Exploitdb Exploits

2,814 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-5051 EXPLOITDB perl VERIFIED
Jooblog - SQL Injection
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
by His0k4
CVE-2008-2631 EXPLOITDB perl VERIFIED
Altn Mdaemon < 9.6.5 - Resource Management Error
The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted HTTP POST request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by securfrog
CVE-2008-2632 EXPLOITDB perl VERIFIED
Joomla Com Acctexp - SQL Injection
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.
by His0k4
EIP-2026-108165 EXPLOITDB perl VERIFIED
Joomla! / Mambo Component Joo!BB 0.5.9 - 'forum' SQL Injection
by His0k4
CVE-2008-1105 EXPLOITDB perl VERIFIED
Samba <3.0.29 - Buffer Overflow
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
by Guido Landi
CVE-2008-4193 EXPLOITDB perl VERIFIED
Alt-n Securitygateway - Memory Corruption
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.
by securfrog
CVE-2008-6430 EXPLOITDB perl VERIFIED
Joomla Com Mycontent - SQL Injection
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
by His0k4
CVE-2008-2651 EXPLOITDB perl VERIFIED
Joomla Com Joobb - SQL Injection
SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB or com_joobb) component 0.5.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the forum parameter in a forum action to index.php.
by His0k4
CVE-2008-4189 EXPLOITDB perl VERIFIED
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1105. Reason: This candidate is a duplicate of CVE-2008-1105. Notes: All CVE users should reference CVE-2008-1105 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by Guido Landi
CVE-2008-2573 EXPLOITDB perl VERIFIED
Freesshd - Memory Corruption
Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.
by securfrog
CVE-2008-2643 EXPLOITDB perl VERIFIED
Joomla Com Biblestudy < 6.0.7b - SQL Injection
SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer action to index.php.
by Stack
CVE-2006-1422 EXPLOITDB perl VERIFIED
PHP Booking Calendar <1.0c - SQL Injection
SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
by Stack
CVE-2008-5226 EXPLOITDB perl VERIFIED
MambAds 1.0 RC1 - SQL Injection
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.
by Houssamix
CVE-2007-5962 EXPLOITDB perl VERIFIED
vsftpd <2.0.5 - DoS
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
by Praveen Darshanam
CVE-2008-2499 EXPLOITDB perl VERIFIED
IBM Lotus Sametime < 7.5 - Memory Corruption
Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.
by Manuel Santamarina Suarez
CVE-2008-2459 EXPLOITDB perl VERIFIED
Entertainmentscript - Path Traversal
Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
by Stack
CVE-2008-2395 EXPLOITDB perl VERIFIED
Alkalinephp < 0.80.00 - SQL Injection
SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Stack
CVE-2007-5752 EXPLOITDB perl VERIFIED
Agtc Websolutions Php-agtc Membership System - Authentication Bypass
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
by t0pP8uZz
CVE-2008-2347 EXPLOITDB perl VERIFIED
Mypicgallery - Authentication Bypass
MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php.
by t0pP8uZz
CVE-2008-2348 EXPLOITDB perl VERIFIED
Meltingicefs Meltingice File System - Access Control
MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php.
by t0pP8uZz
CVE-2008-2416 EXPLOITDB perl VERIFIED
Fichive - SQL Injection
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php.
by His0k4
CVE-2008-2425 EXPLOITDB perl VERIFIED
Fichive - SQL Injection
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by His0k4
CVE-2008-2356 EXPLOITDB perl VERIFIED
Archangelmgt Archangel Weblog < 0.90.02 - SQL Injection
SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
by Stack
EIP-2026-100576 EXPLOITDB perl VERIFIED
StanWeb.CMS - SQL Injection
by JosS
CVE-2008-2339 EXPLOITDB perl VERIFIED
Turnkeywebtools Sunshop Shopping Cart - SQL Injection
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
by irvian
By Source
All 2,814 Exploitdb 50,121 Writeup 46,751 Nomisec 21,199 Metasploit 3,189 Github 2,250 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,738 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24