Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-2227 EXPLOITDB HIGH text
GLPI 0.83.7 - Local File Inclusion via common.tabs.php
GLPI 0.83.7 has Local File Inclusion in common.tabs.php.
by LiquidWorm
CVSS 7.5
CVE-2013-2171 EXPLOITDB c VERIFIED
FreeBSD 9 Address Space Manipulation Privilege Escalation
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls.
by Hunger
EIP-2026-115884 EXPLOITDB perl VERIFIED
MusicBee 2.0.4663 - '.m3u' Denial of Service
by Chako
EIP-2026-109561 EXPLOITDB text VERIFIED
Monkey CMS - Multiple Vulnerabilities
by Yashar shahinzadeh_ Mormoroth
EIP-2026-108515 EXPLOITDB php VERIFIED
Joomla! Component com_rokdownloads - Arbitrary File Upload
by Am!r
EIP-2026-107788 EXPLOITDB php
imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload
by CWH Underground
EIP-2026-101481 EXPLOITDB python VERIFIED
TP-Link TL-PS110U Print Server - 'tplink-enum.py' Security Bypass
by SANTHO
EIP-2026-101480 EXPLOITDB python
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
by SANTHO
EIP-2026-106917 EXPLOITDB text VERIFIED
et-chat - Privilege Escalation / Arbitrary File Upload
by MR.XpR
CVE-2013-4664 EXPLOITDB MEDIUM text
SPBAS Business Automation Software 2012 - XSS
SPBAS Business Automation Software 2012 has XSS.
by Christy Philip Mathew
CVSS 6.1
CVE-2013-10055 EXPLOITDB CRITICAL text VERIFIED
Havalite CMS 1.1.7 - Unauthenticated RCE
An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attackers to upload malicious PHP files via a crafted multipart/form-data POST request. Once uploaded, the attacker can access the file directly under havalite/tmp/files/, resulting in remote code execution.
by CWH Underground
CVE-2006-0720 EXPLOITDB python VERIFIED
Nullsoft Winamp 5.12 and 5.13 - Stack-Based Buffer Overflow via Crafted .m3u File
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file.
by superkojiman
EIP-2026-116734 EXPLOITDB python VERIFIED
Adrenalin Player 2.2.5.3 - '.wax' Local Buffer Overflow (SEH)
by Onying
EIP-2026-114145 EXPLOITDB text
WordPress Plugin Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery
by expl0i13r
CVE-2013-4665 EXPLOITDB MEDIUM text
SPBAS Business Automation Software 2012 - CSRF
SPBAS Business Automation Software 2012 has CSRF.
by Christy Philip Mathew
CVSS 6.5
EIP-2026-112091 EXPLOITDB text VERIFIED
Simple File Manager 024 - Authentication Bypass
by Chako
EIP-2026-107161 EXPLOITDB text VERIFIED
Fly-High CMS 2012-07-08 - Unrestricted Arbitrary File Upload
by CWH Underground
EIP-2026-105542 EXPLOITDB php VERIFIED
BloofoxCMS - 'index.php' Arbitrary File Upload
by CWH Underground
EIP-2026-114570 EXPLOITDB text VERIFIED
ZamFoo - 'date' Remote Command Injection
by localhost.re
EIP-2026-100071 EXPLOITDB text VERIFIED
TaxiMonger for Android - 'name' HTML Injection
by Ismail Kaleem
CVE-2013-10054 EXPLOITDB CRITICAL text VERIFIED
LibrettoCMS 1.1.7 - Unauthenticated RCE
An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication.
by CWH Underground
CVE-2013-6079 EXPLOITDB python VERIFIED
MostGear Soft Easy LAN Folder Share 3.2.0.100 - Buffer Overflow via Long Registration Code or License Registry Key
Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in the (1) registration code field in the activate license window or the (2) HKLM\SOFTWARE\MostGear\EasyLanFolderShare_V1\License registry key. NOTE: it is not clear from the original report whether this issue crosses privilege boundaries. If not, then it should not be included in CVE.
by ariarat
CVE-2013-2182 EXPLOITDB text VERIFIED
monkey-project/monkey < 1.4.0 - Remote Access Restriction Bypass via Crafted URI
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
by felipensp
CVE-2013-2551 EXPLOITDB HIGH ruby VERIFIED
Microsoft Internet Explorer <10 - RCE
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
by Metasploit
CVSS 8.8
CVE-2013-3543 EXPLOITDB text
AXIS Media Control ActiveX Control - Arbitrary File Write via StartRecord, SaveCurrentImage, or StartRecordMedia Methods
The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) 6.2.10.11 for AXIS network cameras allows remote attackers to create or overwrite arbitrary files via a file path to the (1) StartRecord, (2) SaveCurrentImage, or (3) StartRecordMedia methods.
by Javier Repiso Sánchez