Exploitdb Exploits

2,009 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4356 EXPLOITDB html VERIFIED
Site2Nite Big Truck Broker - SQL Injection via txtSiteId Parameter
SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter.
by underground-stockholm.com
EIP-2026-113451 EXPLOITDB html VERIFIED
Wolf CMS 0.6.0b - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-107260 EXPLOITDB html VERIFIED
Frog CMS 0.9.5 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-118951 EXPLOITDB html VERIFIED
Netcraft Toolbar 1.8.1 - Remote Code Execution
by Rew
EIP-2026-118676 EXPLOITDB html VERIFIED
ImageShack Toolbar 4.8.3.75 - Remote Code Execution
by Rew
EIP-2026-106213 EXPLOITDB html
cPanel 11.x - Cross-Site Request Forgery (Edit E-mail)
by Mon7rF .
EIP-2026-111350 EXPLOITDB html
Plogger Gallery 1.0 - Cross-Site Request Forgery (Change Admin Password)
by Or4nG.M4N
EIP-2026-111063 EXPLOITDB html
PHPGallery 1.1.0 - Cross-Site Request Forgery
by Or4nG.M4N
CVE-2010-3804 EXPLOITDB html VERIFIED
Apple Safari < 5.0.3 - Weak Random Number Generation in JavaScript Implementation
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.
by Amit Klein
CVE-2010-3804 EXPLOITDB html VERIFIED
Apple Safari < 5.0.3 - Weak Random Number Generation in JavaScript Implementation
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.
by Amit Klein
EIP-2026-119220 EXPLOITDB html VERIFIED
Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Command Execution
by Dr_IDE
EIP-2026-103415 EXPLOITDB html VERIFIED
Apple Safari 5.02 - Stack Overflow Denial of Service
by clshack
CVE-2010-1807 EXPLOITDB html VERIFIED
Apple Safari 4.x-5.x - Remote Code Execution via Floating-Point Validation Flaw
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
by Itzhak Avraham
EIP-2026-103573 EXPLOITDB html VERIFIED
Mozilla Firefox 3.6.12 - Remote Denial of Service
by emgent white_sheep & scox
EIP-2026-116127 EXPLOITDB html VERIFIED
Qtweb Browser 3.5 - Buffer Overflow
by PoisonCode
CVE-2010-3891 EXPLOITDB html
IBM OmniFind Enterprise Edition < 9.1 - Cross-Site Request Forgery in Administrator Interface
Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action.
by Fatih Kilic
EIP-2026-115548 EXPLOITDB html
LeadTools 11.5.0.9 - 'lttmb11n.ocx' BrowseDir() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115547 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltlst11n.ocx' Insert() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115546 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltisi11n.ocx' DriverName() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115545 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltdlg11n.ocx' GetColorRes() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115544 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service
by Matthew Bergin
CVE-2010-1807 EXPLOITDB html
Apple Safari 4.x-5.x - Remote Code Execution via Floating-Point Validation Flaw
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
by MJ Keith
CVE-2010-3962 EXPLOITDB HIGH html VERIFIED
Microsoft Internet Explorer 6, 7, and 8 - Use-After-Free via CSS Clip Attribute
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
by ryujin
CVSS 8.1
CVE-2010-3962 EXPLOITDB HIGH html VERIFIED
Microsoft Internet Explorer 6, 7, and 8 - Use-After-Free via CSS Clip Attribute
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
by anonymous
CVSS 8.1
EIP-2026-115111 EXPLOITDB html
Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service
by Matthew Bergin
By Source
All 2,009 Writeup 62,029 Exploitdb 50,076 Nomisec 22,334 Github 3,515 Metasploit 3,299 Vulncheck_xdb 927 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,514 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25