Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-7171 EXPLOITDB HIGH python
Twonky Server 7.0.11-8.5 - Directory Traversal via contentbase Parameter
Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all.
by Sven Fassbender
CVSS 7.5
EIP-2026-104100 EXPLOITDB javascript
TeamCity < 9.0.2 - Disabled Registration Bypass
by allyshka
EIP-2026-102038 EXPLOITDB bash
Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change
by Todor Donev
EIP-2026-105929 EXPLOITDB ruby VERIFIED
ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit)
by Metasploit
EIP-2026-105928 EXPLOITDB ruby VERIFIED
ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit)
by Metasploit
CVE-2017-17020 EXPLOITDB HIGH text
D-Link DCS-5009 <1.08.11, DCS-5010 <1.14.09, DCS-5020L <1.15.01 Authenticated OS Command Injection
On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system.
by Fidus InfoSecurity
CVSS 8.8
CVE-2018-25322 EXPLOITDB HIGH python
Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the License Name field to trigger the overflow and execute code with application privileges.
by Mohan Ravichandran and Velayutham Selvaraj
CVSS 8.4
CVE-2017-0263 EXPLOITDB HIGH c++
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
by xiaodaozhi
CVSS 7.8
CVE-2018-7719 EXPLOITDB HIGH text
Acrolinx Server <5.2.5 - Path Traversal
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
by Berk Dusunur
CVSS 7.5
EIP-2026-117393 EXPLOITDB text
LabF nfsAxe 3.7 - Privilege Escalation
by bzyo
CVE-2018-8947 EXPLOITDB HIGH python
rap2hpoutre Laravel Log Viewer < 0.13.0 - Cleartext Storage of Sensitive Information via Base64 Encoding
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
by Haboob Team
CVSS 7.5
CVE-2018-25321 EXPLOITDB MEDIUM javascript
TP-Link TL-WR720N All Versions CSRF via Administrative Interfaces
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via WlanSecurityRpm.htm by tricking authenticated users into visiting attacker-controlled pages.
by Mans van Someren
CVSS 4.3
CVE-2018-25250 EXPLOITDB HIGH text
MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users visit the attacker's profile page.
by 0xB9
CVSS 7.2
CVE-2018-25223 EXPLOITDB CRITICAL python
Crashmail 1.6 Stack-based Buffer Overflow Remote Code Execution
Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts potentially causing denial of service.
by Juan Sacco
CVSS 9.8
CVE-2017-13261 EXPLOITDB HIGH python
Android 5.1.1-8.1 - Out-of-bounds Read in bnep_process_control_packet
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177292.
by QuarksLab
CVSS 7.5
CVE-2017-13261 EXPLOITDB HIGH python
Android 5.1.1-8.1 - Out-of-bounds Read in bnep_process_control_packet
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177292.
by QuarksLab
CVSS 7.5
CVE-2017-13260 EXPLOITDB HIGH python
Android 5.1.1-8.1 - Out-of-bounds Read in bnep_data_ind
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177251.
by QuarksLab
CVSS 7.5
CVE-2017-13260 EXPLOITDB HIGH python
Android 5.1.1-8.1 - Out-of-bounds Read in bnep_data_ind
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177251.
by QuarksLab
CVSS 7.5
CVE-2017-13258 EXPLOITDB HIGH python
Android 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 - Out-of-bounds Read in bnep_data_ind
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67863755.
by QuarksLab
CVSS 7.5
CVE-2017-13258 EXPLOITDB HIGH python
Android 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 - Out-of-bounds Read in bnep_data_ind
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67863755.
by QuarksLab
CVSS 7.5
EIP-2026-119675 EXPLOITDB python
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 < 170109) - Access Control Bypass
by Matamorphosis
EIP-2026-117091 EXPLOITDB python
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)
by Hashim Jawad
EIP-2026-116762 EXPLOITDB python
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow
by Mohan Ravichandran and Velayutham Selvaraj
EIP-2026-116573 EXPLOITDB python
WM Recorder 16.8.1 - Denial of Service
by bzyo
EIP-2026-115183 EXPLOITDB python
Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service
by Hashim Jawad