Exploit Database

146,737 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-13361 WRITEUP MEDIUM
Smanos W100 1.0.0 - Improper Authentication
Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network.
CVSS 6.5
CVE-2019-13372 WRITEUP CRITICAL
D-Link Central WiFi Manager < 1.03 - Unauthenticated Remote Code Execution via Cookie Injection
/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication.
CVSS 9.8
CVE-2019-13373 WRITEUP CRITICAL
D-Link Central WiFiManager - SQL Injection via dbSQL Parameter
An issue was discovered in the D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL.
CVSS 9.8
CVE-2019-13383 WRITEUP MEDIUM
Webpanel - Information Disclosure
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.
CVSS 5.3
CVE-2019-13403 WRITEUP HIGH
Temenos CWX 8.9 - Broken Access Control in EmployeeEdit2.aspx
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.
CVSS 7.5
CVE-2019-13568 WRITEUP HIGH
CImg < 2.6.7 - Heap-Based Buffer Overflow in BMP Image Loading
CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image.
CVSS 8.8
CVE-2019-13571 WRITEUP CRITICAL
Vsourz Digital Advanced CF7 DB <1.6.1 - SQL Injection
A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
CVSS 9.8
CVE-2019-13574 WRITEUP HIGH
MiniMagick < 4.9.4 - Remote Code Execution via Image.open Kernel#open Command Injection
In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command.
CVSS 7.8
CVE-2019-13575 WRITEUP CRITICAL
WPEverest Everest Forms <1.4.9 - SQL Injection
A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/evf-entry-functions.php
CVSS 9.8
CVE-2019-13578 WRITEUP CRITICAL
Impress GiveWP Give <2.5.0 - SQL Injection
A SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/payments/class-payments-query.php.
CVSS 9.8
CVE-2019-13605 WRITEUP HIGH
CentOS Web Panel 0.9.8.838-0.9.8.846 - Auth Bypass
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.
CVSS 8.8
CVE-2019-13615 WRITEUP MEDIUM
VLC Media Player < 3.0.3 - Out-of-bounds Read in MKV Module
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
CVSS 5.5
CVE-2019-13977 WRITEUP MEDIUM
Ovidentia 8.4.3 - Cross-Site Scripting via Multiple Parameters
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=.
CVSS 5.4
CVE-2019-14206 WRITEUP HIGH
Nevma Adaptive Images <0.6.67 - Privilege Escalation
An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings'] parameter in adaptive-images-script.php.
CVSS 7.5
CVE-2019-14221 WRITEUP MEDIUM
1CRM On-Premise Software 8.5.7 - XSS
1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.
CVSS 5.4
CVE-2019-14267 WRITEUP HIGH
PDFResurrect 0.15 - Buffer Overflow
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
CVSS 7.8
CVE-2019-14280 WRITEUP MEDIUM
Craft <2.7.10-3.2.6 - Info Disclosure
In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public.
CVSS 5.3
CVE-2019-14312 WRITEUP MEDIUM
Aptana Jaxer 1.0.3.4547 - Info Disclosure
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
CVSS 6.5
CVE-2019-14319 WRITEUP MEDIUM
TikTok 12.2.0 - Cleartext Transmission of Sensitive Information
The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic.
CVSS 6.5
CVE-2019-14345 WRITEUP CRITICAL
TemaTres 3.0 - Privilege Escalation
TemaTres 3.0 allows remote unprivileged users to create an administrator account
CVSS 9.8
CVE-2019-14343 WRITEUP MEDIUM
TemaTres 3.0 - Stored Cross-Site Scripting via value Parameter
TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
CVSS 5.4
CVE-2019-14347 WRITEUP HIGH
Schben Adive < 2.0.7 - Privilege Escalation via User Addition
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
CVSS 8.8
CVE-2019-14367 WRITEUP HIGH
Slack-Chat <1.5.5 - Info Disclosure
Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).
CVSS 7.5
CVE-2019-14430 WRITEUP MEDIUM
YouPHPTube < 7.2 - SQL Injection in AuditTable.php
plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection.
CVSS 5.3
CVE-2019-14439 WRITEUP HIGH
FasterXML jackson-databind <2.9.9.2 - Info Disclosure
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.
CVSS 7.5