Exploitdb Exploits
2,809 exploits tracked across all sources.
Agoko CMS < 0.4 - Unauthenticated Arbitrary File Upload via admintools/editpage-2.php
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and earlier allows remote attackers to inject and execute arbitrary PHP code via the filename and text parameters.
by StAkeR
OTSTurntables 1.00 - Buffer Overflow via Long File Path in M3U File
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
by hack4love
SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow (SEH)
by PLATEN
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (2)
by hack4love
Microsoft Internet Information Server 5.0-6.0 - Authenticated Remote Code Execution via FTP NLST Command Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by muts
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (1)
by ThE g0bL!N
Nokia MultiMedia Player 1.1 - Remote Denial of Service
by opt!x hacker
dTunes 2.72 - Filename Processing Local Format String (PoC)
by TheLeader
Microsoft Internet Information Server 5.0-6.0 - Authenticated Remote Code Execution via FTP NLST Command Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by kingcope
Ultimate Player 1.56 beta - Remote Code Execution via Long String in Playlist File
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.
by hack4love
TriceraSoft Swift Ultralite 1.032 - Stack-Based Buffer Overflow via Long String in M3U Playlist File
Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file.
by hack4love
SolarWinds TFTP Server <= 9.2.0.111 - Denial of Service via Crafted OACK Request
SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.
by Gaurav Baruah
Photodex ProShow Gold 4.0.2549 - Stack-Based Buffer Overflow via Crafted Slideshow Project File
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by hack4love
Media Jukebox 8 - '.m3u' Universal Local Buffer (SEH)
by hack4love
telepark.wiki <2.4.23 - Auth Bypass
telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php.
by corelanc0d3r
telepark.wiki <2.4.23 - Path Traversal
Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php.
by corelanc0d3r
Photodex ProShow Gold 4.0.2549 - Stack-Based Buffer Overflow via Crafted Slideshow Project File
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by corelanc0d3r
KSP 2006 FINAL - Stack-Based Buffer Overflow via M3U Playlist File
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
by hack4love
Fat Player 0.6b - Remote Code Execution via Long String in WAV File
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.
by ahwak2000
FLIP Flash Album Deluxe 1.8.407.1 - '.fft' Crash (PoC)
by the_Edit0r
Faslo Player 7.0 - Stack-Based Buffer Overflow via Long String in M3U Playlist File
Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file.
by hack4love
AiO (All into One) Flash Mixer 3 - '.afp' Crash (PoC)
by the_Edit0r
ITechBids 8.0 - SQL Injection via User ID, Category ID, News ID, or Product ID Parameter
Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238.
by Mr.SQL
Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer (SEH)
by hack4love
Playlistmaker 1.51 - '.m3u' Local Buffer Overflow (SEH)
by blake
By Source