Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-4971 EXPLOITDB python
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
by KoreLogic
EIP-2026-116577 EXPLOITDB text
World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow
by Alireza Chegini
CVE-2014-3085 EXPLOITDB text VERIFIED
IBM Global Console Manager 16 and 32 Firmware < 1.20.0.22575 - Authenticated OS Command Injection via lpres Parameter
systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
by Alejandro Alvarez Bravo
CVE-2014-4699 EXPLOITDB c
Linux kernel <3.15.4 - Privilege Escalation
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
by Vitaly Nikolenko
CVE-2014-9095 EXPLOITDB ruby
Raritan Power IQ <4.2.1 - SQL Injection
Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.
by Brandon Perry
CVE-2014-0226 EXPLOITDB text
Apache HTTP Server 2.2.0-2.2.28 - Denial of Service via mod_status Scoreboard Handling
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
by Marek Kroemeke
EIP-2026-101851 EXPLOITDB python
MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities
by Ajin Abraham
EIP-2026-114207 EXPLOITDB text VERIFIED
WordPress Plugin WP BackupPlus - Database and Files Backup Download
by pSyCh0_3D
CVE-2014-4971 EXPLOITDB text
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
by KoreLogic
CVE-2014-5201 EXPLOITDB text
Gallery Objects 0.4 - SQL Injection via viewid Parameter
SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/admin-ajax.php.
by Claudio Viviani
CVE-2014-4927 EXPLOITDB python
ACME micro_httpd - Denial of Service via Long URI in GET Request
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request.
by Yuval tisf Nativ
EIP-2026-100753 EXPLOITDB text VERIFIED
Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting
by Vulnerability-Lab
CVE-2014-5100 EXPLOITDB text VERIFIED
Omeka < 2.2.1 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_label parameter to admin/users/api-keys/1, or (3) disable file validation via a request to admin/settings/edit-security.
by LiquidWorm
CVE-2014-5104 EXPLOITDB text VERIFIED
ol-commerce 2.1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.
by AtT4CKxT3rR0r1ST
CVE-2014-5104 EXPLOITDB text VERIFIED
ol-commerce 2.1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.
by AtT4CKxT3rR0r1ST
CVE-2014-5104 EXPLOITDB text VERIFIED
ol-commerce 2.1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.
by AtT4CKxT3rR0r1ST
CVE-2014-5104 EXPLOITDB text VERIFIED
ol-commerce 2.1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.
by AtT4CKxT3rR0r1ST
CVE-2014-5111 EXPLOITDB text VERIFIED
Fonality trixbox - Path Traversal via Lang Parameter
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
by AtT4CKxT3rR0r1ST
CVE-2014-5112 EXPLOITDB text VERIFIED
Fonality trixbox - Remote Code Execution via lang Parameter
maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter.
by AtT4CKxT3rR0r1ST
CVE-2014-5111 EXPLOITDB text VERIFIED
Fonality trixbox - Path Traversal via Lang Parameter
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
by AtT4CKxT3rR0r1ST
CVE-2014-5109 EXPLOITDB text VERIFIED
Fonality trixbox - SQL Injection via mac Parameter in endpoint_generic.php
SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action.
by AtT4CKxT3rR0r1ST
CVE-2014-5111 EXPLOITDB text VERIFIED
Fonality trixbox - Path Traversal via Lang Parameter
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
by AtT4CKxT3rR0r1ST
CVE-2014-5111 EXPLOITDB text VERIFIED
Fonality trixbox - Path Traversal via Lang Parameter
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
by AtT4CKxT3rR0r1ST
CVE-2014-9919 EXPLOITDB MEDIUM text VERIFIED
Bilboplanet 2.0 - Stored Cross-Site Scripting via Fullname Parameter
An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php.
by Vivek N
CVSS 6.1
CVE-2014-9918 EXPLOITDB MEDIUM text VERIFIED
Bilboplanet 2.0 - Stored Cross-Site Scripting via signup.php user_id Parameter
An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the user_id parameter to signup.php.
by Vivek N
CVSS 6.1