Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116904 EXPLOITDB python VERIFIED
BlazeDVD Pro Player 7.0 - '.plf' Local Buffer Overflow (SEH)
by metacom
CVE-2014-5097 EXPLOITDB text VERIFIED
ArticleFR < 3.0.4 - SQL Injection via rate.php id Parameter
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to rate.php.
by High-Tech Bridge
CVE-2014-3997 EXPLOITDB text VERIFIED
ManageEngine Password Manager Pro 5-7 build 7003 - SQL Injection via MetadataServlet sv Parameter
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition before 10.3.3 build 10330, and possibly other ManageEngine products, allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the sv parameter to MetadataServlet.dat.
by Pedro Ribeiro
CVE-2014-5368 EXPLOITDB text VERIFIED
WP Content Source Control < 3.0.0 - Path Traversal via Path Parameter
Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter.
by Henri Salo
CVE-2013-1670 EXPLOITDB ruby VERIFIED
Firefox < 21.0 and Firefox ESR < 17.0.6 - Cross-Site Scripting via Chrome Object Wrapper
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
by Metasploit
CVE-2013-4490 EXPLOITDB ruby VERIFIED
GitLab <5.4.1, <6.2.3 - Command Injection
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
by Metasploit
CVE-2014-5246 EXPLOITDB text
Tenda A5s Firmware 3.02.05_CN - Unauthenticated Authentication Bypass via admin:language Cookie
The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote attackers to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.
by zixian
CVE-2015-4523 EXPLOITDB CRITICAL ruby VERIFIED
Blue Coat Malware Analysis Appliance <4.2.5 & Malware Analyzer G2 <3.5 - RCE via VM Protection Bypass
Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute arbitrary code via vectors related to saving files during analysis.
by Metasploit
CVSS 9.3
CVE-2014-5347 EXPLOITDB html
Disqus Comment System < 2.76 - Cross-Site Request Forgery via Multiple Parameters
Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin before 2.76 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) disqus_replace, (2) disqus_public_key, or (3) disqus_secret_key parameter to wp-admin/edit-comments.php in manage.php or that (4) reset or (5) delete plugin options via the reset parameter to wp-admin/edit-comments.php.
by Nik Cubrilovic
CVE-2014-5073 EXPLOITDB ruby
VMTurbo Operations Manager <4.6 - Command Injection
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
by Metasploit
CVE-2014-5210 EXPLOITDB ruby
AlienVault OSSIM < 4.7.0 - Remote Code Execution via SOAP remote_task or get_license Request
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.
by James Fitts
CVE-2014-2477 EXPLOITDB ruby VERIFIED
Oracle VM VirtualBox <4.3.12 - Unknown
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
by Metasploit
EIP-2026-116903 EXPLOITDB python VERIFIED
BlazeDVD Pro Player 7.0 - '.plf' Direct RET Local Stack Buffer Overflow
by Giovanni Bartolomucci
CVE-2014-8375 EXPLOITDB text VERIFIED
gb_gallery_slideshow 1.5 - Authenticated SQL Injection via selected_group Parameter
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php.
by Claudio Viviani
CVE-2014-3978 EXPLOITDB text
TomatoCart <1.1.8.6.1 - SQL Injection
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact.
by Breaking.Technology
EIP-2026-102282 EXPLOITDB text
PhotoSync Wifi & Bluetooth 1.0 - Local File Inclusion
by Vulnerability-Lab
EIP-2026-102225 EXPLOITDB text
Easy FTP Pro 4.2 iOS - Command Injection
by Vulnerability-Lab
EIP-2026-101081 EXPLOITDB text
Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm
by Matt O'Connor
EIP-2026-101078 EXPLOITDB text
SHARP MX Series - Denial of Service
by pws
EIP-2026-113140 EXPLOITDB text VERIFIED
VoipSwitch - 'user.php' Local File Inclusion
by 0x4148
CVE-2014-125116 EXPLOITDB CRITICAL text VERIFIED
HybridAuth 2.0.9-2.2.2 - Unauthenticated Remote Code Execution via install.php Config Injection
A remote code execution vulnerability exists in HybridAuth versions 2.0.9 through 2.2.2 due to insecure use of the install.php installation script. The script remains accessible after deployment and fails to sanitize input before writing to the application’s config.php file. An unauthenticated attacker can inject arbitrary PHP code into config.php, which is later executed when the file is loaded. This allows attackers to achieve remote code execution on the server. Exploitation of this issue will overwrite the existing configuration, rendering the application non-functional.
by @u0x
CVE-2014-5275 EXPLOITDB text
Pro Chat Rooms Text Chat Rooms 8.2.0 - Authenticated SQL Injection via Password, Email, or ID Parameter
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.
by Mike Manzotti
EIP-2026-114278 EXPLOITDB text VERIFIED
WordPress Plugin wpSS - 'ss_handler.php' SQL Injection
by Ashiyane Digital Security Team
CVE-2014-5276 EXPLOITDB text
Pro Chat Rooms Text Chat Rooms 8.2.0 - Authenticated Cross-Site Scripting via Profile Picture Upload or Edit Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture or (2) the edit parameter to profiles/index.php.
by Mike Manzotti
EIP-2026-107070 EXPLOITDB text
Feng Office - Persistent Cross-Site Scripting
by Juan Sacco