Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105025 EXPLOITDB php VERIFIED
Agora-Project 2.12.11 - Arbitrary File Upload
by Misa3l
CVE-2012-2959 EXPLOITDB html VERIFIED
BMC Identity Management Suite 7.5.00.103 - CSRF
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
by Travis Lee
CVE-2012-1493 EXPLOITDB text VERIFIED
F5 BIG-IP Multiple Versions - Unauthenticated SSH Login via Shared Private Key
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
by Florent Daigniere
CVE-2011-2217 EXPLOITDB ruby VERIFIED
Tom Sawyer GET Extension Factory <5.5.2.237 - Memory Corruption
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.
by Metasploit
EIP-2026-118797 EXPLOITDB text
Microsoft IIS 6.0/7.5 (+ PHP) - Multiple Vulnerabilities
by kingcope
EIP-2026-116051 EXPLOITDB c++ VERIFIED
PEamp - '.mp3' Memory Corruption (PoC)
by Ayrbyte
EIP-2026-113652 EXPLOITDB php
WordPress Plugin Content Flow 3D 1.0.0 - Arbitrary File Upload
by g11tch
EIP-2026-113369 EXPLOITDB text VERIFIED
Webspell dailyinput Movie Addon 4.2.x - SQL Injection
by Easy Laster
CVE-2012-0299 EXPLOITDB ruby VERIFIED
Symantec Web Gateway 5.0.x - Remote Code Execution via File Management Scripts
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.
by Metasploit
EIP-2026-108264 EXPLOITDB text VERIFIED
Joomla! Component com_alphacontent - 'limitstart' SQL Injection
by xDarkSton3x
EIP-2026-107237 EXPLOITDB text VERIFIED
freepost 0.1 r1 - Multiple Vulnerabilities
by ThE g0bL!N
CVE-2012-10055 EXPLOITDB CRITICAL perl VERIFIED
ComSndFTP FTP Server <1.3.7 Beta - Code Injection
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll). This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. The vulnerability is exploitable without authentication and affects default configurations.
by demonalex
CVE-2012-3815 EXPLOITDB ruby VERIFIED
Winlog Lite < 2.07.18 - Remote Code Execution via Crafted TCP Packet
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
by Metasploit
CVE-2012-4333 EXPLOITDB ruby VERIFIED
Samsung NET-i viewer 1.37.120316 - Remote Code Execution via BackupToAvi Method
Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtained from third party information.
by Metasploit
CVE-2002-1142 EXPLOITDB ruby VERIFIED
Microsoft MDAC <2.7 - Buffer Overflow
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.
by Metasploit
CVE-2012-3576 EXPLOITDB php VERIFIED
wpStoreCart < 2.5.30 - Unauthenticated Arbitrary File Upload and Remote Code Execution via upload.php
Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/wpstorecart.
by Sammy FORGIT
EIP-2026-114119 EXPLOITDB text VERIFIED
WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure
by Sammy FORGIT
EIP-2026-114116 EXPLOITDB text VERIFIED
WordPress Plugin Thinkun Remind 1.1.3 - Remote File Disclosure
by Sammy FORGIT
EIP-2026-114047 EXPLOITDB text VERIFIED
WordPress Plugin Simple Download Button ShortCode 1.0 - Remote File Disclosure
by Sammy FORGIT
CVE-2012-3575 EXPLOITDB php VERIFIED
RBX Gallery 2.1 - Unauthenticated Arbitrary File Upload via uploader.php
Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/rbxslider.
by Sammy FORGIT
EIP-2026-113961 EXPLOITDB text VERIFIED
WordPress Plugin PICA Photo Gallery 1.0 - Remote File Disclosure
by Sammy FORGIT
CVE-2012-3588 EXPLOITDB text VERIFIED
Plugin Newsletter plugin 1.5 - Path Traversal via Data Parameter
Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter.
by Sammy FORGIT
EIP-2026-113773 EXPLOITDB text VERIFIED
WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload
by Adrien Thierry
EIP-2026-113709 EXPLOITDB text VERIFIED
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure
by Sammy FORGIT
EIP-2026-113370 EXPLOITDB text
Webspell FIRSTBORN Movie-Addon - Blind SQL Injection
by Easy Laster