Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-9236 EXPLOITDB text
Zoph < 0.9.1 - Cross-Site Scripting via photographer_id or _crumb Parameter
Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) photographer_id or (2) _crumb parameter.
by Manuel García Cárdenas
CVE-2014-9243 EXPLOITDB text
WebsiteBaker 2.8.3 - Cross-Site Scripting via QUERY_STRING or section_id Parameter
Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker 2.8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERY_STRING to wb/admin/admintools/tool.php or (2) section_id parameter to edit_module_files.php, (3) news/add_post.php, (4) news/modify_group.php, (5) news/modify_post.php, or (6) news/modify_settings.php in wb/modules/.
by Manuel García Cárdenas
CVE-2014-8469 EXPLOITDB text
moxi9 phpfox < 3.7.6 - Cross-Site Scripting via User-Agent Header
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.
by spyk2r
EIP-2026-109715 EXPLOITDB text VERIFIED
MyBB Forums 1.8.2 - Persistent Cross-Site Scripting
by Avinash Thapa
CVE-2014-8995 EXPLOITDB text
Maarch LetterBox 2.8 - SQL Injection
SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie.
by ZoRLu Bugrahan
EIP-2026-104565 EXPLOITDB html VERIFIED
Apple Mac OSX Safari 8.0 - Crash (PoC)
by w3bd3vil
CVE-2014-8493 EXPLOITDB text
ZTE ZXHN H108L Firmware 4.0.0d_ZRQ_GR4 - Unauthenticated CWMP Configuration Modification
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
by Project Zero Labs
CVE-2014-8493 EXPLOITDB text
ZTE ZXHN H108L Firmware 4.0.0d_ZRQ_GR4 - Unauthenticated CWMP Configuration Modification
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
by Project Zero Labs
EIP-2026-108363 EXPLOITDB python VERIFIED
Joomla! Component com_hdflvplayer < 2.1.0.1 - Arbitrary File Download
by Claudio Viviani
CVE-2014-100013 EXPLOITDB text
clientresponse 4.1 - Cross-Site Scripting via Subject or Message Field
Multiple cross-site scripting (XSS) vulnerabilities in clientResponse 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject or (2) Message field.
by Halil Dalabasmaz
CVE-2014-6352 EXPLOITDB HIGH ruby VERIFIED
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
by Metasploit
CVSS 7.8
CVE-2014-6352 EXPLOITDB HIGH ruby VERIFIED
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
by Metasploit
CVSS 7.8
CVE-2014-8682 EXPLOITDB text
Gogs 0.3.1-0.5.x - SQL Injection via Search API q Parameter
Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
by Timo Schmid
CVE-2014-8681 EXPLOITDB text
Gogs 0.3.1-0.5.6.x - SQL Injection via Label Parameter
SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues.
by Timo Schmid
CVE-2014-5284 EXPLOITDB python VERIFIED
OSSEC < 2.8.0 - Privilege Escalation via Predictable Temporary File Handling
host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed.
by skynet-13
CVE-2014-6332 EXPLOITDB HIGH ruby
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Wesley Neelen & Rik van Duijn
CVSS 8.8
CVE-2014-6332 EXPLOITDB HIGH html VERIFIED
Microsoft Windows - Remote Code Execution via SafeArrayDimen Function
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by yuange
CVSS 8.8
CVE-2014-9115 EXPLOITDB text
Piwigo <2.5.5, <2.6.x before 2.6.4, <2.7.x before 2.7.2 - SQL Injec...
SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a comparison of a non-numeric value that begins with a digit.
by Manuel García Cárdenas
CVE-2014-9241 EXPLOITDB text
MyBB 1.8.x < 1.8.2 - Cross-Site Scripting via Report Type Parameter
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.8.x before 1.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to report.php, (2) signature parameter in a do_editsig action to usercp.php, or (3) title parameter in the style-templates module in an edit_template action or (4) file parameter in the config-languages module in an edit action to admin/index.php.
by smash
CVE-2014-8997 EXPLOITDB text VERIFIED
DigitalVidhya Digi Online Examination System 2.0 - RCE
Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/.
by Halil Dalabasmaz
CVE-2014-9237 EXPLOITDB text
Pricertif E-Commerce 3.0 - SQL Injection
SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via a tem:Code element in a SOAP request.
by Onur Alanbel (BGA)
EIP-2026-104294 EXPLOITDB python VERIFIED
Joomla! Component com_hdflvplayer < 2.1.0.1 - SQL Injection
by Claudio Viviani
CVE-2014-8727 EXPLOITDB text
F5 BIG-IP Local Traffic Manager < 10.2.1 - Authenticated Path Traversal via Archive Properties or Form Name Parameter
Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form.
by Anastasios Monachos
CVE-2014-6352 EXPLOITDB HIGH python
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
by Abhishek Lyall
CVSS 7.8
EIP-2026-115099 EXPLOITDB text
CorelDRAW X7 CDR File - 'CdrTxt.dll' Off-by-One Stack Corruption
by LiquidWorm