Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-2206 EXPLOITDB text
IBM WebSphere MQ File Transfer Edition <= 7.0.4 - Authenticated Arbitrary File Read via Web Gateway URI
The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI.
by Nir Valtman
CVE-2012-3294 EXPLOITDB text VERIFIED
IBM WebSphere MQ File Transfer Edition < 7.0.4 and WebSphere MQ Managed File Transfer 7.5 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in the Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier, and WebSphere MQ - Managed File Transfer 7.5, allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add user accounts via the /wmqfteconsole/Filespaces URI, (2) modify permissions via the /wmqfteconsole/FileSpacePermisssions URI, or (3) add MQ Message Descriptor (MQMD) user accounts via the /wmqfteconsole/UploadUsers URI.
by Nir Valtman
EIP-2026-114019 EXPLOITDB text VERIFIED
WordPress Plugin RSVPMaker 2.5.4 - Persistent Cross-Site Scripting
by Chris Kellum
CVE-2012-4236 EXPLOITDB text VERIFIED
Total Shop UK eCommerce < 2.1.2_p1 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in the refresh_page function in application/modules/_main/views/_top.php in Total Shop UK eCommerce Open Source before 2.1.2_p1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
by Chris Cooper
EIP-2026-107648 EXPLOITDB text VERIFIED
Hotel Booking Portal 0.1 - Multiple Vulnerabilities
by Yakir Wizman
CVE-2012-4284 EXPLOITDB CRITICAL bash
Viscosity 1.4.1 - Privilege Escalation via ViscosityHelper Path Validation Issue
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
by zx2c4
CVSS 9.8
CVE-2012-3480 EXPLOITDB c VERIFIED
glibc 2.16 - Integer Overflow and Stack-Based Buffer Overflow in stdlib String Conversion Functions
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
by Joseph S. Myer
EIP-2026-102722 EXPLOITDB perl
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Null Pointer Dereference Crash (PoC)
by kingcope
EIP-2026-116325 EXPLOITDB python VERIFIED
Spytech NetVizor 6.1 - 'services.exe' Denial of Service
by loneferret
CVE-2010-1183 EXPLOITDB text
Oracle Solaris - Arbitrary File Write via Symlink Attack on /tmp/CLEANUP
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.
by Larry Cashdollar
EIP-2026-111554 EXPLOITDB text VERIFIED
ProQuiz 2.0.2 - Multiple Vulnerabilities
by L0n3ly-H34rT
EIP-2026-109475 EXPLOITDB text VERIFIED
MindTouch DekiWiki - Multiple Local/Remote File Inclusions
by L0n3ly-H34rT
EIP-2026-107163 EXPLOITDB text
Flynax General Classifieds CMS 4.0 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-107092 EXPLOITDB text VERIFIED
FileContral - Local File Inclusion / Local File Disclosure
by Ashiyane Digital Security Team
CVE-2012-3485 EXPLOITDB bash VERIFIED
Tunnelblick < 3.3beta20 - Privilege Escalation via argv[0] Pathname Manipulation
Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
by zx2c4
CVE-2012-3483 EXPLOITDB c VERIFIED
Tunnelblick < 3.3beta20 - Local Privilege Escalation via Race Condition in runScript
Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file.
by zx2c4
CVE-2012-10044 EXPLOITDB CRITICAL text VERIFIED
MobileCartly 1.0 - Unauthenticated Arbitrary File Creation via savepage.php
MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script. The application fails to perform authentication or authorization checks before invoking file_put_contents() on attacker-controlled input. An unauthenticated attacker can exploit this flaw by sending crafted HTTP GET requests to savepage.php, specifying both the filename and content. This allows arbitrary file creation within the pages/ directory or any writable path on the server, allowing remote code execution.
by Yakir Wizman
CVE-2009-1730 EXPLOITDB ruby VERIFIED
NetMechanica NetDecision TFTP Server 4.2 - Path Traversal and Arbitrary File Write via GET or PUT Command
Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.
by Metasploit
EIP-2026-113915 EXPLOITDB text VERIFIED
WordPress Plugin Mz-jajak 2.1 - SQL Injection
by StRoNiX
EIP-2026-109529 EXPLOITDB text VERIFIED
MobileCartly 1.0 - Arbitrary File Deletion
by GoLd_M
EIP-2026-109495 EXPLOITDB text VERIFIED
mIRC - 'projects.php' Cross-Site Scripting
by TayfunBasoglu
EIP-2026-107326 EXPLOITDB text VERIFIED
GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host - Local File Inclusion
by L0n3ly-H34rT
CVE-2012-10047 EXPLOITDB CRITICAL python VERIFIED
Cyclope Employee Surveillance Solution 6.x - SQL Injection
Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a malicious PHP file on disk, resulting in remote code execution under the SYSTEM user context.
by loneferret
EIP-2026-108965 EXPLOITDB php VERIFIED
Kamads Classifieds 2.0 - Admin Hash Disclosure
by Mr.tro0oqy
EIP-2026-108347 EXPLOITDB text
Joomla! Component com_fireboard - SQL Injection
by Vulnerability-Lab