Exploitdb Exploits
2,809 exploits tracked across all sources.
Free Download Manager 3.0 Build 844 - '.torrent' Local Buffer Overflow
by SkD
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
by h4ck3r#47
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
by DATA_SNIPER
Elecard AVC HD PLAYER 5.5.90116 - Buffer Overflow
Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows remote attackers to execute arbitrary code via an M3U file containing a long string in a URL.
by AlpHaNiX
Thomson mp3PRO Player/Encoder - '.m3u' Crash (PoC)
by Hakxer
Amaya Web Editor 11.0 - Remote Buffer Overflow (PoC)
by Stack
Personal Site Manager 0.3 - Remote Command Execution
by darkjoker
PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution
by Perforin
Zinf <2.2.1 - Remote Code Execution
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
by Houssamix
Zinf <2.2.1 - Remote Code Execution
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
by Hakxer
Zinf Audio Player 2.2.1 - '.m3u' Local Heap Overflow (PoC)
by Hakxer
Zinf Audio Player 2.2.1 - '.gqmpeg' Buffer Overflow (PoC)
by Hakxer
Apple Safari 3.2.1 - Denial of Service via Malformed HTTP URI Authority
Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence.
by Lostmon
Sun Java System Access Manager - Info Disclosure
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
by Marco Mella
WinFTP 2.3.0 - Authenticated Stack-Based Buffer Overflow via LIST Argument
Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to execute arbitrary code via a long LIST argument beginning with an * (asterisk) character.
by joe walko
SiteXS CMS <= 0.1.1 - Path Traversal via Type Parameter
Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter.
by darkjoker
Elecard MPEG Player - '.m3u' Local Stack Overflow
by AlpHaNiX
Merak Media Player 3.2 - Buffer Overflow
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information.
by Houssamix
MediaMonkey 3.0.6 - '.m3u' Local Buffer Overflow (PoC)
by AlpHaNiX
Miltenovik Manojlo MemHT Portal <4.0.1 - RCE
Unrestricted file upload vulnerability in index.php in Miltenovik Manojlo MemHT Portal 4.0.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and an image content type via a users editProfile action, then accessing this file via a direct request to the file in images/avatar/uploaded/.
by StAkeR
By Source