Exploitdb Exploits

2,814 exploits tracked across all sources.

Sort: Activity Stars
CVE-2005-2116 EXPLOITDB perl VERIFIED
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1921. Reason: This candidate is a duplicate of CVE-2005-1921. Notes: All CVE users should reference CVE-2005-1921 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by ilo--
CVE-2005-1524 EXPLOITDB perl VERIFIED
Cacti <0.8.6d - RCE
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.
by Alberto Trivero
CVE-2005-2108 EXPLOITDB perl VERIFIED
Wordpress - SQL Injection
SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.
by GulfTech Security
EIP-2026-100779 EXPLOITDB perl VERIFIED
Community Link Pro - 'login.cgi?File' Remote Command Execution
by spher3
EIP-2026-116071 EXPLOITDB perl VERIFIED
PlanetDNS PlanetFileServer - Remote Buffer Overflow (PoC)
by fRoGGz
CVE-2005-2085 EXPLOITDB perl VERIFIED
Infradig Systems Inframail Advantage - Buffer Overflow
Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command.
by Reed Arvin
CVE-2005-2085 EXPLOITDB perl VERIFIED
Infradig Systems Inframail Advantage - Buffer Overflow
Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command.
by Reed Arvin
CVE-2005-2066 EXPLOITDB perl VERIFIED
Asp-nuke - SQL Injection
SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter.
by Alberto Trivero
CVE-2005-2067 EXPLOITDB perl VERIFIED
Asp-nuke - SQL Injection
SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
by mh_p0rtal
CVE-2005-2083 EXPLOITDB perl VERIFIED
Truenorth Software IA Emailserver - Denial of Service
Format string vulnerability in IMAP4 in IA eMailServer Corporate Edition 5.2.2 build 1051 allows remote attackers to cause a denial of service (application crash) via a LIST command with format string specifiers as the second argument.
by Reed Arvin
CVE-2005-2075 EXPLOITDB perl VERIFIED
PHP-Fusion <6.0 - Info Disclosure
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0.
by Easyex
CVE-2005-2071 EXPLOITDB perl VERIFIED
SUN Solaris - Access Control
traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot).
by Przemyslaw Frasunek
EIP-2026-113490 EXPLOITDB perl VERIFIED
WordPress Core 1.5.1.1 - SQL Injection
by Alberto Trivero
EIP-2026-105678 EXPLOITDB perl VERIFIED
Cacti 0.8.6d - Remote Command Execution
by Alberto Trivero
EIP-2026-104675 EXPLOITDB perl VERIFIED
phpBB 2.0.15 - Register Multiple Users (Denial of Service)
by g30rg3_x
EIP-2026-113489 EXPLOITDB perl VERIFIED
WordPress Core 1.5.1.1 - 'add new admin' SQL Injection
by RusH
CVE-2005-4891 EXPLOITDB CRITICAL perl VERIFIED
Simple Machine Forum <1.0.4 - SQL Injection
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.
by GulfTech Security
CVSS 9.8
CVE-2005-2028 EXPLOITDB perl VERIFIED
Mercuryboard Message Board - SQL Injection
SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
by RusH
EIP-2026-109270 EXPLOITDB perl VERIFIED
Mambo 4.5.2.1 - SQL Injection
by RusH
EIP-2026-107199 EXPLOITDB perl VERIFIED
Forum Russian Board 4.2 - Full Command Execution
by RusH
EIP-2026-110446 EXPLOITDB perl VERIFIED
PAFaq beta4 - Database Unauthorized Access
by james
EIP-2026-103403 EXPLOITDB perl VERIFIED
Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service
by Qnix
CVE-2005-1375 EXPLOITDB perl VERIFIED
Claroline 1.5.3-1.6 RC - SQL Injection
Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_pool.php, (5) module.php, (6) uInfo parameter in userInfo.php, or (7) exo_id parameter to exercises_details.php.
by K-C0d3r
EIP-2026-112881 EXPLOITDB perl VERIFIED
Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor
by Alberto Trivero
CVE-2005-2030 EXPLOITDB perl VERIFIED
Ultimate PHP Board (UPB) 1.9.6 GOLD - Info Disclosure
Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.
by Alberto Trivero
By Source
All 2,814 Exploitdb 50,123 Writeup 46,867 Nomisec 21,211 Metasploit 3,189 Github 2,293 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,343 ruby 5,920 python 5,760 c 3,551 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 42 postscript 25 xml 24