Exploitdb Exploits

2,731 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-1129 EXPLOITDB MEDIUM ruby
IBM Notes <9.0 - DoS
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
by Dhiraj Mishra
CVSS 6.5
EIP-2026-101414 EXPLOITDB ruby VERIFIED
QNAP Transcode Server - Command Execution (Metasploit)
by Metasploit
EIP-2026-117526 EXPLOITDB ruby VERIFIED
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)
by Metasploit
EIP-2026-117525 EXPLOITDB ruby VERIFIED
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)
by Metasploit
CVE-2017-1092 EXPLOITDB CRITICAL ruby VERIFIED
IBM Informix Open Admin Tool <12.1 - RCE
IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.
by Metasploit
CVSS 9.8
CVE-2017-7442 EXPLOITDB HIGH ruby VERIFIED
Nitro Pro 11.0.3.173 - RCE
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
by Metasploit
CVSS 8.8
CVE-2016-9349 EXPLOITDB HIGH ruby
Advantech SUISAccess Server <3.0 - Info Disclosure
An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
by James Fitts
CVSS 7.5
CVE-2016-9349 EXPLOITDB HIGH ruby
Advantech SUISAccess Server <3.0 - Info Disclosure
An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
by James Fitts
CVSS 7.5
CVE-2016-9351 EXPLOITDB HIGH ruby
Advantech SUISAccess Server <3.0 - Path Traversal
An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an attacker to upload and unpack a zip file.
by James Fitts
CVSS 7.0
CVE-2017-8464 EXPLOITDB HIGH ruby
Microsoft Windows 10 1511 - Remote Code Execution
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."
by Yorick Koster
CVSS 8.8
CVE-2025-34099 EXPLOITDB CRITICAL ruby VERIFIED
VICIdial <2.13 RC1 - Command Injection
An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidial_sales_viewer.php component when password encryption is enabled (a non-default configuration). The application improperly passes the HTTP Basic Authentication password directly to a call to exec() without adequate sanitation. This allows remote attackers to inject and execute arbitrary operating system commands as the web server user. NOTE: This vulnerability was mitigated in 2017.
by Metasploit
CVE-2017-9769 EXPLOITDB CRITICAL ruby VERIFIED
Razer Synapse <2.20.15.1104 - Privilege Escalation
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
by Metasploit
CVSS 9.8
CVE-2015-7808 EXPLOITDB ruby
vBulletin 5 Connect <5.1.9 - Code Injection
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.
by Metasploit
CVE-2017-11346 EXPLOITDB CRITICAL ruby
Zohocorp Manageengine Desktop Central - Improper Input Validation
Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.
by Kacper Szurek
CVSS 9.8
EIP-2026-100719 EXPLOITDB ruby VERIFIED
IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-100901 EXPLOITDB ruby
Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit)
by xort
EIP-2026-100900 EXPLOITDB ruby
Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit)
by xort
CVE-2017-6316 EXPLOITDB CRITICAL ruby
Citrix NetScaler SD-WAN <v9.1.2.26.561201 - Command Injection
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
by xort
CVSS 9.8
CVE-2017-6182 EXPLOITDB CRITICAL ruby VERIFIED
Sophos Web Appliance < 4.3.1.1 - OS Command Injection
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
by xort
CVSS 9.8
CVE-2017-6320 EXPLOITDB HIGH ruby
Barracuda Load Balancer Adc < 6.0.1.006 - OS Command Injection
A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability stems from unsanitized data being processed in a system call when the delete_assessment command is issued.
by xort
CVSS 8.8
CVE-2015-2843 EXPLOITDB ruby VERIFIED
Goautodial Goadmin CE - SQL Injection
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.
by Metasploit
CVE-2015-2845 EXPLOITDB ruby VERIFIED
Goautodial Goadmin CE - OS Command Injection
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.
by Metasploit
CVE-2017-8895 EXPLOITDB CRITICAL ruby VERIFIED
Veritas Backup Exec <16 FP1 - Use After Free
In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on.
by Metasploit
CVSS 9.8
CVE-2016-3088 EXPLOITDB CRITICAL ruby VERIFIED
ActiveMQ web shell upload
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.
by Metasploit
CVSS 9.8
CVE-2017-6326 EXPLOITDB CRITICAL ruby VERIFIED
Symantec Messaging Gateway < 10.6.3 - Remote Code Execution
The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.
by Mehmet Ince
CVSS 10.0
By Source
All 2,731 Exploitdb 50,150 Writeup 46,624 Nomisec 21,124 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,343 ruby 5,920 python 5,756 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24