Exploitdb Exploits
50,095 exploits tracked across all sources.
FS Olx Clone 1.0 - SQL Injection via subpage.php scat or message.php pid Parameter
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
by Ihsan Sencan
CVSS 9.8
FS Monster Clone 1.0 - SQL Injection via Employer_Details.php id Parameter
FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
by Ihsan Sencan
CVSS 9.8
FS Makemytrip Clone 1.0 - SQL Injection via fl_orig or fl_dest Parameter
FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter.
by Ihsan Sencan
CVSS 9.8
Event Search Script 1.0 - SQL Injection via City Parameter
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
by Ihsan Sencan
CVSS 9.8
Entrepreneur Job Portal Script 2.0.6 - SQL Injection via jobsearch_all.php rid1 Parameter
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
by Ihsan Sencan
CVSS 9.8
Entrepreneur Dating Script 2.0.1 - SQL Injection via search_result.php Parameters
Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.
by Ihsan Sencan
CVSS 9.8
E-commerce MLM Software 1.0 - SQL Injection via Service Detail PID Parameter
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
by Ihsan Sencan
CVSS 9.8
DomainSale PHP Script 1.0 - SQL Injection via domain.php id Parameter
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
by Ihsan Sencan
CVSS 9.8
Doctor Search Script 1.0 - SQL Injection via City Parameter
Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
Consumer Complaints Clone Script 1.0 - SQL Injection via other-user-profile.php id Parameter
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
by Ihsan Sencan
CVSS 9.8
Co-work Space Search Script 1.0 - SQL Injection via City Parameter
Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
CMS Auditor Website 1.0 - SQL Injection via PATH_INFO to /news-detail
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
by Ihsan Sencan
CVSS 9.8
Child Care Script 1.0 - SQL Injection via City Parameter
Child Care Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
Chartered Accountant Booking Script 1.0 - SQL Injection via Service-List City Parameter
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
by Ihsan Sencan
CVSS 9.8
Cab Booking Script 1.0 - SQL Injection via Service-List City Parameter
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.
by Ihsan Sencan
CVSS 9.8
Claymore Dual GPU miner 10.1 - Path Traversal
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathname to miner_file or miner_getfile.
by tintinweb
CVSS 8.1
Claymore Dual GPU Miner 10.1 - Remote Code Execution via Stack-Based Buffer Overflow
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging.
by tintinweb
CVSS 9.8
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path
by Google Security Research
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)
by Metasploit
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
by SEC Consult
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
by SEC Consult
Wireshark 2.4.0-2.4.2 and 2.2.0-2.2.10 - Denial of Service in CIP Safety Dissector
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
by Wireshark
CVSS 7.5
Apple <11.2, <10.13.2, <4.2, <11.2 - Info Disclosure
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
by Brandon Azad
CVSS 5.5
By Source