Exploitdb Exploits
50,076 exploits tracked across all sources.
eFront 3.6.14.4 - Cross-Site Scripting via Surname Parameter
Cross-site scripting (XSS) vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname parameter to student.php.
by shyamkumar somana
Devexpress Aspxfilemanager Control For Webforms And Mvc < 13.1.9 - Path Traversal
Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. (dot dot) in the __EVENTARGUMENT parameter.
by RedTeam Pentesting
WordPress Theme Infocus - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure
by Felipe Andrian Peixoto
WordPress Theme Elegance - '/elegance/lib/scripts/dl-skin.php' Local File Disclosure
by Felipe Andrian Peixoto
Foreman <1.4.5, <1.5.1 - Command Injection
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
by Lukas Zapletal
Ipswitch IMail Server 12.3-12.4 - Cross-Site Scripting via Web Client Interface
Multiple cross-site scripting (XSS) vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly before 12.4.1.15, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in an add new contact action in the Contacts section or unspecified vectors in (2) an Add Group task in the Contacts section, (3) an add new event action in the Calendar section, or (4) the Task section.
by Peru
TigerCom My Assistant 1.1 iOS - Local File Inclusion
by Vulnerability-Lab
Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
WordPress Participants Database <1.5.4.9 - SQL Injection
SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/.
by Yarubo Research Team
dbus-glib < 0.100 - Privilege Escalation via Spoofed NameOwnerChanged Signal
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
by Sebastian Krahmer
Easy File Management Web Server 5.3 - 'UserID' Remote Buffer Overflow (ROP)
by Julien Ahrens
Linux Kernel < 3.0.75 - Local Privilege Escalation via perf_event_open System Call
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
by Vitaly Nikolenko
CVSS 8.4
Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero
by Pawel Wylecial
Elasticsearch < 1.2 - Remote Code Execution via Dynamic Scripting
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
by Metasploit
CVSS 8.1
Huawei WebUI 11.010.06.01.858 - Cross-Site Request Forgery via SMS API
Cross-site request forgery (CSRF) vulnerability in api/sms/send-sms in the Web UI 11.010.06.01.858 on Huawei E303 modems with software 22.157.18.00.858 allows remote attackers to hijack the authentication of administrators for requests that perform API operations and send SMS messages via a request element in an XML document.
by Benjamin Daniel Mussler
AuraCMS 3.0 - Path Traversal via filemanager.php viewdir Parameter
Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter.
by Mustafa ALTINKAYNAK
WP Rss Poster <1.0.0 - SQL Injection
SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to wp-admin/admin.php.
by Anant Shrivastava
Tera Charts 0.1 - Path Traversal via fn Parameter
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
by Anant Shrivastava
By Source