Exploitdb Exploits
50,076 exploits tracked across all sources.
WordPress Plugin Bulk Delete 5.5.3 - Privilege Escalation
by Panagiotis Vagenas
Dropbear SSH <2016.72 - Auth Bypass
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
by tintinweb
CVSS 6.4
Schneider Electric Struxureware Building Operations Automation Server < 1.7 - Authenticated OS Command Execution
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh (aka Minimal Shell) protection mechanism.
by Karn Ganeshen
CVSS 7.2
Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation
by Cr4sh
Quick Tftp Server Pro 2.3 - Read Mode Denial of Service
by Guillaume Kaddouch
PictureTrails Photo Editor GE.exe 2.0.0 - '.bmp' Crash (PoC)
by redknight99
FreeProxy Internet Suite 4.10 - Denial of Service
by Guillaume Kaddouch
Gallery 2 up to 2.0.2 - Cross-Site Scripting via X-Forwarded-For Header
Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album.
by GulfTech Security
WordPress CP Polls 1.0.8 Cross-Site Request Forgery
WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in.
by i0akiN SEC-LABORATORY
CVSS 4.3
WordPress CP Polls 1.0.8 Persistent Cross-Site Scripting
WordPress CP Polls 1.0.8 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unsanitized file upload functionality. Attackers can upload files containing script payloads with event handlers like onerror attributes to execute arbitrary JavaScript in the browsers of users viewing the affected content.
by i0akiN SEC-LABORATORY
CVSS 7.2
NETGEAR Management System NMS300 <1.5.0.11 - Path Traversal
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.
by Metasploit
CVSS 8.6
Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 - Insecure File Permissions
by LiquidWorm
Viscomsoft Calendar Active-X 2.0 - Multiple Crashes (PoC)
by Shantanu Khandelwal
Crouzet em4 soft 1.1.04 - '.pm4' Integer Division By Zero
by LiquidWorm
ATutor 2.2.1 - SQL Injection via searchFriends Function
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
by Metasploit
CVSS 9.8
WordPress More Fields Plugin 2.1 Cross-Site Request Forgery
WordPress More Fields Plugin 2.1 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by disabling CSRF token validation. Attackers can craft malicious web pages that trick logged-in administrators into adding or deleting custom fields and boxes on the Write/Edit page via POST and GET requests to the options-general.php endpoint.
by Aatif Shahdad
CVSS 5.3
Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Escalation
by Laughing_Mantis
Windows Vista and Server 2008 - Remote Code Execution via SMBv2 Negotiate Protocol Request
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
by ohnozzy
Microsoft Windows Server Service - Remote Code Execution via Crafted RPC Request
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
by ohnozzy
CVSS 9.8
WordPress Plugin Ocim MP3 - SQL Injection
by xevil & Blankon33
phpRPC <= 0.7 - Remote Code Execution via Base64 Tag in RPC Decoder
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
by GulfTech Security
Joomla! Component com_poweradmin 2.3.0 - Multiple Vulnerabilities
by RatioSec Research
Wireshark - print_hex_data_buffer / print_packet Use-After-Free
by Google Security Research
Zimbra Collaboration Server < 8.5 - Cross-Site Request Forgery via SOAP BatchRequest
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to service/soap/BatchRequest.
by Sysdream
CVSS 8.8
By Source