Exploitdb Exploits

2,814 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-4185 EXPLOITDB perl VERIFIED
Webcms Portal Edition - SQL Injection
SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter in a documentos action, a different vector than CVE-2008-3213.
by JosS
CVE-2008-4186 EXPLOITDB perl VERIFIED
Webcms Portal Edition - SQL Injection
SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id_doc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by JosS
CVE-2008-6438 EXPLOITDB perl VERIFIED
E107coders Macguru Blog Engine Plugin - SQL Injection
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.
by Virangar Security
CVE-2008-4087 EXPLOITDB perl VERIFIED
Acoustica Beatcraft - Memory Corruption
Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allows user-assisted attackers to cause a denial of service or execute arbitrary code via a Beatcraft Project (aka bcproj) file with a long string in a certain instruments title field.
by Koshi
CVE-2007-3006 EXPLOITDB perl VERIFIED
Acoustica Mp3 CD Burner - Buffer Overflow
Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote attackers to execute arbitrary code via a .asx playlist file with a REF element containing a long string in the HREF attribute. NOTE: it was later claimed that 4.51 Build 147 is also affected.
by Koshi
CVE-2008-3877 EXPLOITDB perl VERIFIED
Acoustica Mixcraft <4.2 - Buffer Overflow
Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4 file. NOTE: it was later reported that version 3 is also affected.
by Koshi
CVE-2008-2922 EXPLOITDB perl VERIFIED
T0pp8uzz Dana Irc Client < 1.3 - Memory Corruption
Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long IRC message.
by Guido Landi
EIP-2026-107366 EXPLOITDB perl VERIFIED
GeekLog 1.5.0 - Arbitrary File Upload
by t0pP8uZz
CVE-2008-3771 EXPLOITDB perl VERIFIED
Pars4u Videosharing - XSS
Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter.
by Mr.SQL
CVE-2008-4154 EXPLOITDB perl VERIFIED
Living-e Webedition Cms - SQL Injection
SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter.
by Lidloses_Auge
CVE-2008-3772 EXPLOITDB perl VERIFIED
Pars4u Videosharing - SQL Injection
SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
by Mr.SQL
CVE-2008-3734 EXPLOITDB perl VERIFIED
Ipswitch WS FTP Home - Format String Vulnerability
Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).
by securfrog
CVE-2008-4321 EXPLOITDB perl VERIFIED
Flashget FTP - Memory Corruption
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
by Guido Landi
CVE-2008-3795 EXPLOITDB perl VERIFIED
Ipswitch WS_FTP Home - Buffer Overflow
Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long "message response."
by securfrog
CVE-2008-4321 EXPLOITDB perl VERIFIED
Flashget FTP - Memory Corruption
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
by SkOd
CVE-2006-6199 EXPLOITDB perl VERIFIED
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by LiquidWorm
CVE-2008-3667 EXPLOITDB perl VERIFIED
Maxthon Browser <2.0 - Buffer Overflow
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header.
by DATA_SNIPER
CVE-2008-3495 EXPLOITDB perl VERIFIED
Pcshey Portal - SQL Injection
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
by U238
CVE-2008-3586 EXPLOITDB perl VERIFIED
Joomla! com_ezstore - SQL Injection
SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
by His0k4
CVE-2008-3571 EXPLOITDB perl VERIFIED
Xerox Phaser 8400 - DoS
The Xerox Phaser 8400 allows remote attackers to cause a denial of service (reboot) via an empty UDP packet to port 1900.
by crit3rion
CVE-2008-3589 EXPLOITDB perl VERIFIED
MoziloCMS 1.10.1 - Path Traversal
Directory traversal vulnerability in download.php in moziloCMS 1.10.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.
by Ams
CVE-2008-7091 EXPLOITDB perl VERIFIED
Pligg Cms < 9.9.0 - SQL Injection
Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to vote.php, which is not properly handled in libs/link.php; (2) id parameter to trackback.php; (3) an unspecified parameter to submit.php; (4) requestTitle variable in a query to story.php; (5) requestID and (6) requestTitle variables in recommend.php; (7) categoryID parameter to cloud.php; (8) title parameter to out.php; (9) username parameter to login.php; (10) id parameter to cvote.php; and (11) commentid parameter to edit.php.
by GulfTech Security
CVE-2008-3452 EXPLOITDB perl VERIFIED
eNdonesia 8.4 - SQL Injection
SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.
by Jack
CVE-2008-3408 EXPLOITDB perl VERIFIED
CoolPlayer <2.18 - Buffer Overflow
Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file.
by Guido Landi
CVE-2008-6438 EXPLOITDB perl VERIFIED
E107coders Macguru Blog Engine Plugin - SQL Injection
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.
by Virangar Security
By Source
All 2,814 Exploitdb 50,121 Writeup 46,733 Nomisec 21,197 Metasploit 3,189 Github 2,248 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,738 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24