Exploitdb Exploits

EIP-2026-114358 EXPLOITDB php

WordPress Theme Uncode 1.3.1 - Arbitrary File Upload

by wp0Day.com

View

EIP-2026-114315 EXPLOITDB php

WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting

by wp0Day.com

View

EIP-2026-114230 EXPLOITDB php

WordPress Plugin WP PRO Advertising System 4.6.18 - SQL Injection

by wp0Day.com

View

EIP-2026-114221 EXPLOITDB text VERIFIED

WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload

by Aaditya Purani

View

EIP-2026-113686 EXPLOITDB text

WordPress Plugin Double Opt-In for Download 2.0.9 - SQL Injection

by Kacper Szurek

View

EIP-2026-111690 EXPLOITDB text

rConfig 3.1.1 - Local File Inclusion

by Gregory Pickett

View

EIP-2026-109823 EXPLOITDB text VERIFIED

Nagios XI 5.2.7 - Multiple Vulnerabilities

by Security-Assessment.com

View

EIP-2026-106825 EXPLOITDB text

Electroweb Online Examination System 1.0 - SQL Injection

by Ali Ghanbari

View

EIP-2026-106565 EXPLOITDB html

Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin)

by Ali Ghanbari

View

EIP-2026-105249 EXPLOITDB html

ArticleSetup 1.00 - Cross-Site Request Forgery (Change Admin Password)

by Ali Ghanbari

View

EIP-2026-102353 EXPLOITDB text VERIFIED

Apache Continuum 1.4.2 - Multiple Vulnerabilities

by David Shanahan

View

CVE-2014-6278 EXPLOITDB HIGH text

GNU Bash through 4.3 bash43-026 - Remote Code Execution via Environment Variable Function Parsing

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

by lastc0de

CVSS 8.8

View

EIP-2026-100459 EXPLOITDB text

Notilus Travel Solution Software 2012 R3 - SQL Injection

by Alex Haynes

View

EIP-2026-111737 EXPLOITDB text

Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Arbitrary File Upload

by RedTeam Pentesting GmbH

View

EIP-2026-108853 EXPLOITDB text VERIFIED

Joomla! Component SecurityCheck 2.8.9 - Multiple Vulnerabilities

by ADEO Security

View

EIP-2026-103720 EXPLOITDB text

Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)

by RedTeam Pentesting GmbH

View

CVE-2016-3670 EXPLOITDB MEDIUM text

Liferay Portal < 6.2 - Stored Cross-Site Scripting via Profile Search FirstName Field

Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.

by Fernando Câmara

CVSS 6.1

View

EIP-2026-105058 EXPLOITDB text

AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities

by hyp3rlinx

View

EIP-2026-103741 EXPLOITDB text VERIFIED

Wireshark - erf_meta_read_tag SIGSEGV

by Google Security Research

View

CVE-2016-2004 EXPLOITDB CRITICAL ruby VERIFIED

HPE Data Protector <7.03_108,8.x<8.15,9.x<9.06 - RCE

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.

by Ian Lovering

CVSS 9.8

View

EIP-2026-111515 EXPLOITDB text

ProcessMaker 3.0.1.7 - Multiple Vulnerabilities

by Mickael Dorigny

View

EIP-2026-107142 EXPLOITDB html

Flatpress 1.0.3 - Cross-Site Request Forgery / Arbitrary File Upload

by LiquidWorm

View

EIP-2026-102747 EXPLOITDB python

TCPDump 4.5.1 - Crash (PoC)

by David Silveiro

View

EIP-2026-102571 EXPLOITDB python

CCextractor 0.80 - Crash (PoC)

by David Silveiro

View

EIP-2026-100735 EXPLOITDB text

AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities

by Pablo Rebolini

View