Exploitdb Exploits
2,814 exploits tracked across all sources.
VUPlayer <2.49 - RCE
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
by SkD
CVSS 8.8
CoolPlayer 2.19 - 'PlaylistSkin' Local Buffer Overflow
by Jeremy Brown
Cain & Abel 4.9.25 - 'Cisco IOS-MD5' Local Buffer Overflow
by send9
Winamp 5.541 - gen_msn.dll Buffer Overflow
Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information.
by SkD
Perception LiteServe 2.0.1 - 'user' Remote Buffer Overflow (PoC)
by Houssamix
Goople CMS <1.8.2 - SQL Injection
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
by darkjoker
Rosoft Media Player 4.2.1 - Local Buffer Overflow
by Encrypt3d.M!nd
Goople CMS 1.8.2 - SQL Injection
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by darkjoker
Joomla! - SQL Injection
SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.
by EcHoLL
Joomla! Component com_na_newsdescription - 'newsid' SQL Injection
by EcHoLL
Cybershade CMS 0.2b - RCE
Multiple PHP remote file inclusion vulnerabilities in index.php in Cybershade CMS 0.2b, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) THEME_header and (2) THEME_footer parameters.
by JosS
Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (4)
by Stack
Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (3)
by Houssamix
Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (2)
by sCORPINo
Pirateradio Destiny Media Player - Memory Corruption
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
by Encrypt3d.M!nd
PNphpBB2 <1.2i - Path Traversal
Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/.
by StAkeR
Pirateradio Destiny Media Player - Memory Corruption
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
by Encrypt3d.M!nd
Pirateradio Destiny Media Player - Memory Corruption
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
by aBo MoHaMeD
Elecard MPEG Player <5.5 - Buffer Overflow
Stack-based buffer overflow in Elecard MPEG Player 5.5 build 15884.081218 allows remote attackers to execute arbitrary code via a M3U file containing a long URL.
by aBo MoHaMeD
Audacity <1.3.6 - Buffer Overflow
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.
by Houssamix
By Source