Text Exploits

CVE-2015-2842 EXPLOITDB text VERIFIED

Goautodial Goadmin CE - Unrestricted File Upload

Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in sounds/.

by Chris McCurley

View

CVE-2015-3314 EXPLOITDB HIGH text

WordPress Tune Library <1.5.5 - SQL Injection

SQL injection vulnerability in WordPress Tune Library plugin before 1.5.5.

by Hannes Trunde

CVSS 8.1

View

EIP-2026-113924 EXPLOITDB text

WordPress Plugin NEX-Forms < 3.0 - SQL Injection

by Claudio Viviani

View

EIP-2026-113898 EXPLOITDB text

WordPress Plugin MiwoFTP 1.0.5 - Arbitrary File Download (2)

by dadou dz

View

CVE-2015-3313 EXPLOITDB CRITICAL text

WordPress Community Events <1.4 - SQL Injection

SQL injection vulnerability in WordPress Community Events plugin before 1.4.

by Hannes Trunde

CVSS 9.8

View

CVE-2015-2845 EXPLOITDB text VERIFIED

Goautodial Goadmin CE - OS Command Injection

The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.

by Chris McCurley

View

EIP-2026-104430 EXPLOITDB text

SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities

by Vulnerability-Lab

View

EIP-2026-102311 EXPLOITDB text

Wifi Drive Pro 1.2 iOS - Local File Inclusion

by Vulnerability-Lab

View

EIP-2026-102272 EXPLOITDB text

Photo Manager Pro 4.4.0 iOS - Local File Inclusion

by Vulnerability-Lab

View

EIP-2026-102271 EXPLOITDB text

Photo Manager Pro 4.4.0 iOS - Code Execution

by Vulnerability-Lab

View

EIP-2026-102258 EXPLOITDB text

Mobile Drive HD 1.8 - Local File Inclusion

by Vulnerability-Lab

View

CVE-2014-7951 EXPLOITDB MEDIUM text

Google Android - Path Traversal

Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers.

by Imre Rad

CVSS 4.6

View

CVE-2014-5370 EXPLOITDB text VERIFIED

NEW Atlanta Bluedragon < 7.1.1 - Path Traversal

Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.

by Portcullis

View

CVE-2005-1200 EXPLOITDB text

AZ Bulletin Board <1.0.07c - RCE

PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code.

by GulfTech Security

View

CVE-2015-2572 EXPLOITDB text

Oracle Hyperion <11.1.2.5.216 - Info Disclosure

Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and earlier, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.

by sajith

View

CVE-2015-0493 EXPLOITDB text

Oracle Outside In Technology - Unspecified Vuln

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0474.

by Francis Provencher

View

EIP-2026-113551 EXPLOITDB text

WordPress Plugin Ajax Store Locator 1.2 - SQL Injection

by Claudio Viviani

View

EIP-2026-113897 EXPLOITDB text

WordPress Plugin MiwoFTP 1.0.5 - Arbitrary File Download (1)

by Necmettin COSKUN

View

EIP-2026-114169 EXPLOITDB text

WordPress Plugin Video Gallery 2.8 - SQL Injection

by Claudio Viviani

View

EIP-2026-113901 EXPLOITDB text

WordPress Plugin MiwoFTP 1.0.5 - Multiple Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities

by LiquidWorm

View

EIP-2026-113900 EXPLOITDB text

WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Deletion

by LiquidWorm

View

EIP-2026-113899 EXPLOITDB text

WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Creation / Remote Code Execution

by LiquidWorm

View

EIP-2026-114223 EXPLOITDB text VERIFIED

WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure

by Khwanchai Kaewyos

View

EIP-2026-113916 EXPLOITDB text

WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)

by Claudio Viviani

View

EIP-2026-113695 EXPLOITDB text

WordPress Plugin Duplicator 0.5.14 - SQL Injection / Cross-Site Request Forgery

by Claudio Viviani

View