Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102075 EXPLOITDB text
TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
by smash
EIP-2026-102067 EXPLOITDB text
TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
by smash
EIP-2026-114086 EXPLOITDB text VERIFIED
WordPress Plugin Spider Facebook - 'facebook.php' SQL Injection
by Claudio Viviani
EIP-2026-113867 EXPLOITDB text VERIFIED
WordPress Plugin Like Dislike Counter 1.2.3 - SQL Injection
by Att4ck3r.ir
CVE-2014-100017 EXPLOITDB text
PhpOnlineChat 3.0 - Cross-Site Scripting via Canned Operator Message Field
Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlineChat 3.0 allows remote attackers to inject arbitrary web script or HTML via the message field.
by N0 Feel
CVE-2014-5140 EXPLOITDB HIGH text
Loaded Commerce 7 - Authenticated SQL Injection via Address Book Fields
The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book.
by Breaking.Technology
CVSS 8.8
EIP-2026-107918 EXPLOITDB text
Invision Power Board (IP.Board) 3.x - Cross-Site Request Forgery / Token Hjiacking
by Piotr S.
EIP-2026-113981 EXPLOITDB text
WordPress Plugin Premium Gallery Manager - Configuration Access
by Hannaichi
EIP-2026-109740 EXPLOITDB text
MyBB User Social Networks Plugin 1.2 - Persistent Cross-Site Scripting
by Fikri Fadzil
EIP-2026-113004 EXPLOITDB perl
vBulletin 4.0.x < 4.1.2 - 'search.php?cat' SQL Injection
by D35m0nd142
CVE-2014-7153 EXPLOITDB text
Huge-IT Image Gallery <1.0.1 - SQL Injection
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.
by Claudio Viviani
CVE-2014-6070 EXPLOITDB text
Adiscon LogAnalyzer < 3.6.6 - Cross-Site Scripting via Hostname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php.
by Dolev Farhi
CVE-2014-1564 EXPLOITDB javascript VERIFIED
Mozilla Firefox <32 - Info Disclosure
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.
by Michal Zalewski
CVE-2014-9734 EXPLOITDB text VERIFIED
Slider Revolution <4.2 - Path Traversal
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
by Hugo Santiago
CVE-2014-6037 EXPLOITDB text
ManageEngine EventLog Analyzer 9.0/8.2 - Remote Code Execution via ZIP Traversal
Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 allows remote attackers to execute arbitrary code by uploading a ZIP file which contains an executable file with .. (dot dot) sequences in its name, then accessing the executable via a direct request to the file under the web root. Fixed in Build 11072.
by Hans-Martin Muench
EIP-2026-117410 EXPLOITDB python VERIFIED
LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)
by k3170makan
CVE-2014-5460 EXPLOITDB text
Tribulant Slideshow Gallery < 1.4.7 - Authenticated Arbitrary File Upload
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/.
by Jesus Ramirez Pichardo
CVE-2015-1579 EXPLOITDB text VERIFIED
Elegant Themes Divi - Path Traversal
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.
by Hugo Santiago
CVE-2014-5469 EXPLOITDB text VERIFIED
Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting
by Prakhar Prasad
CVE-2014-6043 EXPLOITDB text
ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 - Authenticated Database Access via Direct Request
ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authenticated users to obtain access to the database via a direct request to event/runQuery.do. Fixed in Build 10000.
by Hans-Martin Muench
CVE-2014-5007 EXPLOITDB CRITICAL text
ManageEngine Desktop Central 7.0-9.0 - Path Traversal & Arbitrary File Write via AgentLogUploader
Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename parameter.
by Pedro Ribeiro
CVSS 9.8
EIP-2026-117288 EXPLOITDB python VERIFIED
HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)
by mr.pr0n
EIP-2026-115399 EXPLOITDB python VERIFIED
HTML Help Workshop 1.4 - Buffer Overflow (SEH) (PoC)
by Moroccan Kingdom (MKD)
CVE-2014-2913 EXPLOITDB python
Nagios Remote Plugin Executor <2.15 - RCE
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
by Claudio Viviani
CVE-2014-2927 EXPLOITDB text
F5 Arx - Authentication Bypass
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.
by Security-Assessment.com