Exploitdb Exploits
50,076 exploits tracked across all sources.
Polycom RealPresence Resource Manager < 8.3.2 - Privilege Escalation via Sudo Misconfiguration
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
by SEC Consult
CVSS 7.0
c2box < 4.0.0 - Cross-Site Request Forgery in UserManagement.aspx
Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 (r19171) allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors.
by Wissam Bashour
XOOPS <= 2.0.11 - Cross-Site Scripting via Order or CID Parameter
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parameter to comment_edit.php.
by GulfTech Security
dedecms < 5.7-sp1 - Unrestricted File Upload
A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.
by zise
CVSS 8.8
Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure
by Fady Mohammed Osman
Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change
by Fady Mohammed Osman
Endian Firewall < 2.5.1 - Remote Command Execution via Password Change Parameters
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
by Ben Lincoln
Endian Firewall < 2.5.1 - Remote Command Execution via Password Change Parameters
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
by Ben Lincoln
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Mohammad Reza Espargham
CVSS 8.8
Koha 3.14.00-3.14.15 - Cross-Site Request Forgery via Member Entry or Flag Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack the authentication of administrators for requests that create a user via a request to members/memberentry.pl or (2) give a user superlibrarian permission via a request to members/member-flags.pl or (3) hijack the authentication of arbitrary users for requests that conduct cross-site scripting (XSS) attacks via the addshelf parameter to opac-shelves.pl.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 8.0
ManageEngine AssetExplorer 6.1 - Cross-Site Scripting via Publisher Registry Entry
Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 allows remote attackers to inject arbitrary web script or HTML via a Publisher registry entry, which is not properly handled when the machine is scanned.
by Suraj Krishnaswami
Koha 3.14.00-3.14.15 - SQL Injection via OPAC Tags Subject Parameter
Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2) remote authenticated users to execute arbitrary SQL commands via the Filter or (3) Criteria parameter to reports/borrowers_out.pl in the Staff interface.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 9.8
Koha 3.14.00-3.14.15 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to inject arbitrary web script or HTML via the (1) tag parameter to opac-search.pl; the (2) value parameter to authorities/authorities-home.pl; the (3) delay parameter to acqui/lateorders.pl; the (4) authtypecode or (5) tagfield to admin/auth_subfields_structure.pl; the (6) tagfield parameter to admin/marc_subfields_structure.pl; the (7) limit parameter to catalogue/search.pl; the (8) bookseller_filter, (9) callnumber_filter, (10) EAN_filter, (11) ISSN_filter, (12) publisher_filter, or (13) title_filter parameter to serials/serials-search.pl; or the (14) author, (15) collectiontitle, (16) copyrightdate, (17) isbn, (18) manageddate_from, (19) manageddate_to, (20) publishercode, (21) suggesteddate_from, or (22) suggesteddate_to parameter to suggestion/suggestion.pl; or the (23) direction, (24) display or (25) addshelf parameter to opac-shelves.pl.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 5.4
Koha 3.14.00-3.14.15 - Path Traversal via Template Path Parameter
Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 7.5
Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)
by Mohammad Reza Espargham
Thycotic Secret Server <8.8.000005 - XSS
Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask.
by Marco Delai
Microsoft Win32k - Privilege Escalation
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."
by Metasploit
CVSS 7.8
WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities
by i0akiN SEC-LABORATORY
Vesta Control Panel < 0.9.8-14 - Authenticated Remote Code Execution via Backup Parameter
Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.
by High-Tech Bridge SA
CVSS 8.8
Joomla! Component com_simpleimageupload - Arbitrary File Upload
by CrashBandicot
GeniXCMS 0.0.3 - Cross-Site Scripting via Posts Page Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page to index.php.
by hyp3rlinx
MetalGenix GeniXCMS <0.0.3-patch - SQL Injection
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
by cfreer
CVSS 9.8
Adobe Flash Player ShaderJob Buffer Overflow
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3093.
by Metasploit
KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)
by Naser Farhadi
By Source