Exploitdb Exploits

462 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103760 EXPLOITDB bash VERIFIED
(Tod Miller's) Sudo/SudoEdit 1.6.9p21/1.7.2p4 - Local Privilege Escalation
by kingcope
CVE-2010-0411 EXPLOITDB bash VERIFIED
SystemTap 1.1 - Denial of Service via Integer Signedness Error in __get_argv and __get_compat_argv
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
by Josh Stone
EIP-2026-107889 EXPLOITDB bash VERIFIED
Interspire Knowledge Manager 5 - 'callback.snipshot.php' Arbitrary File Creation
by Cory Marsh
CVE-2010-0295 EXPLOITDB bash VERIFIED
lighttpd < 1.4.26 and 1.5.x - Denial of Service via Slow Request Memory Consumption
lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.
by Li Ming
EIP-2026-103600 EXPLOITDB bash VERIFIED
Nuked KLan 1.7.7 & SP4 - Denial of Service
by Hamza 'MIzoZ' N
EIP-2026-104685 EXPLOITDB bash VERIFIED
WordPress Core 2.9 - Denial of Service
by emgent
EIP-2026-104635 EXPLOITDB bash VERIFIED
Joomla! Component Core 1.5.x com_ - Denial of Service
by emgent
EIP-2026-104633 EXPLOITDB bash VERIFIED
Drupal 5.21/6.16 - Denial of Service
by emgent
CVE-2009-3547 EXPLOITDB HIGH bash VERIFIED
Linux Kernel < 2.6.32-rc6 - Race Condition in Pipe Handling via /proc/*/fd/ Pathname
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
by Earl Chew
CVSS 7.0
CVE-2009-3692 EXPLOITDB bash VERIFIED
VirtualBox <3.0.8 - Privilege Escalation
Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in Sun VirtualBox 3.0.x before 3.0.8 on Solaris x86, Linux, and Mac OS X allows local users to gain privileges via unknown vectors.
by prdelka
EIP-2026-102843 EXPLOITDB bash VERIFIED
Geany .18 - Local File Overwrite
by Jeremy Brown
CVE-2009-1977 EXPLOITDB bash VERIFIED
Oracle Secure Backup 10.2.0.3 - Info Disclosure
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php.
by ikki
CVE-2009-2669 EXPLOITDB bash VERIFIED
IBM AIX <6.1 - Privilege Escalation
A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1.
by Marco Ivaldi
CVE-2009-3181 EXPLOITDB bash VERIFIED
Anantasoft Gazelle CMS 1.0 - Path Traversal and Arbitrary File Write via Customize Template Parameter
Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php.
by IHTeam
CVE-2009-3180 EXPLOITDB bash VERIFIED
Anantasoft Gazelle CMS 1.0 - Unauthenticated Password Reset via User Parameter
Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.
by IHTeam
CVE-2009-3171 EXPLOITDB bash VERIFIED
Anantasoft Gazelle CMS < 1.0 - Cross-Site Scripting via User or Lookup Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Anantasoft Gazelle CMS 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter to user.php or (2) lookup parameter to search.php.
by IHTeam
CVE-2009-3167 EXPLOITDB bash VERIFIED
Anantasoft Gazelle CMS 1.0 - Path Traversal via Template Parameter
Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
by IHTeam
CVE-2009-3182 EXPLOITDB bash VERIFIED
Anantasoft Gazelle CMS 1.0 - Unauthenticated Arbitrary File Upload via File Manager
Unrestricted file upload vulnerability in admin/editor/filemanager/browser.html in Anantasoft Gazelle CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in user/File/.
by IHTeam
CVE-2009-1786 EXPLOITDB bash VERIFIED
IBM AIX 5.3 and 6.1 - Arbitrary File Creation or Overwrite via MALLOCDEBUG Log File Symlink
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
by Affix
CVE-2009-2851 EXPLOITDB bash VERIFIED
WordPress < 2.8.2 - Cross-Site Scripting via Comment Author URL
Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL.
by superfreakaz0rz
CVE-2009-1894 EXPLOITDB bash VERIFIED
PulseAudio <0.9.14 - Privilege Escalation
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
by anonymous
CVE-2008-4190 EXPLOITDB bash VERIFIED
Openswan <=2.4.12, 2.6.x<=2.6.16 - Arbitrary File Write and Code Execution via Symlink Attack
The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.
by nofame
CVE-2009-1151 EXPLOITDB CRITICAL bash VERIFIED
phpMyAdmin 2.11.0-2.11.9.4 and 3.x < 3.1.3.1 - Remote Code Injection via Setup Configuration Save
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
by Adrian _pagvac_ Pastor
CVSS 9.8
CVE-2009-1468 EXPLOITDB bash VERIFIED
IceWarp eMail Server < 9.3.0 - Authenticated SQL Injection via XML Search Query
Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) sql and (2) order_by elements in an XML search query.
by RedTeam Pentesting
CVE-2009-1185 EXPLOITDB bash VERIFIED
udev < 141 - Privilege Escalation via Unverified NETLINK Message
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
by kingcope
By Source
All 462 Writeup 62,148 Exploitdb 50,076 Nomisec 22,366 Github 3,575 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 475 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,545 ruby 6,001 c 3,624 perl 2,849 html 2,073 php 1,332 bash 462 java 370 c++ 259 javascript 228 shell 131 go 72 postscript 25 typescript 25