Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106549 EXPLOITDB text
dotCMS 3.2.4 - Multiple Vulnerabilities
by LiquidWorm
EIP-2026-104761 EXPLOITDB ruby VERIFIED
phpFileManager 0.9.8 - Remote Code Execution (Metasploit)
by Metasploit
CVE-2015-5603 EXPLOITDB ruby VERIFIED
HipChat for JIRA <6.30.0 - Code Injection
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
by Metasploit
EIP-2026-117014 EXPLOITDB text VERIFIED
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions
by loneferret
EIP-2026-116546 EXPLOITDB text
WinAsm Studio 5.1.8.8 - Buffer Overflow Crash (PoC)
by Un_N0n
EIP-2026-114113 EXPLOITDB text
WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities
by KedAns-Dz
EIP-2026-114027 EXPLOITDB text
WordPress Plugin Sell Download 1.0.16 - Local File Disclosure
by KedAns-Dz
EIP-2026-113542 EXPLOITDB text
WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities
by KedAns-Dz
CVE-2010-4417 EXPLOITDB ruby VERIFIED
Oracle Fusion Middleware <2.0.1.3 - Info Disclosure
Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that voice-servlet/prompt-qa/Index.jspf does not properly handle null (%00) bytes in the evaluation parameter that is used in a filename, which allows attackers to create a file with an executable extension and execute arbitrary JSP code.
by Metasploit
EIP-2026-119007 EXPLOITDB ruby VERIFIED
Oracle BeeHive 2 - 'voice-servlet prepareAudioToPlay()' Arbitrary File Upload (Metasploit)
by Metasploit
EIP-2026-115584 EXPLOITDB text
Malwarebytes AntiVirus 2.2.0 - Denial of Service (PoC)
by Francis Provencher
EIP-2026-114164 EXPLOITDB text
WordPress Plugin Users Ultra 1.5.50 - Persistent Cross-Site Scripting
by Panagiotis Vagenas
EIP-2026-114163 EXPLOITDB text
WordPress Plugin Users Ultra 1.5.50 - Blind SQL Injection
by Panagiotis Vagenas
CVE-2015-8351 EXPLOITDB CRITICAL text
Gwolle Guestbook < 1.5.3 - Authenticated Remote File Inclusion via abspath Parameter
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences regardless of whether allow_url_include is enabled.
by High-Tech Bridge SA
CVSS 9.0
EIP-2026-102608 EXPLOITDB
Gnome Nautilus 3.16 - Denial of Service
by Panagiotis Vagenas
CVE-2014-6271 EXPLOITDB CRITICAL ruby VERIFIED
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
by Metasploit
CVSS 9.8
CVE-2015-4027 EXPLOITDB python
Acunetix Web Vulnerability Scanner < 10 - Local Privilege Escalation via AcuWVSSchedulerv10 Service
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
by Daniele Linguaglossa
CVE-2015-1336 EXPLOITDB HIGH VERIFIED
Man-db <2.7.6.1-1 - Privilege Escalation
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
by halfdog
CVSS 7.8
EIP-2026-114609 EXPLOITDB text
ZenPhoto 1.4.10 - Local File Inclusion
by hyp3rlinx
EIP-2026-107919 EXPLOITDB text
Invision Power Board (IP.Board) 4.1.4.x - Persistent Cross-Site Scripting
by Mehdi Alouache
CVE-2015-8368 EXPLOITDB text
ntopng < 2.0.151021 - Authenticated Privilege Escalation via User Cookie and Username Parameter
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
by Dolev Farhi
CVE-2015-5287 EXPLOITDB python VERIFIED
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by rebel
EIP-2026-103290 EXPLOITDB text VERIFIED
Kodi 15 - Web Interface Arbitrary File Access
by Machiel Pronk
CVE-2015-5287 EXPLOITDB python VERIFIED
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by rebel
EIP-2026-101557 EXPLOITDB text
Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities
by Rahul Pratap Singh