Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-9034 EXPLOITDB text
WordPress Long Password DoS
wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.
by Javer Nieto & Andres Rojas
CVE-2014-9034 EXPLOITDB php
WordPress Long Password DoS
wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.
by SECURELI.com
CVE-2014-9016 EXPLOITDB text
Drupal 7.x < 7.34 and Secure Password Hashes 6.x-2.x < 6.x-2.1 - Denial of Service via Password Hashing API
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.
by Javer Nieto & Andres Rojas
CVE-2014-9113 EXPLOITDB text
CCH Wolters Kluwer ProSystem fx Engagement <7.1 - Privilege Escalation
CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 and earlier uses weak permissions (Authenticated Users: Modify and Write) for the (1) Pfx.Engagement.WcfServices, (2) PFXEngDesktopService, (3) PFXSYNPFTService, and (4) P2EWinService service files in PFX Engagement\, which allows local users to obtain LocalSystem privileges via a Trojan horse file.
by Information Paradox
EIP-2026-114423 EXPLOITDB text
xEpan 1.0.4 - Multiple Vulnerabilities
by Parikesit _ Kurawa
CVE-2014-125115 EXPLOITDB CRITICAL ruby VERIFIED
Pandora FMS <5.0 SP2 - SQL Injection
An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier. The mobile/index.php endpoint fails to properly sanitize user input in the loginhash_data parameter, allowing attackers to extract administrator credentials or active session tokens via crafted requests. This occurs because input is directly concatenated into an SQL query without adequate validation, enabling SQL injection. After authentication is bypassed, a second vulnerability in the File Manager component permits arbitrary PHP file uploads. The file upload functionality does not enforce MIME-type or file extension restrictions, allowing authenticated users to upload web shells into a publicly accessible directory and achieve remote code execution.
by Metasploit
CVE-2015-9499 EXPLOITDB CRITICAL perl VERIFIED
Showbiz Pro < 1.7.1 - Unauthenticated PHP File Upload via ZIP Archive
The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive.
by Simo Ben Youssef
CVSS 9.8
CVE-2014-9448 EXPLOITDB ruby
Mini-stream RM-MP3 Converter <3.1.2.1.2010.03.30 - Buffer Overflow
Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.
by Muhamad Fadzil Ramli
CVE-2014-8652 EXPLOITDB go
Elipse E3 < 3.2 - Denial of Service via HTTP Request Flooding
Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681.
by firebitsbr
CVE-2014-8429 EXPLOITDB text
xEpan CMS <= 1.0.4.1 - Cross-Site Request Forgery via Administrative Account Creation
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page.
by High-Tech Bridge SA
CVE-2014-9119 EXPLOITDB text VERIFIED
DB Backup plugin <4.5 - Path Traversal
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by Ashiyane Digital Security Team
EIP-2026-100786 EXPLOITDB ruby
Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)
by Brandon Perry
EIP-2026-100785 EXPLOITDB ruby
Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)
by Brandon Perry
CVE-2014-8507 EXPLOITDB text
Android < 4.4.4 - SQL Injection via WAPPushManager PDU Fields
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135.
by Baidu X-Team
CVE-2014-10011 EXPLOITDB text
TRENDnet TV-IP422W and TV-IP422WN - Stack-Based Buffer Overflow in UltraCam ActiveX Control
Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Control (UltraCamX.ocx) for the TRENDnet SecurView camera TV-IP422WN allows remote attackers to execute arbitrary code via a long string to the (1) CGI_ParamSet, (2) OpenFileDlg, (3) SnapFileName, (4) Password, (5) SetCGIAPNAME, (6) AccountCode, or (7) RemoteHost function.
by LiquidWorm
CVE-2014-9173 EXPLOITDB text
Google Doc Embedder <2.5.15 - SQL Injection
SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter.
by Kacper Szurek
CVE-2014-9347 EXPLOITDB python
phpMyRecipes 1.2.2 - SQL Injection via dosearch.php words_exact Parameter
SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter.
by bard
EIP-2026-106234 EXPLOITDB text
Crea8Social 1.3 - Persistent Cross-Site Scripting
by Halil Dalabasmaz
CVE-2014-3153 EXPLOITDB HIGH c
Linux Kernel <=3.14.5 - Privilege Escalation
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
by Kaiqu Chen
CVSS 7.8
CVE-2014-8425 EXPLOITDB ruby
ARRIS VAP2500 Firmware < 08.41 - Unauthenticated Exposure of Sensitive Information via Configuration Files
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
by HeadlessZeke
CVE-2014-4113 EXPLOITDB HIGH c++
Microsoft Windows - Privilege Escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
by anonymous
CVSS 7.8
CVE-2014-9175 EXPLOITDB text
wpDataTables <1.5.3 - SQL Injection
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php.
by Claudio Viviani
EIP-2026-114272 EXPLOITDB python
WordPress Plugin wpDataTables 1.5.3 - Arbitrary File Upload
by Claudio Viviani
CVE-2014-8799 EXPLOITDB text
dukapress < 2.5.3 - Path Traversal via src Parameter in dp_image.php
Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter to lib/dp_image.php.
by Kacper Szurek
CVE-2014-9260 EXPLOITDB HIGH text
WordPress <2.7.3 - Authenticated RCE
The basic_settings function in the download manager plugin for WordPress before 2.7.3 allows remote authenticated users to update every WordPress option.
by Kacper Szurek
CVSS 8.8