Exploitdb Exploits

49,996 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-16819 EXPLOITDB MEDIUM text
Icon Time Systems RTC-1000 v2.5.7458 - XSS
A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbitrary JavaScript in the nameFirst (aka First Name) field for the employee details page (/employee.html) that is then reflected in multiple pages where that field data is utilized, resulting in session hijacking and possible elevation of privileges.
by Keith Thome
CVSS 5.4
EIP-2026-118085 EXPLOITDB python VERIFIED
VX Search 10.2.14 - 'Proxy' Local Buffer Overflow (SEH)
by wetw0rk
CVE-2017-11873 EXPLOITDB HIGH javascript VERIFIED
ChakraCore and Microsoft Edge - Privilege Escalation
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11871.
by Google Security Research
CVSS 7.5
CVE-2017-11861 EXPLOITDB HIGH javascript VERIFIED
Microsoft Chakracore - Memory Corruption
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873.
by Google Security Research
CVSS 7.5
CVE-2017-11811 EXPLOITDB HIGH javascript VERIFIED
ChakraCore & Microsoft Edge - Memory Corruption
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11812, and CVE-2017-11821.
by Google Security Research
CVSS 7.5
CVE-2017-8751 EXPLOITDB HIGH html VERIFIED
Microsoft Edge - Memory Corruption
Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8734, and CVE-2017-11766.
by Google Security Research
CVSS 7.5
CVE-2017-15806 EXPLOITDB HIGH text VERIFIED
Zetacomponents Mail < 1.8.2 - Code Injection
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one containing "-X/path/to/wwwroot/file.php."
by MalwareBenchmark
CVSS 8.1
CVE-2017-16843 EXPLOITDB MEDIUM html
Vonage VDV-23 115 3.2.11-0.9.40 - XSS
Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic.
by Nu11By73
CVSS 5.4
EIP-2026-102070 EXPLOITDB text
TP-Link TL-WR740N - Cross-Site Scripting
by bl00dy
CVE-2017-16841 EXPLOITDB MEDIUM text
LanSweeper 6.0.100.75 - XSS
LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.
by Miguel Mendez Z
CVSS 6.1
CVE-2017-16962 EXPLOITDB MEDIUM text
CommuniGate Pro <6.2.1 - XSS
The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details field of a Google Calendar invitation, (2) a crafted Outlook.com calendar (aka Hotmail Calendar) invitation, (3) e-mail granting access to a directory that has JavaScript in its name, (4) JavaScript in a note name, (5) JavaScript in a task name, or (6) HTML e-mail that is mishandled in the Inbox component.
by Boumediene KADDOUR
CVSS 6.1
CVE-2017-15270 EXPLOITDB MEDIUM text
Psftpd - Improper Input Validation
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '"' and ',' and '\r' are not escaped and can be used to add new entries to the log.
by X41 D-Sec GmbH
CVSS 5.3
EIP-2026-118438 EXPLOITDB python VERIFIED
Dup Scout Enterprise 10.0.18 - 'Login' Remote Buffer Overflow
by sickness
CVE-2017-15271 EXPLOITDB MEDIUM text
Psftpd - Use After Free
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically restart, which enabled attackers to perform a very effective DoS attack against this service. By sending a crafted SSH identification / version string to the server, a NULL pointer dereference could be caused, apparently because of a race condition in the window message handling, performing the cleanup for invalid connections. This incorrect cleanup code has a use-after-free.
by X41 D-Sec GmbH
CVSS 5.9
EIP-2026-103348 EXPLOITDB ruby VERIFIED
D-Link DIR-850L - OS Command Execution (Metasploit)
by Metasploit
CVE-2017-9675 EXPLOITDB HIGH bash VERIFIED
D-Link DIR-605L <2.08UIBetaB01.bin - DoS
On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.
by Enrique Castillo
CVSS 7.5
CVE-2017-14961 EXPLOITDB HIGH c
Ikarussecurity Anti.virus - Improper Input Validation
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
by Parvez Anwar
CVSS 7.8
CVE-2017-16806 EXPLOITDB HIGH python
Ulterius Server < 1.9.5.0 - Directory Traversal
The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal.
by Rick Osgood
CVSS 7.5
CVE-2017-16524 EXPLOITDB HIGH ruby
Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.
by 0xFFFFFF
CVSS 8.8
CVE-2017-16807 EXPLOITDB MEDIUM text VERIFIED
Kirby Panel <2.3.3, <2.4.2, <2.5.7 - XSS
A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file.
by Ishaq Mohammed
CVSS 5.4
EIP-2026-110378 EXPLOITDB python
osCommerce 2.3.4.1 - Arbitrary File Upload
by Simon Scannell
CVE-2017-16780 EXPLOITDB CRITICAL text VERIFIED
MyBB <1.8.13 - RCE
The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file.
by Pabstersac
CVSS 9.8
CVE-2017-16781 EXPLOITDB MEDIUM text VERIFIED
MyBB <1.8.13 - XSS
The installer in MyBB before 1.8.13 has XSS.
by Pabstersac
CVSS 5.4
CVE-2017-6331 EXPLOITDB HIGH c VERIFIED
Symantec Endpoint Protection <SEP 14 RU1 - Privilege Escalation
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
by hyp3rlinx
CVSS 7.1
CVE-2025-34095 EXPLOITDB CRITICAL ruby VERIFIED
Mako Server 2.5-2.6 - Command Injection
An OS command injection vulnerability exists in Mako Server versions 2.5 and 2.6, specifically within the tutorial interface provided by the examples/save.lsp endpoint. An unauthenticated attacker can send a crafted PUT request containing arbitrary Lua os.execute() code, which is then persisted on disk and triggered via a subsequent GET request to examples/manage.lsp. This allows remote command execution on the underlying operating system, impacting both Windows and Unix-based deployments.
by Metasploit
By Source
All 49,996 Writeup 60,186 Exploitdb 49,996 Nomisec 21,730 Metasploit 3,219 Github 2,577 Vulncheck_xdb 905 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,951 ruby 5,908 c 3,567 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24