Exploitdb Exploits
2,689 exploits tracked across all sources.
Gemtek CPE7000 - WLTCS-106 'sysconf.cgi' Remote Command Execution (Metasploit)
by Federico Scalco
Symantec Messaging Gateway < 10.6.1 - Local Encrypted AD Password Exposure
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
by Fakhir Karim Reda
CVSS 7.8
Micro Focus Novell Service Desk <7.2 - Path Traversal
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL.
by Metasploit
CVSS 7.2
Exim <4.86.2 - Privilege Escalation
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
by Metasploit
CVSS 7.0
Dell KACE K1000 <5.4.76849-5.5.90547 - File Upload
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths.
by Metasploit
ExaGrid <4.8 P26 - Privilege Escalation
ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image.
by Metasploit
CVSS 7.5
PCMan FTP Server - 'PUT' Buffer Overflow (Metasploit)
by Metasploit
Easy File Sharing HTTP Server 7.2 - Remote Overflow (SEH) (Metasploit)
by Metasploit
Apache Jetspeed <2.3.1 - Path Traversal
Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to arbitrary files, and consequently execute arbitrary code, via a .. (dot dot) in a ZIP archive entry, as demonstrated by "../../webapps/x.jsp."
by Metasploit
CVSS 7.2
Apache Jetspeed Arbitrary File Upload
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.
by Metasploit
CVSS 8.8
ATutor 2.2.1 - Directory Traversal / Remote Code Execution (Metasploit)
by Metasploit
PHP Utility Belt - Remote Code Execution (Metasploit)
by Metasploit
AppLocker - Execution Prevention Bypass (Metasploit)
by Metasploit
NETGEAR Management System NMS300 <1.5.0.11 - Path Traversal
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.
by Metasploit
CVSS 8.6
ATutor 2.2.1 - SQL Injection via searchFriends Function
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
by Metasploit
CVSS 9.8
D-Link DCS-930L Firmware < 2.12 - Remote Code Execution via SystemCommand Parameter
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.
by Metasploit
CVSS 7.2
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)
by Metasploit
D-Link DCS-931L Firmware < 1.04 - Authenticated Remote Code Execution via File Upload
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
by Metasploit
ManageEngine Desktop Central <9 - RCE
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.
by Metasploit
CVSS 9.8
Jenkins CLI RMI Java Deserialization Vulnerability
The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".
by Metasploit
CVSS 9.8
Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
Legend Perl IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
Legend Perl IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
By Source