 EXPLOITDB text
LabF nfsAxe 3.7 - Privilege Escalation
by bzyo
EIP-2026-117159 EXPLOITDB python
Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow
by Mohan Ravichandran and Velayutham Selvaraj
CVE-2018-8947 EXPLOITDB HIGH python
Laravel Log Viewer < 0.13.0 - Cleartext Storage
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
by Haboob Team
CVSS 7.5
CVE-2018-25250 EXPLOITDB HIGH text
MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users visit the attacker's profile page.
by 0xB9
CVSS 7.2
CVE-2018-25223 EXPLOITDB CRITICAL python
Crashmail 1.6 Stack-based Buffer Overflow Remote Code Execution
Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts potentially causing denial of service.
by Juan Sacco
CVSS 9.8
CVE-2017-13261 EXPLOITDB HIGH python
Google Android - Out-of-Bounds Read
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177292.
by QuarksLab
CVSS 7.5
CVE-2017-13261 EXPLOITDB HIGH python
Google Android - Out-of-Bounds Read
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177292.
by QuarksLab
CVSS 7.5
CVE-2017-13260 EXPLOITDB HIGH python
Google Android - Out-of-Bounds Read
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177251.
by QuarksLab
CVSS 7.5
CVE-2017-13260 EXPLOITDB HIGH python
Google Android - Out-of-Bounds Read
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177251.
by QuarksLab
CVSS 7.5
CVE-2017-13258 EXPLOITDB HIGH python
Google Android - Out-of-Bounds Read
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67863755.
by QuarksLab
CVSS 7.5
CVE-2017-13258 EXPLOITDB HIGH python
Google Android - Out-of-Bounds Read
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67863755.
by QuarksLab
CVSS 7.5
EIP-2026-119675 EXPLOITDB python
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 < 170109) - Access Control Bypass
by Matamorphosis
EIP-2026-117091 EXPLOITDB python
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)
by Hashim Jawad
By Source
All 49,996 Writeup 60,101 Exploitdb 49,996 Nomisec 21,652 Metasploit 3,219 Github 2,560 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,937 ruby 5,908 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 55 postscript 25 xml 24