Exploitdb Exploits

2,814 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-0837 EXPLOITDB perl VERIFIED
Foxit Reader <3.0 Build 1506 - Buffer Overflow
Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote attackers to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a file" action.
by SkD
CVE-2009-1029 EXPLOITDB perl VERIFIED
Poppeeper Pop Peeper < 3.4.0.0 - Memory Corruption
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
by Jeremy Brown
EIP-2026-102622 EXPLOITDB perl VERIFIED
JDKChat 1.5 - Remote Integer Overflow (PoC)
by n3tpr0b3
EIP-2026-118626 EXPLOITDB perl VERIFIED
GuildFTPd FTP Server 0.999.14 - Remote Delete Files
by Jonathan Salwan
CVE-2009-0880 EXPLOITDB perl VERIFIED
IBM Director < 5.20.3 - Path Traversal
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
by Bernhard Mueller
EIP-2026-111793 EXPLOITDB perl VERIFIED
RoomPHPlanning 1.6 - 'userform.php' Create Admin User
by Jonathan Salwan
EIP-2026-117454 EXPLOITDB perl VERIFIED
Mediacoder 0.6.2.4275 - '.m3u' Universal Stack Overflow
by Stack
EIP-2026-118106 EXPLOITDB perl VERIFIED
Winamp 5.541 - Skin Universal Buffer Overflow
by SkD
EIP-2026-118504 EXPLOITDB perl VERIFIED
EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow
by Dr4sH
CVE-2009-0751 EXPLOITDB perl VERIFIED
Yaws <1.80 - DoS
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
by Praveen Darshanam
CVE-2009-0192 EXPLOITDB perl VERIFIED
Novell eDirectory <8.8 SP3 - RCE
Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.
by Praveen Darshanam
CVE-2009-0885 EXPLOITDB perl VERIFIED
Mediacommands Media Commands - Memory Corruption
Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file.
by Hakxer
EIP-2026-119046 EXPLOITDB perl VERIFIED
POP Peeper 3.4.0.0 - UIDL Remote Buffer Overflow (SEH)
by Jeremy Brown
CVE-2009-0812 EXPLOITDB perl VERIFIED
BreakPoint Software Hex Workshop <6 - Buffer Overflow
Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third party information.
by DATA_SNIPER
EIP-2026-115445 EXPLOITDB perl VERIFIED
Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow (PoC)
by musashi karak0rsan
EIP-2026-106165 EXPLOITDB perl VERIFIED
Coppermine Photo Gallery 1.4.20 - 'IMG' Privilege Escalation
by Inphex
CVE-2007-1152 EXPLOITDB perl VERIFIED
Pyrophobia 2.1.3.1 - Path Traversal
Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) act or (2) pid parameter to the top-level URI (index.php), or the (3) action parameter to admin/index.php. NOTE: some of these details are obtained from third party information.
by Osirys
CVE-2009-0658 EXPLOITDB HIGH perl VERIFIED
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
by Guido Landi
CVSS 7.8
EIP-2026-111457 EXPLOITDB perl VERIFIED
pPIM 1.01 - 'notes.php' Remote Command Execution
by JosS
CVE-2009-0728 EXPLOITDB perl VERIFIED
MAXdev MDPro/Postnuke - SQL Injection
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
by StAkeR
CVE-2009-0731 EXPLOITDB perl VERIFIED
Free Arcade Script 1.0 - Path Traversal
Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
by Osirys
EIP-2026-115361 EXPLOITDB perl VERIFIED
Got All Media 7.0.0.3 - Remote Denial of Service
by LiquidWorm
EIP-2026-107480 EXPLOITDB perl VERIFIED
Graugon Forum 1 - 'id' Command Injection / SQL Injection
by Osirys
EIP-2026-107109 EXPLOITDB perl VERIFIED
Firepack - '/admin/ref.php' Remote Code Execution
by Lidloses_Auge
CVE-2009-0650 EXPLOITDB perl VERIFIED
TPTEST <3.1.7 - Buffer Overflow
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.
by ffwd
By Source
All 2,814 Exploitdb 50,121 Writeup 46,662 Nomisec 21,135 Metasploit 3,189 Github 2,237 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24