Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-0933 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore < 1.8.2 - Remote Code Execution via Memory Corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
CVE-2018-0934 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Memory Corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
CVE-2018-0934 EXPLOITDB HIGH javascript VERIFIED
Microsoft Edge and ChakraCore - Remote Code Execution via Memory Corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937.
by Google Security Research
CVSS 7.5
EIP-2026-103500 EXPLOITDB javascript VERIFIED
Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
by Google Security Research
CVE-2018-6064 EXPLOITDB HIGH javascript VERIFIED
Google Chrome <65.0.3325.146 - Heap Corruption
Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
by Google Security Research
CVSS 8.8
CVE-2018-25312 EXPLOITDB MEDIUM python
LifeSize ClearSea 3.1.4 Directory Traversal Remote Code Execution
LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to arbitrary locations on the system, enabling remote code execution.
by rsp3ar
CVSS 6.5
CVE-2018-25311 EXPLOITDB MEDIUM text
VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal 2.10 (X-Prototype-Version: 1.6.0.2)
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, download_xml.pl, download.pl, downloadmib.pl, or downloadFile.pl with directory traversal payloads to read sensitive system files like /etc/passwd.
by LiquidWorm
CVSS 6.5
CVE-2018-25310 EXPLOITDB MEDIUM text
VideoFlow Digital Video Protection DVP 10 Authenticated Remote Code Execution
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can leverage the CSRF vulnerability to inject and execute system commands through the Tools > System > Shell interface, gaining root-level access to the device.
by LiquidWorm
CVSS 4.3
CVE-2019-25256 EXPLOITDB MEDIUM text
VideoFlow Digital Video Protection DVP 2.10 - Path Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulating directory path traversal in download requests.
by LiquidWorm
CVSS 6.5
CVE-2019-25255 EXPLOITDB MEDIUM text
VideoFlow DVP 2.10 - Authenticated RCE
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows attackers to execute system commands with root privileges. Attackers can exploit the vulnerability through a cross-site request forgery (CSRF) mechanism to gain unauthorized system access.
by LiquidWorm
CVSS 4.3
CVE-2018-10080 EXPLOITDB HIGH bash
Secutech RiS-11, RiS-22, RiS-33 <5.07.52_es_FRI01 - CSRF
Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.
by Todor Donev
CVSS 8.6
EIP-2026-118095 EXPLOITDB text
WebLog Expert Enterprise 9.4 - Privilege Escalation
by bzyo
CVE-2018-8817 EXPLOITDB HIGH html VERIFIED
Wampserver < 3.1.3 - Cross-Site Request Forgery via add_vhost.php
Wampserver before 3.1.3 has CSRF in add_vhost.php.
by Vipin Chaudhary
CVSS 8.8
CVE-2018-8732 EXPLOITDB MEDIUM text VERIFIED
WampServer 3.1.1 - Cross-Site Scripting via Virtual Del Parameter
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtual_del parameter.
by Vipin Chaudhary
CVSS 5.4
CVE-2018-8815 EXPLOITDB MEDIUM text
Alkacon OpenCMS 10.5.3 - Cross-Site Scripting via SVG Image in Gallery Function
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image.
by Sureshbabu Narvaneni
CVSS 4.6
CVE-2018-8811 EXPLOITDB HIGH html
OpenCMS 10.5.3 - Cross-Site Request Forgery in User Role Management
Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only registered users to upload different kind of content artifacts (SVG, .doc, .docx). The uploaded content is stored in the CMS content repository "as is". In case of scripts inside an SVG, this may or may not be "malicious", there is no way of knowing if the uploaded SVG contains the script for a reason. To exploit the "issue", a user must have an account in the CMS as a content manager
by Sureshbabu Narvaneni
CVSS 8.8
CVE-2018-8908 EXPLOITDB HIGH html
Frog CMS 0.9.5 - Cross-Site Request Forgery in User Addition
An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens due to lack of an anti-CSRF token in state modification requests.
by Samrat Das
CVSS 8.8
CVE-2018-5708 EXPLOITDB HIGH text
D-Link DIR-601 B1 2.02NA - Info Disclosure
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML.
by Kevin Randall
CVSS 8.0
EIP-2026-116367 EXPLOITDB python
Sync Breeze Enterprise 10.4.18 - Denial of-Service (PoC)
by Mr Bruce
CVE-2018-25323 EXPLOITDB HIGH python
Allok AVI DivX MPEG to DVD Converter 2.6.1217 Buffer Overflow SEH
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH chain overwrite values, then paste the contents into the License Name field to trigger code execution.
by wetw0rk
CVSS 8.4
CVE-2018-25318 EXPLOITDB CRITICAL text
Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change
Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS servers and redirect user traffic to malicious sites.
by Todor Donev
CVSS 9.8
CVE-2018-25317 EXPLOITDB CRITICAL text
Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change
Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers.
by Todor Donev
CVSS 9.8
CVE-2018-25316 EXPLOITDB CRITICAL text
Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS servers and redirect user traffic to malicious sites.
by Todor Donev
CVSS 9.8
CVE-2018-25315 EXPLOITDB HIGH python
Alloksoft Video joiner 4.6.1217 Buffer Overflow via License Name
Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.
by Mohan Ravichandran and Velayutham Selvaraj
CVSS 8.4
CVE-2018-25314 EXPLOITDB HIGH python
Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 Buffer Overflow
Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious input containing shellcode with structured exception handler (SEH) overwrite to bypass protections and execute code with application privileges.
by Mohan Ravichandran and Velayutham Selvaraj
CVSS 8.4