Exploitdb Exploits
31,357 exploits tracked across all sources.
vtiger CRM 5.0.4 - Path Traversal and Arbitrary File Execution via Module Parameter
Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the module parameter to graph.php; or the (2) module or (3) file parameter to include/Ajax/CommonAjax.php, reachable through modules/Campaigns/CampaignsAjax.php, modules/SalesOrder/SalesOrderAjax.php, modules/System/SystemAjax.php, modules/Products/ProductsAjax.php, modules/uploads/uploadsAjax.php, modules/Dashboard/DashboardAjax.php, modules/Potentials/PotentialsAjax.php, modules/Notes/NotesAjax.php, modules/Faq/FaqAjax.php, modules/Quotes/QuotesAjax.php, modules/Utilities/UtilitiesAjax.php, modules/Calendar/ActivityAjax.php, modules/Calendar/CalendarAjax.php, modules/PurchaseOrder/PurchaseOrderAjax.php, modules/HelpDesk/HelpDeskAjax.php, modules/Invoice/InvoiceAjax.php, modules/Accounts/AccountsAjax.php, modules/Reports/ReportsAjax.php, modules/Contacts/ContactsAjax.php, and modules/Portal/PortalAjax.php; and allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the step parameter in an Import action to the (4) Accounts, (5) Contacts, (6) HelpDesk, (7) Leads, (8) Potentials, (9) Products, or (10) Vendors module, reachable through index.php and related to modules/Import/index.php and multiple Import.php files.
by USH
Vtiger Crm - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php.
by USH
vtiger CRM 5.0.4 - Cross-Site Scripting via Activities Module Action Parameter
Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: the query_string vector is already covered by CVE-2008-3101.3.
by USH
Adobe JRun Application Server 4 Updater 7 - Authenticated Path Traversal via Logfile Parameter
Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.
by DSecRG
TheGreenBow IPSec VPN Client 4.61.003 - Denial of Service via tgbvpn.sys IOCTL 0x80000034
The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0.
by Evilcry
vtiger CRM 5.0.4 - Authenticated Remote Code Execution via Compose Mail Attachment Filename
The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
by USH
Videos Broadcast Yourself 2 - SQL Injection via UploadID Parameter
Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the (1) UploadID parameter to videoint.php, and possibly the (2) cat_id parameter to catvideo.php and (3) uid parameter to cviewchannels.php.
by Mr.SQL
Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload
by NeX HaCkEr
phpfreeBB 1.0 - SQL Injection via id Parameter or year Parameter
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php.
by Moudi
BitmixSoft PHP-Lance 1.52 - Path Traversal via Language or Search Parameter
Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1.52 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to show.php and (2) in parameter to advanced_search.php.
by jetli007
PHP eMail Manager 3.3.0 - SQL Injection via ID Parameter
SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by MuShTaQ
VivaPrograms Infinity Script 2.x.x - Path Traversal via options[style_dir] Parameter
Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI.
by SwEET-DeViL
CBAuthority - SQL Injection via id Parameter in view_product Action
SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action.
by Angela Chang
autonomous lan party 0.98.3 - Remote File Inclusion
by cr4wl3r
2WIRE Gateway - Authentication Bypass / Password Reset (2)
by bugz
Apple Safari 4.0.2 - WebKit Parsing of Floating Point Numbers Buffer Overflow (PoC)
by Leon Juranic
ZTE ZXDSL 831 II Modem - Arbitrary Configuration Access
by SuNHouSe2
Netgear WNR2000 - Multiple Information Disclosure Vulnerabilities
by Jean Trolleur
Linux kernel <2.6.30.4, <2.4.37.4 - Privilege Escalation
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
by Zinx
CVSS 7.8
Valve Software Source Engine - Format String
by Luigi Auriemma
By Source