Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-4669 EXPLOITDB HIGH text
Xceedium Xsuite 2.x - Unauthenticated SQL Injection via Default MySQL Root Account
The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
by modzero
CVSS 7.8
EIP-2026-114148 EXPLOITDB text
WordPress Plugin Unite Gallery Lite 1.4.6 - Multiple Vulnerabilities
by Nitin Venkatesh
CVE-2015-5533 EXPLOITDB HIGH text
WordPress Count Per Day <3.4.1 - SQL Injection
SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
by High-Tech Bridge SA
CVSS 7.2
EIP-2026-104275 EXPLOITDB text
Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage
by hyp3rlinx
CVE-2015-3246 EXPLOITDB text VERIFIED
libuser <0.56.13-8 & 0.60 <0.60-7 - DoS
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.
by Qualys Corporation
CVE-2015-2878 EXPLOITDB HIGH text
Hexis HawkEye G 3.0.1.4912 - Cross-Site Request Forgery via Multiple Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2) Url matching, (3) DNS Inject, or (4) IP Redirect Sensor in a request to interface/rest/dpi/setEnabled/1; or (5) perform whitelisting of malware MD5 hash IDs via the id parameter to interface/rest/md5-threats/whitelist.
by hyp3rlinx
CVSS 8.8
EIP-2026-115103 EXPLOITDB perl
Counter-Strike 1.6 - 'GameInfo' Query Reflection Denial of Service (PoC)
by Todor Donev
EIP-2026-104579 EXPLOITDB bash VERIFIED
Apple Mac OSX 10.10 - 'DYLD_PRINT_TO_FILE' Local Privilege Escalation
by Stefan Esser
CVE-2015-4074 EXPLOITDB HIGH text
Helpdesk Pro < 1.3.0 - Path Traversal via Ticket Download Attachment Filename Parameter
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task.
by Simon Rawet
CVSS 7.5
CVE-2015-4073 EXPLOITDB CRITICAL text
Helpdesk Pro < 1.3.0 - SQL Injection via Ticket Code or Email Parameter
Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL commands via the filter_order parameter.
by Simon Rawet
CVSS 9.8
CVE-2015-4072 EXPLOITDB MEDIUM text
Helpdesk Pro < 1.3.0 - Cross-Site Scripting via Name and Message Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and message.
by Simon Rawet
CVSS 5.4
CVE-2015-4071 EXPLOITDB MEDIUM text
Helpdesk Pro Plugin < 1.3.0 - Unauthorized Support Ticket Information Disclosure via Ticket ID
The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}.
by Simon Rawet
CVSS 5.3
CVE-2014-6332 EXPLOITDB HIGH php
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Mohammad Reza Espargham
CVSS 8.8
CVE-2005-2414 EXPLOITDB text
xpcom - Denial of Service via Nested DIV Tags
Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering page and referenced objects to be deleted.
by GulfTech Security
CVE-2015-4075 EXPLOITDB HIGH text
Helpdesk Pro < 1.3.0 - Arbitrary File Write via Language Save Task
The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task.
by Simon Rawet
CVSS 8.1
CVE-2015-2995 EXPLOITDB ruby VERIFIED
SysAid < 15.1 - Remote Code Execution via RdsLogsEntry File Upload
The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, which allows remote attackers to upload and execute arbitrary files via a NULL byte after the extension, as demonstrated by a .war%00 file.
by Metasploit
CVE-2015-0097 EXPLOITDB text
Microsoft Office 2007 SP3 and 2010 SP2 - Remote Code Execution via Crafted Office Document
Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability."
by Eduardo Braun Prado
CVE-2015-5399 EXPLOITDB MEDIUM text
phpvibe < 4.20 - Authenticated Stored Cross-Site Scripting via Comment
Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment.
by Filippos Mastrogiannis
CVSS 5.4
EIP-2026-104155 EXPLOITDB text
AirDroid iOS / Android / Win 3.1.3 - Persistent
by Vulnerability-Lab
CVE-2015-2153 EXPLOITDB text
tcpdump < 4.7.0 - Denial of Service via Crafted RPKI-RTR PDU Header Length
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
by Luke Arntson
EIP-2026-102162 EXPLOITDB python VERIFIED
Image Transfer IOS - Remote Crash (PoC)
by Mohammad Reza Espargham
CVE-2025-34125 EXPLOITDB CRITICAL ruby VERIFIED
D-Link DSP-W110A1 <1.05B01 - Command Injection
An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the underlying Linux operating system. Successful exploitation enables full system compromise.
by Metasploit
EIP-2026-113610 EXPLOITDB text
WordPress Plugin BuddyPress Activity Plus 1.5 - Cross-Site Request Forgery
by Tom Adams
CVE-2011-0997 EXPLOITDB text
ISC DHCP 3.0.x-4.2.x - Remote Code Execution via DHCP Hostname Shell Metacharacters
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
by Pierre Kim
EIP-2026-113690 EXPLOITDB text
WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - (Authenticated) Persistent Cross-Site Scripting
by Filippos Mastrogiannis