Exploitdb Exploits
2,012 exploits tracked across all sources.
Allomani Songs & Clips 2.7.0 - Cross-Site Request Forgery (Add Admin)
by G0D-F4Th3rG0D-F4Th3r
OneCMS 2.6.1 - 'short1' Cross-Site Scripting
by High-Tech Bridge SA
OneCMS 2.6.1 - 'search' SQL Injection
by High-Tech Bridge SA
PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery
by Jeremiah Talamantes
osCMax 2.0 - 'articles.php' Cross-Site Scripting
by High-Tech Bridge SA
Symantec Sygate Personal Firewall - Memory Corruption
Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegString method.
by Lincoln
Store Locator - Cross-Site Request Forgery (Add Admin)
by JaMbA
log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion
by High-Tech Bridge SA
IP2location.dll 1.0.0.1 - Function 'Initialize()' Local Buffer Overflow
by sinn3r
Home FTP Server 1.10.3 (build 144) - Cross-Site Request Forgery
by John Leitch
Easy Address book WebServer 1.2 - Cross-Site Request Forgery
by Markot
Brekeke PBX 2.4.4.8 - 'pbx/gate' Cross-Site Request Forgery
by John Leitch
Cisco Scientific Atlanta Webstar Dpc2100r2 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that (1) reset the modem, (2) erase the firmware, (3) change the administrative password, (4) install modified firmware, or (5) change the access level, as demonstrated by a request to goform/_aslvl.
by Dan Rosenberg
Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - 'OpenSession()' Local Buffer Overflow
by sinn3r
CommuniCrypt Mail <=1.16 - Buffer Overflow
CommuniCrypt Mail versions up to and including 1.16 contains a stack-based buffer overflow vulnerability in its ANSMTP.dll and AOSMTP.dll ActiveX controls, specifically within the AddAttachments() method. This method fails to properly validate the length of input strings, allowing data to exceed the bounds of a fixed-size stack buffer. When invoked with an overly long string, the control can corrupt adjacent memory structures, including exception handlers, leading to potential control flow disruption.
by Lincoln
JoomlaTune JComments <2.1.0.0 - XSS
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php.
by High-Tech Bridge SA
Incredimail Immenushellext Activex Control - Buffer Overflow
Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll) allows remote attackers to execute arbitrary code via unspecified vectors.
by Lincoln
Apple Safari - Resource Management Error
Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object.
by Krystian Kloskowski
Saurus Cms - XSS
Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter.
by High-Tech Bridge SA
Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injections
by High-Tech Bridge SA
By Source