Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-4133 EXPLOITDB ruby VERIFIED
reflex_gallery < 3.1.3 - Unauthenticated Arbitrary PHP File Upload via FileUploader
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory.
by Metasploit
EIP-2026-104790 EXPLOITDB ruby VERIFIED
WordPress Plugin N-Media Website Contact Form - Arbitrary File Upload (Metasploit)
by Metasploit
CVE-2014-8739 EXPLOITDB CRITICAL ruby VERIFIED
Creative Contact Form < 1.0.0 - Unauthenticated Arbitrary File Upload via jQuery File Upload Plugin
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute arbitrary code by uploading a PHP file with an PHP extension, then accessing it via a direct request to the file in files/, as exploited in the wild in October 2014.
by Metasploit
CVSS 9.8
CVE-2015-1100 EXPLOITDB c
Apple macOS X < 10.10.2 - Denial of Service via Out-of-Bounds Memory Access
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.
by Maxime Villard
EIP-2026-104430 EXPLOITDB text
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
by Vulnerability-Lab
CVE-2015-3306 EXPLOITDB python
ProFTPD 1.3.5 - Unauthenticated Arbitrary File Read and Write via mod_copy Site Commands
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
by R-73eN
EIP-2026-102311 EXPLOITDB text
Wifi Drive Pro 1.2 iOS - Local File Inclusion
by Vulnerability-Lab
EIP-2026-102272 EXPLOITDB text
Photo Manager Pro 4.4.0 iOS - Local File Inclusion
by Vulnerability-Lab
EIP-2026-102271 EXPLOITDB text
Photo Manager Pro 4.4.0 iOS - Code Execution
by Vulnerability-Lab
EIP-2026-102258 EXPLOITDB text
Mobile Drive HD 1.8 - Local File Inclusion
by Vulnerability-Lab
CVE-2014-7951 EXPLOITDB MEDIUM text
Android 4.0.4 - Path Traversal and Arbitrary File Write via ADB Backup Tar Headers
Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers.
by Imre Rad
CVSS 4.6
CVE-2014-5370 EXPLOITDB text VERIFIED
BlueDragon < 7.1.1 - Path Traversal via CFChart Servlet QUERY_STRING
Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.
by Portcullis
EIP-2026-100677 EXPLOITDB c
OpenBSD 5.6 - Multiple Local Kernel Panics (Denial of Service)
by nitr0us
CVE-2005-1200 EXPLOITDB text
AZ Bulletin Board 1.0.07a-1.0.07c - Remote File Inclusion via dir_src or abs_layer Parameter
PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code.
by GulfTech Security
CVE-2015-2572 EXPLOITDB text
Oracle Hyperion <11.1.2.5.216 - Info Disclosure
Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and earlier, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
by sajith
CVE-2015-0493 EXPLOITDB text
Oracle Outside In Technology - Unspecified Vuln
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0474.
by Francis Provencher
CVE-2015-1318 EXPLOITDB bash
Apport <2.17.1 - Privilege Escalation
The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).
by Ricardo F. Teixeira
CVE-2015-1635 EXPLOITDB CRITICAL python
MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
by laurent gaffie
CVSS 9.8
EIP-2026-113551 EXPLOITDB text
WordPress Plugin Ajax Store Locator 1.2 - SQL Injection
by Claudio Viviani
CVE-2015-1635 EXPLOITDB CRITICAL c
MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
by rhcp011235
CVSS 9.8
EIP-2026-113897 EXPLOITDB text
WordPress Plugin MiwoFTP 1.0.5 - Arbitrary File Download (1)
by Necmettin COSKUN
CVE-2015-1862 EXPLOITDB HIGH c VERIFIED
abrt < 2.2.0 - Local Privilege Escalation via Race Condition in Crash Reporting
The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.
by Tavis Ormandy
CVSS 7.0
CVE-2015-0555 EXPLOITDB html
Samsung iPOLiS Device Manager 1.12.2 - Remote Code Execution via ReadConfigValue or WriteConfigValue Function
Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function.
by Praveen Darshanam
EIP-2026-114169 EXPLOITDB text
WordPress Plugin Video Gallery 2.8 - SQL Injection
by Claudio Viviani
EIP-2026-113901 EXPLOITDB text
WordPress Plugin MiwoFTP 1.0.5 - Multiple Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities
by LiquidWorm