Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107443 EXPLOITDB text VERIFIED
GNUPanel 0.3.5_R4 - Multiple Vulnerabilities
by Necmettin COSKUN
CVE-2014-1903 EXPLOITDB perl VERIFIED
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
by @0x00string
CVE-2014-0983 EXPLOITDB text VERIFIED
Oracle VirtualBox < 4.3.8 Local Guest-to-Host RCE via 3D Acceleration
Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server via certain CR_MESSAGE_OPCODES messages with a crafted index, which are not properly handled by the (1) CR_VERTEXATTRIB4NUBARB_OPCODE to the crServerDispatchVertexAttrib4NubARB function, (2) CR_VERTEXATTRIB1DARB_OPCODE to the crServerDispatchVertexAttrib1dARB function, (3) CR_VERTEXATTRIB1FARB_OPCODE to the crServerDispatchVertexAttrib1fARB function, (4) CR_VERTEXATTRIB1SARB_OPCODE to the crServerDispatchVertexAttrib1sARB function, (5) CR_VERTEXATTRIB2DARB_OPCODE to the crServerDispatchVertexAttrib2dARB function, (6) CR_VERTEXATTRIB2FARB_OPCODE to the crServerDispatchVertexAttrib2fARB function, (7) CR_VERTEXATTRIB2SARB_OPCODE to the crServerDispatchVertexAttrib2sARB function, (8) CR_VERTEXATTRIB3DARB_OPCODE to the crServerDispatchVertexAttrib3dARB function, (9) CR_VERTEXATTRIB3FARB_OPCODE to the crServerDispatchVertexAttrib3fARB function, (10) CR_VERTEXATTRIB3SARB_OPCODE to the crServerDispatchVertexAttrib3sARB function, (11) CR_VERTEXATTRIB4DARB_OPCODE to the crServerDispatchVertexAttrib4dARB function, (12) CR_VERTEXATTRIB4FARB_OPCODE to the crServerDispatchVertexAttrib4fARB function, and (13) CR_VERTEXATTRIB4SARB_OPCODE to the crServerDispatchVertexAttrib4sARB function.
by Core Security
EIP-2026-102143 EXPLOITDB text
ZYXEL P-660HN-T1A Router - Authentication Bypass
by Michael Grifalconi
CVE-2014-2043 EXPLOITDB text VERIFIED
Procentia IntelliPen <1.1.18.1658 - SQL Injection
SQL injection vulnerability in Resources/System/Templates/Data.aspx in Procentia IntelliPen before 1.1.18.1658 allows remote authenticated users to execute arbitrary SQL commands via the value parameter.
by Portcullis
CVE-2014-100015 EXPLOITDB ruby VERIFIED
SolidWorks Workgroup PDM 2014 - Unauthenticated Path Traversal and Arbitrary File Write via File Upload
Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload.
by Metasploit
CVE-2013-2347 EXPLOITDB ruby VERIFIED
HP Storage Data Protector 6.2X - Remote Code Execution via Crafted EXEC_BAR Packet
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
by Metasploit
EIP-2026-117390 EXPLOITDB python VERIFIED
KMPlayer 3.8.0.117 - Local Buffer Overflow
by metacom
EIP-2026-117301 EXPLOITDB text
iCAM Workstation Control 4.8.0.0 - Authentication Bypass
by StealthHydra
EIP-2026-114689 EXPLOITDB c
QNX 6.5.0 x86 phfont - Local Privilege Escalation
by cenobyte
EIP-2026-114688 EXPLOITDB c
QNX 6.5.0 x86 io-graphics - Local Privilege Escalation
by cenobyte
CVE-2014-2534 EXPLOITDB text VERIFIED
BlackBerry QNX Neutrino RTOS <6.5.x - Info Disclosure
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
by cenobyte
CVE-2014-2533 EXPLOITDB bash VERIFIED
BlackBerry QNX Neutrino RTOS <6.5.x - Privilege Escalation
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
by cenobyte
EIP-2026-109398 EXPLOITDB text VERIFIED
MeiuPic 2.1.2 - 'ctl' Local File Inclusion
by Dr.3v1l
CVE-2014-2044 EXPLOITDB text VERIFIED
ownCloud < 5.0 - Authenticated Remote Code Execution via Alternate Data Stream Filename Bypass
Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS) syntax in the filename parameter, as demonstrated using .htaccess::$DATA to upload a PHP program.
by Portcullis
EIP-2026-102964 EXPLOITDB text VERIFIED
QNX - '.Phgrafx' File Enumeration
by cenobyte
CVE-2013-6835 EXPLOITDB text VERIFIED
iPhone OS < 7.1 - Unauthenticated Information Disclosure via FaceTime Audio URL
TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail address information via a facetime-audio: URL.
by Guillaume Ross
EIP-2026-101780 EXPLOITDB text
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities
by SEC Consult
EIP-2026-100387 EXPLOITDB text VERIFIED
Kentico CMS 7.0.75 - User Information Disclosure
by Charlie Campbell & Lyndon Mendoza
CVE-2014-2206 EXPLOITDB python VERIFIED
GetGo Download Manager <4.9.0.1982 - Buffer Overflow
Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header.
by Julien Ahrens
EIP-2026-105946 EXPLOITDB text VERIFIED
ClipSharePro 4.1 - Local File Inclusion
by Saadi Siddiqui
EIP-2026-103901 EXPLOITDB python VERIFIED
ET - Chat Password Reset Security Bypass
by IRH
EIP-2026-111518 EXPLOITDB text VERIFIED
Professional Designer E-Store - 'id' Multiple SQL Injections
by Nawaf Alkeraithe
EIP-2026-105053 EXPLOITDB text VERIFIED
Ajax File Manager - Directory Traversal
by Eduardo Alves
EIP-2026-113980 EXPLOITDB php VERIFIED
WordPress Plugin Premium Gallery Manager - Arbitrary File Upload
by eX-Sh1Ne