Exploitdb Exploits
2,809 exploits tracked across all sources.
mp3info 0.8.4 - Buffer Overflow via Long Command Line Argument
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
by Ayman Sagy
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
by @0x00string
ALLPlayer 5.6.2-5.8.1 - Buffer Overflow via .m3u Playlist File
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Gabor Seljan
Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH)
by Gabor Seljan
ImageMagick - Stack-based Buffer Overflow in WritePSDImage Function
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
by Mike Czumak
CVSS 8.8
WHMCompleteSolution (WHMCS) 5.12 - 'cart.php' Denial of Service
by Amir
NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow
by LiquidWorm
RealNetworks RealPlayer <17.0.4.61 - Windows/Mac - Buffer Overflow
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
by Gabor Seljan
PHPThumb - 'PHPThumb.php' Arbitrary File Upload
by DevilScreaM
Audacious Player 3.4.2/3.4.1 - '.mp3' Crash (PoC)
by Akin Tosunlar
Total Video Player 1.3.1 - 'Settings.ini' Local Buffer Overflow (SEH)
by Mike Czumak
ALLPlayer 5.6.2-5.8.1 - Buffer Overflow via .m3u Playlist File
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Mike Czumak
Pirelli Discus DRG A125g - Remote Change WiFi Password
by Sebastián Magof
Pirelli Discus DRG A125g - Local Password Disclosure
by Sebastián Magof
Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash (PoC)
by Akin Tosunlar
Light Alloy < 4.7.3 - Remote Code Execution via Long URL in .m3u File
Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows remote attackers to execute arbitrary code via a long URL in a .m3u file.
by Mike Czumak
ALLPlayer 5.6.2-5.8.1 - Buffer Overflow via .m3u Playlist File
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Mike Czumak
Plogue Sforzando 1.665 - Buffer Overflow (SEH) (PoC)
by Mike Czumak
AudioCoder 0.8.22 - '.m3u' Local Buffer Overflow (SEH)
by Mike Czumak
WatchGuard Fireware < 11.8 - Remote Code Execution via Long Session ID Cookie
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.
by st3n
By Source