Text Exploits

EIP-2026-102273 EXPLOITDB text

Photo Org WonderApplications 8.3 iOS - Local File Inclusion

by Vulnerability-Lab

View

CVE-2014-4912 EXPLOITDB CRITICAL text VERIFIED

Frog CMS 0.9.5 - Code Injection

An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation.

by Javid Hussain

CVSS 9.8

View

CVE-2014-5453 EXPLOITDB text VERIFIED

UBI Uplay PC < 4.6.3208 - Access Control

Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.

by LiquidWorm

View

CVE-2014-5349 EXPLOITDB text

Baidu Spark Browser - Memory Corruption

Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function.

by LiquidWorm

View

EIP-2026-114653 EXPLOITDB text

Zurmo CRM - Persistent Cross-Site Scripting

by Provensec

View

CVE-2014-3857 EXPLOITDB text

Kerio Control < 8.3.1 - SQL Injection

Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.

by Khashayar Fereidani

View

CVE-2014-0894 EXPLOITDB text

IBM Algo Credit Limits - Information Disclosure

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document.

by SEC Consult

View

EIP-2026-100001 EXPLOITDB text

Flussonic Media Server 4.1.25 < 4.3.3 - Arbitrary File Disclosure

by BGA Security

View

CVE-2014-4703 EXPLOITDB text VERIFIED

Nagios Plugins <2.0.2 - Info Disclosure

lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.

by Dawid Golunski

View

CVE-2014-0476 EXPLOITDB text VERIFIED

chkrootkit <0.50 - Code Injection

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

by Thomas Stangner

View

CVE-2014-4717 EXPLOITDB text

WordPress Simple Share Buttons Adder <4.5 - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba_share_text parameter in a save action to wp-admin/options-general.php, which is not properly handled in the homepage, and unspecified vectors related to (2) Pages, (3) Posts, (4) Category/Archive pages or (5) post Excerpts.

by dxw

View

CVE-2014-4650 EXPLOITDB CRITICAL text VERIFIED

Python <3.3.4 - Path Traversal

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

by RedTeam Pentesting

CVSS 9.8

View

CVE-2014-2399 EXPLOITDB text VERIFIED

Oracle Endeca Server - Info Disclosure

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.

by RedTeam Pentesting

View

EIP-2026-100850 EXPLOITDB text

Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities

by Onur Alanbel (BGA)

View

EIP-2026-109224 EXPLOITDB text VERIFIED

Lunar CMS 3.3 - Remote Command Execution

by LiquidWorm

View

CVE-2014-3868 EXPLOITDB HIGH text VERIFIED

Zeuscart - SQL Injection

Multiple SQL injection vulnerabilities in ZeusCart 4.x.

by Kenny Mathis

CVSS 8.8

View

CVE-2014-4663 EXPLOITDB text VERIFIED

TimThumb 2.8.13-WordThumb 1.07 - RCE

TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter.

by @u0x

View

CVE-2014-4194 EXPLOITDB text VERIFIED

ZeroCMS 1.0 - SQL Injection

SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.

by Filippos Mastrogiannis

View

CVE-2014-4718 EXPLOITDB text VERIFIED

Lunar CMS <3.3-3 - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Lunar CMS before 3.3-3 allow remote attackers to hijack the authentication of administrators for requests that (1) add Super users via a request to admin/user_create.php or conduct cross-site scripting (XSS) attacks via the (2) email or (3) subject parameter in contact_form.ext.php to admin/extensions.php.

by LiquidWorm

View

CVE-2014-3119 EXPLOITDB HIGH text

Web2project < 3.1 - SQL Injection

Multiple SQL injection vulnerabilities in web2Project 3.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote attackers to execute arbitrary SQL commands via the updatekey parameter to (2) do_updatecontact.php or (3) updatecontact.php.

by High-Tech Bridge SA

CVSS 8.8

View

CVE-2014-4154 EXPLOITDB text

ZTE ZXV10 W300 - Info Disclosure

ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.

by Osanda Malith Jayathissa

View

CVE-2014-4019 EXPLOITDB HIGH text

ZTE ZXV10 W300 - Info Disclosure

ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.

by Osanda Malith Jayathissa

CVSS 7.5

View

CVE-2014-4018 EXPLOITDB text

ZTE ZXV10 W300 - Info Disclosure

The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors.

by Osanda Malith Jayathissa

View

CVE-2014-4644 EXPLOITDB text VERIFIED

Cacti 1.4-2 - SQL Injection

SQL injection vulnerability in superlinks.php in the superlinks plugin 1.4-2 for Cacti allows remote attackers to execute arbitrary SQL commands via the id parameter.

by Napsterakos

View

CVE-2014-4155 EXPLOITDB text

ZTE ZXV10 W300 - CSRF

Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1.

by Osanda Malith Jayathissa

View