Exploitdb Exploits
31,344 exploits tracked across all sources.
EViews 7.0.0.1 (aka 7.2) - Multiple Vulnerabilities
by Luigi Auriemma
OneCMS 2.6.4 - Multiple SQL Injections
by kurdish hackers team
Microsoft Office - Info Disclosure
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability."
by Nicolas Gregoire
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
by Sense of Security
Cisco Telepresence System 1000 Mxp < f9.1 - XSS
Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a crafted Call ID, as demonstrated by resultant cross-site request forgery (CSRF) attacks that change passwords or cause a denial of service, aka Bug ID CSCtq46488.
by Sense of Security
Cisco Telepresence Codec C40 - Memory Corruption
Buffer overflow in the cuil component in Cisco Telepresence System Integrator C Series 4.x before TC4.2.0 allows remote authenticated users to cause a denial of service (endpoint reboot or process crash) or possibly execute arbitrary code via a long location parameter to the getxml program, aka Bug ID CSCtq46496.
by Sense of Security
WordPress Plugin Zingiri Web Shop 2.2.0 - Remote File Inclusion
by Ben Schmidt
WordPress Plugin WPEasyStats 1.8 - Remote File Inclusion
by Ben Schmidt
WordPress Plugin TheCartPress 1.1.1 - Remote File Inclusion
by Ben Schmidt
Alanft Relocate-upload < 0.14 - Code Injection
PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
by Ben Schmidt
WordPress Plugin Mini Mail Dashboard Widget 1.36 - Remote File Inclusion
by Ben Schmidt
WordPress Plugin Mailing List 1.3.2 - Remote File Inclusion
by Ben Schmidt
WordPress Plugin Filedownload 0.1 - 'download.php' Remote File Disclosure
by Septemb0x
WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion
by Ben Schmidt
WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion
by Ben Schmidt
Allwebmenus 1.1.3 - RCE
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
by Ben Schmidt
Toko Lite CMS 1.5.2 - HTTP Response Splitting / Cross-Site Scripting
by Gjoko Krstic
Toko Lite CMS 1.5.2 - 'edit.php' HTTP Response Splitting
by LiquidWorm
net4visions (Multiple Products) - 'dir' Multiple Cross-Site Scripting Vulnerabilities
by Gjoko Krstic
TimThumb <2.0 - RCE
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011.
by Ben Schmidt
Apple Mac OSX (Lion) - Directory Services Security Bypass
by Defence in Depth
Cisco Telepresence Codec C40 < tc3.1.4 - Denial of Service
Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500.
by Sense of Security
By Source