Exploitdb Exploits

2,012 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-4740 EXPLOITDB html VERIFIED
Telecom Italy Alice Messenger - Access Control
The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom Italy Alice Messenger allows remote attackers to create registry keys and values via the arguments to the WriteRegistry method.
by rgod
CVE-2007-4718 EXPLOITDB html VERIFIED
Claroline < 1.8.5 - Path Traversal
Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
by Fernando Munoz
CVE-2007-4515 EXPLOITDB html VERIFIED
Yahoo! services suite - Buffer Overflow
Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger before 8.1.0.419 allows remote attackers to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info methods. NOTE: some of these details are obtained from third party information.
by minhbq
CVE-2007-4607 EXPLOITDB html VERIFIED
Quiksoft EasyMail SMTP Object <6.0.1 - Buffer Overflow
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
by rgod
CVE-2007-4582 EXPLOITDB html VERIFIED
ACTi NVR <2.0 - Buffer Overflow
Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method.
by shinnai
CVE-2007-4583 EXPLOITDB html VERIFIED
ACTi NVR SP2 2.0 - Path Traversal
Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method.
by shinnai
CVE-2007-4583 EXPLOITDB html VERIFIED
ACTi NVR SP2 2.0 - Path Traversal
Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method.
by shinnai
CVE-2007-4489 EXPLOITDB html VERIFIED
eCentrex VOIP Client <2.0.1 - Buffer Overflow
Buffer overflow in the IUAComFormX ActiveX control in uacomx.ocx 2.0.1 in the eCentrex VOIP Client module allows remote attackers to execute arbitrary code via a long Username argument to the ReInit method.
by rgod
CVE-2007-4420 EXPLOITDB html VERIFIED
EDraw Office Viewer Component 5.1 - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in EDraw Office Viewer Component 5.1 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the HttpDownloadFile method, a different vulnerability than CVE-2007-3168 and CVE-2007-3169.
by shinnai
CVE-2007-1749 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Buffer Overflow
Integer underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer size, which triggers a heap-based buffer overflow.
by Ben Nagy & Derek Soeder
CVE-2007-3386 EXPLOITDB html VERIFIED
Apache Tomcat - XSS
Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
by NTT OSS CENTER
CVE-2007-4336 EXPLOITDB html VERIFIED
Microsoft DirectX Media 6.0 - Buffer Overflow
Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.
by h07
CVE-2007-4318 EXPLOITDB html VERIFIED
ZyNOS 3.62(WK.6) - XSS
Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter.
by Henri Lindberg
CVE-2007-4252 EXPLOITDB html VERIFIED
CkString.dll <1.1 - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability than CVE-2007-3633.
by shinnai
CVE-2007-4174 EXPLOITDB html VERIFIED
Tor <0.1.2.16 - Command Injection
Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid authentication, as demonstrated by an HTML form (1) hosted on a web site or (2) injected by a Tor exit node.
by anonymous
CVE-2007-4034 EXPLOITDB html VERIFIED
Yahoo! Installer Plugin for Widgets <2007.7.13.3 - Buffer Overflow
Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information.
by lhoang8500
CVE-2007-4145 EXPLOITDB html VERIFIED
BlueSkychat V2.V2Ctrl.1 <8.1.2.0 - Buffer Overflow
Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the second argument to the ConnecttoServer method.
by Code Audit Labs
CVE-2006-4301 EXPLOITDB html VERIFIED
Microsoft IE - Improper Input Validation
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1.
by DeltahackingTEAM
CVE-2007-4155 EXPLOITDB html VERIFIED
EMC VMware 6.0.0 - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.
by callAX
CVE-2007-4058 EXPLOITDB html VERIFIED
EMC VMware 6.0.0 - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method.
by callAX
CVE-2007-4105 EXPLOITDB html VERIFIED
BaiduBar.dll - RCE
A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
by cocoruder
CVE-2007-4059 EXPLOITDB html VERIFIED
EMC VMware <5.5.3.42958 - Path Traversal
Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method.
by callAX
CVE-2007-4061 EXPLOITDB html VERIFIED
Nessus Vulnerability Scanner <3.0.6 - Path Traversal
Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. NOTE: this can be leveraged for code execution by writing to a Startup folder.
by h07
CVE-2007-4062 EXPLOITDB html VERIFIED
Nessus Vulnerability Scanner <3.0.6 - Path Traversal
The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability.
by h07
EIP-2026-118916 EXPLOITDB html VERIFIED
mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server - Data Write/Code Execution
by callAX
By Source
All 2,012 Exploitdb 50,121 Writeup 46,758 Nomisec 21,200 Metasploit 3,189 Github 2,253 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,740 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 69 go 41 postscript 25 xml 24