Exploitdb Exploits
49,996 exploits tracked across all sources.
SAP BusinessObjects launch pad - Server-Side Request Forgery
by Ahmad Mahfouz
EIP-2026-101135
EXPLOITDB
Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader
by Specter
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download (Metasploit)
by Glafkos Charalambous
Silverstripe < 3.5.5 - Injection
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.
by Ishaq Mohammed
CVSS 5.5
UI Unifi Video < 3.8.0 - Incorrect Default Permissions
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
by Julien Ahrens
CVSS 7.8
Getgosoft Getgo Download Manager < 5.3.0.2712 - Memory Corruption
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
by Aloyce J. Makalanga
CVSS 9.8
Jextn Faq Pro - SQL Injection
The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.
by Ihsan Sencan
CVSS 9.8
Biometric Shift EMS 3.0 - Auth Bypass
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
by Ihsan Sencan
CVSS 7.5
Oracle WebLogic wls-wsat Component Deserialization RCE
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
by 1337g
CVSS 7.5
Trustwave Secure Web Gateway < 11.8.0.27 - Missing Authentication
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
by SecuriTeam
CVSS 9.8
Huawei HG532 - RCE
Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code.
by anonymous
CVSS 8.8
Intenogroup Iopsys < 3.14 - Incorrect Permission Assignment
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration.
by neonsea
CVSS 8.8
Vitek - Remote Command Execution / Information Disclosure (PoC)
by bashis
Zuuse Beims Contractorweb .net - SQL Injection
CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.
by Rajwinder Singh
CVSS 9.8
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak
by Google Security Research
Conarc Ichannel - Denial of Service
Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration, or cause a denial of service (by deleting the configuration) via a wc.dll?wwMaint~EditConfig request (which reaches an older version of a West Wind Web Connection HTTP service).
by Information Paradox
CVSS 9.8
Codecrafters Ability Mail Server - XSS
Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.
by Aloyce J. Makalanga
CVSS 6.1
Samsung Internet Browser - Information Disclosure
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
by Dhiraj Mishra
CVSS 7.5
BrightSign Digital Signage <4k242 - Path Traversal
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
by Information Paradox
CVSS 7.5
Brightsign 4k242 Firmware < 6.2.63 - XSS
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
by Information Paradox
CVSS 6.1
Trend Micro Smart Protection Server <3.2 - SSRF
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.
by CoreLabs
CVSS 8.8
Trend Micro Smart Protection Server <3.2 - XSS
A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to execute a malicious payload on vulnerable systems.
by CoreLabs
CVSS 6.1
Trend Micro Smart Protection Server <3.2 - RCE
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system.
by CoreLabs
CVSS 8.1
By Source