Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114610 EXPLOITDB text VERIFIED
ZenPhoto 1.4.11 - Remote File Inclusion
by Curesec Research Team
EIP-2026-111288 EXPLOITDB text
PivotX 2.3.11 - Directory Traversal
by Curesec Research Team
CVE-2016-11017 EXPLOITDB CRITICAL text
AKIPS Network Monitor 15.37-16.5 - Unauthenticated OS Command Injection via Username Parameter
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.
by BrianWGray
CVSS 9.8
EIP-2026-115936 EXPLOITDB text
Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow
by LiquidWorm
EIP-2026-109568 EXPLOITDB text
Monstra CMS 3.0.3 - Multiple Vulnerabilities
by Sarim Kiani
CVE-2016-3115 EXPLOITDB MEDIUM python
OpenSSH < 7.2 - Authenticated Command Restriction Bypass via X11 Forwarding CRLF Injection
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
by tintinweb
CVSS 6.4
CVE-2014-6278 EXPLOITDB HIGH python
GNU Bash through 4.3 bash43-026 - Remote Code Execution via Environment Variable Function Parsing
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
by thatchriseckert
CVSS 8.8
CVE-2016-1885 EXPLOITDB MEDIUM c VERIFIED
FreeBSD <9.3p39, 10.1p31, 10.2p14 - DoS
Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow.
by Core Security
CVSS 6.2
CVE-2016-15044 EXPLOITDB CRITICAL text
Kaltura Video Platform < 11.1.0-2 - Unauthenticated Remote Code Execution via Unsafe Deserialization in keditorservices
A remote code execution vulnerability exists in Kaltura versions prior to 11.1.0-2 due to unsafe deserialization of user-controlled data within the keditorservices module. An unauthenticated remote attacker can exploit this issue by sending a specially crafted serialized PHP object in the kdata GET parameter to the redirectWidgetCmd endpoint. Successful exploitation leads to execution of arbitrary PHP code in the context of the web server process.
by Security-Assessment.com
CVE-2015-7563 EXPLOITDB HIGH text VERIFIED
TeamPass < 2.1.24.0 - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authentication of an authenticated user.
by Vincent Malguy
CVSS 8.8
CVE-2015-7562 EXPLOITDB MEDIUM text VERIFIED
TeamPass < 2.1.24 - Cross-Site Scripting via Item Label or Role Name
Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role.
by Vincent Malguy
CVSS 6.1
EIP-2026-116666 EXPLOITDB python
Zortam Mp3 Media Studio 20.15 - Overflow (PoC) (SEH)
by INSECT.B
CVE-2016-0120 EXPLOITDB MEDIUM text VERIFIED
Microsoft Windows - Denial of Service via Crafted OpenType Font
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability."
by Google Security Research
CVSS 6.5
CVE-2016-0121 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Remote Code Execution via Crafted OpenType Font
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability."
by Google Security Research
CVSS 8.8
CVE-2016-0108 EXPLOITDB HIGH html VERIFIED
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114.
by Google Security Research
CVSS 7.5
EIP-2026-114062 EXPLOITDB text VERIFIED
WordPress Plugin Site Import 1.0.1 - Local/Remote File Inclusion
by Wadeek
CVE-2015-7564 EXPLOITDB CRITICAL text VERIFIED
TeamPass < 2.1.24 - SQL Injection via Item Query or View Log Parameters
Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php.
by Vincent Malguy
CVSS 9.8
CVE-2016-2184 EXPLOITDB MEDIUM text
Linux Kernel < 4.5.1 - Denial of Service via Crafted USB Device Descriptor
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.
by OpenSource Security
CVSS 4.6
CVE-2016-2188 EXPLOITDB MEDIUM text
SUSE Linux Enterprise - Denial of Service via USB Device Descriptor
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
by OpenSource Security
CVSS 4.6
CVE-2016-10997 EXPLOITDB MEDIUM text
beauty-premium 1.0.8 - Cross-Site Request Forgery with Arbitrary File Upload in sendmail.php
The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.
by Colette Chamberland
CVSS 6.5
EIP-2026-113700 EXPLOITDB text
WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities
by Colette Chamberland
EIP-2026-104759 EXPLOITDB ruby VERIFIED
PHP Utility Belt - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-115941 EXPLOITDB text VERIFIED
Nitro Pro 10.5.7.32 / Nitro Reader 5.5.3.1 - Heap Memory Corruption
by Francis Provencher
EIP-2026-114204 EXPLOITDB text
WordPress Plugin WP Advanced Comment 0.10 - Persistent Cross-Site Scripting
by Mohammad Khaleghi
EIP-2026-113593 EXPLOITDB text
WordPress Plugin Best Web Soft Captcha 4.1.5 - Multiple Vulnerabilities
by Colette Chamberland
By Source
All 50,076 Writeup 62,594 Exploitdb 50,076 Nomisec 22,498 Github 3,743 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,633 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 138 go 73 postscript 25 typescript 25