Exploitdb Exploits
4,759 exploits tracked across all sources.
vBulletin < 4.2.2 - Authenticated SQL Injection via XMLRPC API conceptid Argument
SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.
by tintinweb
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Phil Blank
GNU Bash through 4.3 bash43-026 - Remote Code Execution via Environment Variable Function Parsing
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
by Federico Galatolo
CVSS 8.8
Senkas Kolibri 2.0 - Remote Code Execution via Long URI in POST Request
Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request.
by tekwizz123
CVSS 9.8
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by @0x00string
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Claudio Viviani
GNU Bash through 4.3 bash43-026 - Denial of Service via Deeply Nested For Loops
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.
by fdiskyou
Joomla! Component com_macgallery 1.5 - Arbitrary File Download
by Claudio Viviani
Joomla! Component com_facegallery 1.0 - Multiple Vulnerabilities
by Claudio Viviani
Tribulant Slideshow Gallery < 1.4.7 - Authenticated Arbitrary File Upload
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/.
by Claudio Viviani
Joomla! Component Spider Contacts 1.3.6 - 'contacts_id' SQL Injection
by Claudio Viviani
Joomla! Component Spider Calendar 3.2.6 - SQL Injection
by Claudio Viviani
LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)
by k3170makan
HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)
by mr.pr0n
HTML Help Workshop 1.4 - Buffer Overflow (SEH) (PoC)
by Moroccan Kingdom (MKD)
Nagios Remote Plugin Executor <2.15 - RCE
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
by Claudio Viviani
xrms_crm - SQL Injection via user_id Parameter
SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute arbitrary SQL commands via the user_id parameter to plugins/webform/new-form.php, which is not properly handled by plugins/useradmin/fingeruser.php.
by Benjamin Harris
xrms_crm - Authenticated Remote Code Execution via Username Parameter
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
by Benjamin Harris
Plogger < 1.0 - Authenticated Arbitrary File Upload and Remote Code Execution via ZIP Archive
Unrestricted file upload vulnerability in plog-admin/plog-upload.php in Plogger 1.0 RC1 and earlier allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file and a non-zero length PNG file, then accessing the PHP file via a direct request to it in plog-content/uploads/archive/.
by b0z
PhpWiki 1.5.0 - Remote Code Execution via Ploticus Module Device Option
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
by Benjamin Harris
By Source