Exploitdb Exploits
50,076 exploits tracked across all sources.
SonicWALL GMS Analyzer and UMA EM5000 7.1 SP1 - Authenticated Cross-Site Scripting via valfield_1 or value_1 Parameter
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
by Vulnerability-Lab
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities
by Vulnerability-Lab
Steinberg MyMp3PRO 5.0 Build 5.1.0.21 - Buffer Overflow via Long String in .m3u File
Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows remote attackers to execute arbitrary code via a long string in a .m3u file.
by metacom
MySQL < 5.0.40 and 5.1 < 5.1.18-beta - Denial of Service via Crafted IF Clause
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
by Neil Kettle
Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities
by Vulnerability-Lab
Kimai 0.9.2.x - Unauthenticated SQL Injection via db_restore.php dates[] Parameter
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates[] POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to remote code execution by writing a PHP payload to the web-accessible temporary directory. The vulnerability has been confirmed in versions including 0.9.2.beta, 0.9.2.1294.beta, and 0.9.2.1306-3.
by Metasploit
MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
by Metasploit
CVSS 7.8
ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit)
by Metasploit
Microsoft Windows XP/Server 2003 - Privilege Escalation
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.
by ryujin
CVSS 7.8
Dokeos < 2.2 - SQL Injection via Language Parameter
SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php.
by High-Tech Bridge SA
Chamilo LMS < 1.9.6 - Authenticated SQL Injection via Password Parameter
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "password0" parameter.
by High-Tech Bridge SA
DCNM-SAN Server <6.2(1) - Path Traversal
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality.
by Metasploit
FormCraft < 1.3.7 - SQL Injection via id Parameter
SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Ashiyane Digital Security Team
Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities
by Vulnerability-Lab
D-Link DIR-Series Routers - '/model/__show_info.php' Local File Disclosure
by tytusromekiatomek
PHPThumb - 'PHPThumb.php' Arbitrary File Upload
by DevilScreaM
Multiple WordPress Orange Themes - Cross-Site Request Forgery (Arbitrary File Upload)
by Jje Incovers
TVT DVR Firmware < 3.2.0.p-3520a-03 - Path Traversal via URI
Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. (dot dot) in the URI.
by Cesar Neira
Kingsoft Writer 2012 8.1.0.3030 - Stack-based Buffer Overflow via Long Font Name in WPS File
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file.
by Julien Ahrens
ZIP Password Recovery Professional 5.1 - '.zip' Crash (PoC)
by KAI
Audacious Player 3.4.2/3.4.1 - '.mp3' Crash (PoC)
by Akin Tosunlar
Zend-Framework - Full Information Disclosure
by Ariel Orellana
By Source