Exploitdb Exploits
50,076 exploits tracked across all sources.
MinaliC WebServer 2.0.0 - Remote Buffer Overflow (Egghunter)
by PuN1sh3r
HP LeftHand Virtual SAN Appliance <10.0 - RCE
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510.
by Metasploit
CakePHP 2.2.8/2.3.7 - AssetDispatcher Class Local File Inclusion
by Takeshi Terada
Vastal I-Tech phpVID <1.2.3 - SQL Injection
Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to (1) browse_videos.php or (2) members.php. NOTE: the cat parameter is already covered by CVE-2008-4157.
by 3spi0n
D-Link DIR-300 rev B & DIR-600 <2.13/2.14b01 - Command Injection
An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker can execute arbitrary shell commands with root privileges, allowing full takeover of the device. This includes launching services such as Telnet, exfiltrating credentials, modifying system configuration, and disrupting availability. The flaw stems from the lack of authentication and inadequate sanitation of the cmd parameter.
by Metasploit
CVSS 9.8
Vastal I-Tech phpVID 1.1 and 1.2.3 - SQL Injection via groups.php cat Parameter
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected.
by 3spi0n
Vastal I-Tech phpVID 1.1, 1.2, 1.2.3 - Cross-Site Scripting via Search Results Query Parameter
Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is also affected.
by 3spi0n
Sami FTP Server 2.0.1 - MKD Buffer Overflow ASLR Bypass (SEH)
by Polunchis
Oracle Java - 'storeImageArray()' Invalid Array Indexing
by Packet Storm
HMS Testimonials < 2.0.11 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) image, (3) url, or (4) testimonial parameter to the Testimonial form (hms-testimonials-addnew page); (5) date_format parameter to the Settings - Default form (hms-testimonials-settings page); (6) name parameter in a Save action to the Settings - Custom Fields form (hms-testimonials-settings-fields page); or (7) name parameter in a Save action to the Settings - Template form (hms-testimonials-templates-new page).
by RogueCoder
CVSS 6.1
Tribq CMS 5.2.7 - Cross-Site Request Forgery (Adding/Editing New Administrator Account)
by Yashar shahinzadeh
Vastal phpVID 1.2.3 - Cross-Site Scripting via Browse Videos or Groups Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to browse_videos.php or the (2) cat parameter to groups.php.
by 3spi0n
Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities
by Yashar shahinzadeh
MLMAuction Script - 'gallery.php?id' SQL Injection
by 3spi0n
Joomla! com_redshop 1.0 - SQL Injection
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php.
by Matias Fontanini
Gnew 2013.1 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Gnew 2013.1 allow remote attackers to inject arbitrary web script or HTML via the gnew_template parameter to (1) users/profile.php, (2) articles/index.php, or (3) admin/polls.php; (4) category_id parameter to news/submit.php; news_id parameter to (5) news/send.php or (6) comments/add.php; or (7) post_subject or (8) thread_id parameter to posts/edit.php.
by LiquidWorm
Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities
by Taha Hunter
OpenX Ad Server 2.8.10 - Remote Code Execution via Backdoor in flowplayer-3.1.1.min.js
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code
by Metasploit
CVSS 9.8
Square Squash - Remote Code Execution via YAML in Namespace or Sourcemap Parameter
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.
by Metasploit
Ruby on Rails JSON Processor YAML Deserialization Code Execution
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
by Metasploit
HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
by Iranian_Dark_Coders_Team
D-Link DIR-300/615 - Command Injection
An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions that expose tools_vct.xgi and use the Mathopd/1.5p6 web server. No vendor patch is available, and affected models are end-of-life.
by Metasploit
CVSS 8.8
By Source