Exploitdb Exploits
50,076 exploits tracked across all sources.
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
by Besim
Comodo Dragon Browser 52.15.25.663 Privilege Escalation via Unquoted Service Path
Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or system reboot.
by Th3GundY
CVSS 7.8
Comodo Chromodo Browser 52.15.25.664 Unquoted Service Path Privilege Escalation
Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or system reboot.
by Th3GundY
CVSS 7.8
PHP Classifieds Rental Script - Blind SQL Injection
by OoN_Boy
Exagate WEBPack Management System - Multiple Vulnerabilities
by Halil Dalabasmaz
Fortitude HTTP 1.0.4.0 Unquoted Service Path Elevation of Privilege
Fortitude HTTP 1.0.4.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated privileges by exploiting the service binary path. Attackers can insert malicious executables in the system root path that execute with SYSTEM privileges during service startup or system reboot.
by Tulpa
CVSS 7.8
VX Search Enterprise 9.0.26 - 'Login' Remote Buffer Overflow
by Tulpa
Sync Breeze Enterprise 8.9.24 - 'Login' Remote Buffer Overflow
by Tulpa
Dup Scout Enterprise 9.0.28 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Sorter Enterprise 9.0.24 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Savvy Enterprise 9.0.32 - 'Login' Remote Buffer Overflow
by Tulpa
Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation
by Tulpa
Cisco Firepower Management Center 6.0.1 - Info Disclosure
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
by KoreLogic
CVSS 7.8
Cisco Firepower Mgmt Cntr <6.0.1 - RCE
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
by KoreLogic
CVSS 8.8
Cisco Firepower Management Center 6.0.1 - Info Disclosure
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
by KoreLogic
CVSS 6.5
Oracle Linux < 9.9.9 - Improper Input Validation
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
by Infobyte
CVSS 7.5
By Source