Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-6575 EXPLOITDB CRITICAL text
JEXTN Classified 1.0.0 - SQL Injection via view=boutique&sid Parameter
SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request.
by Ihsan Sencan
CVSS 9.8
CVE-2018-6578 EXPLOITDB CRITICAL html
je_paypervideo 3.0.0 - SQL Injection via usr_plan Parameter
SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.
by Ihsan Sencan
CVSS 9.8
EIP-2026-107044 EXPLOITDB text
Fancy Clone Script - 'search_browse_product' SQL Injection
by 8bitsec
CVE-2018-6576 EXPLOITDB CRITICAL text
Event Manager 1.0 - SQL Injection via event.php id or page.php slug Parameter
SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter.
by Ihsan Sencan
CVSS 9.8
EIP-2026-104971 EXPLOITDB text
Advance Loan Management System - 'id' SQL Injection
by 8bitsec
CVE-2018-2636 EXPLOITDB HIGH python VERIFIED
Oracle Hospitality Simphony <2.9 - RCE
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
by Dmitry Chastuhin
CVSS 8.1
EIP-2026-101731 EXPLOITDB text
FiberHome AN5506 - Remote DNS Change
by r0ots3c
EIP-2026-100653 EXPLOITDB text
IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting
by 1n3
CVE-2018-6537 EXPLOITDB CRITICAL python
Flexense SyncBreeze Enterprise 10.4.18 - Remote Code Execution via Control Protocol Buffer Overflow
A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121.
by Daniel Teixeira
CVSS 9.8
CVE-2018-25118 EXPLOITDB CRITICAL text
GeoVision embedded IP devices - Command Injection
GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injection vulnerability via /PictureCatch.cgi that enables an attacker to execute arbitrary commands on the device. The vulnerable models have been declared end-of-life (EOL) by the vendor. VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-19 08:55:13.141502 UTC.
by bashis
CVE-2016-1542 EXPLOITDB HIGH ruby VERIFIED
BMC BladeLogic Server Automation <8.7 - Auth Bypass
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.
by Metasploit
CVSS 7.5
CVE-2016-1543 EXPLOITDB HIGH ruby VERIFIED
BMC BladeLogic Server Automation <8.8 - Auth Bypass
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.
by Metasploit
CVSS 7.5
EIP-2026-103703 EXPLOITDB html VERIFIED
WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free
by Google Security Research
CVE-2018-4089 EXPLOITDB HIGH html VERIFIED
Apple tvOS < 11.2.5 - Remote Code Execution via WebKit Memory Corruption
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS before 11.2.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Google Security Research
CVSS 8.8
EIP-2026-101288 EXPLOITDB python
Geovision Inc. IP Camera & Video - Remote Command Execution
by bashis
CVE-2016-5063 EXPLOITDB MEDIUM python
BMC Server Automation < 8.6 SP1 Patch 2 and < 8.7 Patch 3 - Improper Authorization via RSCD Agent
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors.
by Paul Taylor
CVSS 5.3
CVE-2017-16716 EXPLOITDB CRITICAL python
Advantech WebAccess < 8.3 - SQL Injection
A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
by Chris Lyne
CVSS 9.8
CVE-2017-5792 EXPLOITDB CRITICAL text
HPE Intelligent Management Center PLAT 7.3 E0504P2 - Remote Code Execution via Untrusted Data Deserialization
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
by Chris Lyne
CVSS 9.8
CVE-2018-5701 EXPLOITDB CRITICAL c
iolo System Shield 5.0.0.136 - Arbitrary Write via amp.sys IOCtl 0x00226003
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
by Parvez Anwar
CVSS 9.8
CVE-2018-6460 EXPLOITDB HIGH
Hotspot Shield - Unauthenticated Sensitive Information Exposure via JSONP Callback Parameter
Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including configuration. User controlled input is not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc and extract sensitive information about the machine, including whether the user is connected to a VPN, to which VPN he/she is connected, and what is their real IP address.
by SecuriTeam
CVSS 7.5
EIP-2026-115535 EXPLOITDB python
LabF nfsAxe 3.7 TFTP Client - Local Buffer Overflow
by Miguel Mendez Z
CVE-2018-6395 EXPLOITDB CRITICAL text
Visual Calendar 3.1.3 - SQL Injection via id Parameter
SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.
by Ihsan Sencan
CVSS 9.8
CVE-2018-6397 EXPLOITDB HIGH text
Picture Calendar 3.1.4 - Path Traversal via List.php Folder Parameter
Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.
by Ihsan Sencan
CVSS 7.5
CVE-2018-6398 EXPLOITDB CRITICAL text
CP Event Calendar 3.0.1 - SQL Injection via id Parameter
SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.
by Ihsan Sencan
CVSS 9.8
CVE-2017-10271 EXPLOITDB HIGH ruby VERIFIED
Oracle WebLogic wls-wsat Component Deserialization RCE
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
by Metasploit
CVSS 7.5