Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115417 EXPLOITDB python
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - '_FXCLI_SetConfFileChunk' Stack Buffer Overflow (PoC)
by Ptrace Security
EIP-2026-115416 EXPLOITDB python
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - '_FXCLI_GetConfFileChunk' Stack Buffer Overflow (PoC)
by Ptrace Security
EIP-2026-112598 EXPLOITDB text VERIFIED
Tequila File Hosting 1.5 - Multiple Vulnerabilities
by Ashiyane Digital Security Team
EIP-2026-110420 EXPLOITDB text
Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions
by bd0rk
EIP-2026-110419 EXPLOITDB text
Ovidentia absences Module 2.64 - Remote File Inclusion
by bd0rk
CVE-2015-8562 EXPLOITDB python VERIFIED
Joomla! 1.5.x-3.4.5 - Unauthenticated Remote Code Execution via HTTP User-Agent Header
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
by Sec-1
EIP-2026-105250 EXPLOITDB text VERIFIED
ArticleSetup Article Script 1.00 - SQL Injection
by Linux Zone Research Team
CVE-2015-8249 EXPLOITDB CRITICAL ruby VERIFIED
ManageEngine Desktop Central <9 - RCE
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.
by Metasploit
CVSS 9.8
CVE-2015-8103 EXPLOITDB CRITICAL ruby VERIFIED
Jenkins CLI RMI Java Deserialization Vulnerability
The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".
by Metasploit
CVSS 9.8
CVE-2015-6132 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Library Loading
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
by Google Security Research
CVE-2015-6152 EXPLOITDB html
Internet Explorer 10 - Remote Code Execution via Memory Corruption
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6162.
by Moritz Jodeit
EIP-2026-113536 EXPLOITDB text
WordPress Plugin Admin Management Xtended 2.4.0 - Privilege escalation
by Kacper Szurek
EIP-2026-106760 EXPLOITDB text VERIFIED
ECommerceMajor - 'productdtl.php?prodid' SQL Injection
by Rahul Pratap Singh
CVE-2015-8357 EXPLOITDB text
bitrix.xscan < 1.0.3 - Authenticated Path Traversal via File Parameter
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.
by High-Tech Bridge SA
CVE-2015-8358 EXPLOITDB text
bitrix.mpbuilder < 1.0.11 - Authenticated Path Traversal via Work Array Parameter
Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php.
by High-Tech Bridge SA
EIP-2026-104135 EXPLOITDB ruby VERIFIED
Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-104134 EXPLOITDB ruby VERIFIED
Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-103966 EXPLOITDB ruby VERIFIED
Legend Perl IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-103965 EXPLOITDB ruby VERIFIED
Legend Perl IRC Bot - Remote Code Execution (Metasploit)
by Metasploit
CVE-2015-7648 EXPLOITDB text VERIFIED
Adobe Flash Player <18.0.0.255,19.x<19.0.0.226 - RCE
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
by Google Security Research
CVE-2015-7647 EXPLOITDB text VERIFIED
Adobe Flash Player <18.0.0.255,19.x<19.0.0.226 - RCE
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
by Google Security Research
EIP-2026-101927 EXPLOITDB text VERIFIED
Polycom VVX-Series Business Media Phones - Directory Traversal
by Jake Reynolds
EIP-2026-101449 EXPLOITDB ruby
Siemens Simatic S7 1200 - CPU Command Module (Metasploit)
by Nguyen Manh Hung
EIP-2026-107448 EXPLOITDB text
GoAutoDial CE 3.3 - Multiple SQL Injections / Command Injection
by R-73eN
EIP-2026-114956 EXPLOITDB text VERIFIED
Avast! - Integer Overflow Verifying numFonts in TTC Header
by Google Security Research
By Source
All 50,076 Writeup 62,633 Exploitdb 50,076 Nomisec 22,505 Github 3,761 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 483 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,641 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,335 bash 462 java 371 c++ 261 javascript 231 shell 140 go 75 postscript 25 typescript 25