Exploitdb Exploits

2,009 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105107 EXPLOITDB html
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
by AtT4CKxT3rR0r1ST
EIP-2026-105105 EXPLOITDB html
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
EIP-2026-116000 EXPLOITDB html VERIFIED
Opera 11.01 - NULL PTR Dereference
by echo
CVE-2010-1119 EXPLOITDB html VERIFIED
Apple Safari < 5.0 - Use-After-Free via Attribute Manipulation
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
by MJ Keith
CVE-2011-3142 EXPLOITDB html VERIFIED
WellinTech KingView 6.52-6.53 - Remote Code Execution via KVWebSvr.dll ValidateUser Method
Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method.
by Carlos Mario Penagos Hollmann
EIP-2026-109815 EXPLOITDB html
N-13 News 4.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
EIP-2026-101589 EXPLOITDB html
Cisco Linksys WAG120N - Cross-Site Request Forgery
by Khashayar Fereidani
EIP-2026-118502 EXPLOITDB html VERIFIED
Edraw Office Viewer Component 7.4 - ActiveX Stack Buffer Overflow
by Alexander Gavrun
EIP-2026-106589 EXPLOITDB html VERIFIED
Drupal Module CAPTCHA - Security Bypass
by anonymous
EIP-2026-106555 EXPLOITDB html
dotProject 2.1.5 - Cross-Site Request Forgery
by AutoSec Tools
EIP-2026-105029 EXPLOITDB html
AIOCP 1.4.001 - Cross-Site Request Forgery
by AutoSec Tools
EIP-2026-116796 EXPLOITDB html VERIFIED
AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow
by Carlos Mario Penagos Hollmann
EIP-2026-116795 EXPLOITDB html VERIFIED
AoA DVD Creator 2.5 - ActiveX Stack Overflow
by Carlos Mario Penagos Hollmann
EIP-2026-115591 EXPLOITDB html VERIFIED
Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service
by Carlos Mario Penagos Hollmann
EIP-2026-112976 EXPLOITDB html VERIFIED
vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities
by MaXe
EIP-2026-103495 EXPLOITDB html VERIFIED
Google Chrome 8.0.552.237 - replace Denial of Service
by Carlos Mario Penagos Hollmann
CVE-2011-0643 EXPLOITDB html
PHP Link Directory 4.1.0 - Cross-Site Request Forgery via User Configuration
Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action.
by AtT4CKxT3rR0r1ST
CVE-2010-4321 EXPLOITDB html VERIFIED
Novell iPrint Client 5.52 - Stack-based Buffer Overflow via ienipp.ocx ActiveX Control
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.
by Dr_IDE
EIP-2026-115354 EXPLOITDB html
Google Chrome 8.0.552.237 - address Overflow Denial of Service
by Vuk Ivanovic
CVE-2011-0642 EXPLOITDB html
N-13 News 3.4, 3.7, 4.0 - Cross-Site Request Forgery via User Creation
Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new users via the options action. NOTE: some of these details are obtained from third party information.
by anT!-Tr0J4n
CVE-2011-5283 EXPLOITDB html
Smoothwall Express 3.1 and 3.0 SP3 - Cross-Site Scripting via IP Parameter in ipinfo.cgi
Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action.
by dave b
CVE-2011-5284 EXPLOITDB html
Smoothwall < 3.1 - Cross-Site Request Forgery via shutdown.cgi
Cross-site request forgery (CSRF) vulnerability in the web management interface in httpd/cgi-bin/shutdown.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to cgi-bin/shutdown.cgi.
by dave b
EIP-2026-114851 EXPLOITDB html VERIFIED
ActiveX UserManager 2.03 - Buffer Overflow
by blake
EIP-2026-113060 EXPLOITDB html
ViArt Shop 4.0.5 - Cross-Site Request Forgery
by Or4nG.M4N
CVE-2010-3749 EXPLOITDB html
RealPlayer 11.0-11.1 and RealPlayer SP 1.0-1.1 - Remote Code Execution via RecordClip Method Parameter Injection
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."
by Sean de Regge
By Source
All 2,009 Writeup 62,029 Exploitdb 50,076 Nomisec 22,334 Github 3,515 Metasploit 3,299 Vulncheck_xdb 927 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,514 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25