Exploitdb Exploits
2,814 exploits tracked across all sources.
Ipswitch WS_FTP Pro <12.2 - DoS
Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.
by Jeremy Brown
Joomla! com_tpdugg 1.1 - SQL Injection
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php.
by NoGe
Agoko CMS <0.4 - Code Injection
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and earlier allows remote attackers to inject and execute arbitrary PHP code via the filename and text parameters.
by StAkeR
OTS Labs Otsturntables - Memory Corruption
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
by hack4love
SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow (SEH)
by PLATEN
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (2)
by hack4love
Microsoft Internet Information Server < 6.0 - Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by muts
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (1)
by ThE g0bL!N
Nokia MultiMedia Player 1.1 - Remote Denial of Service
by opt!x hacker
dTunes 2.72 - Filename Processing Local Format String (PoC)
by TheLeader
Microsoft Internet Information Server < 6.0 - Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by kingcope
Ultimatevideosite Ultimate Player - Memory Corruption
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.
by hack4love
Tricerasoft Swift Ultralite - Memory Corruption
Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file.
by hack4love
Solarwinds Tftp Server < 9.2.0.111 - Improper Input Validation
SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.
by Gaurav Baruah
Photodex Proshow Gold - Memory Corruption
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by hack4love
Media Jukebox 8 - '.m3u' Universal Local Buffer (SEH)
by hack4love
telepark.wiki <2.4.23 - Auth Bypass
telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php.
by corelanc0d3r
telepark.wiki <2.4.23 - Path Traversal
Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php.
by corelanc0d3r
Photodex Proshow Gold - Memory Corruption
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by corelanc0d3r
Ksplayer Ksp Sound Player - Memory Corruption
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
by hack4love
Adammo Fat Player - Memory Corruption
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.
by ahwak2000
FLIP Flash Album Deluxe 1.8.407.1 - '.fft' Crash (PoC)
by the_Edit0r
Faslo Player 7.0 - Buffer Overflow
Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file.
by hack4love
AiO (All into One) Flash Mixer 3 - '.afp' Crash (PoC)
by the_Edit0r
ITechBids 8.0 - SQL Injection
Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238.
by Mr.SQL
By Source