Exploitdb Exploits
50,083 exploits tracked across all sources.
Ruubikcms 1.1.1 - 'tinybrowser.php?folder' Directory Traversal
by expl0i13r
Cuppa CMS - '/alertConfigField.php' Local/Remote File Inclusion
by CWH Underground
Parallels Plesk Panel <9.0.x, 9.2.x - RCE
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper ScriptAlias directive for phppath, which makes it easier for remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2012-1823.
by kingcope
Mac OS X <= 10.6.8 - Remote Code Execution in Directory Service
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
by Core Security
Apache Struts 2.0.0-2.3.14.2 - Remote Code Execution via OGNL Expression in Action Name
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
by Jon Passki
Apache Struts 2.0.0-2.3.14.1 - Remote Code Execution via OGNL Injection in URL/A Tag
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
by Metasploit
CVSS 8.1
miniupnpd 1.0 - Remote Code Execution via Long Quoted Method in SOAPAction Handler
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
by Metasploit
Linux Kernel 3.0.5 - 'test_root()' Local Denial of Service
by Jonathan Salwan
Imperva SecureSphere 9.0.0.5 - Authenticated Remote Code Execution via Task Command Field
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
by Pedro Andujar
DS3 Authentication Server - Remote Code Execution via ErrorViewer.jsp Message Parameter
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote attackers to inject arbitrary error-page text via the message parameter.
by Pedro Andujar
hcomm xpient_iris < 3.8 - Remote Code Execution via TCP Port 7510
Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.
by Core Security
CVSS 9.8
QNAP VioStor NVR 4.0.3 and Surveillance Station Pro - Authenticated Remote Code Execution via pingping.cgi Query String
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.
by Tim Herres
Telaen < 1.3.1 - Open Redirect via redir.php URL Parameter
Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL.
by Manuel García Cárdenas
CVSS 6.1
telaen < 1.3.1 - Cross-Site Scripting via f_email Parameter
Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the "f_email" parameter in index.php.
by Manuel García Cárdenas
CVSS 6.1
CMS Gratis Indonesia - 'config.php' PHP Code Injection
by CWH Underground
MongoDB 2.4.0-2.4.4 - Authenticated Denial of Service via Invalid RefDB Object
The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and server crash) or possibly execute arbitrary code via an invalid RefDB object.
by SCRT Security
Microsoft Windows - Denial of Service via EPATHOBJ::bFlatten Path Traversal
The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain.
by Tavis Ormandy
telaen < 1.3.1 - Exposure of Sensitive Information via Crafted URL Request
Telean before 1.3.1 contains a full path disclosure vulnerability which could allow remote attackers to obtain sensitive information through a specially crafted URL request.
by Manuel García Cárdenas
CVSS 5.3
BOINC Manager (Seti@home) 7.0.64 - Field Buffer Overflow (SEH)
by xis_one
Lianja SQL Server < 1.0 - Stack-Based Buffer Overflow via TCP Port 8001
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001.
by Metasploit
PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution
by CWH Underground
By Source