Exploitdb Exploits
2,809 exploits tracked across all sources.
GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution
by kingcope
Brian Drawert Yaplap <0.6-0.6.1 - RCE
PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the LOGIN_style parameter.
by DeltahackingTEAM
Work System eCommerce 3.0.3/3.0.4 - 'forum.php' Remote File Inclusion
by the_Edit0r
mxbb_newssuite 1.03 - Remote File Inclusion via mx_root_path Parameter
PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.
by 3l3ctric-Cracker
mxBB Activity Games Module 0.92 - Remote File Inclusion via module_root_path Parameter
PHP remote file inclusion vulnerability in includes/act_constants.php in the Activity Games (mx_act) 0.92 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
by 3l3ctric-Cracker
TorrentFlux < 2.2 and torrentflux-b4rt < 2.1-b4rt-972 - Authenticated Directory Traversal via Path Parameter
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
by r0ut3r
TorrentFlux 2.2 - Command Injection
maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (";" semicolon) in the announce parameter.
by r0ut3r
TorrentFlux 2.2 - Authenticated Directory Traversal via Alias Parameter
Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.
by r0ut3r
Fantastic News <2.1.4 - SQL Injection
SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Bl0od3r
J-OWAMP Web Interface 2.1 - Authenticated Remote File Inclusion via JOWAMP_ShowPage.php Link Parameter
PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in J-OWAMP Web Interface 2.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the link parameter.
by 3l3ctric-Cracker
Allied Telesyn AT-TFTP < 1.9 - Stack-Based Buffer Overflow via Long Filename in GET or PUT Command
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
by Jacopo Cervini
Open Solution Quick.Cart 2.0 - Path Traversal
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php, and (4) products.php in actions_admin/; and (5) orders.php and (6) products.php in actions_client/; as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts.
by r0ut3r
NetBSD-current <20050914 - NetBSD libc - RCE
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
by kcope
NetBSD-current <20050914 - NetBSD libc - RCE
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
by kingcope
MailEnable Professional/E 2.0 - RCE/DoS
The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
by mu-b
NukeAI 0.0.3 Beta - Remote File Inclusion via AIbasedir Parameter
PHP remote file inclusion vulnerability in modules/NukeAI/util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to execute arbitrary PHP code via a URL in the AIbasedir parameter.
by DeltahackingTEAM
NukeAI 0.0.3 Beta - Unauthenticated Arbitrary PHP Code Execution via Filename and Moreinfo Parameters
Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension in the filename parameter and code in the moreinfo parameter, which is saved to a filename under descriptions/, which is accessible via a direct request.
by DeltahackingTEAM
cahier_de_textes < 2.2 - Unauthenticated Directory Traversal and Source Code Disclosure via chemin Parameter
administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
by DarkFig
fipsCMS < 4.5 - SQL Injection via fid Parameter
SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter.
by ajann
ContentNow < 1.39 - SQL Injection via PageID Parameter
SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter.
by Revenge
PHP Easy Downloader 1.5 - 'save.php' Remote Code Execution
by nuffsaid
MosReporter - Remote File Inclusion via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
by Crackers_Child
Etomite 0.6.1.2 - Authenticated Path Traversal and Arbitrary File Execution via Manager Index f Parameter
Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
by Revenge
Teamtek Universal FTP Server 1.0.50 - Denial of Service via STOR or MKD Command
Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon crash or hang) via (1) multiple STOR (aka PUT) commands, or an MKD command followed by (2) a '*' argument, (3) a '|' argument, (4) spaces, or (5) a long string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Praveen Darhanam
Kerio WebSTAR <5.4.2 - Privilege Escalation
Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.
by Kevin Finisterre
By Source