Exploitdb Exploits

2,009 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-5745 EXPLOITDB html VERIFIED
Microsoft XML Core Services 4.0 - RCE
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.
by ~Fyodor
CVE-2006-5745 EXPLOITDB html VERIFIED
Microsoft XML Core Services 4.0 - RCE
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.
by anonymous
EIP-2026-118327 EXPLOITDB html VERIFIED
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
by maxgipeh
CVE-2006-5633 EXPLOITDB html VERIFIED
Firefox 1.5.0.7 and 2.0 and Seamonkey 1.1b - Denial of Service via DocType Node Range Manipulation
Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference.
by Gotfault Security
EIP-2026-118824 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6 - Code Execution (2)
by Michal Bucko
EIP-2026-118823 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6 - Code Execution (1)
by Michal Bucko
CVE-2006-5666 EXPLOITDB html VERIFIED
E-Annu 1.0 - SQL Injection via Login Parameter
SQL injection vulnerability in includes/menu.inc.php in E-Annu 1.0 allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information.
by ajann
EIP-2026-109494 EXPLOITDB html VERIFIED
MiraksGalerie 2.62 - 'pcltar.lib.php' Remote File Inclusion
by ajann
EIP-2026-118849 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 7 - Popup Address Bar Spoofing
by anonymous
EIP-2026-110715 EXPLOITDB html VERIFIED
PHP League 0.81 - 'config.php' Remote File Inclusion
by ajann
CVE-2006-5559 EXPLOITDB html VERIFIED
Microsoft Data Access Components - Use-After-Free via ADODB.Connection Execute Method
The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.
by YAG KOHHA
CVE-2006-5516 EXPLOITDB html VERIFIED
WikiNi - Cross-Site Scripting via Name and Email Parameters
Multiple cross-site scripting (XSS) vulnerabilities in actions/usersettings.php in WikiNi before 0.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) email parameters to wakka.php.
by Raphael Huck
EIP-2026-100093 EXPLOITDB html VERIFIED
Active Bulletin Board 1.1b2 - Remote User Pass Change
by ajann
EIP-2026-115803 EXPLOITDB html VERIFIED
Microsoft Windows Media Digital Rights Management - ActiveX Control Buffer Overflow (PoC)
by Joxean Koret
CVE-2006-5217 EXPLOITDB html VERIFIED
Emek Portal 2.1 - SQL Injection via Kullanici Adi and Sifre Parameters
SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows remote attackers to execute arbitrary SQL commands by simultaneously injecting into the user name and pass fields in uyegiris.asp, also known as the Kullanici Adi (k_a) and Sifre (sifre) parameters.
by Dj ReMix
CVE-2006-3730 EXPLOITDB HIGH html VERIFIED
Microsoft IE - Code Injection
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
by jamikazu
CVSS 8.8
CVE-2006-4868 EXPLOITDB html VERIFIED
Microsoft Outlook & IE 6.0 - Buffer Overflow
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
by jamikazu
EIP-2026-115671 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - VML Remote Denial of Service (PoC)
by Shirkdog
CVE-2006-4611 EXPLOITDB html VERIFIED
dsocks <1.4 - Remote Code Execution
Buffer overflow in the _tor_resolve function in dsocks.c in dsocks before 1.4 allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long node name.
by DaveK
CVE-2006-4524 EXPLOITDB html VERIFIED
Digiappz Freekot 1.01 - SQL Injection via Login or Password Parameters
Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information.
by FarhadKey
CVE-2006-4446 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6.0 SP1 - Heap-Based Buffer Overflow via DirectAnimation.PathControl Spline Function
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.
by XSec
CVE-2006-6410 EXPLOITDB html VERIFIED
VMware Workstation - Buffer Overflow via ActiveX Control Initialize Function
Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function.
by c0ntex
CVE-2006-4495 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Remote Code Execution via ActiveX COM Object Instantiation
Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll.
by nop
CVE-2006-4301 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6.0 SP1 - DoS via Long Color Attribute in DirectX Media Image Transforms
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1.
by XSec
EIP-2026-115668 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service Vulnerabilities
by nop
By Source
All 2,009 Writeup 62,302 Exploitdb 50,076 Nomisec 22,417 Github 3,632 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,573 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25