Exploitdb Exploits
50,076 exploits tracked across all sources.
Ericsson Drutt Mobile Service Delivery Platform 4,5,6 Path Traversal via Dot Dot Encoded Slash
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI.
by Anastasios Monachos
Ceragon FibeAir IP-10 - Privilege Escalation
Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.
by Metasploit
CVSS 9.8
Fiyo CMS < 2.0.1.8 - Exposure of Sensitive Information via Database Backup File
Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/.
by Mahendra
CVSS 7.5
Palo Alto Networks Traps 3.1.2.1546 - Cross-Site Scripting via SOAP Request Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or (3) URL parameter in a SOAP request.
by Michael Hendrickx
Adobe Flash Player < 11.2.202.442 - Use-After-Free
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
by Metasploit
CVSS 9.8
WordPress Plugin SP Project & Document Manager 2.5.3 - Blind SQL Injection
by Catsecurity
fiyo_cms < 2.0.1.8 - Improper Access Control via Direct Request to fiyo/dapur
Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct request to fiyo/dapur.
by Mahendra
CVSS 9.8
JBoss AS 3/4/5/6 - Remote Command Execution
by João Filho Matos Figueiredo
AirTies Air Firmware < 1.0.2.0 - Remote Code Execution via Long Redirect Parameter
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
by Batuhan Burakcin
Elegant Themes Divi - Path Traversal
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.
by Claudio Viviani
WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download
by ACC3SS
Contact Form Maker 1.0.1 - SQL Injection via id Parameter
SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by TUNISIAN CYBER
CVSS 9.8
setroubleshoot < 3.2.22 - Remote Code Execution via Filename Shell Metacharacters
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.
by Sebastian Krahmer
JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution
by ikki
WebGate WinRDS - Stack-Based Buffer Overflow in WESPPlaybackCtrl
Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) PlaySiteAllChannel, (3) StopSiteAllChannel, or (4) SaveSiteImage function.
by Praveen Darshanam
WebGate eDVR Manager - Remote Code Execution via Stack-Based Buffer Overflow
Multiple stack-based buffer overflows in WebGate eDVR Manager allow remote attackers to execute arbitrary code via unspecified vectors to the (1) Connect, (2) ConnectEx, or (3) ConnectEx2 function in the WESPEvent.WESPEventCtrl.1 control; (4) AudioOnlySiteChannel function in the WESPPlayback.WESPPlaybackCtrl.1 control; (5) Connect or (6) ConnectEx function in the WESPPTZ.WESPPTZCtrl.1 control; (7) SiteChannel property in the WESPPlayback.WESPPlaybackCtrl.1 control; (8) SiteName property in the WESPPlayback.WESPPlaybackCtrl.1 control; or (9) OpenDVrSSite function in the WESPPTZ.WESPPTZCtrl.1 control.
by Praveen Darshanam
CVSS 8.8
WebGate Control Center RCE via Buffer Overflow in FileConverter/LoginController/WESPPlayback
Multiple buffer overflows in WebGate Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) GetRecFileInfo function in the FileConverter.FileConverterCtrl.1 control, (2) Login function in the LoginContoller.LoginControllerCtrl.1 control, or (3) GetThumbnail function in the WESPPlayback.WESPPlaybackCtrl.1 control.
by Praveen Darshanam
CVSS 8.8
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Naser Farhadi
CVSS 8.8
Berta CMS < 0.8.9b - Unauthenticated Arbitrary File Upload and Remote Code Execution via Image File
Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
by Simon Waters
CVSS 9.8
pfSense < 2.2.1 - Cross-Site Scripting via Multiple WebGUI Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php.
by High-Tech Bridge SA
WebGate Embedded Standard Protocol SDK - Buffer Overflows in LoadImage, LoadImageEx, ChangePassword, Connect, and AddID
Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) SDK allow remote attackers to execute arbitrary code via unspecified vectors to the (1) LoadImage or (2) LoadImageEx function in the WESPMonitor.WESPMonitorCtrl.1 control, (3) ChangePassword function in the WESPCONFIGLib.UserItem control, Connect function in the (4) WESPSerialPort.WESPSerialPortCtrl.1 or (5) WESPPLAYBACKLib.WESPPlaybackCtrl control, or (6) AddID function in the WESPCONFIGLib.IDList control or a (7) long string to the second argument to the ConnectEx3 function in the WESPPLAYBACKLib.WESPPlaybackCtrl control.
by Praveen Darshanam
Mini-stream RM Downloader 3.0.0.9 - Stack-based Buffer Overflow via Long RTSP URL
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.
by TUNISIAN CYBER
By Source