Exploitdb Exploits
50,076 exploits tracked across all sources.
BolinTech DreamFTP Server 1.02 - 'RETR' Remote Buffer Overflow
by ScrR1pTK1dd13
IBM AIX - Authenticated Privilege Escalation
IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.
by Hector X. Monsegur
CVSS 7.8
IBM AIX <7.3 - Privilege Escalation
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.
by Hector X. Monsegur
CVSS 7.8
Nodcms Cross Site Request Forgery via admin endpoints
Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/user_manipulate and admin/settings/generall endpoints to create users or modify application settings without explicit consent.
by Amir.ght
CVSS 4.3
Redaxo CMS 5.2 Cross-Site Request Forgery via users endpoint
Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML forms targeting the users endpoint with hidden fields containing admin credentials and account parameters to add new administrator accounts without user consent.
by Amir.ght
CVSS 5.3
Snews CMS 1.7 Unrestricted File Upload via snews_files
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by accessing the uploaded file path to achieve remote code execution.
by Amir.ght
CVSS 9.8
Snews CMS 1.7 Cross-Site Request Forgery via changeup
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST requests to the changeup action, modifying the admin username and password parameters to gain unauthorized access.
by Amir.ght
CVSS 5.3
WinaXe 7.7 'FTP client' - Remote Buffer Overflow
by hyp3rlinx
PCMan FTP Server 2.0.7 - 'ACCT' Remote Buffer Overflow
by Cybernetic
SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution
by Ashiyane Digital Security Team
SweetRice 1.5.1 - Arbitrary File Download
by Ashiyane Digital Security Team
Overlayfs Privilege Escalation
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
by Metasploit
CVSS 6.7
PCMan FTP Server 2.0.7 - 'UMASK' Remote Buffer Overflow
by Eagleblack
Freefloat FTP Server 1.0 - 'DIR' Remote Buffer Overflow
by ScrR1pTK1dd13
Microsoft Internet Explorer <11 - Code Injection
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
by Skylined
Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free
by Skylined
SweetRice 1.5.1 - Cross-Site Request Forgery
by Ashiyane Digital Security Team
AlienVault OSSIM & USM <5.3.2 - SQL Injection
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.
by Peter Lapp
CVSS 9.8
AlienVault OSSIM & USM <5.3.2 - Code Injection
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
by Peter Lapp
CVSS 9.8
AlienVault OSSIM & USM <5.3.2 - XSS
A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator.
by Peter Lapp
CVSS 6.1
Citrix Receiver Desktop Lock 4.5 - Auth Bypass
Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating "the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us."
by Rithwik Jayasimha
CVSS 6.8
hapi Server Framework - Code Injection
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.
by Metasploit
By Source