Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-6924 EXPLOITDB CRITICAL text
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Remote Command Execution via backupmgt/getAlias.php ip Parameter
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.
by Jeroen - IT Nerdbox
CVSS 9.8
CVE-2013-6923 EXPLOITDB text
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Cross-Site Scripting via fullname or workname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php.
by Jeroen - IT Nerdbox
CVE-2013-6922 EXPLOITDB text
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes.
by Jeroen - IT Nerdbox
CVE-2013-6924 EXPLOITDB CRITICAL php
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Remote Command Execution via backupmgt/getAlias.php ip Parameter
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.
by Jeroen - IT Nerdbox
CVSS 9.8
CVE-2014-10032 EXPLOITDB php
Taboada MacroNews 1.0 - Authenticated SQL Injection via news_popup.php id Parameter
SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
by Jefrey
EIP-2026-101046 EXPLOITDB python
Motorola SBG6580 Cable Modem & Wireless Router - Reboot (Denial of Service)
by nicx0
EIP-2026-119360 EXPLOITDB text
DirectControlTM 3.1.7.0 - Multiple Vulnerabilities
by mohamad ch
EIP-2026-103762 EXPLOITDB text
ACE Stream Media 2.1 - 'acestream://' Format String
by LiquidWorm
CVE-2014-0620 EXPLOITDB text
Technicolor TC7200 STD6.01.12 - Cross-Site Scripting via ADDNewDomain or VmTracerouteHost Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to inject arbitrary web script or HTML via the (1) ADDNewDomain parameter to parental/website-filters.asp or (2) VmTracerouteHost parameter to goform/status/diagnostics-route.
by Jeroen - IT Nerdbox
CVE-2014-0621 EXPLOITDB text
Technicolor TC7200 STD6.01.12 - Cross-Site Request Forgery via Multiple Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall.
by Jeroen - IT Nerdbox
CVE-2013-7282 EXPLOITDB text
Nisuta NS-WIR150NE/NS-WIR300N - Auth Bypass
The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header.
by Amplia Security Advisories
CVE-2013-6480 EXPLOITDB text VERIFIED
Apache Libcloud 0.12.3-0.13.2 - Exposure of Sensitive Information via DigitalOcean Destroy API
Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.
by anonymous
CVE-2013-7240 EXPLOITDB text VERIFIED
Advanced Dewplayer <1.2 - Path Traversal
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
by Henri Salo
CVE-2013-7278 EXPLOITDB text VERIFIED
Naxtech CMS Afroditi 1.0 - SQL Injection
SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to default.asp.
by projectzero labs
EIP-2026-115988 EXPLOITDB php
Ofilter Player 1.1 - '.wav' Integer Division by Zero
by Osanda Malith Jayathissa
EIP-2026-101647 EXPLOITDB text
D-Link DSL-2750u ME_1.09 - Cross-Site Request Forgery
by FIGHTERx war
CVE-2013-7209 EXPLOITDB text VERIFIED
JForum - Cross-Site Request Forgery in Admin Module
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
by arno
EIP-2026-105009 EXPLOITDB text VERIFIED
AFCommerce - 'controlheader.php' Remote File Inclusion
by NoGe
EIP-2026-105008 EXPLOITDB text VERIFIED
AFCommerce - 'adminpassword.php' Remote File Inclusion
by NoGe
EIP-2026-105007 EXPLOITDB text VERIFIED
AFCommerce - 'adblock.php' Remote File Inclusion
by NoGe
CVE-2013-7260 EXPLOITDB perl VERIFIED
RealNetworks RealPlayer <17.0.4.61 - Windows/Mac - Buffer Overflow
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
by Gabor Seljan
CVE-2014-8359 EXPLOITDB text
Huawei Mobile Partner 23.009.05.03.1014 - Untrusted Search Path and DLL Hijacking via wintab32.dll
Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.
by LiquidWorm
CVE-2013-6955 EXPLOITDB ruby VERIFIED
Synology DiskStation Manager - Arbitrary File Write via SLICEUPLOAD X-TMP-FILE Header
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header.
by Metasploit
CVE-2013-4835 EXPLOITDB ruby VERIFIED
HP SiteScope 10.1x and 11.x < 11.22 - Unauthenticated Remote Code Execution via APISiteScopeImpl issueSiebelCmd Method
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
by Metasploit
EIP-2026-114412 EXPLOITDB text VERIFIED
xBoard 5.0/5.5/6.0 - 'view.php' Local File Inclusion
by TUNISIAN CYBER