Exploitdb Exploits
49,996 exploits tracked across all sources.
Xplico <1.2.1 - Authenticated RCE
Xplico before 1.2.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the name of an uploaded PCAP file. NOTE: this issue can be exploited without authentication by leveraging the user registration feature.
by Mehmet Ince
CVSS 8.8
Linksys WVBR0 - RCE
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
by Metasploit
CVSS 9.8
Oturia Smart Google Code Inserter < 3.5 - Authentication Bypass
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code.
by Benjamin Lim
CVSS 9.8
Intel Atom C < 5.1.32 - Information Disclosure
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
by Multiple
CVSS 5.6
Kingsoft Antivirus/Internet Security 9+ - Local Privilege Escalation
by mr_me
Oturia Smart Google Code Inserter < 3.5 - SQL Injection
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.
by Benjamin Lim
CVSS 9.8
Opentext Document Sciences Xpression < 4.5 - SQL Injection
xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
by Pawel Gocyla
CVSS 7.5
Oracle WebLogic wls-wsat Component Deserialization RCE
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
by Kevin Kirsche
CVSS 7.5
Intel Atom Z < 1.1.7-6941-1 - Information Disclosure
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
by Multiple
CVSS 5.6
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
by GulfTech Security
HP LoadRunner <9.50 - RCE
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
by Metasploit
Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit)
by Metasploit
Cambium Networks ePMP <3.5 - Command Injection
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
by Metasploit
CVSS 8.8
PHP Melody <2.7.1 - SQL Injection
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
by Ahmad Mahfouz
CVSS 9.8
Xi-soft Nettransport Download Manager < 2.96l - Memory Corruption
A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.
by Aloyce J. Makalanga
CVSS 9.8
Allmediaserver < 0.95 - Memory Corruption
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
by Anurag Srivastava
CVSS 9.8
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
by LiquidWorm
CVSS 9.8
Telesquare SKT LTE Router SDT-CS3B1 Unauthenticated Remote Reboot
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.
by LiquidWorm
CVSS 7.5
Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.
by LiquidWorm
CVSS 4.3
Flexense Sysgauge - Improper Input Validation
In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221.
by Ahmad Mahfouz
CVSS 7.5
Allmediaserver < 0.95 - Memory Corruption
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
by Aloyce J. Makalanga
CVSS 9.8
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
by LiquidWorm
By Source