Exploitdb Exploits
50,076 exploits tracked across all sources.
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Remote Command Execution via backupmgt/getAlias.php ip Parameter
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.
by Jeroen - IT Nerdbox
CVSS 9.8
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Cross-Site Scripting via fullname or workname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname parameter to admin/access_control_user_edit.php or (2) workname parameter to admin/network_workgroup_domain.php.
by Jeroen - IT Nerdbox
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes.
by Jeroen - IT Nerdbox
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Remote Command Execution via backupmgt/getAlias.php ip Parameter
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.
by Jeroen - IT Nerdbox
CVSS 9.8
Taboada MacroNews 1.0 - Authenticated SQL Injection via news_popup.php id Parameter
SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
by Jefrey
Motorola SBG6580 Cable Modem & Wireless Router - Reboot (Denial of Service)
by nicx0
Technicolor TC7200 STD6.01.12 - Cross-Site Scripting via ADDNewDomain or VmTracerouteHost Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to inject arbitrary web script or HTML via the (1) ADDNewDomain parameter to parental/website-filters.asp or (2) VmTracerouteHost parameter to goform/status/diagnostics-route.
by Jeroen - IT Nerdbox
Technicolor TC7200 STD6.01.12 - Cross-Site Request Forgery via Multiple Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall.
by Jeroen - IT Nerdbox
Nisuta NS-WIR150NE/NS-WIR300N - Auth Bypass
The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header.
by Amplia Security Advisories
Apache Libcloud 0.12.3-0.13.2 - Exposure of Sensitive Information via DigitalOcean Destroy API
Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.
by anonymous
Advanced Dewplayer <1.2 - Path Traversal
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
by Henri Salo
Naxtech CMS Afroditi 1.0 - SQL Injection
SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to default.asp.
by projectzero labs
Ofilter Player 1.1 - '.wav' Integer Division by Zero
by Osanda Malith Jayathissa
D-Link DSL-2750u ME_1.09 - Cross-Site Request Forgery
by FIGHTERx war
JForum - Cross-Site Request Forgery in Admin Module
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
by arno
AFCommerce - 'controlheader.php' Remote File Inclusion
by NoGe
AFCommerce - 'adminpassword.php' Remote File Inclusion
by NoGe
RealNetworks RealPlayer <17.0.4.61 - Windows/Mac - Buffer Overflow
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
by Gabor Seljan
Huawei Mobile Partner 23.009.05.03.1014 - Untrusted Search Path and DLL Hijacking via wintab32.dll
Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.
by LiquidWorm
Synology DiskStation Manager - Arbitrary File Write via SLICEUPLOAD X-TMP-FILE Header
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header.
by Metasploit
HP SiteScope 10.1x and 11.x < 11.22 - Unauthenticated Remote Code Execution via APISiteScopeImpl issueSiebelCmd Method
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
by Metasploit
xBoard 5.0/5.5/6.0 - 'view.php' Local File Inclusion
by TUNISIAN CYBER
By Source