Exploitdb Exploits
50,083 exploits tracked across all sources.
ModSecurity < 2.7.4 - Denial of Service via Crafted Content-Type Header
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
by Younes JAAIDI
Synactis PDF In-The-Box ActiveX - Buffer Overflow
A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved TRegistry class pointer on the stack. This allows remote attackers to execute arbitrary code in the context of the user by enticing them to visit a malicious webpage that instantiates the vulnerable ActiveX control. The vulnerability was discovered via its use in third-party software such as Logic Print 2013.
by h1ch4m
Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)
by xis_one
Monkey 1.1.1 - Denial of Service via Null Byte in HTTP Request
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.
by Doug Prostko
MayGion IP Camera Firmware < 09.27 - Path Traversal via Default URI
Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.
by Core Security
TP-LINK TL-SC 3130, TL-SC 3130G, TL-SC 3171G, TL-SC 4171G < 1.6.18p12 - Security Bypass via Hard-coded Credentials
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
by Core Security
CVSS 7.5
Zavio IP Cameras <1.6.03 - Auth Bypass
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.
by Core Security
CVSS 7.5
IBM SPSS SamplePower 3.0 - Buffer Overflow in c1sizer ActiveX Control via TabCaption
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string.
by Metasploit
HostBill - 'cpupdate.php' Authentication Bypass
by localhost.re
Zavio IP Cameras <1.6.3 - Command Injection
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.
by Core Security
CVSS 9.8
TP-Link WR842ND - Remote Multiple SSID Directory Traversals
by Adam Simuntis
TP-Link IP Camera - Command Injection
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
by Core Security
CVSS 9.8
MayGion IP Camera Firmware < 2013.04.22 (05.53) - Remote Code Execution via Long Filename
Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to execute arbitrary code via a long filename in a GET request.
by Core Security
Elastix - Multiple Cross-Site Scripting Vulnerabilities
by cheki
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by Metasploit
WordPress Plugin ADIF Log Search Widget - 'logbook_search.php' Cross-Site Scripting
by k3170makan
Barracuda SSL VPN 680 - 'returnTo' Open Redirection
by Chokri Ben Achor
SIEMENS Solid Edge ST4/ST5 WebPartHelper - ActiveX RFMSsvs!JShellExecuteEx Remote Code Execution
by rgod
Adobe Reader/Acrobat <9.5.5, <10.1.7, <11.0.03 - Buffer Overflow
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2733.
by Metasploit
Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities
by Vulnerability-Lab
SIEMENS Solid Edge ST4/ST5 SEListCtrlX - ActiveX SetItemReadOnly Arbitrary Memory Rewrite Remote Code Execution
by rgod
SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Overflow
by LiquidWorm
By Source