Exploitdb Exploits
2,809 exploits tracked across all sources.
osh < 1.7.14 - Buffer Overflow via Long Working Directory and Filename
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
by Charles Stevenson
PerlDesk 1.x - SQL Injection via View Parameter
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter.
by deluxe89
Savant Web Server 3.1 - Remote Code Execution via Long HTTP Request
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
by CorryL
Eternal Lines Web Server 1.0 - Remote Denial of Service
by Ziv Kamir
WarFTPD 1.82 RC9 - Authenticated Denial of Service via CWD Command
WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability.
by MC.Iglo
Siteman 1.1.10 - Remote Administrative Account Addition
by Noam Rathaus
awstats < 6.3 - Remote Code Execution via configdir Parameter
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
by GHC
Golden FTP Server Pro 2.x - Remote Code Execution via RNTO Command Buffer Overflow
Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.
by Barabas
Siteman <= 1.1.10 - CRLF Injection via Users.php Line Parameter
CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation.
by Noam Rathaus
phpBB 2.0.10 - 'ssh.D.Worm' Bot Install Altavista
by Severino Honorato
Sanity.b - phpBB 2.0.10 Bot Install (AOL/Yahoo Search)
by anonymous
PHPInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion
by anonymous
PHPMyChat 0.14.5 - Information Disclosure via Unprotected setup.php3
PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request.
by sysbug
phpBB < 2.0.10 - 'Santy.A Worm' 'highlight' Arbitrary File Upload
by anonymous
e107 < 0.617 - Remote Code Execution via ImageManager PHP File Upload
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.
by sysbug
top <unknown> - Privilege Escalation
Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.
by Kevin Finisterre
GNU wget 1.8.x-1.9.x - Remote Code Execution via Terminal Escape Sequence Injection
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
by Jan Minar
By Source