Exploitdb Exploits
31,394 exploits tracked across all sources.
F5 BIG-IP <11.2.1 - Info Disclosure
XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 through 10.2.4 and 11.0.0 through 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file.
by anonymous
Aloaha Credential Provider Monitor 5.0.226 - Local Privilege Escalation
by LiquidWorm
Scripts Genie Classified Ultra - SQL Injection / Cross-Site Scripting
by 3spi0n
WordPress Plugin Ripe HD FLV Player - SQL Injection
by Zikou-16
Joomla! Component com_collector - Arbitrary File Upload
by Red Dragon_al
PHP-Charts 1.0 - Unauthenticated Remote Code Execution via GET Parameter Eval Injection
PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval() without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution under the web server's context. The vulnerability allows unauthenticated attackers to execute system-level commands via base64-encoded payloads embedded in parameter names, leading to full compromise of the host system.
by AkaStep
SonicWall GMS Analyzer UMA ViewPoint - Authentication Bypass via SGMS Interface
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.
by Nikolas Sotiriu
CVSS 9.8
Apache OFBiz 10.04.x < 10.04.05 and 11.04.01 - Authenticated Cross-Site Scripting via Widget Attributes
Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x allow remote authenticated users to inject arbitrary web script or HTML via the (1) Screenlet.title or (2) Image.alt Widget attribute, as demonstrated by the parentPortalPageId parameter to exampleext/control/ManagePortalPages.
by Juan Caillava
NetIQ eDirectory <8.8.7.2 - Buffer Overflow
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
by Gary Nilson
Linksys E4200 Firmware 1.0.05 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi.
by m-1-k-3
CVSS 6.1
IP.Gallery - 'img' SQL Injection
by Ashiyane Digital Security Team
Invision Gallery 2.0.5 - SQL Injection
by Ashiyane Digital Security Team
Cydia Repo Manager - Cross-Site Request Forgery
by Ramdan Yantu
Oracle Applications Framework - Info Disclosure
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Diagnostics.
by Trustwave's SpiderLabs
PhpShop 0.8.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote attackers to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id parameter in an admin/module_form action, the (4) user_id parameter in an admin/user_form action, the (5) vendor_category_id parameter in a vendor/vendor_category_form action, the (6) user_id parameter in a store/user_form action, the (7) payment_method_id parameter in a store/payment_method_form action, the (8) tax_rate_id parameter in a tax/tax_form action, or the (9) category parameter in a shop/browse action. NOTE: the product_id vector is already covered by CVE-2008-0681.
by By onestree
phlyLabs phlyMail Lite 4.03.04 - Full Path Disclosure / Persistent Cross-Site Scripting
by LiquidWorm
pip < 1.5 - Man-in-the-Middle Attack via Insecure Mirror DNS Querying
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
by LiquidWorm
CVSS 5.9
Microsoft Lync 2010 4.0.7577.0 - User-Agent Header Handling Arbitrary Command Execution
by Christopher Emerson
Nero MediaHome < 4.5.8.0 - Denial of Service via Long HTTP Request or Referer Header
Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service (crash) via a long string in the (1) request line or (2) HTTP Referer header to TCP port 54444, which triggers a heap-based buffer overflow.
by High-Tech Bridge SA
Nero MediaHome < 4.5.8.0 - Denial of Service via HTTP Header Without Name
Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.
by High-Tech Bridge SA
WordPress Plugin Gallery - 'filename_1' Arbitrary File Access
by Beni_Vanda
WebsiteBaker Addon Concert Calendar 2.1.4 - Multiple Vulnerabilities
by Stefan Schurtz
By Source