Exploitdb Exploits
50,076 exploits tracked across all sources.
WordPress Plugin Spider Facebook - 'facebook.php' SQL Injection
by Claudio Viviani
WordPress Plugin Like Dislike Counter 1.2.3 - SQL Injection
by Att4ck3r.ir
PhpOnlineChat 3.0 - Cross-Site Scripting via Canned Operator Message Field
Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlineChat 3.0 allows remote attackers to inject arbitrary web script or HTML via the message field.
by N0 Feel
Loaded Commerce 7 - Authenticated SQL Injection via Address Book Fields
The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book.
by Breaking.Technology
CVSS 8.8
Invision Power Board (IP.Board) 3.x - Cross-Site Request Forgery / Token Hjiacking
by Piotr S.
WordPress Plugin Premium Gallery Manager - Configuration Access
by Hannaichi
MyBB User Social Networks Plugin 1.2 - Persistent Cross-Site Scripting
by Fikri Fadzil
vBulletin 4.0.x < 4.1.2 - 'search.php?cat' SQL Injection
by D35m0nd142
Huge-IT Image Gallery <1.0.1 - SQL Injection
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.
by Claudio Viviani
Adiscon LogAnalyzer < 3.6.6 - Cross-Site Scripting via Hostname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php.
by Dolev Farhi
Mozilla Firefox <32 - Info Disclosure
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.
by Michal Zalewski
Slider Revolution <4.2 - Path Traversal
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
by Hugo Santiago
ManageEngine EventLog Analyzer 9.0/8.2 - Remote Code Execution via ZIP Traversal
Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 allows remote attackers to execute arbitrary code by uploading a ZIP file which contains an executable file with .. (dot dot) sequences in its name, then accessing the executable via a direct request to the file under the web root. Fixed in Build 11072.
by Hans-Martin Muench
LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)
by k3170makan
Tribulant Slideshow Gallery < 1.4.7 - Authenticated Arbitrary File Upload
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/.
by Jesus Ramirez Pichardo
Elegant Themes Divi - Path Traversal
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.
by Hugo Santiago
Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting
by Prakhar Prasad
ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 - Authenticated Database Access via Direct Request
ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authenticated users to obtain access to the database via a direct request to event/runQuery.do. Fixed in Build 10000.
by Hans-Martin Muench
ManageEngine Desktop Central 7.0-9.0 - Path Traversal & Arbitrary File Write via AgentLogUploader
Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename parameter.
by Pedro Ribeiro
CVSS 9.8
HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)
by mr.pr0n
HTML Help Workshop 1.4 - Buffer Overflow (SEH) (PoC)
by Moroccan Kingdom (MKD)
Nagios Remote Plugin Executor <2.15 - RCE
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
by Claudio Viviani
F5 Arx - Authentication Bypass
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.
by Security-Assessment.com
By Source