Exploitdb Exploits
50,076 exploits tracked across all sources.
FreeBSD 9 Address Space Manipulation Privilege Escalation
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls.
by Metasploit
Barnraiser Prairie - 'get_file.php' Directory Traversal
by prairie
LibrettoCMS 1.1.7 - Unauthenticated RCE
An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication.
by Metasploit
HP System Management Homepage - Authenticated OS Command Injection via PATH_INFO to smhutil/snmpchp.php.en
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
by Metasploit
Novell Client for Windows 4.91 SP4 - Buffer Overflow
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory.
by Metasploit
Mediacoder PMP Edition 0.8.17 - '.m3u' Local Buffer Overflow
by metacom
Mediacoder - '.m3u' Local Buffer Overflow (SEH)
by metacom
Mediacoder (.lst) - Local Buffer Overflow (SEH)
by metacom
McAfee Data Loss Prevention - Multiple Information Disclosure Vulnerabilities
by Jamie Ooi
Top Games Script 1.2 - SQL Injection
SQL injection vulnerability in play.php in Top Games Script 1.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
by AtT4CKxT3rR0r1ST
phpEventCalendar < 0.2.3 - SQL Injection via eventdisplay.php id Parameter
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by AtT4CKxT3rR0r1ST
elemata_cms RC 3.0 - SQL Injection via id Parameter
SQL injection vulnerability in functions/global.php in Elemata CMS RC 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by CWH Underground
AlienVault OSSIM 4.1 - SQL Injection
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4] parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5) port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or (7) rvalue parameter in a search action to vulnmeter/index.php.
by Glafkos Charalambous
ZPanel 10.0.0.2 htpasswd Module - 'Username' Command Execution (Metasploit)
by Metasploit
MoinMoin < 1.9.6 - Authenticated Path Traversal and Arbitrary File Write via Twikidraw and Anywikidraw Actions
Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.
by Metasploit
TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass
by Chako
Linksys E1000/E1200/E3200 - Command Injection
Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP port 52000.
by m-1-k-3
CVSS 8.3
Adrenalin Player 2.2.5.3 - '.asx' Local Buffer Overflow (SEH)
by Onying
By Source