Exploitdb Exploits

2,012 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-5070 EXPLOITDB html VERIFIED
Quiksoft Easymail Messageprinter Object - Memory Corruption
Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX control in emprint.DLL 6.0.1.0 in the Quiksoft EasyMail MessagePrinter Object allows remote attackers to execute arbitrary code via a long string in the first argument to the SetFont method.
by rgod
CVE-2007-5060 EXPLOITDB html VERIFIED
Xcms - CSRF
Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote attackers to change arbitrary passwords via certain password_ and rpassword_ parameters, possibly related to timestamp values.
by x0kster
CVE-2007-5105 EXPLOITDB html VERIFIED
Wordpress - XSS
Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 and 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the user_email parameter.
by Adrian Pastor
CVE-2007-5064 EXPLOITDB html VERIFIED
Xunlei Web Thunder - Memory Corruption
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
by 7jdg
CVE-2007-5017 EXPLOITDB html VERIFIED
Yahoo Messenger - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 allows remote attackers to force a download, and create or overwrite arbitrary files via a full pathname in the second argument to the GetFile method.
by shinnai
CVE-2007-4983 EXPLOITDB html VERIFIED
Cowon America Jetaudio - Path Traversal
Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.
by h07
CVE-2007-5019 EXPLOITDB html VERIFIED
SUN Java Web Start - Memory Corruption
Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method.
by YAG KOHHA
CVE-2007-4982 EXPLOITDB html VERIFIED
MW6 Technologies Qrcode Activex < 3.0.0.1 - Path Traversal
Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information.
by shinnai
EIP-2026-118274 EXPLOITDB html VERIFIED
Apple QuickTime /w IE .qtl Version XAS - Remote
by Aviv Raff
CVE-2007-4916 EXPLOITDB html VERIFIED
HP Photo And Imaging Gallery - Memory Corruption
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.
by GOODFELLAS
CVE-2007-4909 EXPLOITDB html VERIFIED
Winscp - Access Control
Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers with a remote server via file-transfer commands in the final portion of a (1) scp, and possibly a (2) sftp or (3) ftp, URL, as demonstrated by a URL specifying login to the remote server with a username of scp, which is interpreted as an HTTP scheme name by the protocol handler in a web browser, but is interpreted as a username by WinSCP. NOTE: this is related to an incomplete fix for CVE-2006-3015.
by Kender.Security
CVE-2007-4814 EXPLOITDB html VERIFIED
Microsoft Sql Server - Memory Corruption
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
by 96sysim
EIP-2026-103855 EXPLOITDB html VERIFIED
Apple QuickTime (Multiple Browsers) - Command Execution
by pdp
CVE-2007-4890 EXPLOITDB html VERIFIED
Microsoft Visual Studio - Path Traversal
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.
by shinnai
CVE-2007-4891 EXPLOITDB html VERIFIED
Microsoft Visual Studio - OS Command Injection
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.
by shinnai
CVE-2007-3040 EXPLOITDB html VERIFIED
Microsoft Windows 2000 - Memory Corruption
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205.
by Yamata Li
CVE-2007-4903 EXPLOITDB html VERIFIED
Ultra Shareware Ultra Crypto Component - Memory Corruption
Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method.
by shinnai
CVE-2007-4902 EXPLOITDB html VERIFIED
Ultra Shareware Ultra Crypto Component - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname in the argument to the SaveToFile method.
by shinnai
CVE-2007-4814 EXPLOITDB html VERIFIED
Microsoft Sql Server - Memory Corruption
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
by rgod
CVE-2007-4805 EXPLOITDB html VERIFIED
Fuzzylime - Path Traversal
Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter.
by not sec group
CVE-2007-4802 EXPLOITDB html VERIFIED
Ourgame.com Globallink - Memory Corruption
Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.
by void
CVE-2007-4821 EXPLOITDB html VERIFIED
Edraw Office Viewer Component - Memory Corruption
Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169.
by shinnai
CVE-2007-4790 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Memory Corruption
Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.
by shinnai
CVE-2007-4802 EXPLOITDB html VERIFIED
Ourgame.com Globallink - Memory Corruption
Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.
by void
CVE-2007-4722 EXPLOITDB html VERIFIED
Move Networks Move Media Player - Memory Corruption
Multiple stack-based buffer overflows in the Quantum Streaming Internet Explorer Player ActiveX control in qsp2ie07051001.dll 1.0.0.1 in Move Media Player allow remote attackers to execute arbitrary code via a long string to the (1) Play and (2) Buzzer methods.
by anonymous
By Source
All 2,012 Exploitdb 50,121 Writeup 46,758 Nomisec 21,200 Metasploit 3,189 Github 2,253 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,740 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 69 go 41 postscript 25 xml 24