Exploitdb Exploits
50,076 exploits tracked across all sources.
phpFileManager 0.9.8 - Remote Code Execution (Metasploit)
by Metasploit
HipChat for JIRA <6.30.0 - Code Injection
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
by Metasploit
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions
by loneferret
WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities
by KedAns-Dz
WordPress Plugin Sell Download 1.0.16 - Local File Disclosure
by KedAns-Dz
WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities
by KedAns-Dz
Oracle Fusion Middleware <2.0.1.3 - Info Disclosure
Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that voice-servlet/prompt-qa/Index.jspf does not properly handle null (%00) bytes in the evaluation parameter that is used in a filename, which allows attackers to create a file with an executable extension and execute arbitrary JSP code.
by Metasploit
Oracle BeeHive 2 - 'voice-servlet prepareAudioToPlay()' Arbitrary File Upload (Metasploit)
by Metasploit
Malwarebytes AntiVirus 2.2.0 - Denial of Service (PoC)
by Francis Provencher
WordPress Plugin Users Ultra 1.5.50 - Persistent Cross-Site Scripting
by Panagiotis Vagenas
WordPress Plugin Users Ultra 1.5.50 - Blind SQL Injection
by Panagiotis Vagenas
Gwolle Guestbook < 1.5.3 - Authenticated Remote File Inclusion via abspath Parameter
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences regardless of whether allow_url_include is enabled.
by High-Tech Bridge SA
CVSS 9.0
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
by Metasploit
CVSS 9.8
Acunetix Web Vulnerability Scanner < 10 - Local Privilege Escalation via AcuWVSSchedulerv10 Service
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
by Daniele Linguaglossa
Man-db <2.7.6.1-1 - Privilege Escalation
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
by halfdog
CVSS 7.8
Invision Power Board (IP.Board) 4.1.4.x - Persistent Cross-Site Scripting
by Mehdi Alouache
ntopng < 2.0.151021 - Authenticated Privilege Escalation via User Cookie and Username Parameter
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
by Dolev Farhi
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by rebel
Kodi 15 - Web Interface Arbitrary File Access
by Machiel Pronk
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by rebel
Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities
by Rahul Pratap Singh
By Source