Exploitdb Exploits
50,076 exploits tracked across all sources.
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections
by Saadi Siddiqui
InterWorx Web Control Panel <5.0.14 - SQL Injection
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the (1) NodeWorx , (2) SiteWorx, or (3) Resellers interface, as demonstrated by the "or" key in a pgn8state object in an i object in a JSON object.
by Eric Flokstra
IBM Tealeaf CX 7.x, 8.x-8.6, 8.7-8.8 - Authenticated OS Command Injection via testconn_host Parameter
delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the testconn_host parameter.
by drone
Apache CouchDB < 1.5.0 - Denial of Service via /_uuids Count Parameter
Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.
by Krusty Hack
Red Hat Satellite and Katello < 1.5.0-14 - Authenticated Privilege Escalation via users/update_roles
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
by Metasploit
Allied Telesis AT-RG634A, iMG624A, iMG616LH, iMG646BD - Unauthenticated Remote Code Execution via CLI Interface
The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A firmware 3.5, iMG616LH firmware 2.4, and iMG646BD firmware 3.5 allows remote attackers to gain privileges and execute arbitrary commands via a direct request to cli.html.
by Groundworks Technologies
DotItYourself - 'dot-it-yourself.cgi' Remote Command Execution
by Felipe Andrian Peixoto
Beheer Systeem - 'pbs.cgi' Remote Command Execution
by Felipe Andrian Peixoto
Haihaisoft Universal Player 1.5.8 - '.m3u' / '.pls '/ '.asx' Buffer Overflow (SEH)
by Gabor Seljan
Haihaisoft HUPlayer 1.0.4.8 - '.m3u' / '.pls' / '.asx' Buffer Overflow (SEH)
by Gabor Seljan
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
by Metasploit
qEngine 4.1.6/6.0.0 - 'task.php' Local File Inclusion
by Gjoko Krstic
Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure
by LiquidWorm
Kemana Directory 1.5.6 - 'task.php' Local File Inclusion
by LiquidWorm
Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass
by LiquidWorm
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting
by Jeroen - IT Nerdbox
Microsoft Windows Media Player 11.0.5721.5230 - Memory Corruption
Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
by TUNISIAN CYBER
Microsoft Windows Media Player 11.0.5721.5230 - Memory Corruption
Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
by TUNISIAN CYBER
By Source