Exploitdb Exploits
2,009 exploits tracked across all sources.
HolaCMS 1.4.9-1 - Directory Traversal and Arbitrary File Write via Vote Filename Parameter
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in the vote_filename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory.
by Virginity Security
HolaCMS 1.4.9 - Arbitrary File Write via Vote Filename Parameter
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
by Virginity Security
Microsoft Internet Explorer 6 - Pop-up Window Title Bar Spoofing
by bitlance winter
Netscape Navigator 7.2 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
Siteman <= 1.1.10 - CRLF Injection via Users.php Line Parameter
CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation.
by amironline452
Microsoft Internet Explorer - '.ANI' Remote Stack Overflow (MS05-002) (2)
by Skylined
Norton AntiVirus < 2005 - Remote Stack Overflow
by Rafel Ivgi
Microsoft Internet Explorer - Remote Code Execution
by ShredderSub7
Nortel IP Softphone 2050 - Denial of Service
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.
by Flashsky
Microsoft Internet Explorer / MSN - Memory_Access_Violation Denial of Service
by Emmanouel Kellinis
Microsoft Windows Media Player 9.0 - XSS
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.
by Arman Nayyeri
Microsoft Windows Media Player 9.0 - Info Disclosure
The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.
by Arman Nayyeri
Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
Microsoft Internet Explorer 6 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service
by Berend-Jan Wever
Sun Java Applet 1.x - Invocation Version Specification
by Peter Greenwood
Mozilla Camino Web Browser 0.7/0.8 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
Avaya Ip600 Media Servers - Buffer Overflow
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
by Skylined
Firefox < 1.0 and Mozilla < 1.7.5 - Input Focus Spoofing via Background Tab
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.
by Jakob Balle
NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow
by celebrityhacker
Grokster 1.3/2.6 / KaZaA Media Desktop 1.3.x/1.6.1/2.0.x - ActiveX Control Remote Buffer Overflow
by celebrityhacker
Opera Web Browser 7.23 - Empty Embedded Object JavaScript Denial of Service
by Stevo
Microsoft Internet Explorer 6.0 SP1 - DoS
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.
by anonymous
Opera Browser < 7.53 - URL Spoofing via Race Condition in Address Bar
A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.
by bitlance winter
Mozilla Firefox 0.9.1 and 0.9.2 - Certificate Spoofing via Redirect and onunload JavaScript
Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
by E.Kellinis
By Source