Exploitdb Exploits

2,012 exploits tracked across all sources.

Sort: Activity Stars
CVE-2005-0905 EXPLOITDB html VERIFIED
Maxthon 1.2.0 - Info Disclosure
Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.
by Aviv Raff
CVE-2005-0829 EXPLOITDB html VERIFIED
Php Fusion - XSS
Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters.
by PersianHacker Team
CVE-2005-0863 EXPLOITDB html VERIFIED
Phpopenchat - XSS
Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbitrary web script or HTML via (1) the chatter parameter to regulars.php or (2) the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php.
by PersianHacker Team
CVE-2005-0796 EXPLOITDB html VERIFIED
HolaCMS 1.4.9-1 - Path Traversal
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in the vote_filename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory.
by Virginity Security
CVE-2005-0795 EXPLOITDB html VERIFIED
HolaCMS 1.4.9 - File Access
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
by Virginity Security
EIP-2026-118834 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6 - Pop-up Window Title Bar Spoofing
by bitlance winter
EIP-2026-103595 EXPLOITDB html VERIFIED
Netscape Navigator 7.2 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
CVE-2005-0305 EXPLOITDB html VERIFIED
Siteman <1.1.10 - Code Injection
CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation.
by amironline452
EIP-2026-118799 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - '.ANI' Remote Stack Overflow (MS05-002) (2)
by Skylined
EIP-2026-115950 EXPLOITDB html VERIFIED
Norton AntiVirus < 2005 - Remote Stack Overflow
by Rafel Ivgi
EIP-2026-118805 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Remote Code Execution
by ShredderSub7
CVE-2004-1305 EXPLOITDB html VERIFIED
Nortel IP Softphone 2050 - Denial of Service
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.
by Flashsky
EIP-2026-115673 EXPLOITDB html VERIFIED
Microsoft Internet Explorer / MSN - Memory_Access_Violation Denial of Service
by Emmanouel Kellinis
CVE-2004-1324 EXPLOITDB html VERIFIED
Microsoft Windows Media Player 9.0 - XSS
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.
by Arman Nayyeri
CVE-2004-1325 EXPLOITDB html VERIFIED
Microsoft Windows Media Player 9.0 - Info Disclosure
The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.
by Arman Nayyeri
EIP-2026-115859 EXPLOITDB html VERIFIED
Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
EIP-2026-115702 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
EIP-2026-104568 EXPLOITDB html VERIFIED
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service
by Berend-Jan Wever
EIP-2026-103665 EXPLOITDB html VERIFIED
Sun Java Applet 1.x - Invocation Version Specification
by Peter Greenwood
EIP-2026-103556 EXPLOITDB html VERIFIED
Mozilla Camino Web Browser 0.7/0.8 - Infinite Array Sort Denial of Service
by Berend-Jan Wever
CVE-2004-1050 EXPLOITDB html VERIFIED
Avaya Ip600 Media Servers - Buffer Overflow
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
by Skylined
CVE-2004-1381 EXPLOITDB html VERIFIED
Firefox <1.0 - Info Disclosure
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.
by Jakob Balle
EIP-2026-118977 EXPLOITDB html VERIFIED
NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow
by celebrityhacker
EIP-2026-118625 EXPLOITDB html VERIFIED
Grokster 1.3/2.6 / KaZaA Media Desktop 1.3.x/1.6.1/2.0.x - ActiveX Control Remote Buffer Overflow
by celebrityhacker
EIP-2026-116010 EXPLOITDB html VERIFIED
Opera Web Browser 7.23 - Empty Embedded Object JavaScript Denial of Service
by Stevo
By Source
All 2,012 Exploitdb 50,121 Writeup 46,831 Nomisec 21,202 Metasploit 3,189 Github 2,265 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,745 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24