Exploitdb Exploits
2,814 exploits tracked across all sources.
WordPress Theme Diary/Notebook Site5 - Email Spoofing
by bwall
Zoom Player - '.avi' Divide-by-Zero Denial of Service
by Dark-Puzzle
VideoLAN VLC Media Player 2.0.1 - '.avi' File Denial of Service
by Dark-Puzzle
Real Networks RealPlayer - '.avi' File Divide-by-Zero Denial of Service
by Dark-Puzzle
Winamp 5.13 - '.m3u' File Exception Handling Remote Denial of Service
by Dark-Puzzle
ComSndFTP FTP Server <1.3.7 Beta - Code Injection
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll). This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. The vulnerability is exploitable without authentication and affects default configurations.
by demonalex
Universal Reader 1.16.740.0 - 'uread.exe' Denial of Service
by demonalex
AnvSoft Any Video Converter 4.3.6 - Unicode Buffer Overflow
by h1ch4m
Play [EX] 2.1 - '.M3U'/'.PLS'/'.LST' Playlist File Denial of Service
by Death-Shadow-Dark
Elif Keir Knftpd - Memory Corruption
Buffer overflow in KnFTPd 1.0.0 allows remote authenticated users to cause a denial of service (crash) via a long string in a FEAT command.
by Stefan Schurtz
mmPlayer 2.2 - '.ppl' Local Buffer Overflow (SEH)
by RjRjh Hack3r
mmPlayer 2.2 - '.m3u' Local Buffer Overflow (SEH)
by RjRjh Hack3r
Tiny Server 1.1.5 - Path Traversal
Directory traversal vulnerability in Tiny Server 1.1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the URI of an HTTP request.
by KaHPeSeSe
Createvision Cms - SQL Injection
SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Zwierzchowski Oskar
Joomla! <2.5.2 - SQL Injection
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
by Colin Wong
Splash PRO 1.12.1 - '.avi' File Denial of Service
by Senator of Pirates
Mercury MR804 Router <8.0.3.8.1 Build - DoS
Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (2) If-None-Match, or (3) If-Unmodified-Since. NOTE: some of these details are obtained from third party information.
by demonalex
By Source