Exploitdb Exploits
50,076 exploits tracked across all sources.
Open Web Analytics < 1.5.5 - SQL Injection via Password Reset Email Parameter
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
by Dana James Traversie
MODx Evogallery Module - 'Uploadify.php' Arbitrary File Upload
by TUNISIAN CYBER
My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
ICEWARP 11.0.0.0 Cross-Site Scripting via Email HTML Injection
ICEWARP 10.3.4 and 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object and embed tags. Attackers can craft emails containing data URIs with embedded scripts that execute in the client when the email is viewed, compromising user sessions and stealing sensitive information.
by Usman Saeed
CVSS 6.1
Joomla! Component com_wire_immogest - 'index.php' SQL Injection
by MR.XpR
synetics i-doit pro <1.2.5 - SQL Injection
SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI.
by Stephan Rickauer
Linksys E-Series - Command Injection
An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability was reported to be exploited in the wild by the "TheMoon" worm in 2014 to deploy a MIPS ELF payload, enabling arbitrary code execution on the router. Additionally, this vulnerability may affect other Linksys products to include, but not limited to, WAG/WAP/WES/WET/WRT-series router models and Wireless-N access points and routers. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC.
by Rew
HP Storage Data Protector 6.2X - Remote Code Execution via Crafted EXEC_BAR Packet
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
by Chris Graham
Qualcomm Eudora WorldMail 9.0.333.0 - Remote Code Execution via IMAPd UID Command
Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.
by Muhammad Alharmeel
ImageMagick - Stack-based Buffer Overflow in WritePSDImage Function
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
by Mike Czumak
CVSS 8.8
Dexter (CasinoLoader) - SQL Injection (Metasploit)
by Metasploit
Office Assistant Pro 2.2.2 iOS - Local File Inclusion
by Vulnerability-Lab
Trendchip HG520 ADSL2+ Wireless Modem - Cross-Site Request Forgery
by Dhruv Shah
D.R. Software Audio Converter 8.1, 2007, and 8.05 - Stack-based Buffer Overflow via PLS Playlist File
Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file.
by Metasploit
CA 2E Web Option r8.1.2 - Session Hijacking via Predictable Session Token Substring
CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm.
by Mike Emery
Apache Commons FileUpload <1.3.1 - DoS
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
by Trustwave's SpiderLabs
jDisk (stickto) 2.0.3 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
by Andrew Horton
By Source