Exploitdb Exploits
50,091 exploits tracked across all sources.
InduSoft Web Studio 6.1 and 7.0 - Unauthenticated Remote Code Execution via CEServer Remote Agent
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.
by Metasploit
HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)
by Metasploit
Avaya WinPMD UniteHostRouter - Remote Buffer Overflow (Metasploit)
by Metasploit
Avaya IP Office Customer Call Reporter 7.0-7.0.5.8 & 8.0-8.0.9.13 - RCE via Wallboard ImageUpload.ashx
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.
by Metasploit
Microsoft Windows - Escalate UAC Protection Bypass (Metasploit)
by Metasploit
Microsoft Windows - Escalate UAC Execute RunAs (Metasploit)
by Metasploit
Microsoft Windows XP/Server 2003 - Privilege Escalation
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
by Metasploit
CVSS 7.8
Webmin < 1.590 - Authenticated Remote Command Execution via Invalid Pathname Character
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
by Metasploit
QNX QCONN - Remote Command Execution (Metasploit)
by Metasploit
qdPM 7.0 - Arbitrary '.PHP' File Upload (Metasploit)
by Metasploit
phpMyAdmin 3.5.2.2 - Remote Code Execution via Trojaned server_sync.php
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.
by Metasploit
OpenX 2.8.10 - Cross-Site Scripting via Parent Parameter in admin/plugin-index.php
Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote attackers to inject arbitrary web script or HTML via the parent parameter in an info action.
by High-Tech Bridge
ServersCheck Monitoring Software 9.0.12/9.0.14 - Persistent Cross-Site Scripting
by loneferret
Samba < 3.4.16, 3.5.x < 3.5.14, 3.6.x < 3.6.4 - Remote Code Execution via RPC Array Length Validation Bypass
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
by Metasploit
udev < 141 - Privilege Escalation via Unverified NETLINK Message
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
by Metasploit
Oracle Business Transaction Management FlashTunnelService - Remote Code Execution (Metasploit)
by Metasploit
PLIB 1.8.5 - Stack-Based Buffer Overflow in ssgParser Error Function
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.
by Andrés Gómez
Gom Player 2.1.44.5123 - 'UNICODE' Null Pointer Dereference
by wh1ant
FL Studio 10 Producer Edition - Buffer Overflow (SEH) (PoC)
by Dark-Puzzle
Arctic Torrent 1.2.3 - Memory Corruption (Denial of Service)
by Jean Pascal Pereira
Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities
by Vulnerability-Lab
Linux kernel <3.4.16 - Info Disclosure
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.
by Brad Spengler
Adobe Acrobat and Reader 8.x < 8.2.1 and 9.x < 9.3.1 - Remote Code Execution
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
by Metasploit
CVSS 7.8
Adobe Acrobat and Reader 8.x < 8.2.1 and 9.x < 9.3.1 - Remote Code Execution
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
by Metasploit
CVSS 7.8
Web Help Desk by SolarWinds - Persistent Cross-Site Scripting
by loneferret
By Source