Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-6568 EXPLOITDB HIGH text
Wolf CMS < 0.8.3.1 - Authenticated Arbitrary File Upload and PHP Code Execution via File Manager
Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. Exploitation requires a registered user who has access to upload functionality.
by Narendra Bhati
CVSS 8.8
EIP-2026-111358 EXPLOITDB text
Pluck CMS 4.7.3 - Multiple Vulnerabilities
by smash
EIP-2026-102384 EXPLOITDB text
Jenkins 1.626 - Cross-Site Request Forgery / Code Execution
by smash
EIP-2026-102179 EXPLOITDB text
Photo Transfer (2) 1.0 iOS - Denial of Service
by Vulnerability-Lab
EIP-2026-118540 EXPLOITDB python VERIFIED
FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution
by Naser Farhadi
EIP-2026-116597 EXPLOITDB text
Xion Audio Player 1.5 build 155 - Stack Buffer Overflow
by Un_N0n
CVE-2015-6810 EXPLOITDB text
Invision Power Board 4.x < 4.0.12.1 - Authenticated Cross-Site Scripting via Event Location Address Parameter
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x before 4.0.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the event_location[address] array parameter to calendar/submit/.
by snop
CVE-2017-1000028 EXPLOITDB HIGH text VERIFIED
Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
by Trustwave's SpiderLabs
CVSS 7.5
CVE-2015-3214 EXPLOITDB text VERIFIED
Linux kernel <2.6.33 & QEMU <2.3.1 - Use After Free
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
by Google Security Research
EIP-2026-102836 EXPLOITDB python
FENIX 0.92 - Local Buffer Overflow
by Juan Sacco
EIP-2026-102793 EXPLOITDB python
BSIGN 0.4.5 - Local Buffer Overflow
by Juan Sacco
CVE-2015-1397 EXPLOITDB python
Magento CE/EE 1.9.1.0-1.14.1.0 - SQL Injection
SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr] parameter when the popularity[from] or popularity[to] parameter is set.
by Manish Tanwar
EIP-2026-116492 EXPLOITDB python
VideoLAN VLC Media Player 2.2.1 - m3u8/m3u Crash (PoC)
by Naser Farhadi
CVE-2013-1763 EXPLOITDB c
Linux Kernel < 3.4.34 - Local Privilege Escalation via Netlink Message Family Value
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
by Vitaly Nikolenko
EIP-2026-103055 EXPLOITDB python
ZSNES 1.51 - Local Buffer Overflow
by Juan Sacco
CVE-2015-0065 EXPLOITDB text VERIFIED
Microsoft Word 2007 SP3 - Remote Code Execution via Crafted Office Document
Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "OneTableDocumentStream Remote Code Execution Vulnerability."
by Google Security Research
CVE-2015-0064 EXPLOITDB text VERIFIED
Microsoft Office and Web Applications - Remote Code Execution via Crafted Office Document
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Office Remote Code Execution Vulnerability."
by Google Security Research
CVE-2016-6195 EXPLOITDB CRITICAL text VERIFIED
vBulletin <4.2.2 PL5 & <4.2.3 PL1 - SQL Injection
SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016.
by Manish Tanwar
CVSS 9.8
EIP-2026-101818 EXPLOITDB text
Keeper IP Camera 3.2.2.10 - Authentication Bypass
by RAT - ThiefKing
CVE-2015-0802 EXPLOITDB ruby VERIFIED
Firefox PDF.js Privileged Javascript Injection
Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.
by Metasploit
EIP-2026-118463 EXPLOITDB python VERIFIED
Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow
by Tracy Turben
EIP-2026-118454 EXPLOITDB python VERIFIED
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow
by Tracy Turben
EIP-2026-115848 EXPLOITDB python
Mock SMTP Server 1.0 - Remote Crash (PoC)
by Shankar Damodaran
EIP-2026-115338 EXPLOITDB text
GOM Audio 2.0.8 - '.gas' Crash (PoC)
by Un_N0n
EIP-2026-114330 EXPLOITDB text
WordPress Theme GeoPlaces3 - Arbitrary File Upload
by Mdn_Newbie