Exploitdb Exploits

2,009 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-0624 EXPLOITDB html VERIFIED
Yahoo! Music Jukebox 2.2.2.56 - Buffer Overflow via Datagrid ActiveX AddButton Method
Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-2008-0623.
by exceed
CVE-2008-0624 EXPLOITDB html VERIFIED
Yahoo! Music Jukebox 2.2.2.56 - Buffer Overflow via Datagrid ActiveX AddButton Method
Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-2008-0623.
by Elazar
CVE-2008-0625 EXPLOITDB html VERIFIED
Yahoo! Music Jukebox 2.2.2.56 - Buffer Overflow via MediaGrid ActiveX AddBitmap Method
Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddBitmap method.
by Elazar
CVE-2008-0634 EXPLOITDB html VERIFIED
Sejoong Namo ActiveSquare6 - Buffer Overflow via NamoInstaller.NamoInstall.1 ActiveX Install Method
Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.
by plan-s
CVE-2008-5711 EXPLOITDB html VERIFIED
Facebook PhotoUploader <5.0.14.0 - Buffer Overflow
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
by Elazar
CVE-2008-0623 EXPLOITDB html VERIFIED
Yahoo! Music Jukebox 2.2.2.056 - Stack-Based Buffer Overflow via AddImage Method
Stack-based buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! Music Jukebox 2.2.2.056 allows remote attackers to execute arbitrary code via a long argument to the AddImage method.
by h07
CVE-2008-0624 EXPLOITDB html VERIFIED
Yahoo! Music Jukebox 2.2.2.56 - Buffer Overflow via Datagrid ActiveX AddButton Method
Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-2008-0623.
by h07
CVE-2008-0659 EXPLOITDB html VERIFIED
Aurigma Image Uploader ActiveX Control <= 4.5.70 - Stack-based Buffer Overflow via Action Property
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
by Elazar
CVE-2008-4583 EXPLOITDB html VERIFIED
Chilkat FTP 2.0 - Arbitrary File Write via SavePkcs8File Method
Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method.
by darkl0rd
CVE-2008-4584 EXPLOITDB html VERIFIED
Chilkat Mail 7.8 - Arbitrary File Write via SaveLastError Method
Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.
by darkl0rd
CVE-2008-4727 EXPLOITDB html VERIFIED
SunGard Banner Student 7.3 - Cross-Site Scripting via addr1 Parameter
Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure.
by Brendan M. Hickey
CVE-2008-0631 EXPLOITDB html VERIFIED
MailBee Objects 5.5 - Arbitrary File Write via SaveToDisk Method
Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow remote attackers to (1) overwrite arbitrary files via the SaveToDisk method, or (2) modify files via the AddStringToFile method.
by darkl0rd
CVE-2008-0551 EXPLOITDB html VERIFIED
Sejoong Namo ActiveSquare - Remote Code Execution via NamoInstaller.NamoInstall.1 ActiveX Control
The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information.
by plan-s
CVE-2008-0492 EXPLOITDB html VERIFIED
Persits XUpload 3.0.0.4 - Stack-based Buffer Overflow via AddFile Method
Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some of these details are obtained from third party information.
by Elazar
CVE-2008-0220 EXPLOITDB html VERIFIED
Gateway Weblaunch 1.0.0.1 - Stack-Based Buffer Overflow via DoWebLaunch Method
Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary code via a long string in the (1) second or (2) fourth argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information.
by Elazar
CVE-2008-0729 EXPLOITDB html VERIFIED
Mobile Safari 1.1.2-1.1.3 - Denial of Service via JavaScript String and Array Manipulation
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.
by c0ntex
CVE-2008-0477 EXPLOITDB html VERIFIED
Move Media Player - Stack-based Buffer Overflow via QMPUpgrade.Upgrade.1 ActiveX Control
Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX control in QMPUpgrade.dll 1.0.0.1 in Move Networks Upgrade Manager allows remote attackers to execute arbitrary code via a long first argument to the Upgrade method. NOTE: some of these details are obtained from third party information.
by Elazar
CVE-2008-4549 EXPLOITDB html VERIFIED
ImageShack Toolbar 4.5.7 - Arbitrary File Upload via BuildSlideShow Method
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method.
by rgod
CVE-2008-0729 EXPLOITDB html VERIFIED
Mobile Safari 1.1.2-1.1.3 - Denial of Service via JavaScript String and Array Manipulation
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.
by fuzion
CVE-2008-0470 EXPLOITDB html VERIFIED
Comodo AntiVirus 2.0 - Command Injection
A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method.
by h07
CVE-2008-0443 EXPLOITDB html VERIFIED
Lycos FileUploader.dll 2.0.0.2 - Heap-Based Buffer Overflow via HandwriterFilename Property
Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information.
by Elazar
CVE-2008-0437 EXPLOITDB html VERIFIED
HP Virtual Rooms - Buffer Overflow via ActiveX Control Property Manipulation
Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.
by Elazar
EIP-2026-119219 EXPLOITDB html VERIFIED
Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow
by rgod
CVE-2008-0399 EXPLOITDB html VERIFIED
Toshiba Surveillix - Remote Code Execution via Long Arguments to SetPort or SetIpAddress Methods
Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.
by rgod
CVE-2008-0380 EXPLOITDB html VERIFIED
Digital Data Communications RtspVaPgCtrl ActiveX control 1.1.0.29 - Buffer Overflow via MP4Prefix Property
Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property.
by rgod
By Source
All 2,009 Writeup 62,204 Exploitdb 50,076 Nomisec 22,391 Github 3,608 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,563 ruby 6,002 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25