Exploitdb Exploits

2,012 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118869 EXPLOITDB html VERIFIED
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
by Georgi Guninski
CVE-2001-0149 EXPLOITDB html VERIFIED
Windows Scripting Host - Info Disclosure
Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
by Georgi Guninski
CVE-2000-0688 EXPLOITDB html VERIFIED
Subscribe Me LITE - Privilege Escalation
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
by n30
CVE-2000-0689 EXPLOITDB html VERIFIED
Account Manager LITE - Privilege Escalation
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
by n30
CVE-2000-0465 EXPLOITDB html VERIFIED
Internet Explorer <5.x - Info Disclosure
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
by Andrew Nosenko
CVE-2000-0116 EXPLOITDB html VERIFIED
Firewall-1 - XSS
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
by Arne Vidstrom
CVE-1999-1016 EXPLOITDB html VERIFIED
Microsoft Frontpage - Denial of Service
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
by Neon Bunny
CVE-2000-0325 EXPLOITDB html VERIFIED
Microsoft Jet - Command Injection
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
by BrootForce
CVE-1999-0935 EXPLOITDB html VERIFIED
CGI < unknown - Command Injection
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
by anonymous
EIP-2026-100716 EXPLOITDB html VERIFIED
Excite for Web Servers 1.1 - Administrative Password
by Michael Gerdts
EIP-2026-118381 EXPLOITDB html VERIFIED
Compaq Java Applet for Presario SpawnApp - Code Execution
by Frank Farance
CVE-1999-0173 EXPLOITDB html VERIFIED
FormMail - Open Redirect
FormMail CGI program can be used by web servers other than the host server that the program resides on.
by anonymous
By Source
All 2,012 Exploitdb 50,121 Writeup 46,832 Nomisec 21,205 Metasploit 3,189 Github 2,268 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,746 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24