Exploitdb Exploits
50,076 exploits tracked across all sources.
Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass + ROP)
by Knaps
MyCustomers CMS 1.3.873 - SQL Injection
by Persian Hack Team
HumHub 0.11.2/0.20.0-beta.2 - SQL Injection
by LSE Leading Security Experts GmbH
SysAid Help Desk Software 14.4.32 b25 - SQL Injection (Metasploit)
by hland
SAP Sybase Adaptive Server Enterprise 15.7 ESD 2 - Authenticated XML External Entity Injection via XMLParse Procedure
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
by Igor Bulatenko
WordPress Plugin WP-Client 3.8.7 - Persistent Cross-Site Scripting
by Pier-Luc Maltais
Joomla! 3.2-3.4.4 - SQL Injection via list[select] Parameter
SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL commands via the list[select] parameter to index.php.
by Metasploit
Joomla! 3.2-3.4.3 - SQL Injection
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.
by Metasploit
NVIDIA GPU <341.92, <354.35, <358.87 - Privilege Escalation
nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784.
by Google Security Research
Oracle Fusion Middleware 8.5.0-8.5.2 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4877.
by Francis Provencher
Oracle Fusion Middleware 8.5.0-8.5.2 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878.
by Francis Provencher
Microsoft Windows - Use-After-Free in Kernel
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6101.
by Nils Sommer
Microsoft Windows - Local Privilege Escalation via Kernel Memory Corruption
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6100.
by Nils Sommer
Microsoft Windows - Kernel Memory Information Disclosure via KASLR Bypass
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."
by Nils Sommer
Windows Vista/Server 2008/7 NDIS Buffer Overflow Local Privilege Escalation
Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows NDIS Elevation of Privilege Vulnerability."
by Nils Sommer
Adobe Reader/Acrobat <10.1.16/<11.0.13 - Memory Corruption
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695.
by Francis Provencher
vBulletin 5 Connect <5.1.9 - Code Injection
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.
by Mohammad Reza Espargham
Joomla! 3.2-3.4.3 - SQL Injection
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297.
by Metasploit
ZTE Zxv10 W300 Firmware - Credentials Management
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.
by Karn Ganeshen
CVSS 8.8
ZTE Zxv10 W300 Firmware - Password Reset Weakness
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin".
by Karn Ganeshen
CVSS 7.5
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Cross-Site Scripting via errorpage Parameter
Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter.
by Karn Ganeshen
CVSS 6.1
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Unauthenticated Hardcoded Root Password
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
by Karn Ganeshen
CVSS 9.8
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Unauthenticated Path Traversal via getpage Parameter
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.
by Karn Ganeshen
CVSS 7.5
ZTE ZXHN H108N R1A < ZTE.bhs.ZXHNH108NR1A.k_PE - Authenticated Access Control Bypass
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action.
by Karn Ganeshen
CVSS 4.9
By Source