Exploitdb Exploits
4,759 exploits tracked across all sources.
Zhone GPON 2520 R4.0.2.566b - Denial of Service via Old Password Parameter
Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter.
by Kaczinski Ramirez
T-Mobile Internet Manager - Local Buffer Overflow (SEH)
by metacom
Congstar Internet Manager - Local Buffer Overflow (SEH)
by metacom
Dell iDRAC6 modular <3.65, iDRAC6 monolithic <1.98, iDRAC7 <1.57.57...
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
by Yong Chuan_ Koh
AdaptCMS 3.0.3 - Open Redirect via HTTP Referer Header
Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.
by LiquidWorm
AdaptCMS 3.0.3 - Cross-Site Scripting via Multiple Admin Parameters
Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Category][title] parameter to admin/categories/add, (2) data[Field][title] parameter to admin/fields/ajax_fields/, (3) name property in a basicInfo JSON object to admin/tools/create_theme, (4) data[Link][link_title] parameter to admin/links/links/add, or (5) data[ForumTopic][subject] parameter to forums/off-topic/new.
by LiquidWorm
AdaptCMS 3.0.3 - Authenticated Remote Code Execution via File Upload
Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads.
by LiquidWorm
ASUS WRT - Auth Bypass
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.
by Friedrich Postelstorfer
WhatsApp 2.11.476 (Android) - Remote Reboot/Crash App (Denial of Service)
by Daniel Godoy
jetAudio 8.1.3 Basic (mp3) - Crash (PoC)
by Drozdova Liudmila
Notepad++ 6.6.9 - Buffer Overflow via Long Time Attribute in XML Event Element
Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information.
by TaurusOmar
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (PoC) (SEH Overwrite)
by s-dz
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (PoC) (SEH Overwrite)
by s-dz
WP Symposium 14.11 - Unauthenticated Arbitrary File Upload via UploadHandler.php
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
by Claudio Viviani
WordPress Plugin Download Manager 2.7.4 - Remote Code Execution
by Claudio Viviani
Winamp 5.666 build 3516 - Corrupted .flv Crash (PoC)
by Drozdova Liudmila
Apache James Server 2.3.2 - Remote Command Execution
by Jakub Palaczynski
Microsoft Windows - Privilege Escalation
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."
by Sylvain Monne
CVSS 8.8
ProjectSend r100-r561 - Unauthenticated Arbitrary File Upload and Remote Code Execution via process-upload.php
Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory.
by Fady Mohammed Osman
macOS X - Remote Command Execution via HTTP Redirect Pipe Character
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
by dash
phpMyRecipes 1.2.2 - SQL Injection via dosearch.php words_exact Parameter
SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter.
by bard
By Source