Exploitdb Exploits

2,731 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-17562 EXPLOITDB HIGH ruby VERIFIED
Embedthis GoAhead <3.6.5 - Remote Code Execution
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
by Metasploit
CVSS 8.1
CVE-2017-1000486 EXPLOITDB CRITICAL ruby
Primefaces Remote Code Execution Exploit
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
by Bjoern Schuette
CVSS 9.8
CVE-2017-18047 EXPLOITDB CRITICAL ruby VERIFIED
Labf Nfsaxe - Memory Corruption
Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute arbitrary code via a long reply.
by Metasploit
CVSS 9.8
CVE-2017-6090 EXPLOITDB HIGH ruby VERIFIED
Phpcollab < 2.5.1 - Unrestricted File Upload
Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/.
by Metasploit
CVSS 8.8
CVE-2017-5817 EXPLOITDB CRITICAL ruby VERIFIED
HP Intelligent Management Center < 7.3 - Improper Input Validation
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
by Metasploit
CVSS 9.8
CVE-2017-5816 EXPLOITDB CRITICAL ruby VERIFIED
HP Intelligent Management Center < 7.3 - Improper Input Validation
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
by Metasploit
CVSS 9.8
EIP-2026-112532 EXPLOITDB ruby
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
by James Bercegay
EIP-2026-118379 EXPLOITDB ruby VERIFIED
Commvault Communications Service (cvd) - Command Injection (Metasploit)
by Metasploit
CVE-2017-15222 EXPLOITDB CRITICAL ruby VERIFIED
Nftp < 2.0 - Buffer Overflow
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
by Metasploit
CVSS 9.8
EIP-2026-103034 EXPLOITDB ruby VERIFIED
VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit)
by Metasploit
CVE-2017-16666 EXPLOITDB HIGH ruby VERIFIED
Xplico <1.2.1 - Authenticated RCE
Xplico before 1.2.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the name of an uploaded PCAP file. NOTE: this issue can be exploited without authentication by leveraging the user registration feature.
by Mehmet Ince
CVSS 8.8
CVE-2017-17411 EXPLOITDB CRITICAL ruby
Linksys WVBR0 - RCE
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
by Metasploit
CVSS 9.8
CVE-2010-1549 EXPLOITDB ruby VERIFIED
HP LoadRunner <9.50 - RCE
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
by Metasploit
EIP-2026-114781 EXPLOITDB ruby VERIFIED
Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit)
by Metasploit
CVE-2017-5255 EXPLOITDB HIGH ruby VERIFIED
Cambium Networks ePMP <3.5 - Command Injection
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
by Metasploit
CVSS 8.8
CVE-2017-17932 EXPLOITDB CRITICAL ruby
Allmediaserver < 0.95 - Memory Corruption
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
by Anurag Srivastava
CVSS 9.8
EIP-2026-100649 EXPLOITDB ruby
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download (Metasploit)
by Glafkos Charalambous
CVE-2017-17692 EXPLOITDB HIGH ruby
Samsung Internet Browser - Information Disclosure
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
by Dhiraj Mishra
CVSS 7.5
CVE-2017-7411 EXPLOITDB HIGH ruby VERIFIED
Enalean Tuleap <9.6 - RCE
An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is using the unserialize() function with a preference value that can be arbitrarily manipulated by malicious users through the REST API interface, and this can be exploited to inject arbitrary PHP objects into the application scope, allowing an attacker to perform a variety of attacks (including but not limited to Remote Code Execution).
by Metasploit
CVSS 8.8
CVE-2016-0792 EXPLOITDB HIGH ruby VERIFIED
Jenkins XStream Groovy classpath Deserialization Vulnerability
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
by Metasploit
CVSS 8.8
CVE-2017-17560 EXPLOITDB CRITICAL ruby VERIFIED
Westerndigital MY Cloud Pr4100 Firmware - Authentication Bypass
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root.
by Metasploit
CVSS 9.8
CVE-2017-14016 EXPLOITDB MEDIUM ruby VERIFIED
Advantech WebAccess <V8.2_20170817 - Buffer Overflow
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.
by Metasploit
CVSS 6.3
EIP-2026-118854 EXPLOITDB ruby VERIFIED
Microsoft Office - Dynamic Data Exchange 'DDE' Payload Delivery (Metasploit)
by Metasploit
EIP-2026-118436 EXPLOITDB ruby VERIFIED
Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-104749 EXPLOITDB ruby VERIFIED
pfSense 2.4.1 - Cross-Site Request Forgery Error Page Clickjacking (Metasploit)
by Metasploit
By Source
All 2,731 Exploitdb 50,123 Writeup 46,621 Nomisec 21,121 Metasploit 3,189 Github 2,231 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 259 c++ 245 shell 68 go 41 postscript 25 xml 24