Exploitdb Exploits

50,083 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-2765 EXPLOITDB python
ModSecurity < 2.7.4 - Denial of Service via Crafted Content-Type Header
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
by Younes JAAIDI
CVE-2013-10057 EXPLOITDB HIGH html VERIFIED
Synactis PDF In-The-Box ActiveX - Buffer Overflow
A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved TRegistry class pointer on the stack. This allows remote attackers to execute arbitrary code in the context of the user by enticing them to visit a malicious webpage that instantiates the vulnerable ActiveX control. The vulnerability was discovered via its use in third-party software such as Logic Print 2013.
by h1ch4m
EIP-2026-118697 EXPLOITDB python VERIFIED
Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)
by xis_one
CVE-2013-3724 EXPLOITDB text
Monkey 1.1.1 - Denial of Service via Null Byte in HTTP Request
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.
by Doug Prostko
CVE-2013-1604 EXPLOITDB text VERIFIED
MayGion IP Camera Firmware < 09.27 - Path Traversal via Default URI
Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.
by Core Security
CVE-2013-2572 EXPLOITDB HIGH text VERIFIED
TP-LINK TL-SC 3130, TL-SC 3130G, TL-SC 3171G, TL-SC 4171G < 1.6.18p12 - Security Bypass via Hard-coded Credentials
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
by Core Security
CVSS 7.5
CVE-2013-2567 EXPLOITDB HIGH text VERIFIED
Zavio IP Cameras <1.6.03 - Auth Bypass
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.
by Core Security
CVSS 7.5
CVE-2012-5946 EXPLOITDB ruby VERIFIED
IBM SPSS SamplePower 3.0 - Buffer Overflow in c1sizer ActiveX Control via TabCaption
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string.
by Metasploit
EIP-2026-107633 EXPLOITDB text VERIFIED
HostBill - 'cpupdate.php' Authentication Bypass
by localhost.re
EIP-2026-104569 EXPLOITDB python
CodeBlocks 12.11 (OSX) - Crash (PoC)
by ariarat
EIP-2026-103441 EXPLOITDB python VERIFIED
Code::Blocks - Denial of Service
by ariarat
CVE-2013-2570 EXPLOITDB CRITICAL text VERIFIED
Zavio IP Cameras <1.6.3 - Command Injection
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.
by Core Security
CVSS 9.8
EIP-2026-102130 EXPLOITDB python
YeaLink IP Phone Firmware 9.70.0.100 - Phone Call
by b0rh
EIP-2026-102078 EXPLOITDB python
TP-Link WR842ND - Remote Multiple SSID Directory Traversals
by Adam Simuntis
CVE-2013-2573 EXPLOITDB CRITICAL text VERIFIED
TP-Link IP Camera - Command Injection
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
by Core Security
CVSS 9.8
CVE-2013-1605 EXPLOITDB text VERIFIED
MayGion IP Camera Firmware < 2013.04.22 (05.53) - Remote Code Execution via Long Filename
Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to execute arbitrary code via a long filename in a GET request.
by Core Security
EIP-2026-106814 EXPLOITDB text VERIFIED
Elastix - Multiple Cross-Site Scripting Vulnerabilities
by cheki
CVE-2013-2028 EXPLOITDB ruby VERIFIED
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by Metasploit
EIP-2026-113534 EXPLOITDB text VERIFIED
WordPress Plugin ADIF Log Search Widget - 'logbook_search.php' Cross-Site Scripting
by k3170makan
EIP-2026-101176 EXPLOITDB text VERIFIED
Barracuda SSL VPN 680 - 'returnTo' Open Redirection
by Chokri Ben Achor
EIP-2026-119133 EXPLOITDB text
SIEMENS Solid Edge ST4/ST5 WebPartHelper - ActiveX RFMSsvs!JShellExecuteEx Remote Code Execution
by rgod
CVE-2013-2730 EXPLOITDB ruby VERIFIED
Adobe Reader/Acrobat <9.5.5, <10.1.7, <11.0.03 - Buffer Overflow
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2733.
by Metasploit
EIP-2026-116431 EXPLOITDB text
Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities
by Vulnerability-Lab
EIP-2026-116242 EXPLOITDB text
SIEMENS Solid Edge ST4/ST5 SEListCtrlX - ActiveX SetItemReadOnly Arbitrary Memory Rewrite Remote Code Execution
by rgod
EIP-2026-116219 EXPLOITDB text
SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Overflow
by LiquidWorm