Exploitdb Exploits

2,731 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103926 EXPLOITDB ruby VERIFIED
HP SiteScope (Linux/Windows) - Remote Code Execution (Metasploit)
by Metasploit
CVE-2012-2611 EXPLOITDB ruby VERIFIED
SAP NetWeaver <7.0 EHP2 - RCE
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet.
by Metasploit
CVE-2012-10044 EXPLOITDB CRITICAL ruby VERIFIED
MobileCartly 1.0 - File Creation
MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script. The application fails to perform authentication or authorization checks before invoking file_put_contents() on attacker-controlled input. An unauthenticated attacker can exploit this flaw by sending crafted HTTP GET requests to savepage.php, specifying both the filename and content. This allows arbitrary file creation within the pages/ directory or any writable path on the server, allowing remote code execution.
by Metasploit
CVE-2007-1036 EXPLOITDB ruby VERIFIED
JBoss - Auth Bypass
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
by Metasploit
EIP-2026-119112 EXPLOITDB ruby VERIFIED
SAP NetWeaver HostControl - Command Injection (Metasploit)
by Metasploit
CVE-2012-3579 EXPLOITDB ruby VERIFIED
Symantec Messaging Gateway < 9.5.4 - Access Control
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.
by Metasploit
CVE-2012-3274 EXPLOITDB ruby VERIFIED
HP IMC <5.1 - Buffer Overflow
Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data.
by Metasploit
CVE-2009-4498 EXPLOITDB ruby VERIFIED
Zabbix Server <1.8 - Command Injection
The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request.
by Metasploit
CVE-2012-4681 EXPLOITDB CRITICAL ruby VERIFIED
Java 7 Applet Remote Code Execution
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
by Metasploit
CVSS 9.8
CVE-2012-10046 EXPLOITDB CRITICAL ruby VERIFIED
ESVA_2057 - Command Injection
The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and results in full command execution on the underlying system.
by Metasploit
CVE-2012-10045 EXPLOITDB CRITICAL ruby VERIFIED
XODA 0.4.5 - RCE
XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST request, an attacker can upload a .php file directly into the web-accessible files/ directory and trigger its execution via a subsequent GET request.
by Metasploit
EIP-2026-119200 EXPLOITDB ruby VERIFIED
Sysax Multi Server 5.64 - Create Folder Buffer Overflow (Metasploit)
by Matt Andreko
CVE-2012-2977 EXPLOITDB ruby VERIFIED
Symantec Web Gateway <5.0.3.18 - RCE
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script.
by Kc57
CVE-2012-1535 EXPLOITDB HIGH ruby VERIFIED
Adobe Flash Player < 11.3.300.271 - Code Injection
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.
by Metasploit
CVSS 7.8
CVE-2012-10047 EXPLOITDB CRITICAL ruby VERIFIED
Cyclope Employee Surveillance Solution 6.x - SQL Injection
Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a malicious PHP file on disk, resulting in remote code execution under the SYSTEM user context.
by Metasploit
EIP-2026-117536 EXPLOITDB ruby VERIFIED
Microsoft Windows - Service Trusted Path Privilege Escalation (Metasploit)
by Metasploit
EIP-2026-117243 EXPLOITDB ruby VERIFIED
GlobalScape CuteZIP - Local Stack Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-104781 EXPLOITDB ruby VERIFIED
TestLink 1.9.3 - Arbitrary File Upload (Metasploit)
by Metasploit
CVE-2011-2653 EXPLOITDB ruby VERIFIED
Novell Zenworks Asset Management - Path Traversal
Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.
by Metasploit
CVE-2009-1730 EXPLOITDB ruby VERIFIED
Netmechanica Netdecision Tftp Server - Path Traversal
Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.
by Metasploit
CVE-2012-4177 EXPLOITDB ruby VERIFIED
UBI Uplay PC < 2.0.3 - OS Command Injection
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument.
by Metasploit
CVE-2012-3951 EXPLOITDB ruby VERIFIED
Sonicwall Scrutinizer < 9.0.1.19899 - SQL Injection
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
by Metasploit
EIP-2026-104757 EXPLOITDB ruby VERIFIED
PHP IRC Bot pbot - 'eval()' Remote Code Execution (Metasploit)
by Metasploit
CVE-2012-0549 EXPLOITDB ruby VERIFIED
Oracle AutoVue Office <20.1.1 - Info Disclosure
Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API.
by Metasploit
EIP-2026-116998 EXPLOITDB ruby VERIFIED
CoolPlayer+ Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass)
by Robert Larsen
By Source
All 2,731 Exploitdb 50,121 Writeup 46,758 Nomisec 21,200 Metasploit 3,189 Github 2,253 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,740 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 69 go 41 postscript 25 xml 24