Exploitdb Exploits
50,083 exploits tracked across all sources.
curl and libcurl 7.26.0-7.28.1 - Stack-Based Buffer Overflow via SASL DIGEST-MD5 Realm Parameter
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.
by Volema
TP-Link - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities
by CYBSEC Labs
Cisco Linksys E4200 1.0.05 - Code Injection
Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.
by m-1-k-3
CVSS 8.1
Cisco Linksys E4200 1.0.05 - Code Injection
Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.
by m-1-k-3
CVSS 8.1
Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities
by Vulnerability-Lab
Schneider Electric Accutech Manager <2.00.1 - Buffer Overflow
Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request.
by Evren Yalçın
WordPress Theme Pinboard - 'tab' Cross-Site Scripting
by Henrique Montenegro
TP-Link TL-WR2543ND Router - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities
by Juan Manuel Garcia
ActFax Server <5.01 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted @F506 fields, potentially leading to arbitrary code execution. Successful exploitation requires network access to TCP port 4559 and does not require authentication.
by Craig Freyman
Netgear routers <1.1.00.45 - Command Injection
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication.
by m-1-k-3
CVSS 7.2
CoolPDF 3.0.2.256 - Buffer Overflow
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.
by Chris Gabriel
CubeCart 5.0.0-5.2.0 - Remote Code Execution via Unserialization in Shipping Parameter
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object.
by EgiX
CVSS 9.8
WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities
by Vulnerability-Lab
VMware OVF Tool 2.1 - Remote Code Execution via Crafted OVF File
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.
by Metasploit
Wysija Newsletters < 2.2.1 - Authenticated SQL Injection via Search or Orderby Parameter
Multiple SQL injection vulnerabilities in the Wysija Newsletters plugin before 2.2.1 for WordPress allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search or (2) orderby parameter to wp-admin/admin.php. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.
by High-Tech Bridge
CommentLuv < 2.92.4 - Cross-Site Scripting via _ajax_nonce Parameter
Cross-site scripting (XSS) vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _ajax_nonce parameter to wp-admin/admin-ajax.php.
by High-Tech Bridge
ezStats for Battlefield 3 - '/ezStats2/compare.php' Multiple Cross-Site Scripting Vulnerabilities
by L0n3ly-H34rT
Verax NMS - Multiple Method Authentication Bypass
by Andrew Brooks
xNBD - '/tmp/xnbd.log' Insecure Temporary File Handling
by Sebastian Pipping
By Source