Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-7248 EXPLOITDB HIGH text
ZTE ZXHN H108N R1A < ZTE.bhs.ZXHNH108NR1A.k_PE - Sensitive Info Exposure via cgi-bin/webproc
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.
by Karn Ganeshen
CVSS 7.5
CVE-2014-0476 EXPLOITDB ruby VERIFIED
chkrootkit < 0.50 - Local Privilege Escalation via Trojan Horse Executable
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
by Metasploit
CVE-2015-8703 EXPLOITDB MEDIUM text
ZTE ZXHN H108N R1A and ZXV10 W300 - Authenticated Sensitive Information Exposure via Configuration File
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248.
by Karn Ganeshen
CVSS 6.5
CVE-2015-7259 EXPLOITDB HIGH text
ZTE Zxv10 W300 Firmware - Credentials Management
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.
by Karn Ganeshen
CVSS 8.8
EIP-2026-100767 EXPLOITDB text
Cambium ePMP 1000 - Multiple Vulnerabilities
by Karn Ganeshen
EIP-2026-119409 EXPLOITDB text VERIFIED
Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting
by Un_N0n
EIP-2026-116351 EXPLOITDB python
SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field Overflow (SEH)
by Luis Martínez
EIP-2026-116350 EXPLOITDB python
SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow
by Luis Martínez
EIP-2026-116349 EXPLOITDB python
SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow
by Luis Martínez
EIP-2026-116205 EXPLOITDB python
Sam Spade 1.14 - Decode URL Buffer Overflow Crash (PoC)
by Vivek Mahajan
CVE-2015-7984 EXPLOITDB text
Horde Groupware < 5.2.11 - Cross-Site Request Forgery via Admin Shell Parameters
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.
by High-Tech Bridge SA
CVE-2015-6763 EXPLOITDB text VERIFIED
Google Chrome < 45.0.2454.101 - Denial of Service
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Google Security Research
CVE-2015-3628 EXPLOITDB ruby VERIFIED
F5 BIG-IP and BIG-IQ - Authenticated Privilege Escalation via iCall Script or Handler
The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.
by Metasploit
CVE-2015-2023 EXPLOITDB HIGH text
IBM i Access 7.1 - Local Privilege Escalation via Buffer Overflow
Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.
by hyp3rlinx
CVSS 8.8
CVE-2015-7422 EXPLOITDB MEDIUM text
IBM i Access 7.1 - Denial of Service via Buffer Overflow
Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors.
by hyp3rlinx
CVSS 5.5
EIP-2026-114165 EXPLOITDB
WordPress Plugin Users Ultra 1.5.50 - Unrestricted Arbitrary File Upload
by Panagiotis Vagenas
CVE-2025-34121 EXPLOITDB CRITICAL ruby VERIFIED
Idera Up.Time Monitoring Station <=7.2 - RCE
An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The `wizards/post2file.php` script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in remote code execution as the web server user. NOTE: The bypass for this vulnerability is tracked as CVE-2015-9263.
by Metasploit
CVE-2015-9227 EXPLOITDB HIGH text
AlegroCart 1.2.8 - Authenticated Remote Code Execution via File Path Parameter
PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_logs.php in AlegroCart 1.2.8 allows remote administrators to execute arbitrary PHP code via a URL in the file_path parameter to upload/admin2.
by Curesec Research Team
CVSS 7.2
CVE-2015-9226 EXPLOITDB HIGH text
AlegroCart 1.2.8 - Authenticated SQL Injection via Download Parameter
Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the (1) check_download and possibly (2) check_filename function in upload/admin2/model/products/model_admin_download.php or remote authenticated users with a valid Paypal transaction token to execute arbitrary SQL commands via the ref parameter in the (3) orderUpdate function in upload/catalog/extension/payment/paypal.php.
by Curesec Research Team
CVSS 7.2
EIP-2026-117998 EXPLOITDB perl VERIFIED
TECO SG2 LAD Client 3.51 - '.gen' Overwrite Buffer Overflow (SEH)
by LiquidWorm
EIP-2026-117997 EXPLOITDB perl
TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite Buffer Overflow (SEH)
by LiquidWorm
EIP-2026-116395 EXPLOITDB text
TECO TP3-PCLINK 2.1 - '.tpc' Handling Buffer Overflow (PoC)
by LiquidWorm
EIP-2026-116394 EXPLOITDB text
TECO SG2 FBD Client 3.51 - '.gfb' Overwrite Buffer Overflow (SEH) (PoC)
by LiquidWorm
EIP-2026-116393 EXPLOITDB text
TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow (PoC)
by LiquidWorm
EIP-2026-116204 EXPLOITDB python
Sam Spade 1.14 - Browse URL Buffer Overflow (PoC)
by Nipun Jaswal