Exploitdb Exploits
50,095 exploits tracked across all sources.
Kingsoft Antivirus/Internet Security 9+ - Local Privilege Escalation
by mr_me
Smart Google Code Inserter < 3.5 - Unauthenticated SQL Injection via oId Parameter
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.
by Benjamin Lim
CVSS 9.8
OpenText Document Sciences xPression < 4.5 - SQL Injection in xDashboard
xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
by Pawel Gocyla
CVSS 7.5
Oracle WebLogic wls-wsat Component Deserialization RCE
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
by Kevin Kirsche
CVSS 7.5
Intel Atom - Information Disclosure via Speculative Execution Side-Channel
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
by Multiple
CVSS 5.6
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
by GulfTech Security
HP LoadRunner < 9.50 and Performance Center < 9.50 - Remote Code Execution
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
by Metasploit
Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit)
by Metasploit
Cambium Networks ePMP <3.5 - Command Injection
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
by Metasploit
CVSS 8.8
PHP Melody 2.7.1 - SQL Injection via Playlist Parameter
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
by Ahmad Mahfouz
CVSS 9.8
NetTransport Download Manager < 2.96l - Remote Code Execution via Long HTTP Response
A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.
by Aloyce J. Makalanga
CVSS 9.8
ALLPlayer ALLMediaServer <= 0.95 - Remote Code Execution via TCP Port 888 Buffer Overflow
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
by Anurag Srivastava
CVSS 9.8
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
by LiquidWorm
CVSS 9.8
Telesquare SKT LTE Router SDT-CS3B1 Unauthenticated Remote Reboot
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.
by LiquidWorm
CVSS 7.5
Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.
by LiquidWorm
CVSS 4.3
Flexense SysGauge Server 3.6.18 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221.
by Ahmad Mahfouz
CVSS 7.5
ALLPlayer ALLMediaServer <= 0.95 - Remote Code Execution via TCP Port 888 Buffer Overflow
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
by Aloyce J. Makalanga
CVSS 9.8
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
by LiquidWorm
SAP BusinessObjects launch pad - Server-Side Request Forgery
by Ahmad Mahfouz
EIP-2026-101135
EXPLOITDB
Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader
by Specter
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download (Metasploit)
by Glafkos Charalambous
By Source