Exploitdb Exploits
2,809 exploits tracked across all sources.
Joomla! Component JForJoomla! Jreservation 1.5 - 'pid' SQL Injection
by Chip d3 bi0s
Xion Audio Player 1.0 121 - '.m3u' Remote Buffer Overflow (1)
by corelanc0d3r
Xion Audio Player 1.0 121 - '.m3u' Local Buffer Overflow (2)
by Dragon Rider
ProFTPd 1.3.0 (OpenSUSE) - 'mod_ctrls' Local Stack Overflow
by Michael Domberg
EZsneezyCal CMS 95.1-95.2 - Remote File Inclusion
by kaMtiEz
ezRecipe-Zee 91 - Path Traversal via cfg[prePath] Parameter
Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter.
by kaMtiEz
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
by germaya_x
BPowerHouse BPGames 1.0 - SQL Injection via cat_id or game_id Parameter
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.
by OoN Boy
com_mytube 1.0 Beta - SQL Injection via user_id Parameter
SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php.
by Chip d3 bi0s
MP3-Cutter Ease Audio Cutter <1.20 - DoS
Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows user-assisted remote attackers to cause a denial of service (application crash) via a long string in a WAV file.
by zAx
JReservation 1.0 and 1.5 - SQL Injection via pid Parameter
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
by Chip d3 bi0s
Joomla! Component com_jlord_rss - 'id' Blind SQL Injection
by Chip d3 bi0s
MP3 Collector 2.3 - Denial of Service via Long URL in M3U Playlist File
MP3 Collector 2.3 allows remote attackers to cause a denial of service (application crash) via a long URL in a .m3u playlist file.
by zAx
E-Soft DJ Studio Pro <5.1.4.3.1 - Buffer Overflow
Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls) containing a long string. NOTE: some of these details are obtained from third party information.
by prodigy
Techlogica HTTP Server 1.03 - Arbitrary File Disclosure
by ThE g0bL!N
Invisible Browsing 5.0.52 - Buffer Overflow via Crafted .ibkey File
Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
by PLATEN
httpdx Web Server 1.4 - Remote Code Execution via Host Header Format String Specifiers
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.
by Pankaj Kohli
PHP Pro Bid - SQL Injection via auction_id Parameter
SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter.
by NoGe
Icarus 2.0 - Stack-based Buffer Overflow via Crafted PGN File
Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file.
by germaya_x
Apple Safari - Denial of Service via JavaScript eval on Long String
Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.
by Jeremy Brown
jetAudio 7.1.9.4030 plus - vx(asx/wax/wvx) Universal Local Buffer Overflow (SEH)
by hack4love
Media Player Classic 6.4.9 - Denial of Service via Malformed MIDI File Header
Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940.
by PLATEN
Ipswitch WS_FTP Professional 12 - Denial of Service via HTTP Response Status Code Format String
Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.
by Jeremy Brown
Joomla! com_tpdugg 1.1 - SQL Injection
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php.
by NoGe
By Source