Exploitdb Exploits

2,009 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115725 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service
by MustLive
EIP-2026-105984 EXPLOITDB html VERIFIED
CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery
by Truong Thao Nguyen
EIP-2026-115350 EXPLOITDB html VERIFIED
Google Chrome 3.0195.38 - Status Bar Obfuscation
by 599eme Man
EIP-2026-103604 EXPLOITDB html VERIFIED
Opera 10.10 - Status Bar Obfuscation
by 599eme Man
CVE-2009-4453 EXPLOITDB html VERIFIED
SoftCab Sound Converter <1.2 - Path Traversal
Insecure method vulnerability in SoftCab Sound Converter ActiveX control (sndConverter.ocx) 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information.
by ThE g0bL!N
CVE-2009-1839 EXPLOITDB html VERIFIED
Mozilla Firefox < 3.0.11 - File URL Principal Bypass via Location Bar
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
by Jordi Chancel
EIP-2026-105578 EXPLOITDB html VERIFIED
BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities
by Milos Zivanovic
EIP-2026-105577 EXPLOITDB html VERIFIED
BOLDfx eUploader 3.1.1 - 'admin.php' Multiple Remote Vulnerabilities
by Milos Zivanovic
EIP-2026-119109 EXPLOITDB html VERIFIED
SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow
by Abysssec
CVE-2009-4219 EXPLOITDB html VERIFIED
MyActiveX <1.4.8.0 - Buffer Overflow
Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control in MyActiveX.ocx 1.4.8.0 in Haihaisoft Universal Player allows remote attackers to execute arbitrary code via a long URL property value. NOTE: some of these details are obtained from third party information.
by shinnai
EIP-2026-113751 EXPLOITDB html VERIFIED
WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)
by MustLive
EIP-2026-113776 EXPLOITDB html VERIFIED
WordPress Plugin Fuctweb CapCC 1.0 CAPTCHA - Security Bypass
by MustLive
EIP-2026-118496 EXPLOITDB html VERIFIED
EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow
by Will Dormann
CVE-2009-3382 EXPLOITDB html VERIFIED
Firefox 3.0.x - Remote Code Execution via First-Letter Frame Handling
layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
by Carsten Book
CVE-2009-4743 EXPLOITDB html VERIFIED
AfterLogic WebMail Pro <4.7.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters.
by Sébastien Duquette
CVE-2009-3573 EXPLOITDB html VERIFIED
EMC Captiva PixTools Distributed Imaging <2.2 - File Creation/Overw...
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.
by Giuseppe Fuggiano
EIP-2026-119004 EXPLOITDB html VERIFIED
Oracle - Document Capture BlackIce DEVMODE
by pyrokinesis
CVE-2009-3518 EXPLOITDB html VERIFIED
IBM Installation Manager < 1.3.2 - Remote Code Execution via iim: URI Handler -vm Option
Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.
by bruiser
EIP-2026-118514 EXPLOITDB html VERIFIED
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Overflow
by pyrokinesis
CVE-2009-3693 EXPLOITDB html VERIFIED
Persits XUpload - Path Traversal via MakeHttpRequest Method
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
by pyrokinesis
EIP-2026-115534 EXPLOITDB html VERIFIED
Kylinsoft InstantGet 2.08 - ActiveX Control 'ShowBar' Method Buffer Overflow
by the_Edit0r
EIP-2026-119073 EXPLOITDB html VERIFIED
Quiksoft EasyMail 6.0.3.0 - IMAP 'connect()' ActiveX Buffer Overflow
by Sebastian Wolfgarten
CVE-2009-4663 EXPLOITDB html VERIFIED
Quiksoft EasyMail Objects 6 - Buffer Overflow
Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method.
by bmgsec
EIP-2026-115962 EXPLOITDB html VERIFIED
Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)
by Francis Provencher
EIP-2026-115198 EXPLOITDB html VERIFIED
EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution
by Francis Provencher
By Source
All 2,009 Writeup 62,143 Exploitdb 50,076 Nomisec 22,365 Github 3,570 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 475 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,544 ruby 6,001 c 3,624 perl 2,849 html 2,073 php 1,332 bash 462 java 370 c++ 259 javascript 228 shell 131 go 72 postscript 25 typescript 25