Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110725 EXPLOITDB text
PHP MBB CMS 004 - Multiple Vulnerabilities
by cr4wl3r
CVE-2013-7091 EXPLOITDB ruby VERIFIED
Zimbra 7.2.2-8.0.2 - Path Traversal
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API.
by Metasploit
CVE-2013-2068 EXPLOITDB ruby VERIFIED
Red Hat CloudForms Management Engine 2.0 - Path Traversal and Arbitrary File Write
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
by Metasploit
CVE-2013-1349 EXPLOITDB ruby VERIFIED
openSIS 4.5-5.2 - Remote Code Execution via ajax.php modname Parameter
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
by Metasploit
EIP-2026-102296 EXPLOITDB text
Song Exporter 2.1.1 RS iOS - Local File Inclusion
by Vulnerability-Lab
CVE-2013-6987 EXPLOITDB text
Synology DiskStation Manager - Path Traversal via FileBrowser Components
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary files via a .. (dot dot) in the (1) path parameter to file_delete.cgi or (2) folder_path parameter to file_share.cgi in webapi/FileStation/; (3) dlink parameter to fbdownload/; or unspecified parameters to (4) html5_upload.cgi, (5) file_download.cgi, (6) file_sharing.cgi, (7) file_MVCP.cgi, or (8) file_rename.cgi in webapi/FileStation/.
by Andrea Fabrizi
EIP-2026-114344 EXPLOITDB text VERIFIED
WordPress Theme Persuasion 2.x - Arbitrary File Download / File Deletion
by Interference Security
EIP-2026-115191 EXPLOITDB python VERIFIED
Easy Karaokay Player 3.3.31 - '.wav' Integer Division by Zero
by Osanda Malith Jayathissa
CVE-2013-6976 EXPLOITDB text
Cisco EPC3925 - Cross-Site Request Forgery via Quick Setup Password Change
Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496.
by Jeroen - IT Nerdbox
CVE-2013-7185 EXPLOITDB HIGH python
PotPlayer <1.5.40688 - Memory Corruption
PotPlayer 1.5.40688: .avi File Memory Corruption
by ariarat
CVSS 7.8
CVE-2013-7184 EXPLOITDB python
Gretech GOM Media Player <2.2.56.5158 - Memory Corruption
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
by ariarat
CVE-2013-7420 EXPLOITDB text VERIFIED
Hancom Office 2010 SE - Buffer Overflow
Buffer overflow in Hancom Office 2010 SE allows remote attackers to execute arbitrary via a long string in the Text attribute in a TEXTART XML element in an HML file.
by diroverflow
CVE-2013-6890 EXPLOITDB text VERIFIED
Debian Linux - Authentication Bypass
denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names.
by Helmut Grohne
CVE-2013-5676 EXPLOITDB text
Jenkins Plugin for SonarQube <= 3.7 - Authenticated Cleartext Password Exposure via sonar.sonarPassword Parameter
The Jenkins Plugin for SonarQube 3.7 and earlier allows remote authenticated users to obtain sensitive information (cleartext passwords) by reading the value in the sonar.sonarPassword parameter from jenkins/configure.
by Christian Catalano
CVE-2013-2627 EXPLOITDB text VERIFIED
Leed Light Feed <1.5 - SQL Injection
SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action.
by Alexandre Herzog
CVE-2013-5573 EXPLOITDB text
Jenkins 1.523 - Stored Cross-Site Scripting via User Description Field
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.
by Christian Catalano
CVE-2013-6883 EXPLOITDB text
CRU Ditto Forensic FieldStation Firmware < 2013Oct15a - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors.
by Martin Wundram
CVE-2013-6882 EXPLOITDB text
CRU Ditto Forensic FieldStation Firmware < 2013Oct15a - Cross-Site Scripting via Username Parameter
Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the username parameter in a login or (2) remote authenticated users to inject arbitrary web script or HTML via unspecified form fields.
by Martin Wundram
CVE-2013-6881 EXPLOITDB text
CRU Ditto Forensic FieldStation Firmware < 2013Oct15a - OS Command Injection via Sector Size or Skip Count Fields
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task.
by Martin Wundram
CVE-2013-0109 EXPLOITDB ruby VERIFIED
NVIDIA Display Driver <307.78 & R310<311.00 - Privilege Escalation/DoS via Exception Handling
The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.
by Metasploit
CVE-2013-3346 EXPLOITDB CRITICAL ruby VERIFIED
Adobe Acrobat and Reader 9.x < 9.5.5, 10.x < 10.1.7, 11.x < 11.0.03 - Remote Code Execution via Memory Corruption
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.
by Metasploit
CVSS 9.8
CVE-2013-6162 EXPLOITDB python VERIFIED
Code-Crafters Ability Mail Server 3.1.1 - Cross-Site Scripting via Email Body
Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email.
by David Um
CVE-2013-6767 EXPLOITDB text
Quick Heal AntiVirus Pro 7.0.0.1 - Local Buffer Overflow via PE File Text Value
Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to execute arbitrary code or cause a denial of service (process crash) via a long *.text value in a PE file.
by Arash Allebrahim
CVE-2013-5065 EXPLOITDB HIGH ruby VERIFIED
Microsoft Windows XP/Server 2003 - Privilege Escalation
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.
by Metasploit
CVSS 7.8
CVE-2013-5058 EXPLOITDB text VERIFIED
Microsoft Windows - Privilege Escalation
Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka "Win32k Integer Overflow Vulnerability."
by Core Security