Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-11470 EXPLOITDB CRITICAL
IDERA Uptime Monitor 7.8 - SQL Injection
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
CVSS 9.8
CVE-2012-2171 EXPLOITDB
IBM DS Storage Manager < 10.83 Authenticated SQL Injection
SQL injection vulnerability in ModuleServlet.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote authenticated users to execute arbitrary SQL commands via the selectedModuleOnly parameter in a state_viewmodulelog action to the ModuleServlet URI.
CVE-2012-2202 EXPLOITDB python
IBM Lotus Protector for Mail Security 2.1/2.5/2.5.1/2.8 - Authenticated Path Traversal
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
CVE-2011-4835 EXPLOITDB
HomeSeer HS2 2.5.0.20 - Path Traversal
Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors.
CVE-2018-9021 EXPLOITDB CRITICAL python
Broadcom Privileged Access Manager < 2.8.2 - Authentication Bypass and Remote Command Execution
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
CVSS 9.8
CVE-2016-6598 EXPLOITDB CRITICAL
BMC Track-It! <11.4 - Code Injection
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web root and achieve code execution as NETWORK SERVICE or SYSTEM.
CVSS 9.8
CVE-2014-4874 EXPLOITDB
BMC Track-It! 11.3.0.355 - Info Disclosure
BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.
CVE-2014-4873 EXPLOITDB
BMC Track-It! 11.3.0.355 - SQL Injection
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.
CVE-2007-2987 EXPLOITDB html
Zenturi ProgramChecker - Remote Code Execution via DebugMsgLog or DoFileProperties Methods
Multiple buffer overflows in certain ActiveX controls in sasatl.dll in Zenturi ProgramChecker allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the (1) DebugMsgLog or (2) DoFileProperties methods.
CVE-2008-0623 EXPLOITDB html
Yahoo! Music Jukebox 2.2.2.056 - Stack-Based Buffer Overflow via AddImage Method
Stack-based buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! Music Jukebox 2.2.2.056 allows remote attackers to execute arbitrary code via a long argument to the AddImage method.
CVE-2009-1523 EXPLOITDB
Jetty 5.1.14 6.x < 6.1.17 and 7.x <= 7.0.0.M2 - Path Traversal via URI
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
CVE-1999-1529 EXPLOITDB
Trend Micro Interscan VirusWall 3.23/3.3 for NT - Buffer Overflow via HELO Command
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.
CVE-1999-1529 EXPLOITDB perl
Trend Micro Interscan VirusWall 3.23/3.3 for NT - Buffer Overflow via HELO Command
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.
CVE-1999-1082 EXPLOITDB
Jana Proxy Web Server 1.40 - Path Traversal
Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack.
CVE-2009-4790 EXPLOITDB c
Sysax Multi Server 4.5 - Path Traversal
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-3807 EXPLOITDB CRITICAL
Samsung Kies <2.5.0.12094 - Code Injection
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.
CVSS 9.8
CVE-2012-3808 EXPLOITDB HIGH
Samsung Kies <2.5.0.12094_27_11 - Code Injection
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.
CVSS 7.5
CVE-2012-3809 EXPLOITDB HIGH
Samsung Kies <2.5.0.12094 - Path Traversal
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.
CVSS 7.5
CVE-2009-1376 EXPLOITDB
Pidgin < 2.5.6 - Remote Code Execution via Malformed SLP Message
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927.
CVE-2009-1978 EXPLOITDB shell
Oracle Secure Backup 10.2.0.3 - RCE
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows remote authenticated users to execute arbitrary code with SYSTEM privileges via vectors involving property_box.php.
CVE-2001-0113 EXPLOITDB perl
OmniHTTPd 2.07 - Remote Code Execution via statsconfig.pl mostbrowsers Parameter
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script.
CVE-2011-3175 EXPLOITDB ruby
Novell ZENworks Configuration Management 11.1 and 11.1a - Remote Code Execution via Preboot Service Opcode 0x6c
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.
CVE-2012-5930 EXPLOITDB
NetIQ Privileged User Manager < 2.3.1 HF2 - Unauthenticated Password Change via AMF Request
The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request.
CVE-2012-4957 EXPLOITDB python
Novell File Reporter <1.0.2 - Path Traversal
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
CVE-2012-4958 EXPLOITDB python
Novell File Reporter 1.0.2 - Path Traversal
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
By Source
All 50,076 Writeup 62,188 Exploitdb 50,076 Nomisec 22,383 Github 3,590 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,552 ruby 6,001 c 3,625 perl 2,849 html 2,074 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25