Exploitdb Exploits

2,809 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-100922 EXPLOITDB perl VERIFIED
UtilMind Mail List 1.7 - Users Can Execute Commands
by teleh0r
EIP-2026-100844 EXPLOITDB perl VERIFIED
ListMail 112 - Command Execution
by teleh0r
CVE-2000-1125 EXPLOITDB perl VERIFIED
Red Hat Linux 6.2 - Privilege Escalation
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
by Tlabs
CVE-2000-1069 EXPLOITDB perl VERIFIED
Poll It 2.01 - Unauthenticated Admin Access via Password Parameter Bypass
pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.
by keelis
CVE-2000-1132 EXPLOITDB perl VERIFIED
DCForum - Unauthenticated Arbitrary File Read and Program Deletion via Malformed Forum Variable
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.
by steeLe
EIP-2026-114760 EXPLOITDB perl VERIFIED
Debian 2.x / RedHat 6.2 / IRIX 5/6 / Solaris 2.x - Mail Reply-To Field
by Gregory Duchemin
CVE-2000-0955 EXPLOITDB perl VERIFIED
Cisco Virtual Central Office 4000 < 5.1.3 - Weak Encryption in SNMP MIB
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
by @stake
CVE-2000-0945 EXPLOITDB perl VERIFIED
Cisco Catalyst 3500 XL - Unauthenticated Remote Code Execution via /exec/ Directory
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
by blackangels
CVE-2000-0884 EXPLOITDB perl VERIFIED
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Roelof Temmingh
CVE-2000-0884 EXPLOITDB perl VERIFIED
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Andrea Spabam
CVE-2000-0973 EXPLOITDB perl VERIFIED
curl < 6.0-1.1 and curl-ssl < 6.0-1.2 - Buffer Overflow via Long Error Message
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
by zillion
CVE-2000-0973 EXPLOITDB perl VERIFIED
curl < 6.0-1.1 and curl-ssl < 6.0-1.2 - Buffer Overflow via Long Error Message
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
by zillion
CVE-2000-0977 EXPLOITDB perl VERIFIED
MailFile 1.10 - Arbitrary File Read via Filename Parameter
mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.
by Dirk Brockhausen
CVE-2000-0953 EXPLOITDB perl VERIFIED
Shambala Server 4.5 - Denial of Service via Connection Handling
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
by zillion
CVE-2000-1054 EXPLOITDB perl VERIFIED
CiscoSecure ACS Server <2.4.2 - Buffer Overflow
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
by blackangels
CVE-2000-0833 EXPLOITDB perl VERIFIED
WinSMTP 1.06f and 2.X - Denial of Service via Long USER or HELO Command
Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command.
by Guido Bakker
CVE-2000-0690 EXPLOITDB perl VERIFIED
Auction Weaver <= 1.02 - Remote Command Execution via fromfile Parameter
Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
by teleh0r
CVE-2000-0720 EXPLOITDB perl VERIFIED
GWScripts News Publisher - Auth Bypass
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
by n30
CVE-2000-1002 EXPLOITDB perl VERIFIED
CommuniGate Pro 3.3.2 - Info Disclosure
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
by Ussr Labs
CVE-2000-0688 EXPLOITDB perl VERIFIED
Subscribe Me LITE - Privilege Escalation
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
by teleh0r
CVE-2000-0689 EXPLOITDB perl VERIFIED
Account Manager LITE - Privilege Escalation
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
by teleh0r
CVE-2000-0766 EXPLOITDB perl VERIFIED
vqServer 1.4.49 - Buffer Overflow via Long HTTP GET Request
Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request.
by sinfony
CVE-2000-1037 EXPLOITDB perl VERIFIED
Check Point Firewall-1 3.0-4.1 - Info Disclosure
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
by Nelson Brito
CVE-2000-0778 EXPLOITDB perl VERIFIED
Internet Information Services 5.0 - Source Code Disclosure via Translate Header
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
by Roelof Temmingh
CVE-2000-0778 EXPLOITDB perl VERIFIED
Internet Information Services 5.0 - Source Code Disclosure via Translate Header
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
by smiler
By Source
All 2,809 Writeup 62,507 Exploitdb 50,076 Nomisec 22,463 Github 3,685 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,604 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25