Exploitdb Exploits

2,814 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-0444 EXPLOITDB perl VERIFIED
Phpclanwebsite - SQL Injection
SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.1 allows remote attackers to execute arbitrary SQL commands via the (1) par parameter in the post function on the forum page and possibly the (2) poll_id parameter on the poll page. NOTE: the poll_id vector can also allow resultant cross-site scripting (XSS) from an unquoted error message for invalid SQL syntax.
by matrix_killer
CVE-2006-0478 EXPLOITDB perl VERIFIED
CRE Loaded 6.15 - Privilege Escalation
CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to files.php. NOTE: the vendor states "The initial announcement of this risk was made on our website... and it included a patch which will close the vulnerability on all known 6.0x and 6.1x releases. We strongly encourage users of CRE Loaded 6.x, osCMax, and other users of osCommerce who have installed HTMLArea based WYSIWYG editors and Admin Access with Levels to modify thier installations at the earliest possible moment."
by kaneda
CVE-2006-0214 EXPLOITDB perl VERIFIED
ezDatabase <2.0 - Code Injection
Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.
by cijfer
EIP-2026-111686 EXPLOITDB perl VERIFIED
RCBlog 1.0.3 - 'index.php' Directory Traversal
by Aliaksandr Hartsuyeu
CVE-2006-0328 EXPLOITDB perl VERIFIED
Philippe Jounin Tftpd32 - Denial of Service
Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
by Critical Security
CVE-2005-3934 EXPLOITDB perl VERIFIED
Symantec Pcanywhere - Buffer Overflow
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
by David Maciejak
CVE-2006-0319 EXPLOITDB perl VERIFIED
Farmers Wife - Path Traversal
Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands.
by kokanin
CVE-2006-0199 EXPLOITDB perl VERIFIED
Mini-nuke Cms System < 1.8.2 - SQL Injection
SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.
by DetMyl
CVE-2006-0187 EXPLOITDB perl VERIFIED
Microsoft Visual Studio 2005 - RCE
By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file.
by anonymous
CVE-2006-0189 EXPLOITDB perl VERIFIED
Estara Softphone - Buffer Overflow
Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060.
by kokanin
CVE-2006-0179 EXPLOITDB perl VERIFIED
Cisco IP Phone 7940 - Memory Corruption
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
by kokanin
CVE-2006-0157 EXPLOITDB perl VERIFIED
Reamday Enterprises Magic News Plus <1.0.3 - RCE
settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters.
by cijfer
CVE-2005-4158 EXPLOITDB perl VERIFIED
Sudo <1.6.8 p12 - Code Injection
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.
by Breno Silva Pinto
CVE-2005-4085 EXPLOITDB perl VERIFIED
Bluecoat Webproxy - Buffer Overflow
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
by FistFuXXer
CVE-2005-3187 EXPLOITDB perl VERIFIED
Blue Coat Systems Inc. WinProxy <6.1a - DoS
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
by FistFuXXer
EIP-2026-107124 EXPLOITDB perl VERIFIED
FlatCMS 1.01 - 'file_editor.php' Remote Command Execution
by cijfer
CVE-2006-0099 EXPLOITDB perl VERIFIED
Valdersoft Shopping Cart 3.0 - RCE
PHP remote file include vulnerability in (1) include/templates/categories/default.php and (2) certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter.
by cijfer
EIP-2026-106300 EXPLOITDB perl VERIFIED
CuteNews 1.4.1 - 'categories.mdu' Remote Command Execution
by cijfer
CVE-2006-0138 EXPLOITDB perl VERIFIED
Amsn - Denial of Service
aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).
by Braulio Miguel Suarez Urquijo
CVE-2006-0064 EXPLOITDB perl VERIFIED
CubeCart - RCE
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the glob[rootDir] parameter.
by cijfer
EIP-2026-110952 EXPLOITDB perl VERIFIED
phpBB 2.0.17 - 'signature_bbcode_uid' Remot Command
by RusH
CVE-2005-4517 EXPLOITDB perl VERIFIED
PHP-Fusion <6.00.300 - SQL Injection
SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
by krasza
CVE-2005-4466 EXPLOITDB perl VERIFIED
Interaction SIP Proxy <3.0.011 - Buffer Overflow
Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters.
by Behrang Fouladi
CVE-2005-4360 EXPLOITDB perl VERIFIED
Microsoft IIS 5.1 - RCE
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
by kokanin
CVE-2005-4411 EXPLOITDB perl VERIFIED
Mercury Mail Transport System <4.01b - RCE
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
by kingcope
By Source
All 2,814 Exploitdb 50,121 Writeup 46,839 Nomisec 21,209 Metasploit 3,189 Github 2,279 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,750 c 3,551 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24