Exploitdb Exploits
50,083 exploits tracked across all sources.
Squid - 'httpMakeVaryMark()' Remote Denial of Service
by tytusromekiatomek
HP Intelligent Management Center - 'topoContent.jsf' Cross-Site Scripting
by Julien Ahrens
D-Link DSL-2740B Firmware EU_1.0 - Unauthenticated Authentication Bypass via login.cgi
The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi.
by Ivano Binetti
Plogger - Multiple Input Validation Vulnerabilities
by Saadat Ullah
Piwigo < 2.4.7 - Cross-Site Request Forgery via LocalFiles Editor Plugin
Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
by High-Tech Bridge SA
Sami FTP Server 2.0.1 - 'LIST' Buffer Overflow
by superkojiman
HansoTools Hanso Player <2.5.0 - Buffer Overflow
Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier allows remote attackers to cause a denial of service (crash) via a long string in a .m3u file.
by metacom
Uploader 1.0.4 - Cross-Site Scripting via Notify or Blog Parameter
Multiple cross-site scripting (XSS) vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) notify or (2) blog parameter.
by CodeV
Piwigo < 2.4.7 - Path Traversal via Install.php DL Parameter
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter.
by High-Tech Bridge SA
PHP-Fusion <7.02.05 - SQL Injection
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
by waraxe
Batavi 1.2.2 - Cross-Site Scripting via QUERY_STRING to admin/index.php
Cross-site scripting (XSS) vulnerability in admin/templates/default.php in Batavi 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING to admin/index.php.
by Dognaedis
Foscam <11.37.2.49 - Path Traversal
Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.
by Frederic Basse
rpi-update - Insecure Temporary File Handling / Security Bypass
by Technion
WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities
by ebanyu
Joomla! 2.5.x-3.0.2 - PHP Object Injection via Highlight Parameter
plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist.
by EgiX
Linux Kernel < 3.4.34 - Local Privilege Escalation via Netlink Message Family Value
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
by sd
Glossword 1.8.8-1.8.12 - Authenticated Arbitrary File Upload and Remote Code Execution via Administrative Interface
Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface (gw_admin.php) allows users with administrator privileges to upload files to the gw_temp/a/ directory. Due to insufficient validation of file type and path, attackers can upload and execute PHP payloads, resulting in remote code execution.
by Metasploit
Kordil EDMS v2.2.60rc3 - Unauthenticated RCE
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP payload and invoking it via a direct HTTP request.
by Metasploit
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
MTP Image Gallery 1.0 - 'edit_photos.php?title' Cross-Site Scripting
by LiquidWorm
By Source