Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-7707 EXPLOITDB text
Ignite Realtime Openfire 3.10.2 - Privilege Escalation
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
by hyp3rlinx
CVE-2015-6972 EXPLOITDB text
Ignite Realtime Openfire 3.10.2 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName parameter to plugins/clientcontrol/create-bookmark.jsp; the (3) hostname parameter to server-session-details.jsp; or the (4) search parameter to group-summary.jsp.
by hyp3rlinx
CVE-2015-6973 EXPLOITDB text
Ignite Realtime Openfire 3.10.2 - Cross-Site Request Forgery via Multiple Administrative Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp.
by hyp3rlinx
EIP-2026-101479 EXPLOITDB text
TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials
by LiquidWorm
EIP-2026-115429 EXPLOITDB text
IKEView.exe R60 - Stack Buffer Overflow (PoC)
by hyp3rlinx
EIP-2026-113733 EXPLOITDB text
WordPress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
by Felipe Molina
EIP-2026-104325 EXPLOITDB text VERIFIED
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
by xistence
CVE-2015-7387 EXPLOITDB text VERIFIED
ManageEngine EventLog Analyzer < 10.6 - SQL Injection via event/runQuery.do Query Parameter
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrated by "SELECT 1;INSERT INTO." Fixed in Build 11200.
by xistence
EIP-2026-115428 EXPLOITDB text
IKEView.exe Fox Beta 1 - Stack Buffer Overflow (PoC)
by hyp3rlinx
CVE-2015-2509 EXPLOITDB python
Windows Media Center - Remote Code Execution via Crafted MCL File
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."
by R-73eN
EIP-2026-117424 EXPLOITDB perl
Logitech Webcam Software 1.1 - 'eReg.exe' Local Buffer Overflow (SEH Unicode)
by Robbie Corley
EIP-2026-115681 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 11 - Stack Underflow Crash (PoC)
by Mjx
EIP-2026-109564 EXPLOITDB text
Monsta FTP 1.6.2 - Multiple Vulnerabilities
by hyp3rlinx
CVE-2015-6908 EXPLOITDB text
OpenLDAP < 2.4.42 - Denial of Service via Crafted BER Data
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
by Denis Andzakovic
EIP-2026-110630 EXPLOITDB php
PHP 5.5.9 - 'zend_executor_globals' 'CGIMode FPM WriteProcMemFile' disable_functions Bypass / Load Dynamic Library
by ylbhz
EIP-2026-110017 EXPLOITDB text
Octogate UTM 3.0.12 - Admin Interface Directory Traversal
by Oliver Karow
CVE-2015-5754 EXPLOITDB text VERIFIED
macOS < 10.10.5 - Privilege Escalation via Install Framework Legacy Runner Race Condition
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error.
by Google Security Research
CVE-2015-5784 EXPLOITDB text VERIFIED
Apple OS X <10.10.5 - Privilege Escalation
runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
by Google Security Research
CVE-2015-3704 EXPLOITDB text VERIFIED
Apple OS X <10.10.4 - Privilege Escalation
runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
by Google Security Research
CVE-2015-6912 EXPLOITDB text
Synology Video Station < 1.5-0757 - Remote Command Execution via Subtitle Codepage Parameter
Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi.
by Han Sahin
CVE-2015-3623 EXPLOITDB text
QlikTech Qlikview <11.20 SR12 - SSRF
XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.
by Alex Haynes
CVE-2015-6827 EXPLOITDB html
Auto-Exchanger 5.1.0 - Cross-Site Request Forgery via Password Change Request
Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger 5.1.0 allows remote attackers to hijack the authentication of users for requests that change a password via a request to signup.php.
by Aryan Bayaninejad
CVE-2015-6835 EXPLOITDB CRITICAL text VERIFIED
Joomla HTTP Header Unauthenticated Remote Code Execution
The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content.
by Taoguang Chen
CVSS 9.8
EIP-2026-104672 EXPLOITDB text
PHP GMP - 'unserialize()' Use-After-Free
by Taoguang Chen
CVE-2015-6834 EXPLOITDB CRITICAL text VERIFIED
PHP < 5.4.45 - Remote Code Execution via Unserialization Use-After-Free
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.
by Taoguang Chen
CVSS 9.8