Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-117605 EXPLOITDB python VERIFIED
Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow
by TUNISIAN CYBER
CVE-2015-2295 EXPLOITDB text
pfSense < 2.2 - Cross-Site Request Forgery via system_firmware_restorefullbackup.php deletefile Parameter
Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter.
by High-Tech Bridge SA
CVE-2014-7910 EXPLOITDB ruby
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Patrick Pellegrino
CVE-2014-7910 EXPLOITDB ruby
Google Chrome < 39.0.2171.65 - Denial of Service or Other Impact
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Patrick Pellegrino
CVE-2014-9013 EXPLOITDB HIGH python
WP Marketplace <2.4.0 - Privilege Escalation
The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user.
by Claudio Viviani
CVSS 8.8
CVE-2015-0313 EXPLOITDB CRITICAL text
Adobe Flash Player < 11.2.202.442 - Use-After-Free
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
by SecurityObscurity
CVSS 9.8
CVE-2014-9014 EXPLOITDB MEDIUM python
WP Marketplace <2.4.1 - Path Traversal
Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter.
by Claudio Viviani
CVSS 4.3
EIP-2026-118333 EXPLOITDB python VERIFIED
Bsplayer 2.68 - HTTP Response Universal
by Fady Mohammed Osman
EIP-2026-113828 EXPLOITDB php
WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload
by KedAns-Dz
CVE-2014-8636 EXPLOITDB ruby VERIFIED
Firefox < 34.0.5 and SeaMonkey < 2.31 - Remote Code Execution via XrayWrapper DOM Interaction
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
by Metasploit
CVE-2011-5165 EXPLOITDB python VERIFIED
Free MP3 CD Ripper <= 2.6 - Stack-based Buffer Overflow via Crafted WAV File
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
by TUNISIAN CYBER
CVE-2014-9014 EXPLOITDB MEDIUM text
WP Marketplace <2.4.1 - Path Traversal
Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter.
by Kacper Szurek
CVSS 4.3
EIP-2026-108870 EXPLOITDB text
Joomla! Component Spider FAQ - SQL Injection
by Manish Tanwar
CVE-2014-5144 EXPLOITDB MEDIUM text
Telescope < 0.9.0 - Authenticated Stored Cross-Site Scripting via Markdown
Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted markdown.
by shubs
CVSS 5.4
CVE-2015-2682 EXPLOITDB text
Citrix Command Center <5.1-5.2 - Info Disclosure
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml.
by Han Sahin
CVE-2014-0980 EXPLOITDB ruby VERIFIED
Publish-It PUI Buffer Overflow (SEH)
Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file.
by Metasploit
EIP-2026-117559 EXPLOITDB text
Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Privilege Escalation
by Google Security Research
EIP-2026-115238 EXPLOITDB perl VERIFIED
FastStone Image Viewer 5.3 - '.tga' Crash (PoC)
by ITDefensor Vulnerability Research Team
CVE-2015-2562 EXPLOITDB text
Web-Dorado ECommerce WD for Joomla! search_category_id SQL Injection Scanner
Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component 1.2.5 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) search_category_id, (2) sort_order, or (3) filter_manufacturer_ids in a displayproducts action to index.php.
by Brandon Perry
EIP-2026-105809 EXPLOITDB text
Chamilo LMS 1.9.10 - Multiple Vulnerabilities
by Rehan Ahmed
CVE-2014-7236 EXPLOITDB CRITICAL ruby VERIFIED
TWiki Debugenableplugins Remote Code Execution
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.
by Metasploit
CVSS 9.1
CVE-2015-2838 EXPLOITDB text
Citrix NetScaler - Cross-Site Request Forgery via Nitro API
Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands as nsroot via shell metacharacters in the file_name JSON member in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix.
by Han Sahin
CVE-2015-0516 EXPLOITDB text
EMC ViPR SRM < 3.6.1 and Watch4Net < 6.5u1 - Authenticated Path Traversal
Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL.
by Han Sahin
CVE-2015-0514 EXPLOITDB text
EMC Watch4Net < 6.5 and ViPR SRM < 3.6.0 - Unauthorized Exposure of Sensitive Credentials
EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might allow remote attackers to obtain cleartext data-center discovery credentials by leveraging certain SRM access to conduct a decryption attack.
by Han Sahin
CVE-2015-2281 EXPLOITDB text VERIFIED
Fortinet Single Sign On - Stack-based Buffer Overflow via Large PROCESS_HELLO Message
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
by Core Security