Exploitdb Exploits
2,731 exploits tracked across all sources.
ERDAS ER Viewer <13.00.0001 - Buffer Overflow
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.
by Metasploit
SAP SOAP RFC - SXPG_COMMAND_EXECUTE Remote Command Execution (Metasploit)
by Metasploit
SAP SOAP RFC - SXPG_CALL_SYSTEM Remote Command Execution (Metasploit)
by Metasploit
Microsoft Internet Explorer - Use After Free
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
by Metasploit
CVSS 8.8
AudioCoder - '.m3u' Local Buffer Overflow (Metasploit)
by Metasploit
Automattic WP Super Cache < 1.2 - Injection
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
by Metasploit
CVSS 9.8
phpMyAdmin <3.5.8 and <4.0.0-rc3 - Authenticated RCE
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
by Metasploit
SAP ConfigServlet - Remote Payload Execution (Metasploit)
by Andras Kabai
Gwos Groundwork Monitor - Credentials Management
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.
by Metasploit
Oracle Jre - Improper Access Control
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager.
by Metasploit
CVSS 3.7
Netgear router <1.0.0.36 - Command Injection
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
by Metasploit
CVSS 7.2
Mikrotik Syslog Server for Windows 1.15 - Denial of Service (Metasploit)
by xis_one
SAP ConfigServlet - OS Command Execution (Metasploit)
by Andras Kabai
Opensuse < 2.13 - Improper Input Validation
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
by Metasploit
D-Link DIR-645 / DIR-815 - 'diagnostic.php' Command Execution (Metasploit)
by Metasploit
Adobe ColdFusion <10 - Auth Bypass
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013.
by Metasploit
CVSS 9.8
Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit)
by Metasploit
Sysax Multi Server 6.10 - SSH Denial of Service
by Matt Andreko
Netgear routers <1.1.00.45 - Command Injection
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication.
by Metasploit
CVSS 7.2
Novell Zenworks Configuration Management - Authentication Bypass
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
by Metasploit
Mongodb < 2.0.8 - Improper Input Validation
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.
by Metasploit
HP System Management - Anonymous Access Code Execution (Metasploit)
by Metasploit
HP System Management Homepage - Local Privilege Escalation (Metasploit)
by Metasploit
Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)
by Metasploit
By Source