Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102542 EXPLOITDB text
WedgeOS 4.0.4 - Multiple Vulnerabilities
by Security-Assessment.com
CVE-2015-4685 EXPLOITDB HIGH text
Polycom RealPresence Resource Manager < 8.3.2 - Privilege Escalation via Sudo Misconfiguration
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
by SEC Consult
CVSS 7.0
CVE-2015-4460 EXPLOITDB text
c2box < 4.0.0 - Cross-Site Request Forgery in UserManagement.aspx
Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 (r19171) allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors.
by Wissam Bashour
CVE-2005-2112 EXPLOITDB text
XOOPS <= 2.0.11 - Cross-Site Scripting via Order or CID Parameter
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parameter to comment_edit.php.
by GulfTech Security
CVE-2015-4553 EXPLOITDB HIGH text
dedecms < 5.7-sp1 - Unrestricted File Upload
A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.
by zise
CVSS 8.8
EIP-2026-101788 EXPLOITDB python
Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure
by Fady Mohammed Osman
EIP-2026-101787 EXPLOITDB python
Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change
by Fady Mohammed Osman
CVE-2015-5082 EXPLOITDB text
Endian Firewall < 2.5.1 - Remote Command Execution via Password Change Parameters
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
by Ben Lincoln
CVE-2015-5082 EXPLOITDB python
Endian Firewall < 2.5.1 - Remote Command Execution via Password Change Parameters
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
by Ben Lincoln
CVE-2014-6332 EXPLOITDB HIGH php VERIFIED
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Mohammad Reza Espargham
CVSS 8.8
CVE-2015-4630 EXPLOITDB HIGH text
Koha 3.14.00-3.14.15 - Cross-Site Request Forgery via Member Entry or Flag Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack the authentication of administrators for requests that create a user via a request to members/memberentry.pl or (2) give a user superlibrarian permission via a request to members/member-flags.pl or (3) hijack the authentication of arbitrary users for requests that conduct cross-site scripting (XSS) attacks via the addshelf parameter to opac-shelves.pl.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 8.0
CVE-2015-2169 EXPLOITDB text
ManageEngine AssetExplorer 6.1 - Cross-Site Scripting via Publisher Registry Entry
Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 allows remote attackers to inject arbitrary web script or HTML via a Publisher registry entry, which is not properly handled when the machine is scanned.
by Suraj Krishnaswami
CVE-2015-4633 EXPLOITDB CRITICAL text
Koha 3.14.00-3.14.15 - SQL Injection via OPAC Tags Subject Parameter
Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2) remote authenticated users to execute arbitrary SQL commands via the Filter or (3) Criteria parameter to reports/borrowers_out.pl in the Staff interface.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 9.8
CVE-2015-4631 EXPLOITDB MEDIUM text
Koha 3.14.00-3.14.15 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to inject arbitrary web script or HTML via the (1) tag parameter to opac-search.pl; the (2) value parameter to authorities/authorities-home.pl; the (3) delay parameter to acqui/lateorders.pl; the (4) authtypecode or (5) tagfield to admin/auth_subfields_structure.pl; the (6) tagfield parameter to admin/marc_subfields_structure.pl; the (7) limit parameter to catalogue/search.pl; the (8) bookseller_filter, (9) callnumber_filter, (10) EAN_filter, (11) ISSN_filter, (12) publisher_filter, or (13) title_filter parameter to serials/serials-search.pl; or the (14) author, (15) collectiontitle, (16) copyrightdate, (17) isbn, (18) manageddate_from, (19) manageddate_to, (20) publishercode, (21) suggesteddate_from, or (22) suggesteddate_to parameter to suggestion/suggestion.pl; or the (23) direction, (24) display or (25) addshelf parameter to opac-shelves.pl.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 5.4
CVE-2015-4632 EXPLOITDB HIGH text
Koha 3.14.00-3.14.15 - Path Traversal via Template Path Parameter
Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search.
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos
CVSS 7.5
EIP-2026-104555 EXPLOITDB php VERIFIED
Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)
by Mohammad Reza Espargham
CVE-2015-3443 EXPLOITDB text
Thycotic Secret Server <8.8.000005 - XSS
Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask.
by Marco Delai
CVE-2015-1701 EXPLOITDB HIGH ruby VERIFIED
Microsoft Win32k - Privilege Escalation
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."
by Metasploit
CVSS 7.8
EIP-2026-113814 EXPLOITDB text
WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities
by i0akiN SEC-LABORATORY
CVE-2015-4117 EXPLOITDB HIGH text VERIFIED
Vesta Control Panel < 0.9.8-14 - Authenticated Remote Code Execution via Backup Parameter
Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.
by High-Tech Bridge SA
CVSS 8.8
EIP-2026-108540 EXPLOITDB text
Joomla! Component com_simpleimageupload - Arbitrary File Upload
by CrashBandicot
CVE-2015-5066 EXPLOITDB text
GeniXCMS 0.0.3 - Cross-Site Scripting via Posts Page Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page to index.php.
by hyp3rlinx
CVE-2015-3933 EXPLOITDB CRITICAL text
MetalGenix GeniXCMS <0.0.3-patch - SQL Injection
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
by cfreer
CVSS 9.8
CVE-2015-3090 EXPLOITDB ruby VERIFIED
Adobe Flash Player ShaderJob Buffer Overflow
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3093.
by Metasploit
EIP-2026-117391 EXPLOITDB python
KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)
by Naser Farhadi