Exploitdb Exploits
2,814 exploits tracked across all sources.
Account Manager LITE - Privilege Escalation
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
by teleh0r
Vqsoft Vqserver - Buffer Overflow
Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request.
by sinfony
Check Point Firewall-1 3.0-4.1 - Info Disclosure
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
by Nelson Brito
IIS 5.0 - Info Disclosure
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
by Roelof Temmingh
IIS 5.0 - Info Disclosure
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
by smiler
Mediahouse Statistics Server <5.02x - RCE
Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request.
by Zan
suidperl - Privilege Escalation
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
by Sebastian Krahmer
Network Associates Net Tools Pki Server - Buffer Overflow
Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.
by juliano
Texas Imperial Software Wftpd - Denial of Service
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing.
by Blue Panda
Texas Imperial Software Wftpd - Denial of Service
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE).
by Blue Panda
Texas Imperial Software Wftpd - Denial of Service
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server.
by Blue Panda
Microsoft Outlook - Buffer Overflow
Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.
by Ussr Labs
Texas Imperial Software Wftpd - Denial of Service
WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command.
by Blue Panda
West Street Software Localweb HTTP Server - Denial of Service
LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request.
by Ussr Labs
Razor - Privilege Escalation
The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges.
by Shawn A. Clifford
Atrius Trivalie SN Time Sync - Buffer Overflow
Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string.
by Ben Taylor
Apache 1.3.x - Info Disclosure
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
by H D Moore
KDE 1.1.2 - Local Privilege Escalation
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
by kil3r
KDE 1.1.2 - Local Privilege Escalation
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
by kil3r
Lotus Domino <5.0.2c - Buffer Overflow
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.
by smiler
NetworkICE ICEcap <2.0.23 - Auth Bypass
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events.
by rain forest puppy
Microsoft Internet Information Server < 5.0 - Denial of Service
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.
by Nelson Bunker
Napster - Info Disclosure
The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.
by no_maam
Bugzilla <2.10 - RCE
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.
by Frank van Vliet karin
Cisco Ios - Improper Input Validation
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
by Keith Woodworth
By Source