Exploitdb Exploits
31,357 exploits tracked across all sources.
The Rat CMS Alpha 2 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Album Image Upload
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
by Securitylab.ir
phpNagios 1.2.0 - Remote File Inclusion via menu.php conf[lang] Parameter
Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the conf[lang] parameter.
by CoBRa_21
PHPAuction 3.2 - Remote Code Execution via Index.php Lan Parameter
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1.
by Beenu Arora
OBOphiX < 2.7.0 - Remote Code Execution via chemin_lib Parameter
PHP remote file inclusion vulnerability in fonctions_racine.php in OBOphiX 2.7.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin_lib parameter.
by EA Ngel
Model Agency Manager PRO - SQL Injection via user_id or id Parameter
Multiple SQL injection vulnerabilities in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allow remote attackers to execute arbitrary SQL commands via the user_id parameter to (1) view.php, (2) photos.php, and (3) motm.php; and the (4) id parameter to forum_message.php.
by R3d-D3V!L
Joomloc com_joomloc 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
by Chip d3 bi0s
Linux kernel <2.6.30.4, <2.4.37.4 - Privilege Escalation
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
by Ramon de C Valle
CVSS 7.8
Check Point Endpoint Security - Full Disk Encryption RDP Connection Denial of Service
by Tim Medin
ChartDirector 5.0.1 - 'cacheId' Arbitrary File Disclosure
by DokFLeed
KingCMS 0.6 - 'CONFIG[AdminPath]' Remote File Inclusion
by Securitylab.ir
Omnistar Recruiting - Cross-Site Scripting via job2 Parameter
Cross-site scripting (XSS) vulnerability in users/resume_register.php in Omnistar Recruiting allows remote attackers to inject arbitrary web script or HTML via the job2 parameter.
by MizoZ
Microsoft Internet Information Services 5.0-7.0 - Authenticated Denial of Service via FTP List Command
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability."
by kingcope
Ticket Support Script - 'ticket.php' Arbitrary File Upload
by InjEctOr5
Mike de Boer zoom (com_zoom) 2.0 - SQL Injection
SQL injection vulnerability in the Mike de Boer zoom (com_zoom) component 2.0 for Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
by boom3rang
Joomlub com_joomlub - SQL Injection via aid Parameter
SQL injection vulnerability in the Joomlub (com_joomlub) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an auction edit action to index.php.
by 599eme Man
DVBBS 2.0 - SQL Injection via boardrule.php groupboardid Parameter
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter.
by Securitylab.ir
PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (2)
by expose 0day
PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1)
by expose 0day
PHPope < 1.0.0 - Remote Code Execution via GLOBALS Parameter Manipulation
Multiple PHP remote file inclusion vulnerabilities in PHPope 1.0.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[config][dir][plugins] parameter to plugins/address/admin/index.php, (2) GLOBALS[config][dir][functions] parameter to plugins/im/compose.php, and (3) GLOBALS[config][dir][classes] parameter to plugins/cssedit/admin/index.php.
by cr4wl3r
FreeSchool < 1.1.0 - Remote Code Execution via CLASSPATH Parameter
Multiple PHP remote file inclusion vulnerabilities in FreeSchool 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CLASSPATH parameter to (1) bib_form.php, (2) bib_pldetails.php, (3) bib_plform.php, (4) bib_plsearchc.php, (5) bib_plsearchs.php, (6) bib_save.php, (7) bib_searchc.php, (8) bib_searchs.php, (9) edi_form.php, (10) edi_save.php, (11) gen_form.php, (12) gen_save.php, (13) lin_form.php, (14) lin_save.php, (15) luo_form.php, (16) luo_save.php, (17) sog_form.php, or (18) sog_save.php in biblioteca/; (19) cal_insert.php, (20) cal_save.php, or (21) cal_saveactivity.php in calendario/; (22) circolari/cir_save.php; or (23) modulistica/mdl_save.php.
by cr4wl3r
HP OpenView Operations Manager 8.1 - Info Disclosure
Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2007-3872. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
by Intevydis
HP Operations Dashboard - Unauthenticated Remote Code Execution via Default j2deployer Credentials
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
by Intevydis
Adobe RoboHelp Server 8 - Unauthenticated Arbitrary File Upload and Remote Code Execution via JSP File Upload
Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote attackers to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the file in the robohelp/robo/reserved/web directory under its sessionid subdirectory, as demonstrated by the vd_adobe module in VulnDisco Pack Professional 8.7 through 8.11.
by Intevydis
By Source