Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102048 EXPLOITDB python
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
by Orwelllabs
EIP-2026-101761 EXPLOITDB html
GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery / Command Execution
by Phan Thanh Duy
CVE-2015-5466 EXPLOITDB HIGH text
XGI WindowsXP Display Manager <6.14.10.1090 - Privilege Escalation
Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call.
by KoreLogic
CVSS 7.8
CVE-2015-5465 EXPLOITDB text
Silicon Integrated Systems WindowsXP Display Manager <6.14.10.3930 ...
Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver Manager and VGA Display Manager) 6.14.10.3930 allows local users to gain privileges via a crafted (1) 0x96002400 or (2) 0x96002404 IOCTL call.
by KoreLogic
EIP-2026-116184 EXPLOITDB python VERIFIED
Ricoh DC (SR10) 1.1.0.8 - Denial of Service
by j2x6
EIP-2026-115875 EXPLOITDB text
Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Buffer Overflow (PoC)
by Un_N0n
CVE-2015-6809 EXPLOITDB text VERIFIED
BEdita < 3.6.0 - Stored Cross-Site Scripting via Admin Config and Area Parameters
Multiple cross-site scripting (XSS) vulnerabilities in BEdita before 3.6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cfg[projectName] parameter to index.php/admin/saveConfig, the (2) data[stats_provider_url] parameter to index.php/areas/saveArea, or the (3) data[description] parameter to index.php/areas/saveSection.
by Sébastien Morin
EIP-2026-101688 EXPLOITDB text
Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities
by smash
CVE-2015-7243 EXPLOITDB perl VERIFIED
Boxoft WAV to MP3 Converter - Buffer Overflow via Crafted WAV File
Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.
by Robbie Corley
EIP-2026-116058 EXPLOITDB perl VERIFIED
PFTP Server 8.0f Lite - textfield Local Buffer Overflow (SEH) (PoC)
by Robbie Corley
EIP-2026-115742 EXPLOITDB perl
Microsoft Office 2007 - 'msxml5.dll' Crash (PoC)
by Mohammad Reza Espargham
EIP-2026-111252 EXPLOITDB text
PhpWiki 1.5.4 - Multiple Vulnerabilities
by smash
CVE-2012-3448 EXPLOITDB php
ganglia-web < 3.5.1 - Remote PHP Code Execution
Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.
by Andrei Costin
CVE-2015-3673 EXPLOITDB ruby VERIFIED
Apple OS X Entitlements Rootpipe Privilege Escalation
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.
by Metasploit
EIP-2026-102190 EXPLOITDB perl
Viber 4.2.0 - Non-Printable Characters Handling Denial of Service
by Mohammad Reza Espargham
EIP-2026-101693 EXPLOITDB text
Edimax PS-1206MF - Web Admin Authentication Bypass
by smash
CVE-2015-6811 EXPLOITDB text
CyberoamOS <= 10.6.2 MR-1 - SQL Injection via login.xml Username Parameter
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml.
by Dharmendra Kumar Singh
CVE-2013-4730 EXPLOITDB python VERIFIED
pcman's ftp server 2.0.7 - Unauthenticated Buffer Overflow via USER Command
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
by Koby
EIP-2026-119024 EXPLOITDB python VERIFIED
PCMan FTP Server 2.0.7 - 'GET' Remote Buffer Overflow
by Koby
EIP-2026-118927 EXPLOITDB
MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer
by ylbhz
EIP-2026-116371 EXPLOITDB python
Sysax Multi Server 6.40 - SSH Component Denial of Service
by 3unnym00n
EIP-2026-101970 EXPLOITDB text
Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure
by Shad Malloy
CVE-2015-6567 EXPLOITDB HIGH text
Wolf CMS < 0.8.3.1 - Authenticated Arbitrary File Upload and PHP Code Execution via File Manager
Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality.
by Narendra Bhati
CVSS 8.8
CVE-2015-10144 EXPLOITDB HIGH text VERIFIED
Responsive Thumbnail Slider <1.0.1 - Code Injection
The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type sanitization in the via the image uploader in versions up to 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected sites server using a double extension which may make remote code execution possible.
by Arash Khazaei
CVSS 8.8
EIP-2026-115302 EXPLOITDB python
freeSSHd 1.3.1 - Denial of Service
by 3unnym00n