Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114849 EXPLOITDB text VERIFIED
Acoustica Pianissimo 1.0 Build 12 - 'Registration ID' Buffer Overflow (PoC)
by LiquidWorm
EIP-2026-114167 EXPLOITDB text VERIFIED
WordPress Plugin Video Gallery 2.8 - Arbitrary Mail Relay
by Claudio Viviani
EIP-2026-114054 EXPLOITDB text VERIFIED
WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection
by woodspeed
CVE-2015-4063 EXPLOITDB text VERIFIED
NewStatPress < 0.9.8 - Authenticated Cross-Site Scripting via where1 Parameter
Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php.
by Adrián M. F.
EIP-2026-113878 EXPLOITDB text
WordPress Plugin MailChimp Subscribe Forms 1.1 - Remote Code Execution
by woodspeed
CVE-2015-4065 EXPLOITDB text VERIFIED
Landing Pages < 1.8.4 - Authenticated Cross-Site Scripting via Post Parameter
Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php.
by Adrián M. F.
CVE-2015-4066 EXPLOITDB text VERIFIED
GigPress < 2.3.8 - Authenticated SQL Injection via show_artist_id or show_venue_id Parameter
Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php.
by Adrián M. F.
CVE-2015-4127 EXPLOITDB text
Church Admin < 0.800 - Cross-Site Scripting via Address Parameter
Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/.
by woodspeed
EIP-2026-104626 EXPLOITDB text
ClickHeat 1.13+ - Remote Command Execution
by Calum Hutton
CVE-2014-0999 EXPLOITDB text VERIFIED
Sendio < 7.2.3 - Session Identifier Exposure via Referrer HTTP Header
Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Referrer HTTP header.
by Core Security
CVE-2015-1833 EXPLOITDB python
Apache Jackrabbit XML External Entity Injection via WebDAV Request
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.
by Mikhail Egorov
CVE-2015-0060 EXPLOITDB text
Windows - Denial of Service via Font Mapper in win32k.sys
The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Windows Font Driver Denial of Service Vulnerability."
by Sky lake
EIP-2026-102199 EXPLOITDB python VERIFIED
FTP Media Server 3.0 - Authentication Bypass / Denial of Service
by Wh1t3Rh1n0 (Michael Allen)
CVE-2015-3202 EXPLOITDB text VERIFIED
FUSE <2.9.3-15 - Local Privilege Escalation
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
by Tavis Ormandy
CVE-2015-1325 EXPLOITDB HIGH c
Apport <2.17.2-0ubuntu1.1, <2.14.70ubuntu8.5, <2.14.1-0ubuntu3.11, ...
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges.
by rebel
CVSS 7.0
CVE-2015-3325 EXPLOITDB text
WP Symposium < 15.2 - SQL Injection via Forum Show Parameter
SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI.
by Hannes Trunde
CVE-2015-4039 EXPLOITDB MEDIUM text
WP Membership 1.2.3 - Authenticated Cross-Site Scripting via Profile Fields or New Post Content
Multiple cross-site scripting (XSS) vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified (1) profile fields or (2) new post content. NOTE: CVE-2015-4038 can be used to bypass the administrator confirmation step for vector 2.
by Panagiotis Vagenas
CVSS 5.4
EIP-2026-107192 EXPLOITDB text
Forma LMS 1.3 - Multiple SQL Injections
by Filippo Roncari
CVE-2014-7872 EXPLOITDB text
Comodo GeekBuddy < 4.18.120 - Unauthenticated Privilege Escalation via VNC Server
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
by Jeremy Brown
EIP-2026-116651 EXPLOITDB python
ZOC SSH Client - Buffer Overflow (SEH) (PoC)
by Dolev Farhi
CVE-2015-4018 EXPLOITDB text VERIFIED
FeedWordPress < 2015.0514 - Authenticated SQL Injection via link_ids[] Parameter
SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the link_ids[] parameter in an Update action in the syndication.php page to wp-admin/admin.php.
by Adrián M. F.
CVE-2014-9195 EXPLOITDB python VERIFIED
Phoenix Contact ProConOs & MultiProg - RCE
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic.
by Photubias
CVE-2014-4113 EXPLOITDB HIGH python VERIFIED
Microsoft Windows - Privilege Escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
by ryujin
CVSS 7.8
EIP-2026-115675 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 11 - Crash (PoC) (1)
by Garage4Hackers
EIP-2026-119394 EXPLOITDB html VERIFIED
ManageEngine EventLog Analyzer 10.0 Build 10001 - Cross-Site Request Forgery
by Akash S. Chavan