Exploitdb Exploits

2,012 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4850 EXPLOITDB html
Diferior 8.03 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 allow remote attackers to inject arbitrary web script or HTML via the (1) post_content parameter to post/edit/2/p1.html, related to views/post.php; the (2) slogan parameter to admin/site/2.html, related to views/admin.php; or the (3) subcatname or (4) description parameter to admin/forum/create_sub.html, related to views/admin.php.
by High-Tech Bridge SA
EIP-2026-105712 EXPLOITDB html VERIFIED
Car Portal 2.0 - 'car_make' Cross-Site Scripting
by Underground Stockholm
CVE-2010-4356 EXPLOITDB html VERIFIED
Site2nite Big Truck Broker - SQL Injection
SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter.
by underground-stockholm.com
EIP-2026-113451 EXPLOITDB html VERIFIED
Wolf CMS 0.6.0b - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-107260 EXPLOITDB html VERIFIED
Frog CMS 0.9.5 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-118951 EXPLOITDB html VERIFIED
Netcraft Toolbar 1.8.1 - Remote Code Execution
by Rew
EIP-2026-118676 EXPLOITDB html VERIFIED
ImageShack Toolbar 4.8.3.75 - Remote Code Execution
by Rew
EIP-2026-106213 EXPLOITDB html
cPanel 11.x - Cross-Site Request Forgery (Edit E-mail)
by Mon7rF .
EIP-2026-111350 EXPLOITDB html
Plogger Gallery 1.0 - Cross-Site Request Forgery (Change Admin Password)
by Or4nG.M4N
EIP-2026-111063 EXPLOITDB html
PHPGallery 1.1.0 - Cross-Site Request Forgery
by Or4nG.M4N
CVE-2010-3804 EXPLOITDB html VERIFIED
Apple Safari < 5.0.2 - Cryptographic Issue
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.
by Amit Klein
CVE-2010-3804 EXPLOITDB html VERIFIED
Apple Safari < 5.0.2 - Cryptographic Issue
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171.
by Amit Klein
EIP-2026-119220 EXPLOITDB html VERIFIED
Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Command Execution
by Dr_IDE
EIP-2026-103415 EXPLOITDB html VERIFIED
Apple Safari 5.02 - Stack Overflow Denial of Service
by clshack
CVE-2010-1807 EXPLOITDB html VERIFIED
Apple Safari < 2.1 - Improper Input Validation
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
by Itzhak Avraham
EIP-2026-103573 EXPLOITDB html VERIFIED
Mozilla Firefox 3.6.12 - Remote Denial of Service
by emgent white_sheep & scox
EIP-2026-116127 EXPLOITDB html VERIFIED
Qtweb Browser 3.5 - Buffer Overflow
by PoisonCode
CVE-2010-3891 EXPLOITDB html
IBM Omnifind < 9.0 - CSRF
Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action.
by Fatih Kilic
EIP-2026-115548 EXPLOITDB html
LeadTools 11.5.0.9 - 'lttmb11n.ocx' BrowseDir() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115547 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltlst11n.ocx' Insert() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115546 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltisi11n.ocx' DriverName() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115545 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltdlg11n.ocx' GetColorRes() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115544 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service
by Matthew Bergin
CVE-2010-1807 EXPLOITDB html
Apple Safari < 2.1 - Improper Input Validation
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
by MJ Keith
CVE-2010-3962 EXPLOITDB HIGH html VERIFIED
Microsoft Internet Explorer - Use After Free
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
by ryujin
CVSS 8.1
By Source
All 2,012 Exploitdb 50,121 Writeup 46,628 Nomisec 21,129 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,729 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24