Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-4727 EXPLOITDB text VERIFIED
DDSN Interactive cm3 Acora CMS - Info Disclosure
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a request to Admin/top.aspx.
by Pedro Andujar
CVE-2013-3314 EXPLOITDB HIGH text
Loftek Nexus 543 Firmware - Unauthenticated Sensitive Information Exposure via get_realip.cgi and get_status.cgi
The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi.
by Craig Young
CVSS 7.5
EIP-2026-101180 EXPLOITDB text
Belkin G Wireless Router Firmware 5.00.12 - Remote Code Execution
by Aodrulez
EIP-2026-118434 EXPLOITDB python VERIFIED
dreamMail e-mail client 4.6.9.2 - Persistent Cross-Site Scripting
by loneferret
CVE-2013-3597 EXPLOITDB text VERIFIED
SearchBlox < 7.5 - Exposure of Sensitive Information via CollectionListServlet
servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.
by Ricky Roane Jr
CVE-2013-4900 EXPLOITDB text
DeWeS web server <0.4.2 - Path Traversal
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
by High-Tech Bridge SA
CVE-2008-4423 EXPLOITDB text VERIFIED
Ovidentia 6.6.5 - SQL Injection via Item Parameter in Contact Modify Action
SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the item parameter in a contact modify action.
by LiquidWorm
EIP-2026-105764 EXPLOITDB text
CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities
by Dylan Irzi
CVE-2013-2113 EXPLOITDB ruby VERIFIED
Redhat Openstack < 1.2.0 - Access Control
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.
by Metasploit
CVE-2013-1662 EXPLOITDB text VERIFIED
VMware Workstation 8.x-9.x and Player 4.x-5.x - Privilege Escalation via PATH lsb_release Hijacking
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function.
by Tavis Ormandy
CVE-2013-4124 EXPLOITDB text
Samba 3.x-3.5.21, 3.6.x-3.6.16, 4.x-4.0.7 - Denial of Service via Malformed NTTRANS Packet
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
by x90c
CVE-2013-4775 EXPLOITDB python
NETGEAR ProSafe Firmware - Sensitive Information Exposure via Direct Request
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted administrator credentials and other startup configurations via a direct request to filesystem/startup-config.
by Juan J. Guelfo
CVE-2013-4776 EXPLOITDB python
NETGEAR ProSafe GS724Tv3/GS716Tv2 <5.4.1.13, GS748Tv4 5.4.1.14, GS510TP 5.0.4.4 - DoS via HTTP Request
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service (reboot or crash) via a crafted HTTP request to filesystem/.
by Juan J. Guelfo
CVE-2013-10042 EXPLOITDB CRITICAL perl VERIFIED
freeFTPd < 1.0.10 - Stack-based Buffer Overflow via FTP PASS Command
A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled.
by Wireghoul
CVSS 9.8
CVE-2013-0632 EXPLOITDB CRITICAL text
Adobe ColdFusion 9.0-9.0.2, 10 - Unauthenticated Authentication Bypass and Remote Code Execution via RDS Component
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013.
by Scott Buckel
CVSS 9.8
EIP-2026-119011 EXPLOITDB text
Oracle Java - 'BytePackedRaster.verify()' Signed Integer Overflow
by Packet Storm
CVE-2013-5093 EXPLOITDB ruby VERIFIED
Graphite 0.9.5-0.9.10 - Remote Code Execution via Unsafe Pickle Deserialization
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.
by Metasploit
CVE-2013-4889 EXPLOITDB html VERIFIED
Digital Signage Xibo 1.4.2 - Cross-Site Request Forgery in index.php
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new administrator via the AddUser action or (2) conduct cross-site scripting (XSS) attacks, as demonstrated by CVE-2013-4888.
by Jacob Holcomb
CVE-2013-4888 EXPLOITDB text VERIFIED
Xibo 1.4.2 - Cross-Site Scripting via Layout Parameter
Cross-site scripting (XSS) vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the layout parameter in the layout page.
by Jacob Holcomb
EIP-2026-114115 EXPLOITDB text
WordPress Plugin ThinkIT 0.1 - Multiple Vulnerabilities
by Yashar shahinzadeh
CVE-2013-4900 EXPLOITDB text VERIFIED
DeWeS web server <0.4.2 - Path Traversal
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
by High-Tech Bridge
EIP-2026-105487 EXPLOITDB python
Bitbot (C2 Web Panel) - 'gate2.php' Multiple Vulnerabilities
by bwall
EIP-2026-102006 EXPLOITDB text
Sitecom N300/N600 Devices - Multiple Vulnerabilities
by Roberto Paleari
CVE-2013-3586 EXPLOITDB text
Samsung Smart Viewer - Unauthenticated Authentication Bypass via SessionID Cookie
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.
by Andrea Fabrizi
EIP-2026-101077 EXPLOITDB ruby
Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service
by Arash Abedian