Exploitdb Exploits
2,814 exploits tracked across all sources.
VP-ASP - SQL Injection
SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.
by Bosen & TioEuy
VP-ASP - SQL Injection
SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.
by TioEuy & AresU
Twilight Webserver 1.3.3.0 - DoS
Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376.
by anonymous
Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure
by rs2112
Adobe Acrobat Reader <5.0.7 - RCE
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.
by Paul Szabo
Foxweb <2.5 - RCE
Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).
by pokleyzz
gkrellm <2.1.14 - RCE
Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code.
by dodo
gkrellm <2.1.14 - RCE
Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code.
by dodo
phpBB <2.0.5 - SQL Injection
SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter.
by Rick Patel
PostgreSQL <1.2.9rc1 - SQL Injection
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
by Spaine
Mailtraq 2.1.0.1302 - User Password Encoding
by Noam Rathaus
mnoGoSearch <3.2.10 - RCE
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
by pokleyzz
Mandrake Linux 8.2 - '/usr/mail' Local Overflow
by anonymous
mnoGoSearch 3.1.20 - RCE
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
by inv
mnoGoSearch 3.1.20 - RCE
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
by pokleyzz
Apache APR <2.0.46 - RCE/DoS
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
by Matthew Murphy
Microsoft Internet Explorer <6.0 - RCE
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
by alumni
ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow
by Julien LANTHEA
KON kon2 <0.3.9b - RCE
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
by wsxz
Webfroot Shoutbox 2.32 - 'Expanded.php' Remote Command Execution
by _6mO_HaCk
IBM Aix - Buffer Overflow
Buffer overflow in lsmcode in AIX 4.3.3.
by watercloud
Webcortex Webstores 2000 - SQL Injection
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.
by Bosen
RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun
By Source