Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-4940 EXPLOITDB text VERIFIED
Tera Charts 0.1 - Path Traversal via fn Parameter
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
by Anant Shrivastava
CVE-2014-5180 EXPLOITDB text VERIFIED
HDW Player Plugin 2.4.2 - Authenticated SQL Injection via id Parameter
SQL injection vulnerability in the videos page in the HDW Player Plugin (hdw-player-video-player-video-gallery) 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php.
by Anant Shrivastava
CVE-2014-4939 EXPLOITDB text VERIFIED
ENL Newsletter <1.0.1 - SQL Injection
SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the enl-add-new page to wp-admin/admin.php.
by Anant Shrivastava
CVE-2014-4937 EXPLOITDB text VERIFIED
BookX 1.7 - Path Traversal via File Parameter
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by Anant Shrivastava
CVE-2014-2303 EXPLOITDB text VERIFIED
webEdition CMS <6.3.8-s1 - SQL Injection
Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL commands via the (1) table or (2) order parameter.
by RedTeam Pentesting GmbH
CVE-2014-3415 EXPLOITDB text
Sharetronix < 3.3 - Authenticated SQL Injection via invite_users[] Parameter
SQL injection vulnerability in Sharetronix before 3.4 allows remote authenticated users to execute arbitrary SQL commands via the invite_users[] parameter to the /invite page for a group.
by High-Tech Bridge SA
CVE-2014-3974 EXPLOITDB text VERIFIED
auracms < 3.0 - Cross-Site Scripting via filemanager.php viewdir Parameter
Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter.
by Mustafa ALTINKAYNAK
CVE-2013-4074 EXPLOITDB ruby VERIFIED
Wireshark 1.6.x-1.6.16 and 1.8.x-1.8.8 - Denial of Service in CAPWAP Dissector
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
by j0sm1
CVE-2014-0749 EXPLOITDB python
TORQUE Resource Manager 2.5.x-2.5.13 - Remote Code Execution via Large Count Value
Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x through 2.5.13 allows remote attackers to execute arbitrary code via a large count value.
by bwall
CVE-2014-1739 EXPLOITDB c VERIFIED
Linux kernel <3.14.6 - Info Disclosure
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.
by Salva Peiro
CVE-2006-3952 EXPLOITDB python VERIFIED
EFS Software Easy File Sharing FTP Server 2.0 - Stack-Based Buffer Overflow via PASS Command
Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers to execute arbitrary code via a long argument to the PASS command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by superkojiman
CVE-2014-3004 EXPLOITDB text VERIFIED
Castor < 1.3.3 - XML External Entity Injection via Default Xerces SAX Parser Configuration
The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.
by Ron Gutierrez
CVE-2014-3962 EXPLOITDB text VERIFIED
Videos Tube 1.0 - SQL Injection via URL Parameter
Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.
by Mustafa ALTINKAYNAK
CVE-2014-1649 EXPLOITDB ruby VERIFIED
Symantec Workspace Streaming <7.5.0.749 - SSRF
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.
by Metasploit
CVE-2014-0196 EXPLOITDB MEDIUM c
Linux Kernel < 3.14.3 - Denial of Service and Privilege Escalation via Race Condition in n_tty_write
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
by Matthew Daley
CVSS 5.5
CVE-2014-4162 EXPLOITDB text
Zyxel P-660HW-T1 v3 - Cross-Site Request Forgery via WLAN_General_1 Form
Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote attackers to hijack the authentication of administrators for requests that change the (1) wifi password or (2) SSID via a request to Forms/WLAN_General_1.
by Mustafa ALTINKAYNAK
EIP-2026-101655 EXPLOITDB text VERIFIED
D-Link Routers - Multiple Vulnerabilities
by Kyle Lovett
EIP-2026-115437 EXPLOITDB python VERIFIED
InfraRecorder - '.m3u' File Buffer Overflow (PoC)
by Osanda Malith Jayathissa
CVE-2014-3866 EXPLOITDB html VERIFIED
Usercake < 2.0.2 - Cross-Site Request Forgery via User Settings
Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that change the (1) administrative password via the passwordc parameter or (2) administrative e-mail address via the email parameter.
by Dolev Farhi
CVE-2014-3865 EXPLOITDB text VERIFIED
dpkg-dev 1.3.0 - Path Traversal via Crafted Index Pseudo-Header
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname.
by Raphael Geissert
EIP-2026-115093 EXPLOITDB python
Core FTP Server 1.2 build 535 (32-bi)t - Crash (PoC)
by Kaczinski Ramirez
CVE-2014-3934 EXPLOITDB text VERIFIED
PHP-Nuke 8.3 - SQL Injection via Submit_News Module topics[] Parameter
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to modules.php.
by ali ahmady
CVE-2014-3840 EXPLOITDB text VERIFIED
Mayan EDMS 0.13 - Authenticated Stored Cross-Site Scripting via Tag, Title, Name, or Smart Link Fields
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form.
by Dolev Farhi
EIP-2026-100926 EXPLOITDB text VERIFIED
Web Terra 1.1 - 'books.cgi' Remote Command Execution
by felipe andrian
CVE-2014-3854 EXPLOITDB html VERIFIED
Pyplate 0.08 - Cross-Site Request Forgery via Title Parameter
Cross-site request forgery (CSRF) vulnerability in admin/addScript.py in Pyplate 0.08 allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the title parameter.
by Henri Salo