Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-101553 EXPLOITDB python VERIFIED
Beckhoff CX9020 CPU Module - Remote Code Execution
by Photubias
EIP-2026-117264 EXPLOITDB python
HandyPassword 4.9.3 - Overwrite (SEH)
by Un_N0n
CVE-2013-2097 EXPLOITDB HIGH ruby VERIFIED
ZPanel through 10.1.0 - Remote Code Execution
ZPanel through 10.1.0 has Remote Command Execution
by Metasploit
CVSS 7.8
CVE-2014-6332 EXPLOITDB HIGH php VERIFIED
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Ehsan Noreddini
CVSS 8.8
CVE-2015-20116 EXPLOITDB MEDIUM text
RealtyScript 4.0.2 Stored Cross-Site Scripting via CSV File Upload Filename
Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize CSV file uploads, allowing attackers to inject malicious scripts through filename parameters in multipart form data. Attackers can upload files with XSS payloads in the filename field to execute arbitrary JavaScript in users' browsers when the file is processed or displayed.
by LiquidWorm
CVSS 6.1
CVE-2015-20115 EXPLOITDB HIGH text
RealtyScript 4.0.2 Stored Cross-Site Scripting via File Upload Parameter
Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools.php. Attackers can upload files containing JavaScript code that executes in the context of admin/tools.php when accessed by other users.
by LiquidWorm
CVSS 7.2
CVE-2015-20114 EXPLOITDB MEDIUM text
RealtyScript 4.0.2 Cross-Site Scripting via Multiple Parameters
Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads in vulnerable parameters to execute code in users' browser sessions within the context of the affected application.
by LiquidWorm
CVSS 6.1
CVE-2015-20113 EXPLOITDB MEDIUM text
RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities
Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when logged-in users visit them, or inject persistent scripts that execute in the application context.
by LiquidWorm
CVSS 5.3
CVE-2015-20121 EXPLOITDB HIGH text
RealtyScript 4.0.2 SQL Injection via u_id and agent Parameters
Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'u_id' in /admin/users.php and the POST parameter 'agent[]' in /admin/mailer.php. Attackers can exploit time-based blind SQL injection techniques to extract sensitive database information or cause denial of service through sleep-based payloads.
by LiquidWorm
CVSS 8.2
CVE-2015-20120 EXPLOITDB HIGH text
RealtyScript 4.0.2 Multiple Time-based Blind SQL Injection
Next Click Ventures RealtyScript 4.0.2 contains multiple time-based blind SQL injection vulnerabilities that allow unauthenticated attackers to extract database information by injecting SQL code into application parameters. Attackers can craft requests with time-delay payloads to infer database contents character by character based on response timing differences.
by LiquidWorm
CVSS 8.2
CVE-2015-20119 EXPLOITDB MEDIUM text
RealtyScript 4.0.2 Stored Cross-Site Scripting via text Parameter in pages.php
Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious HTML and iframe elements through the text parameter in the pages.php admin interface. Attackers can submit POST requests to the add page action with crafted iframe payloads in the text parameter to store malicious content that executes in the browsers of users viewing the affected pages.
by LiquidWorm
CVSS 6.4
CVE-2015-20118 EXPLOITDB HIGH text
RealtyScript 4.0.2 Stored Cross-Site Scripting via location_name Parameter
Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability in the location_name parameter of the admin locations interface. Attackers can submit POST requests to the locations.php endpoint with JavaScript payloads in the location_name field to execute arbitrary code in administrator browsers.
by LiquidWorm
CVSS 7.2
CVE-2015-20117 EXPLOITDB MEDIUM text
RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation
Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create unauthorized user accounts and administrative users by crafting malicious forms. Attackers can submit hidden form data to /admin/addusers.php and /admin/editadmins.php endpoints to register new users with arbitrary credentials and escalate privileges to SUPERUSER level.
by LiquidWorm
CVSS 5.3
CVE-2015-6967 EXPLOITDB ruby VERIFIED
Nibbleblog < 4.0.4 - Remote Code Execution via My Image Plugin File Upload
Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/my_image/image.php.
by Metasploit
CVE-2015-7645 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.252-19.0.0.207 & 11.2.202.535 - RCE
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
by Google Security Research
CVSS 7.8
CVE-2014-2962 EXPLOITDB text
Belkin N150 F9K1009 Firmware < 1.00.08 - Path Traversal via getpage Parameter
Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.
by Rahul Pratap Singh
EIP-2026-118011 EXPLOITDB python
Tomabo MP4 Player 3.11.6 - Local Stack Overflow (SEH)
by yokoacc_ nudragn_ rungga_reksya
EIP-2026-116491 EXPLOITDB python VERIFIED
VideoLAN VLC Media Player 2.2.1 - libvlccore '.mp3' Stack Overflow
by Andrea Sindoni
EIP-2026-113549 EXPLOITDB ruby
WordPress Plugin Ajax Load More < 2.8.2 - Arbitrary File Upload
by PizzaHatHacker
EIP-2026-119518 EXPLOITDB c
ASX to MP3 Converter 1.82.50 (Windows 2003 x86) - '.asx' Local Stack Overflow
by Ivan Ivanovic
EIP-2026-101115 EXPLOITDB text
ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities
by Lyon Yang
CVE-2015-2553 EXPLOITDB text VERIFIED
Microsoft Windows - Privilege Escalation via Sandboxed Mount Point Junction Mishandling
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by leveraging certain sandbox access, aka "Windows Mount Point Elevation of Privilege Vulnerability."
by Google Security Research
EIP-2026-116896 EXPLOITDB python
Blat 2.7.6 SMTP / NNTP Mailer - Local Buffer Overflow
by hyp3rlinx
EIP-2026-116730 EXPLOITDB python
AdobeWorkgroupHelper 2.8.3.3 - Local Stack Buffer Overflow
by hyp3rlinx
EIP-2026-102909 EXPLOITDB python VERIFIED
Linux Kernel 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass
by soyer