Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2016-3694 EXPLOITDB CRITICAL text
modified eCommerce Shopsoftware 2.0.0.0 - SQL Injection
Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to api/easybill/easybillcsv.php.
by Felix Maduakor
CVSS 9.8
CVE-2016-10709 EXPLOITDB HIGH text
pfSense < 2.2.6 - Authenticated OS Command Injection via Graph Parameter
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php.
by Security-Assessment.com
CVSS 8.8
EIP-2026-113866 EXPLOITDB text
WordPress Plugin leenk.me 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting
by cor3sm4sh3r
EIP-2026-113853 EXPLOITDB text
WordPress Plugin Kento Post View Counter 2.8 - Cross-Site Request Forgery / Cross-Site Scripting
by cor3sm4sh3r
EIP-2026-113382 EXPLOITDB text VERIFIED
Webutler CMS 3.2 - Cross-Site Request Forgery
by Keerati T.
CVE-2016-1593 EXPLOITDB HIGH ruby
Micro Focus Novell Service Desk <7.2 - Path Traversal
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL.
by Metasploit
CVSS 7.2
EIP-2026-101093 EXPLOITDB text
TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials
by DLY
EIP-2026-115680 EXPLOITDB html
Microsoft Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free
by Marcin Ressel
CVE-2016-1531 EXPLOITDB HIGH ruby VERIFIED
Exim <4.86.2 - Privilege Escalation
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
by Metasploit
CVSS 7.0
CVE-2015-9266 EXPLOITDB CRITICAL text VERIFIED
Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP - Unauthenticated Path Traversal and Arbitrary File Write
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.
by 93c08539
CVSS 9.8
CVE-2015-6086 EXPLOITDB html VERIFIED
Microsoft Internet Explorer <11 - Info Disclosure
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
by Ashfaq Ansari
CVE-2016-0122 EXPLOITDB HIGH text VERIFIED
Microsoft Excel/Word 2007-2016 & Office Compatibility Pack - Remote Code Execution via Crafted Document
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
by Sébastien Morin
CVSS 7.8
EIP-2026-111132 EXPLOITDB text
PHPmongoDB 1.0.0 - Multiple Vulnerabilities
by Ozer Goker
EIP-2026-110566 EXPLOITDB text
pfSense Firewall 2.2.6 - Services Cross-Site Request Forgery
by Aatif Shahdad
EIP-2026-101571 EXPLOITDB text
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
by Orwelllabs
CVE-2016-20040 EXPLOITDB HIGH python
TiEmu 3.03-nogdb+dfsg-3 Buffer Overflow via ROM Parameter
TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and overwrite the instruction pointer with malicious addresses.
by Juan Sacco
CVSS 8.4
CVE-2014-125113 EXPLOITDB CRITICAL ruby VERIFIED
Dell KACE K1000 <5.4.76849-5.5.90547 - File Upload
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths.
by Metasploit
CVE-2016-0491 EXPLOITDB python VERIFIED
Oracle Application Testing Suite - Unspecified Vuln
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that the UploadFileAction servlet allows remote authenticated users to upload and execute arbitrary files via an * (asterisk) character in the fileType parameter.
by Zhou Yu
CVE-2016-0492 EXPLOITDB python VERIFIED
Oracle Application Testing Suite - Info Disclosure
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0488. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function, which allows remote attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, as demonstrated by olt/Login.do/../../olt/UploadFileUpload.do.
by Zhou Yu
EIP-2026-110425 EXPLOITDB text
Ovidentia troubleticketsModule 7.6 - Remote File Inclusion
by bd0rk
CVE-2016-1595 EXPLOITDB MEDIUM text
Micro Focus Novell Service Desk <7.2 - SQL Injection
LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.
by Pedro Ribeiro
CVSS 6.5
CVE-2016-1594 EXPLOITDB MEDIUM text
Micro Focus Novell Service Desk <7.2 - Info Disclosure
Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a (1) downloadLogFiles or (2) downloadFile action.
by Pedro Ribeiro
CVSS 6.5
CVE-2016-1593 EXPLOITDB HIGH text
Micro Focus Novell Service Desk <7.2 - Path Traversal
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL.
by Pedro Ribeiro
CVSS 7.2
EIP-2026-116937 EXPLOITDB text
CAM UnZip 5.1 - .'ZIP' File Directory Traversal
by hyp3rlinx
EIP-2026-114383 EXPLOITDB text
WPN-XM Serverstack 0.8.6 - Cross-Site Request Forgery
by hyp3rlinx
By Source
All 50,076 Writeup 62,573 Exploitdb 50,076 Nomisec 22,496 Github 3,735 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,630 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25