CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw ...

7.1CVSS5.9AI score0.6478EPSS

Exploits0References1

NVD•added 2025/07/28 2:15 p.m.•1 views

CVE-2025-30133

An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...

9.8CVSS0.00336EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 10:39 a.m.•6 views

CVE-2017-8219

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI...

6.5CVSS7AI score0.00267EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 6:55 a.m.•2 views

CVE-2018-4018

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or...

10CVSS7AI score0.00426EPSS

Exploits1References1

Exploit DB•added 2015/03/27 12:0 a.m.•253 views

Acunetix 9.5 - OLE Automation Array Remote Code Execution

!/usr/bin/python import BaseHTTPServer, sys, socket Acunetix OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 27 Mar 2015 Version: acunetix.exe Video: https://vid.me/SRCb class...

7.4AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•16 views

Maxthon Browser 1.x Content-Type Buffer Overflow Vulnerability

source: http://www.securityfocus.com/bid/30617/info Maxthon Browser is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition...

7.8AI score

Exploits0

Exploit DB•added 2004/12/15 12:0 a.m.•20 views

Yanf 0.4 - HTTP Response Buffer Overflow

source: https://www.securityfocus.com/bid/11975/info Yanf is prone to a buffer overflow vulnerability. This issue is exposed when the client reads data from a remote HTTP server. If this issue is successfully exploited, it could allow for execution of arbitrary code in the context of the user...

7.4AI score

Exploits0

exploitpack•added 2003/11/22 12:0 a.m.•14 views

Opera 7.22 - File Creation and Execution (WebServer)

Opera 7.22 - File Creation and Execution WebServer !/usr/bin/perl Sample code of "Opera 7 Arbitrary File Auto-Saved Vulnerability." This Exploit will run a webserver that will create and execute a batch file on the victim's computer when visiting this malicious server This perl script is a small...

7.5AI score

Exploits0

exploitpack•added 2000/08/02 12:0 a.m.•19 views

Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval

Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval source: https://www.securityfocus.com/bid/1550/info ntop is a tool that shows the network usage, similar to what the popular top Unix command does. Starting ntop in web mode with the -w parameter starts ntop with it's own built in HTTP server,...

0.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by