Exploitdb Exploits
2,009 exploits tracked across all sources.
Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service
by Nick Johnson
Internet Explorer 6 SP1 - Auth Bypass
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability.
by Liu Die Yu
Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal
by Zero X
Internet Explorer 6 SP1 - RCE
Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344.
by malware
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution
by Martin Eiszner
Opera 7.20 - Mail Client Policy Circumvention
by Arve Bersvendsen
splatt_forum - Stored Cross-Site Scripting via Post Icon Image Subject Field
Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.
by Lethalman
Microsoft Outlook 5.5/2000 - Web Access HTML Attachment Script Execution
by Hugo Vazquez
Microsoft Internet Explorer 6 - '%USERPROFILE%' File Execution
by Eiji James Yoshida
vBulletin 3.0.0 Beta 2 - Cross-Site Scripting via Preview Message
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability.
by Ferruh Mavituna
Yahoo! Audio Conferencing ActiveX Control - Buffer Overflow via Long Hostname URL
Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat.
by cesaro
Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service
by Ramon Pinuaga Cascales
Netscape Navigator 7.0 - Denial of Service via Invalid Regular Expression in reformatDate
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
by dwm
Pocket Internet Explorer 3.0 - Denial of Service via Recursive innerHTML Function
Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.
by Christopher Sogge Røtnes
phpBB 2.0.3 - Cross-Site Scripting via search_username Parameter
Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.
by f_a_a
Microsoft Internet Explorer 5 - Document Reference Zone Bypass
by Liu Die Yu
Internet Explorer 4.0+ - Info Disclosure
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet.
by Jelmer
Internet Explorer 5.5-6.0 - Remote Code Execution via Web Folder Error Message Injection
The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.
by http-equiv
Opera Web Browser 6.0-6.04 - Cross-Site Scripting via FTP URL Title Tag
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
by Eiji James Yoshida
Easy Homepage Creator 1.0 - Unauthenticated Arbitrary File Write via print_html_to_file
The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.
by Arek Suroboyo
Easy Guestbook - Unauthenticated Administrative Access via Direct CGI Access
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
by Arek Suroboyo
BadBlue Enterprise Edition <1.74 - RCE
Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request that accesses the dir.hts page on the localhost and adds an entire hard drive to be shared.
by Matthew Murphy
By Source