Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-1515 EXPLOITDB c
SoftSphere DefenseWall Personal Firewall 3.24 - Privilege Escalation
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call.
by Parvez Anwar
EIP-2026-117626 EXPLOITDB python
MooPlayer 1.3.0 - 'm3u' Local Buffer Overflow (SEH) (1)
by dogo h@ck
CVE-2015-2090 EXPLOITDB text
WordPress Survey and Poll 1.1.7 - SQL Injection via survey_id Parameter
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php.
by Securely (Yoo Hee man)
EIP-2026-110459 EXPLOITDB text
Pandora FMS 5.1 SP1 - SQL Injection
by Vulnerability-Lab
CVE-2015-1172 EXPLOITDB ruby VERIFIED
Holding Pattern < 0.6 - Unauthenticated Arbitrary File Upload via admin/upload-file.php
Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and earlier for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.
by Metasploit
CVE-2015-1592 EXPLOITDB ruby VERIFIED
Movable Type <5.2.12 & <6.0.7 - Code Injection
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.
by Metasploit
CVE-2014-6137 EXPLOITDB text
IBM Tivoli Endpoint Manager < 9.1.1117 - Cross-Site Scripting in Relay Diagnostic Page
Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by RedTeam Pentesting
CVE-2014-9308 EXPLOITDB ruby VERIFIED
WP EasyCart < 3.0.8 - Authenticated Arbitrary File Upload via Banner Upload Script
Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka WordPress Shopping Cart) plugin before 3.0.9 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in products/banners/.
by Metasploit
EIP-2026-101829 EXPLOITDB text
LG DVR LE6016D - Remote File Disclosure
by Yakir Wizman
EIP-2026-115852 EXPLOITDB python VERIFIED
MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (PoC)
by Samandeep Singh
CVE-2015-1576 EXPLOITDB text
u5CMS < 3.9.3 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.
by LiquidWorm
CVE-2015-1575 EXPLOITDB text
u5CMS < 3.9.3 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in u5CMS before 3.9.4 allow remote attackers to inject arbitrary web script or HTML via the (1) c, (2) i, (3) l, or (4) p parameter to index.php; the (5) a or (6) b parameter to u5admin/cookie.php; the name parameter to (7) copy.php or (8) delete.php in u5admin/; the (9) f or (10) typ parameter to u5admin/deletefile.php; the (11) n parameter to u5admin/done.php; the (12) c parameter to u5admin/editor.php; the (13) uri parameter to u5admin/meta2.php; the (14) n parameter to u5admin/notdone.php; the (15) newname parameter to u5admin/rename2.php; the (16) l parameter to u5admin/sendfile.php; the (17) s parameter to u5admin/characters.php; the (18) page parameter to u5admin/savepage.php; or the (19) name parameter to u5admin/new2.php.
by LiquidWorm
EIP-2026-112841 EXPLOITDB text
u5CMS 3.9.3 - 'thumb.php' Local File Inclusion
by LiquidWorm
CVE-2015-1577 EXPLOITDB text
u5CMS < 3.9.3 - Path Traversal and Arbitrary File Write via f Parameter
Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) .. (dot dot) or (2) full pathname in the f parameter.
by LiquidWorm
EIP-2026-112419 EXPLOITDB text
StaMPi - Local File Inclusion
by e . V . E . L
CVE-2015-1518 EXPLOITDB text
redaxscript < 2.2.0 - SQL Injection via search_terms Parameter
SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.
by ITAS Team
CVE-2015-1467 EXPLOITDB text
Fork CMS < 3.8.6 - Authenticated SQL Injection via Translations Language or Type Parameter
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.
by Sven Schleier
EIP-2026-105810 EXPLOITDB text
Chamilo LMS 1.9.8 - Blind SQL Injection
by Kacper Szurek
CVE-2014-7864 EXPLOITDB text
ManageEngine OpManager 8-11.5 - SQL Injection via FailOverHelperServlet Parameters
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
by Pedro Ribeiro
CVE-2015-1578 EXPLOITDB python
u5CMS < 3.9.3 - Open Redirect via pidvesa Cookie or uri Parameter
Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.
by KAhara MAnhara
EIP-2026-102572 EXPLOITDB text
Chemtool 1.6.14 - Memory Corruption
by Pablo González
EIP-2026-101344 EXPLOITDB perl
LG DVR LE6016D - Remote Users/Passwords Disclosure
by Todor Donev
CVE-2015-2067 EXPLOITDB text
MAGMI - Path Traversal via File Parameter
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by SECUPENT
CVE-2015-2068 EXPLOITDB text
MAGMI < 0.7.22 - Cross-Site Scripting via Profile Parameter or QUERY_STRING
Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
by SECUPENT
EIP-2026-101445 EXPLOITDB bash
Shuttle Tech ADSL Modem/Router 915 WM - Remote DNS Change
by Todor Donev