Exploitdb Exploits
2,809 exploits tracked across all sources.
unalz - Buffer Overflow via Long File Names in ALZ Archives
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.
by Ulf Harnhammar
Cisco PIX 6.3 and 7.0 - Denial of Service via Spoofed TCP Packets
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
by Janis Vizulis
Cisco PIX 6.3 and 7.0 - Denial of Service via Spoofed TCP Packets
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
by Janis Vizulis
Floosietek FTGate 4.1 - Remote Code Execution via Long IMAP Command Arguments
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.
by Luca Ercoli
phpwebthings 1.4 - SQL Injection via Forum Message Parameter
SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different vulnerability than CVE-2005-3585.
by AhLam
PHP-Nuke 7.8 - SQL Injection via Search Module Query Parameter
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type.
by anonymous
Wizz Forum 1.20 - SQL Injection via AuthID TopicID Parameters
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
by HACKERS PAL
Cyphor < 0.19 - SQL Injection via show.php id Parameter
SQL injection vulnerability in show.php in Cyphor 0.19 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by HACKERS PAL
VERITAS Cluster Server for UNIX < 4.0MP2 - Local Buffer Overflow via VCSI18N_LANG Environment Variable
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
by Kevin Finisterre
gpsdrive < 2.09 - Remote Code Execution via Format String in Friendsd2 Direction Field
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
by Kevin Finisterre
gpsdrive < 2.09 - Remote Code Execution via Format String in Friendsd2 Direction Field
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
by Kevin Finisterre
Galerie - SQL Injection
SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to execute arbitrary SQL commands via the galid parameter.
Subdreamer 2.2.1 - SQL Injection via Loginusername Parameter or Cookies
Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.php, (c) phpbb2.php, (d) vbulletin2.php, and (e) vbulletin3.php.
by RusH
Comersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure
by _6mO_HaCk
Woltlab Burning Board <2.7 - SQL Injection
Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters.
TClanPortal <= 1.1.3 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.
by Devil-00
MyBulletinBoard - SQL Injection via usercp.php awayday Parameter
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.
by Animal
Nuked Klan 1.7 - SQL Injection via Forum, Links, Sections, or Download Parameters
Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file.
by papipsycho
Net Portal Dynamic System 5.0 - Register Users Denial of Service
by DarkFig
VERITAS NetBackup 4.5FP/4.5MP/5.0-6.0 - Remote Code Execution via Java UI Format String
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
by Kevin Finisterre
VERITAS NetBackup 4.5FP/4.5MP/5.0-6.0 - Remote Code Execution via Java UI Format String
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
by Kevin Finisterre
VERITAS NetBackup 4.5FP/4.5MP/5.0-6.0 - Remote Code Execution via Java UI Format String
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
by Kevin Finisterre
lynx < 2.8.6 - Remote Code Execution via HTrjis Asian Character Handling
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
by Ulf Harnhammar
CVSS 9.8
By Source