Exploitdb Exploits
50,076 exploits tracked across all sources.
WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Deletion
by LiquidWorm
WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Creation / Remote Code Execution
by LiquidWorm
abrt < 2.2.0 - Local Privilege Escalation via Race Condition in Crash Reporting
The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.
by Tavis Ormandy
CVSS 7.0
ABRT raceabrt Privilege Escalation
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
by Tavis Ormandy
CVSS 7.8
Adobe Flash Player < 13.0.0.250, 14.x-15.x < 15.0.0.189, < 11.2.202.411 - Remote Code Execution via Integer Overflow
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
by Metasploit
WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure
by Khwanchai Kaewyos
WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)
by Claudio Viviani
WordPress Plugin Duplicator 0.5.14 - SQL Injection / Cross-Site Request Forgery
by Claudio Viviani
Apple OS X Rootpipe Privilege Escalation
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
by Metasploit
CVSS 7.8
Samba _netr_ServerPasswordSet Uninitialized Credential State
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
by sleepya
ProFTPD 1.3.5 - Unauthenticated Arbitrary File Read and Write via mod_copy Site Commands
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
by anonymous
Linux Kernel < 3.15.8 - Denial of Service via Splice System Call
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.
by Emeric Nasi
Lenovo System Update < 5.06.0027 - Privilege Escalation via Predictable Security Token
Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses predictable security tokens, which allows local users to gain privileges by sending a valid token with a command to the System Update service (SUService.exe) through an unspecified named pipe.
by Metasploit
WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload
by Manish Tanwar
Apple OS X Rootpipe Privilege Escalation
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
by Emil Kvarnhammar
CVSS 7.8
Barracuda Firmware 5.0.0.012 - (Authenticated) Remote Command Execution (Metasploit)
by xort
SolarWinds Firewall Security Manager < 6.6.5 - Remote Code Execution via Client Session Handling
userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.
by Metasploit
WordPress Plugin Traffic Analyzer 3.4.2 - Blind SQL Injection
by Dan King
Shareaholic < 7.6.0.9 - Authenticated Cross-Site Scripting via location[id] Parameter
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action to wp-admin/admin-ajax.php.
by Kacper Szurek
WordPress Plugin All In One WP Security & Firewall 3.9.0 - SQL Injection
by Claudio Viviani
Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities
by LiquidWorm
Novell ZENworks Configuration Management < 11.3.2 - Remote Code Execution via UploadServlet uid Parameter
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.
by Pedro Ribeiro
By Source