Exploitdb Exploits

2,689 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105035 EXPLOITDB ruby
Airia - Arbitrary File Upload
by HaHwul
EIP-2026-103180 EXPLOITDB ruby VERIFIED
op5 7.1.9 - Configuration Command Execution (Metasploit)
by Metasploit
CVE-2015-0935 EXPLOITDB ruby
Bomgar Remote Support < 14.3.2 - Remote Code Execution via PHP Deserialization
Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts.
by Markus Wulftange
EIP-2026-103061 EXPLOITDB ruby VERIFIED
Apache Continuum - Arbitrary Command Execution (Metasploit)
by Metasploit
EIP-2026-102882 EXPLOITDB ruby
iSQL 1.0 - Command Injection
by HaHwul
EIP-2026-102621 EXPLOITDB ruby VERIFIED
iSQL 1.0 - 'isql_main.c' Buffer Overflow (PoC)
by HaHwul
EIP-2026-119673 EXPLOITDB ruby
Dell OpenManage Server Administrator 8.3 - XML External Entity
by hantwister
EIP-2026-119042 EXPLOITDB ruby VERIFIED
Poison Ivy 2.1.x (C2 Server) - Remote Buffer Overflow (Metasploit)
by Jos Wetzels
EIP-2026-119041 EXPLOITDB ruby VERIFIED
Poison Ivy 2.1.x (C2 Server) - Remote Buffer Overflow (Metasploit)
by Jos Wetzels
CVE-2016-3087 EXPLOITDB CRITICAL ruby VERIFIED
Apache Struts 2.3.19-2.3.20.2, 2.3.21-2.3.24.1, 2.3.25-2.3.28 - Remote Code Execution
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
by Metasploit
CVSS 9.8
CVE-2014-6271 EXPLOITDB CRITICAL ruby VERIFIED
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
by Metasploit
CVSS 9.8
EIP-2026-100718 EXPLOITDB ruby VERIFIED
IPFire - 'proxy.cgi' Remote Code Execution (Metasploit)
by Metasploit
CVE-2016-2004 EXPLOITDB CRITICAL ruby VERIFIED
HPE Data Protector <7.03_108,8.x<8.15,9.x<9.06 - RCE
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
by Ian Lovering
CVSS 9.8
CVE-2015-9266 EXPLOITDB CRITICAL ruby VERIFIED
Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP - Unauthenticated Path Traversal and Arbitrary File Write
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.
by Metasploit
CVSS 9.8
CVE-2016-0491 EXPLOITDB ruby VERIFIED
Oracle Application Testing Suite - Unspecified Vuln
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that the UploadFileAction servlet allows remote authenticated users to upload and execute arbitrary files via an * (asterisk) character in the fileType parameter.
by Metasploit
CVE-2016-0492 EXPLOITDB ruby VERIFIED
Oracle Application Testing Suite - Info Disclosure
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0488. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function, which allows remote attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, as demonstrated by olt/Login.do/../../olt/UploadFileUpload.do.
by Metasploit
CVE-2016-2296 EXPLOITDB CRITICAL ruby
Meteocontrol Web'log Basic 100 - Security Feature Bypass
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
by Karn Ganeshen
CVSS 9.4
CVE-2014-4977 EXPLOITDB ruby VERIFIED
Dell SonicWall Scrutinizer 11.0.1 - SQL Injection
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the (2) user_id parameter in the changeUnit function, (3) methodDetail parameter in the methodDetail function, or (4) xcNetworkDetail parameter in the xcNetworkDetail function in d4d/exporters.php.
by Metasploit
EIP-2026-114692 EXPLOITDB ruby VERIFIED
Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit)
by Metasploit
CVE-2016-3714 EXPLOITDB HIGH ruby VERIFIED
ImageMagick <6.9.3-10 & <7.0.1-1 - RCE
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
by Metasploit
CVSS 8.4
CVE-2016-1209 EXPLOITDB CRITICAL ruby VERIFIED
Ninja Forms <2.9.42.1 - Code Injection
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
by Metasploit
CVSS 9.8
CVE-2016-3081 EXPLOITDB HIGH ruby VERIFIED
Apache Struts 2.3.19-2.3.20.2, 2.3.21-2.3.24.1, 2.3.25-2.3.28 - Remote Code Execution via Dynamic Method Invocation
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
by Metasploit
CVSS 8.1
CVE-2016-0854 EXPLOITDB CRITICAL ruby VERIFIED
Advantech WebAccess <8.1 - File Upload
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors.
by Metasploit
CVSS 9.8
EIP-2026-119568 EXPLOITDB ruby
PCMan FTP Server 2.0.7 - 'RENAME' Remote Buffer Overflow (Metasploit)
by Jonathan Smith
EIP-2026-101750 EXPLOITDB ruby
Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (Metasploit)
by Federico Scalco
By Source
All 2,689 Writeup 62,021 Exploitdb 50,076 Nomisec 22,329 Github 3,511 Metasploit 3,295 Vulncheck_xdb 926 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,510 ruby 5,985 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25