Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-5194 EXPLOITDB text VERIFIED
Sphider 1.3.6 - Authenticated PHP Code Injection via _word_upper_bound Parameter
Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter.
by Mike Manzotti
CVE-2014-9101 EXPLOITDB text
Oxwall 1.7.0- SkaDate Lite 2.0 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906) and SkaDate Lite 2.0 (build 7651) allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks or possibly have other unspecified impact via the (1) label parameter to admin/users/roles/, (2) lang[1][base][questions_account_type_5615100a931845eca8da20cfdf7327e0] in an AddAccountType action or (3) qst_name parameter in an addQuestion action to admin/questions/ajax-responder/, or (4) form_name or (5) restrictedUsername parameter to admin/restricted-usernames.
by LiquidWorm
EIP-2026-106017 EXPLOITDB text VERIFIED
CMSimple 4.4.4 - Remote File Inclusion
by Govind Singh
EIP-2026-106016 EXPLOITDB text VERIFIED
CMSimple 4.4.4 - 'color' Remote Code Execution
by Govind Singh
EIP-2026-106013 EXPLOITDB text VERIFIED
CMSimple - Default Administrator Credentials
by Govind Singh
EIP-2026-104746 EXPLOITDB python
Oxwall 1.7.0 - Remote Code Execution
by LiquidWorm
CVE-2014-2225 EXPLOITDB HIGH text
Ubiquiti Networks UniFi Controller <3.2.1 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity.
by Seth Art
CVSS 8.8
CVE-2014-4710 EXPLOITDB text
ZeroCMS 1.0 - Stored Cross-Site Scripting via Full Name Field
Cross-site scripting (XSS) vulnerability in zero_user_account.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the Full Name field.
by Mayuresh Dani
CVE-2014-3544 EXPLOITDB text
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - Stored XSS via Skype ID
Cross-site scripting (XSS) vulnerability in user/profile.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via the Skype ID profile field.
by Osanda Malith Jayathissa
CVE-2014-5115 EXPLOITDB text VERIFIED
DirPHP 1.0 - Path Traversal via phpfile Parameter
Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php.
by black hat
EIP-2026-101074 EXPLOITDB text
Sagem Fast 3304-V1 - Denial of Service
by Z3ro0ne
CVE-2014-4971 EXPLOITDB ruby VERIFIED
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
by Metasploit
CVE-2014-9096 EXPLOITDB python
Pligg CMS < 2.0.1 - SQL Injection via Recover.php ID or N Parameter
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) n parameter.
by BlackHawk
CVE-2014-3738 EXPLOITDB text
Zenoss 4.2.5 - Stored Cross-Site Scripting via Device Title
Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device.
by Dolev Farhi
CVE-2014-9098 EXPLOITDB text
Apptha WordPress Video Gallery <2014-07-23 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly before 2014-07-23, for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the videoadssearchQuery parameter to (1) videoads/videoads.php, (2) video/video.php, or (3) playlist/playlist.php.
by Claudio Viviani
EIP-2026-104744 EXPLOITDB python VERIFIED
Omeka 2.2.1 - Remote Code Execution
by LiquidWorm
EIP-2026-102667 EXPLOITDB perl VERIFIED
Make 3.81 - Heap Overflow (PoC)
by HyP
EIP-2026-101831 EXPLOITDB text
Lian Li NAS - Multiple Vulnerabilities
by pws
CVE-2014-2227 EXPLOITDB java VERIFIED
Ubiquiti Networks UniFi Video <3.0.1 - CSRF
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.
by Seth Art
CVE-2014-4736 EXPLOITDB html VERIFIED
blogengine e2 < 2.4 - SQL Injection via note-id Parameter
SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process.
by High-Tech Bridge
EIP-2026-104185 EXPLOITDB text
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent
by Vulnerability-Lab
EIP-2026-101861 EXPLOITDB text
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
by Dolev Farhi
EIP-2026-115156 EXPLOITDB python
DjVuLibre 3.5.25.3 - Out of Bounds Access Violation
by drone
CVE-2014-3081 EXPLOITDB text VERIFIED
IBM Global Console Manager <1.20.0.22575 Authenticated Arbitrary File Read via prodtest.php
prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.
by Alejandro Alvarez Bravo
CVE-2014-3080 EXPLOITDB text VERIFIED
IBM Global Console Manager <1.20.0.22575 XSS via KVM CGI or AVCT Alert Key
Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.
by Alejandro Alvarez Bravo