Exploitdb Exploits

2,012 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116290 EXPLOITDB html VERIFIED
SPlayer XvidDecoder 3.3 - ActiveX Remote Execution (PoC)
by superli
EIP-2026-118705 EXPLOITDB html
JcomBand toolbar on IE - ActiveX Buffer Overflow
by germaya_x & D3V!L FUCKER
EIP-2026-115725 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service
by MustLive
EIP-2026-105984 EXPLOITDB html VERIFIED
CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery
by Truong Thao Nguyen
EIP-2026-115350 EXPLOITDB html VERIFIED
Google Chrome 3.0195.38 - Status Bar Obfuscation
by 599eme Man
EIP-2026-103604 EXPLOITDB html VERIFIED
Opera 10.10 - Status Bar Obfuscation
by 599eme Man
CVE-2009-4453 EXPLOITDB html VERIFIED
SoftCab Sound Converter <1.2 - Path Traversal
Insecure method vulnerability in SoftCab Sound Converter ActiveX control (sndConverter.ocx) 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information.
by ThE g0bL!N
CVE-2009-1839 EXPLOITDB html VERIFIED
Mozilla Firefox < 3.0.10 - Access Control
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
by Jordi Chancel
EIP-2026-105578 EXPLOITDB html VERIFIED
BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities
by Milos Zivanovic
EIP-2026-105577 EXPLOITDB html VERIFIED
BOLDfx eUploader 3.1.1 - 'admin.php' Multiple Remote Vulnerabilities
by Milos Zivanovic
EIP-2026-119109 EXPLOITDB html VERIFIED
SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow
by Abysssec
CVE-2009-4219 EXPLOITDB html VERIFIED
MyActiveX <1.4.8.0 - Buffer Overflow
Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control in MyActiveX.ocx 1.4.8.0 in Haihaisoft Universal Player allows remote attackers to execute arbitrary code via a long URL property value. NOTE: some of these details are obtained from third party information.
by shinnai
EIP-2026-113751 EXPLOITDB html VERIFIED
WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)
by MustLive
EIP-2026-113776 EXPLOITDB html VERIFIED
WordPress Plugin Fuctweb CapCC 1.0 CAPTCHA - Security Bypass
by MustLive
EIP-2026-118496 EXPLOITDB html VERIFIED
EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow
by Will Dormann
CVE-2009-3382 EXPLOITDB html VERIFIED
Mozilla Firefox - Denial of Service
layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
by Carsten Book
CVE-2009-4743 EXPLOITDB html VERIFIED
AfterLogic WebMail Pro <4.7.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters.
by Sébastien Duquette
CVE-2009-3573 EXPLOITDB html VERIFIED
EMC Captiva PixTools Distributed Imaging <2.2 - File Creation/Overw...
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.
by Giuseppe Fuggiano
EIP-2026-119004 EXPLOITDB html VERIFIED
Oracle - Document Capture BlackIce DEVMODE
by pyrokinesis
CVE-2009-3518 EXPLOITDB html VERIFIED
IBM Installation Manager < 1.3.2 - Code Injection
Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.
by bruiser
EIP-2026-118514 EXPLOITDB html VERIFIED
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Overflow
by pyrokinesis
CVE-2009-3693 EXPLOITDB html VERIFIED
Persits Xupload - Path Traversal
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
by pyrokinesis
EIP-2026-115534 EXPLOITDB html VERIFIED
Kylinsoft InstantGet 2.08 - ActiveX Control 'ShowBar' Method Buffer Overflow
by the_Edit0r
EIP-2026-119073 EXPLOITDB html VERIFIED
Quiksoft EasyMail 6.0.3.0 - IMAP 'connect()' ActiveX Buffer Overflow
by Sebastian Wolfgarten
CVE-2009-4663 EXPLOITDB html VERIFIED
Quiksoft EasyMail Objects 6 - Buffer Overflow
Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method.
by bmgsec
By Source
All 2,012 Exploitdb 50,121 Writeup 46,662 Nomisec 21,135 Metasploit 3,189 Github 2,237 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24