Exploitdb Exploits
31,330 exploits tracked across all sources.
ZOHO WebNMS Framework 5.2-5.2 SP1 - Info Disclosure
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit.
by Pedro Ribeiro
CVSS 9.8
ZOHO WebNMS Framework <5.2-5.2 SP1 - Path Traversal
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.
by Pedro Ribeiro
CVSS 7.5
ZOHO WebNMS Framework <5.2-5.2 SP1 - Path Traversal
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the fileName parameter to servlets/FileUploadServlet.
by Pedro Ribeiro
CVSS 9.8
SAP SAPCAR - DoS
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.
by Core Security
CVSS 5.5
Microsoft Office - Memory Corruption
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
by COSIG
CVSS 7.8
EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation
by LiquidWorm
Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities
by hyp3rlinx
SAP SAPCAR - Privilege Escalation
SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384.
by Core Security
CVSS 5.8
ZOHO WebNMS Framework 5.2-5.2 SP1 - Auth Bypass
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
by Pedro Ribeiro
CVSS 9.8
Microsoft Windows 10 - Access Control
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle LDAP authentication, which allows man-in-the-middle attackers to gain privileges by modifying group-policy update data within a domain-controller data stream, aka "Group Policy Elevation of Privilege Vulnerability."
by Nabeel Ahmed
CVSS 8.1
WordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)
by Edwin Molenaar
PHPCollab CMS 2.5 - 'emailusers.php' SQL Injection
by Vulnerability-Lab
NUUO NVRmini 2 <3.0.8 - Path Traversal
A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8. Affected is an unknown function of the file /deletefile.php. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258780.
by LiquidWorm
CVSS 6.5
NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access
by LiquidWorm
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)
by LiquidWorm
NUUO NVRmini <3.0.0 - Command Injection
cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.
by Pedro Ribeiro
CVSS 8.8
NUUO NVRmini <3.0.0 - Info Disclosure
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request.
by Pedro Ribeiro
CVSS 7.5
NUUO NVRmini <2 - RCE
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.
by Pedro Ribeiro
CVSS 7.5
NUUO <3.2.0 - RCE
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
by Pedro Ribeiro
CVSS 9.8
NUUO NVRmini <3.0.0 - RCE
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.
by Pedro Ribeiro
CVSS 9.8
NUUO NVRmini 2 & NVRsolo <3.0.0 - Info Disclosure
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.
by Pedro Ribeiro
CVSS 9.8
By Source