Exploitdb Exploits

EIP-2026-119654 EXPLOITDB python

TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure

by Alexander Korznikov

View

EIP-2026-107235 EXPLOITDB text

FreePBX 13.0.x < 13.0.154 - Remote Command Execution

by i-Hmx

View

EIP-2026-106276 EXPLOITDB text

CumulusClips 2.4.1 - Multiple Vulnerabilities

by kor3k

View

CVE-2016-4264 EXPLOITDB HIGH python VERIFIED

Adobe ColdFusion <11-Update 10 - Info Disclosure

The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via a crafted OOXML spreadsheet containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

by Dawid Golunski

CVSS 8.6

View

EIP-2026-118103 EXPLOITDB text

WIN-911 7.17.00 - Multiple Vulnerabilities

by sh4d0wman

View

EIP-2026-111078 EXPLOITDB text

PHPIPAM 1.2.1 - Multiple Vulnerabilities

by Saeed reza Zamanian

View

CVE-2015-7547 EXPLOITDB HIGH python

GNU C Library <2.23 - Buffer Overflow

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

by SpeeDr00t

CVSS 8.1

View

EIP-2026-101133 EXPLOITDB

Sony Playstation 4 (PS4) 3.15 < 3.55 - WebKit Code Execution (PoC)

by TJ Corley

View

EIP-2026-119645 EXPLOITDB python

Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure

by Yakir Wizman

View

EIP-2026-119644 EXPLOITDB python

MySQL 5.5.45 (x64) - Local Credentials Disclosure

by Yakir Wizman

View

EIP-2026-116808 EXPLOITDB text VERIFIED

ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation

by sh4d0wman

View

EIP-2026-113997 EXPLOITDB text

WordPress Plugin RB Agency 2.4.7 - Local File Disclosure

by Persian Hack Team

View

EIP-2026-101556 EXPLOITDB python

Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)

by b1ack0wl

View

EIP-2026-117176 EXPLOITDB python

FortiClient SSLVPN 5.4 - Credentials Disclosure

by Viktor Minin

View

CVE-2016-20032 EXPLOITDB HIGH html

ZKTeco ZKAccess Security System 5.3.1 Stored XSS

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holiday_name' and 'memo' POST parameters. Attackers can submit crafted requests with script code in these parameters to compromise user browser sessions and steal sensitive information.

by LiquidWorm

CVSS 7.2

View

CVE-2016-20031 EXPLOITDB MEDIUM text

ZKTeco ZKBioSecurity 3.0 Local Authorization Bypass via visLogin.jsp

ZKTeco ZKBioSecurity 3.0 contains a local authorization bypass vulnerability in visLogin.jsp that allows attackers to authenticate without valid credentials by spoofing localhost requests. Attackers can exploit the EnvironmentUtil.getClientIp() method which treats IPv6 loopback address 0:0:0:0:0:0:0:1 as 127.0.0.1 and authenticates using the IP as username with hardcoded password 123456 to access sensitive information and perform unauthorized actions.

by LiquidWorm

CVSS 5.5

View

CVE-2016-20029 EXPLOITDB MEDIUM text

ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability

ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including configuration files, source code, and protected application resources.

by LiquidWorm

CVSS 6.2

View

CVE-2016-20028 EXPLOITDB MEDIUM html

ZKTeco ZKBioSecurity 3.0 Cross-Site Request Forgery Superadmin

ZKTeco ZKBioSecurity 3.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious websites. Attackers can craft HTTP requests that add superadmin accounts without validity checks, enabling unauthorized administrative access when authenticated users visit attacker-controlled pages.

by LiquidWorm

CVSS 4.3

View

CVE-2016-20026 EXPLOITDB CRITICAL text

ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution

ZKTeco ZKBioSecurity 3.0 contains hardcoded credentials in the bundled Apache Tomcat server that allow unauthenticated attackers to access the manager application. Attackers can authenticate with hardcoded credentials stored in tomcat-users.xml to upload malicious WAR archives containing JSP applications and execute arbitrary code with SYSTEM privileges.

by LiquidWorm

CVSS 9.8

View

CVE-2016-20025 EXPLOITDB HIGH text

ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privilege escalation.

by LiquidWorm

CVSS 8.8

View

CVE-2016-20024 EXPLOITDB CRITICAL text

ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation

ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.

by LiquidWorm

CVSS 9.8

View

EIP-2026-104669 EXPLOITDB php

PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service

by Yakir Wizman

View

EIP-2026-104668 EXPLOITDB php

PHP 7.0 - 'AppendIterator::append' Local Denial of Service

by Yakir Wizman

View

EIP-2026-104654 EXPLOITDB php

PHP 5.0.0 - 'snmpwalkoid()' Local Denial of Service

by Yakir Wizman

View

EIP-2026-104653 EXPLOITDB php

PHP 5.0.0 - 'snmpwalk()' Local Denial of Service

by Yakir Wizman

View