Exploitdb Exploits
50,076 exploits tracked across all sources.
AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP Firmware - Authenticated OS Command Injection via mac Parameter
snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter.
by Core Security
CVSS 8.8
Orchard 1.7.3-1.8.2 and 1.9.x < 1.9.1 - Stored Cross-Site Scripting via Username
Cross-site scripting (XSS) vulnerability in the Users module in Orchard 1.7.3 through 1.8.2 and 1.9.x before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the username when creating a new user account, which is not properly handled when deleting an account.
by Paris Zoumpouloglou
WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload
by TUNISIAN CYBER
phpliteadmin 1.1 - Cross-Site Scripting via PATH_INFO or Table Parameters
Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) droptable parameter, or (3) table parameter to phpliteadmin.php.
by hyp3rlinx
D-Link DSL-2750u / DSL-2730u - (Authenticated) Local File Disclosure
by SATHISH ARTHAR
miniupnpd 1.0 - Remote Code Execution via Long Quoted Method in SOAPAction Handler
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
by Todor Donev
s3bubble-amazon-s3-html-5-video-with-adverts 0.7 - Path Traversal via Downloader Path Parameter
The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.
by CrashBandicot
CVSS 7.5
WordPress Plugin Albo Pretorio Online 3.2 - Multiple Vulnerabilities
by Alessandro Cingolani
PEAR XML_RPC < 1.3.0 and PHPXMLRPC < 1.1 - Remote Code Execution via Unsanitized XML Input
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.
by GulfTech Security
McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free (PoC)
by Marcin Ressel
Novius OS 5.0.1 - Path Traversal via Tab Parameter
Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tab parameter to admin/.
by hyp3rlinx
Polycom RealPresence Resource Manager < 8.3.2 - Authenticated Directory Traversal and Arbitrary File Upload
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary files via the (2) Filename or (3) SE_FNAME parameter to PlcmRmWeb/FileUpload or to read and remove arbitrary files via the (4) filePathName parameter in an importSipUriReservations SOAP request to PlcmRmWeb/JUserManager.
by SEC Consult
CVSS 6.5
Polycom RealPresence Resource Manager < 8.3.2 - Session ID Info Disclosure & Privilege Escalation
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.
by SEC Consult
CVSS 9.8
Polycom RealPresence Resource Manager < 8.3.2 - Authenticated Installation Path Exposure via JConfigManager
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.
by SEC Consult
CVSS 6.5
Polycom RealPresence Resource Manager < 8.3.2 - Unspecified Impact via Weak Passwords
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
by SEC Consult
CVSS 7.8
Watchguard XCS <10.0 - SQL Injection
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.
by Security-Assessment.com
Novius OS 5.0.1 - Open Redirect via Login Redirect Parameter
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
by hyp3rlinx
Fiyo CMS 2.0_1.9.1 - SQL Injection via id Parameter or user Parameter
Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login.
by cfreer
CVSS 9.8
Adobe Flash Player Drawing Fill Shader Memory Corruption
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
by Metasploit
CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion
by otr
By Source