Exploitdb Exploits
2,009 exploits tracked across all sources.
Account Manager LITE - Privilege Escalation
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
by n30
Internet Explorer <5.x - Info Disclosure
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
by Andrew Nosenko
Checkpoint Firewall-1 - Cross-Site Scripting via Malformed Script Tag Bypass
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
by Arne Vidstrom
Microsoft HTML Control - Denial of Service via Large HTML Form Fields
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
by Neon Bunny
Microsoft Jet - Remote Code Execution via Database Query
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
by BrootForce
classifieds.cgi Hidden Variable - Command Injection
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
by anonymous
Excite for Web Servers 1.1 - Administrative Password
by Michael Gerdts
Compaq Java Applet for Presario SpawnApp - Code Execution
by Frank Farance
FormMail - Server-Side Request Forgery
FormMail CGI program can be used by web servers other than the host server that the program resides on.
by anonymous
By Source