Exploitdb Exploits
31,394 exploits tracked across all sources.
Amateur Photographer's Image Gallery - 'force-download.php?File' Information Disclosure
by cr4wl3r
WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities
by waraxe
jcore < 1.0 - Cross-Site Scripting via Admin Index Path Parameter
Cross-site scripting (XSS) vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
by High-Tech Bridge
Oracle WebCenter Sites - Info Disclosure
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3185.
by SEC Consult
Trustwave ModSecurity < 2.7.0 - Rule Bypass via Malformed Multipart Request
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
by Bernhard Mueller
ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities
by xistence
Samsung Kies <2.5.0.12094 - Privilege Escalation
Samsung Kies before 2.5.0.12094_27_11 has registry modification.
by High-Tech Bridge SA
CVSS 7.5
Ezhometech EzServer 7.0 - Remote Code Execution via AMF Request memcpy Overflow
A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitrary code or cause a Denial of Service
by Lorenzo Cantoni
CVSS 9.8
WANem - Multiple Cross-Site Scripting Vulnerabilities
by Brendan Coles
MyBB Profile Albums Plugin 0.9 - 'albums.php?album' SQL Injection
by Zixem
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities
by Dark-Puzzle
Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities
by Andrea Fabrizi
WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion
by Charlie Eriksen
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
by Aung Khant
airVisionNVR 1.1.13 - 'readfile()' Disclosure / SQL Injection
by pennyGrit
vOlk Botnet Framework 4.0 - Multiple Vulnerabilities
by Vulnerability-Lab
Omnistar Document Manager 8.0 - Multiple Vulnerabilities
by Vulnerability-Lab
OpenX 2.8.10 - Cross-Site Scripting via Parent Parameter in admin/plugin-index.php
Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote attackers to inject arbitrary web script or HTML via the parent parameter in an info action.
by High-Tech Bridge
ServersCheck Monitoring Software 9.0.12/9.0.14 - Persistent Cross-Site Scripting
by loneferret
Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities
by Vulnerability-Lab
By Source