Exploitdb Exploits

50,091 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107534 EXPLOITDB text VERIFIED
Guru Auction 2.0 - Multiple SQL Injections
by v3n0m
EIP-2026-106205 EXPLOITDB text VERIFIED
cPanel - 'dir' Cross-Site Scripting
by Rafay Baloch
CVE-2012-10027 EXPLOITDB CRITICAL ruby VERIFIED
WP-Property < 1.35.0 - Unauthenticated Arbitrary File Upload via uploadify.php
WP-Property plugin for WordPress up to and including version 1.35.0 contains an unauthenticated file upload vulnerability in the third-party `uploadify.php` script. A remote attacker can upload arbitrary PHP files to a temporary directory without authentication, leading to remote code execution.
by Metasploit
CVE-2012-10026 EXPLOITDB CRITICAL ruby VERIFIED
WordPress Plugin Asset-Manager < 2.0 - Unauthenticated Arbitrary File Upload via upload.php
The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a predictable temporary directory. Once uploaded, the attacker can execute the file via a direct HTTP GET request, resulting in remote code execution under the web server’s context.
by Metasploit
EIP-2026-118867 EXPLOITDB ruby VERIFIED
Microsoft SQL Server - Database Link Crawling Command Execution (Metasploit)
by Metasploit
CVE-2012-2174 EXPLOITDB ruby VERIFIED
IBM Lotus Notes 8.x - Remote Code Execution via Crafted notes:// URL
The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.
by Metasploit
EIP-2026-109718 EXPLOITDB text VERIFIED
MyBB HM My Country Flags - SQL Injection
by JoinSe7en
EIP-2026-109707 EXPLOITDB text VERIFIED
MyBB AwayList Plugin - 'index.php?id' SQL Injection
by Red_Hat
EIP-2026-107585 EXPLOITDB text VERIFIED
Hero Framework - users/login 'Username' Cross-Site Scripting
by Stefan Schurtz
EIP-2026-107584 EXPLOITDB text VERIFIED
Hero Framework - 'search?q' Cross-Site Scripting
by Stefan Schurtz
EIP-2026-106203 EXPLOITDB text VERIFIED
cPanel - 'account' Cross-Site Scripting
by Rafay Baloch
EIP-2026-105857 EXPLOITDB text VERIFIED
City Directory Review and Rating Script - 'search.php' SQL Injection
by 3spi0n
CVE-2012-10028 EXPLOITDB HIGH ruby VERIFIED
Netwin SurgeFTP <23c8 - Command Injection
Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests to `surgeftpmgr.cgi`. This can lead to full remote code execution on the underlying system.
by Metasploit
CVE-2012-6329 EXPLOITDB ruby VERIFIED
TWiki MAKETEXT Remote Command Execution
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
by Metasploit
CVE-2012-6330 EXPLOITDB ruby VERIFIED
Foswiki MAKETEXT Remote Command Execution
The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
by Metasploit
EIP-2026-105858 EXPLOITDB text VERIFIED
City Reviewer - 'search.php' Script SQL Injection
by 3spi0n
CVE-2012-5243 EXPLOITDB text VERIFIED
Banana Dance <B.2.6 - Info Disclosure
functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.
by High-Tech Bridge SA
CVE-2012-5242 EXPLOITDB text VERIFIED
Banana Dance <B.2.6 - Path Traversal
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action.
by High-Tech Bridge SA
EIP-2026-116276 EXPLOITDB text
Sony PC Companion 2.1 - 'Load()' Unicode Stack Buffer Overflow
by LiquidWorm
EIP-2026-116275 EXPLOITDB text
Sony PC Companion 2.1 - 'DownloadURLToFile()' Unicode Stack Buffer Overflow
by LiquidWorm
EIP-2026-116274 EXPLOITDB text
Sony PC Companion 2.1 - 'CheckCompatibility()' Unicode Stack Buffer Overflow
by LiquidWorm
EIP-2026-116273 EXPLOITDB text
Sony PC Companion 2.1 - 'Admin_RemoveDirectory()' Unicode Stack Buffer Overflow
by LiquidWorm
CVE-2012-5875 EXPLOITDB text
Firefly Media Server 1.0.0.1359 - Denial of Service via Crafted HTTP Headers
Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) protocol version; or a (6) crafted HTTP protocol version.
by High-Tech Bridge SA
EIP-2026-113139 EXPLOITDB php VERIFIED
VoipNow Service Provider Edition - Arbitrary Command Execution
by i-Hmx
CVE-2012-5874 EXPLOITDB text VERIFIED
Elite Bulletin Board < 2.1.22 - SQL Injection via PATH_INFO
Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) index.php, (d) login.php, (e) quicklogin.php, (f) register.php, (g) Search.php, (h) viewboard.php, or (i) viewtopic.php.
by High-Tech Bridge SA