Exploitdb Exploits
2,012 exploits tracked across all sources.
Jobscript Job Script Job Board Software - Access Control
admin/changepassword.php in Job Script Job Board Software 2.0 allows remote attackers to change the administrator password and gain administrator privileges via a direct request.
by TiGeR-Dz
MiniTwitter 0.2 - Command Injection
index.php in MiniTwitter 0.2 beta allows remote authenticated users to modify certain options of arbitrary accounts via an opt action.
by YEnH4ckEr
Baofeng Storm - Memory Corruption
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.
by MITBOY
Google Chrome - Resource Management Error
Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value.
by Aditya K Sood
Symantec WinFax Pro 10.03 - Buffer Overflow
Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method.
by Nine:Situations:Group
VisionLms 1.0 - 'changePW.php' Remote Password Change
by Mr.tro0oqy
Teraway LinkTracker 1.0 - Remote Password Change
by ThE g0bL!N
Mozilla Firefox - Resource Management Error
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
by Marc Gueury
Absolute Form Processor XE-V 1.5 - Remote Change Password
by ThE g0bL!N
Microsoft Internet Explorer <7 - RCE
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
by Skylined
Sweetphp Totalcalender - Authentication Bypass
admin/manage_users.php in TotalCalendar 2.4 does not require administrative authentication, which allows remote attackers to change arbitrary passwords via the newPW1 and newPW2 parameters.
by ThE g0bL!N
Cisco Wrt54gc - CSRF
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.
by Gabriel Lima
eLitius 1.0 - '/manage-admin.php' Arbitrary Add Admin/Change Password
by ThE g0bL!N
Apache Geronimo Application Server 2.1-2.1.3 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
by DSecRG
Dawningsoft Powerchm - Memory Corruption
Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL.
by SuB-ZeRo
IBM Advanced Management Module - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to hijack the authentication of administrators, as demonstrated by a power-off request to the private/blade_power_action script.
by Henri Lindberg
SAP AG SAPgui <7.10 PL9 - Buffer Overflow
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
by Digital Security Research Group
Mozilla Firefox <3.0.5 - DoS
Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. NOTE: it was later reported that 3.0.6 and 3.0.7 are also affected.
by Skylined
Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method
by Cyber-Zone
Geovision Liveaudio Activex Control - Resource Management Error
Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
by Nine:Situations:Group
SupportSoft DNA Editor Module - 'dnaedit.dll' Code Execution
by Nine:Situations:Group
SopCast SopCore ActiveX <3.0.3.501 - RCE
Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.
by Nine:Situations:Group
Mozilla Firefox <2.0.0.20 - DoS
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element.
by b3hz4d
By Source