Exploitdb Exploits
2,814 exploits tracked across all sources.
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
by Vapid Labs
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
by Vapid Labs
IIS 4.0-5.0 - Path Traversal
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Roelof Temmingh
IIS 4.0-5.0 - Path Traversal
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by steeLe
UtilMind Mail List 1.7 - Users Can Execute Commands
by teleh0r
Red Hat Linux 6.2 - Privilege Escalation
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
by Tlabs
Poll It <2.01 - Auth Bypass
pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.
by keelis
DCForum - RCE
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.
by steeLe
Debian 2.x / RedHat 6.2 / IRIX 5/6 / Solaris 2.x - Mail Reply-To Field
by Gregory Duchemin
Cisco VCO/4K - Info Disclosure
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
by @stake
Catalyst 3500 XL - RCE
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
by blackangels
IIS 4.0-5.0 - Path Traversal
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Roelof Temmingh
IIS 4.0-5.0 - Path Traversal
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Andrea Spabam
curl <6.0-1.1 - Buffer Overflow
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
by zillion
curl <6.0-1.1 - Buffer Overflow
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
by zillion
MailFile 1.10 - Info Disclosure
mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.
by Dirk Brockhausen
Shambala Server 4.5 - DoS
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
by zillion
CiscoSecure ACS Server <2.4.2 - Buffer Overflow
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
by blackangels
Jack DE Winter Winsmtp - Buffer Overflow
Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command.
by Guido Bakker
Auction Weaver <1.02 - RCE
Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
by teleh0r
GWScripts News Publisher - Auth Bypass
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
by n30
CommuniGate Pro 3.3.2 - Info Disclosure
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
by Ussr Labs
Subscribe Me LITE - Privilege Escalation
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
by teleh0r
By Source