Exploitdb Exploits
2,009 exploits tracked across all sources.
VirtualSystem VS-News-System <1.2.1 - RCE
PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.
by ajann
VS-Link-Partner < 2.1 - Remote File Inclusion via gb_pfad Parameter
PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter.
by ajann
ActSoft DVD-Tools - Buffer Overflow
Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.
by shinnai
AT Contenator < 1.0 - Remote Code Execution via Root_To_Script Parameter
PHP remote file inclusion vulnerability in _admin/nav.php in AT Contenator 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Root_To_Script parameter.
by ajann
Site-Assistant < 0990 - Remote File Inclusion via paths[version] Parameter
PHP remote file inclusion vulnerability in classes/menu.php in Site-Assistant 0990 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the paths[version] parameter.
by ajann
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (2)
by trevordixon
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (1)
by trevordixon
Alibaba Alipay ActiveX Control < 2.4.2.471 - Remote Code Execution via Remove Method
The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.
by cocoruder
Microsoft Internet Explorer 6.0 - DoS
Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById.
by AmesianX
Quiksoft EasyMail <6.5 - Buffer Overflow
Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name.
by Paul Craig
ExtCalendar < 2 - Unauthenticated Password Change via register.php
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php.
by ajann
CVSS 9.8
Microsoft IE - Denial of Service
Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEditDocument.1 objects in (b) triedit.dll, which cause a NULL pointer dereference.
by Alexander Sotirov
AdMentor - SQL Injection via Administrative Login Userid and Password Fields
Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields.
by Cr@zy_King
Apple iChat 3.1.6 - Format String Vulnerability via aim:// URI
Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI.
by MoAB
Panic Transmit < 3.5.5 - Remote Code Execution via Long FTPS URL
Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL.
by MoAB
DivX Player 6.4.1 - Denial of Service via GoWindowed Method
DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the GoWindowed method for a certain instance of the ActiveX object.
by shinnai
Common Controls Replacement Project BrowseDialog Server - Denial of Service via Long SelectedFolder Property
A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value.
by shinnai
Common Controls Replacement Project FolderTreeview ActiveX Control - Denial of Service via Long RootFolder Property
The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value.
by shinnai
Internet Explorer - Remote Code Execution via VML Integer Overflow
Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the "VML Buffer Overrun Vulnerability."
by LifeAsaGeek
FdWeB Espace Membre < 2.1 - Remote File Inclusion via path Parameter
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
by ajann
Oracle ORADC - ActiveX Control Remote Code Execution
by Umesh Wanve
phpBB 2.0.x - Authenticated Cross-Site Scripting via Private Message Body Field
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
by Demential
OmniWeb 5.5.1 - Remote Code Execution via JavaScript Alert Format String
Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function.
by MoAB
Symantec Backup Exec System Recovery Manager 7.0/7.0.1 - Unauthenticated RCE via JSP Upload
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
by titon
By Source